138.94.189.96 - IPInfo

Basic Info

City: Icara

Region: Santa Catarina

Country: Brazil

Internet Service Provider: Station Telecomunicacoes Ltda

Hostname: unknown

Organization: Station Telecomunicacoes ltda

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	"Account brute force using dictionary attack against Exchange Online"	2019-08-06 00:43:34

Comments on same subnet:

IP	Type	Details	Datetime
138.94.189.181	attack	Unauthorized connection attempt detected from IP address 138.94.189.181 to port 23 [T]	2020-05-09 02:51:43
138.94.189.80	attack	Honeypot attack, port: 23, PTR: 138.94.189.80.stationtelecom.com.br.	2019-11-26 02:01:44
138.94.189.168	attackspambots	Invalid user felcia from 138.94.189.168 port 17378	2019-10-27 02:48:12
138.94.189.168	attackspambots	Oct 26 03:02:50 webhost01 sshd[23687]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.94.189.168 Oct 26 03:02:52 webhost01 sshd[23687]: Failed password for invalid user mangiameli from 138.94.189.168 port 60257 ssh2 ...	2019-10-26 04:20:37
138.94.189.168	attackspam	Oct 22 17:51:34 kapalua sshd\[20845\]: Invalid user nathaniel from 138.94.189.168 Oct 22 17:51:34 kapalua sshd\[20845\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.94.189.168 Oct 22 17:51:36 kapalua sshd\[20845\]: Failed password for invalid user nathaniel from 138.94.189.168 port 34402 ssh2 Oct 22 17:56:23 kapalua sshd\[21243\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.94.189.168 user=root Oct 22 17:56:25 kapalua sshd\[21243\]: Failed password for root from 138.94.189.168 port 30018 ssh2	2019-10-23 13:45:42
138.94.189.168	attack	Oct 16 01:19:33 web8 sshd\[24194\]: Invalid user wuming52++ from 138.94.189.168 Oct 16 01:19:33 web8 sshd\[24194\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.94.189.168 Oct 16 01:19:35 web8 sshd\[24194\]: Failed password for invalid user wuming52++ from 138.94.189.168 port 38305 ssh2 Oct 16 01:24:03 web8 sshd\[26530\]: Invalid user Password654321 from 138.94.189.168 Oct 16 01:24:03 web8 sshd\[26530\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.94.189.168	2019-10-16 10:20:07
138.94.189.168	attackbots	Oct 15 13:47:54 vpn01 sshd[18563]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.94.189.168 Oct 15 13:47:55 vpn01 sshd[18563]: Failed password for invalid user ssh from 138.94.189.168 port 53281 ssh2 ...	2019-10-15 19:58:18
138.94.189.168	attackspambots	2019-10-11T14:56:40.086746stark.klein-stark.info sshd\[11874\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.94.189.168 user=root 2019-10-11T14:56:42.119718stark.klein-stark.info sshd\[11874\]: Failed password for root from 138.94.189.168 port 11265 ssh2 2019-10-11T15:08:30.058852stark.klein-stark.info sshd\[12768\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.94.189.168 user=root ...	2019-10-11 23:27:12
138.94.189.168	attackspam	Automatic report - Banned IP Access	2019-10-05 18:51:33
138.94.189.168	attackbotsspam	Sep 30 16:07:59 dedicated sshd[19253]: Invalid user changeme from 138.94.189.168 port 34881	2019-09-30 23:37:40
138.94.189.168	attack	Sep 25 23:49:10 meumeu sshd[27369]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.94.189.168 Sep 25 23:49:12 meumeu sshd[27369]: Failed password for invalid user developer from 138.94.189.168 port 43970 ssh2 Sep 25 23:54:12 meumeu sshd[27991]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.94.189.168 ...	2019-09-26 06:40:12
138.94.189.168	attack	Sep 20 21:31:36 master sshd[7070]: Failed password for invalid user teamspeak3 from 138.94.189.168 port 16611 ssh2 Sep 20 21:48:50 master sshd[7125]: Failed password for root from 138.94.189.168 port 5473 ssh2 Sep 20 21:53:22 master sshd[7137]: Failed password for invalid user www from 138.94.189.168 port 17441 ssh2 Sep 20 21:57:51 master sshd[7151]: Failed password for invalid user ian from 138.94.189.168 port 64546 ssh2 Sep 20 22:02:16 master sshd[7469]: Failed password for invalid user hua from 138.94.189.168 port 51107 ssh2 Sep 20 22:06:44 master sshd[7487]: Failed password for invalid user oracle from 138.94.189.168 port 32225 ssh2	2019-09-21 05:10:38
138.94.189.173	attackspambots	failed root login	2019-09-04 20:20:41
138.94.189.168	attackbots	Sep 1 02:58:21 MK-Soft-VM6 sshd\[11685\]: Invalid user alfreda from 138.94.189.168 port 59585 Sep 1 02:58:21 MK-Soft-VM6 sshd\[11685\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.94.189.168 Sep 1 02:58:23 MK-Soft-VM6 sshd\[11685\]: Failed password for invalid user alfreda from 138.94.189.168 port 59585 ssh2 ...	2019-09-01 11:06:45
138.94.189.168	attack	Aug 30 10:48:30 auw2 sshd\[27914\]: Invalid user eko from 138.94.189.168 Aug 30 10:48:30 auw2 sshd\[27914\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.94.189.168 Aug 30 10:48:32 auw2 sshd\[27914\]: Failed password for invalid user eko from 138.94.189.168 port 6850 ssh2 Aug 30 10:53:46 auw2 sshd\[28347\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.94.189.168 user=root Aug 30 10:53:48 auw2 sshd\[28347\]: Failed password for root from 138.94.189.168 port 19330 ssh2	2019-08-31 04:57:08

