138.94.84.166 - IPInfo

Basic Info

City: São Paulo

Region: Sao Paulo

Country: Brazil

Internet Service Provider: ETECC Fibra Optica

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	445/tcp 445/tcp [2020-06-24]2pkt	2020-06-25 06:40:13

Comments on same subnet:

IP	Type	Details	Datetime
138.94.84.180	attackspambots	nft/Honeypot	2020-04-17 12:59:11
138.94.84.219	attackbots	Unauthorized connection attempt detected from IP address 138.94.84.219 to port 8000	2020-01-16 04:12:51
138.94.84.219	attackspam	Unauthorized connection attempt detected from IP address 138.94.84.219 to port 8080 [J]	2020-01-06 17:31:25
138.94.84.219	attackspambots	Automatic report - Port Scan Attack	2019-10-18 15:35:20

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.94.84.166
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57564
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.94.84.166.			IN	A

;; AUTHORITY SECTION:
.			262	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020062401 1800 900 604800 86400

;; Query time: 84 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jun 25 06:40:09 CST 2020
;; MSG SIZE  rcvd: 117

Host info

166.84.94.138.in-addr.arpa domain name pointer 138-94-84-166.eteccinformatica.com.br.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
166.84.94.138.in-addr.arpa	name = 138-94-84-166.eteccinformatica.com.br.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
92.222.47.41	attack	Oct 16 16:03:58 ArkNodeAT sshd\[3163\]: Invalid user apayne from 92.222.47.41 Oct 16 16:03:58 ArkNodeAT sshd\[3163\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.222.47.41 Oct 16 16:04:00 ArkNodeAT sshd\[3163\]: Failed password for invalid user apayne from 92.222.47.41 port 34830 ssh2	2019-10-16 22:52:35
92.50.249.166	attack	Oct 16 16:24:52 MK-Soft-VM6 sshd[17728]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.50.249.166 Oct 16 16:24:54 MK-Soft-VM6 sshd[17728]: Failed password for invalid user aiyaz from 92.50.249.166 port 49810 ssh2 ...	2019-10-16 22:29:16
184.105.139.125	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-10-16 22:24:37
122.170.39.235	attack	firewall-block, port(s): 8291/tcp	2019-10-16 23:06:42
222.186.180.223	attack	k+ssh-bruteforce	2019-10-16 22:58:58
85.209.0.194	attackspambots	Scanning for open ports	2019-10-16 22:31:20
159.203.169.16	attack	firewall-block, port(s): 9128/tcp	2019-10-16 23:02:07
80.211.159.118	attackspambots	Oct 16 16:00:39 [host] sshd[30815]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.159.118 user=root Oct 16 16:00:40 [host] sshd[30815]: Failed password for root from 80.211.159.118 port 57236 ssh2 Oct 16 16:05:14 [host] sshd[30871]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.159.118 user=root	2019-10-16 22:49:03
195.192.226.180	attackspam	firewall-block, port(s): 23/tcp	2019-10-16 22:54:31
45.142.195.5	attackspam	Oct 16 16:19:32 webserver postfix/smtpd\[15864\]: warning: unknown\[45.142.195.5\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 16 16:19:52 webserver postfix/smtpd\[15864\]: warning: unknown\[45.142.195.5\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 16 16:20:38 webserver postfix/smtpd\[15864\]: warning: unknown\[45.142.195.5\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 16 16:21:25 webserver postfix/smtpd\[15863\]: warning: unknown\[45.142.195.5\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 16 16:22:13 webserver postfix/smtpd\[15863\]: warning: unknown\[45.142.195.5\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-10-16 22:28:16
103.28.161.26	attack	10/16/2019-14:18:27.663287 103.28.161.26 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2019-10-16 22:36:54
54.38.188.34	attackbots	Oct 16 08:17:09 firewall sshd[21083]: Invalid user ubnt from 54.38.188.34 Oct 16 08:17:11 firewall sshd[21083]: Failed password for invalid user ubnt from 54.38.188.34 port 56618 ssh2 Oct 16 08:21:04 firewall sshd[21171]: Invalid user lao from 54.38.188.34 ...	2019-10-16 22:39:46
95.116.90.149	attack	$f2bV_matches	2019-10-16 22:24:21
171.6.81.56	attackbotsspam	fail2ban	2019-10-16 22:57:29
198.245.63.94	attackbots	Oct 16 13:10:31 work-partkepr sshd\[21262\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.245.63.94 user=root Oct 16 13:10:33 work-partkepr sshd\[21262\]: Failed password for root from 198.245.63.94 port 52942 ssh2 ...	2019-10-16 22:41:38

Recently Reported IPs

70.129.18.49	173.85.50.197	78.221.69.252	121.249.14.122
149.148.16.226	184.201.236.192	181.193.210.123	195.58.167.252
54.159.193.215	134.209.94.189	201.11.59.209	46.118.203.53
95.179.127.152	162.207.144.254	178.221.70.248	208.13.198.75
176.154.224.46	110.200.170.51	178.166.53.14	180.104.40.122