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.94.189.96
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 43054
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.94.189.96.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080501 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Aug 06 00:43:25 CST 2019
;; MSG SIZE  rcvd: 117

Host info

96.189.94.138.in-addr.arpa domain name pointer 138.94.189.96.stationtelecom.com.br.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
96.189.94.138.in-addr.arpa	name = 138.94.189.96.stationtelecom.com.br.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
118.179.221.146	attackspam	unauthorized connection attempt	2020-01-12 16:31:21
2.139.164.56	attack	unauthorized connection attempt	2020-01-12 16:21:48
95.210.2.89	attackbotsspam	unauthorized connection attempt	2020-01-12 16:33:05
117.158.175.165	attackspam	Unauthorized connection attempt detected from IP address 117.158.175.165 to port 23 [J]	2020-01-12 16:31:44
51.89.99.55	attack	12.01.2020 08:49:53 Connection to port 5060 blocked by firewall	2020-01-12 16:50:01
116.197.129.114	attackbots	Unauthorized connection attempt detected from IP address 116.197.129.114 to port 8000 [J]	2020-01-12 16:14:49
119.42.101.5	attack	unauthorized connection attempt	2020-01-12 16:24:33
203.142.69.203	attack	Jan 12 09:35:20 vps691689 sshd[13020]: Failed password for root from 203.142.69.203 port 42791 ssh2 Jan 12 09:39:49 vps691689 sshd[13101]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.142.69.203 ...	2020-01-12 16:52:29
82.243.227.136	attackspambots	unauthorized connection attempt	2020-01-12 16:15:49
222.247.122.187	attackspam	unauthorized connection attempt	2020-01-12 16:43:43
175.4.217.114	attack	unauthorized connection attempt	2020-01-12 16:54:25
119.115.99.1	attackbotsspam	Unauthorized connection attempt detected from IP address 119.115.99.1 to port 23 [J]	2020-01-12 16:48:21
85.44.49.241	attackbots	Unauthorized connection attempt detected from IP address 85.44.49.241 to port 80 [J]	2020-01-12 16:33:37
200.9.137.1	attackbotsspam	unauthorized connection attempt	2020-01-12 16:17:02
177.128.227.112	attackbots	unauthorized connection attempt	2020-01-12 16:54:06

Recently Reported IPs

40.134.144.211	154.250.120.26	138.36.228.110	138.36.209.6
201.73.194.125	137.103.59.106	219.148.200.26	2001:44c8:45ca:f5de:94be:a5f1:16bb:a3f2
196.174.197.64	137.97.180.23	3.217.31.79	137.97.118.145
137.97.113.147	155.129.132.79	70.4.107.18	137.97.28.154
24.37.201.55	137.97.4.238	131.147.132.135	133.44.36.72