City: Cantanhede
Region: Maranhao
Country: Brazil
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
| IP | Type | Details | Datetime |
|---|---|---|---|
| 138.97.233.92 | attackspam | Automatic report - Port Scan Attack |
2019-07-14 23:11:43 |
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2025, American Registry for Internet Numbers, Ltd.
#
NetRange: 138.97.0.0 - 138.97.255.255
CIDR: 138.97.0.0/16
NetName: LACNIC-ERX-138-97-0-0
NetHandle: NET-138-97-0-0-1
Parent: NET138 (NET-138-0-0-0-0)
NetType: Transferred to LACNIC
OriginAS:
Organization: Latin American and Caribbean IP address Regional Registry (LACNIC)
RegDate: 2010-11-19
Updated: 2010-11-19
Comment: This IP address range is under LACNIC responsibility
Comment: for further allocations to users in LACNIC region.
Comment: Please see http://www.lacnic.net/ for further details,
Comment: or check the WHOIS server located at http://whois.lacnic.net
Ref: https://rdap.arin.net/registry/ip/138.97.0.0
ResourceLink: http://lacnic.net/cgi-bin/lacnic/whois
ResourceLink: whois.lacnic.net
OrgName: Latin American and Caribbean IP address Regional Registry
OrgId: LACNIC
Address: Rambla Republica de Mexico 6125
City: Montevideo
StateProv:
PostalCode: 11400
Country: UY
RegDate: 2002-07-27
Updated: 2018-03-15
Ref: https://rdap.arin.net/registry/entity/LACNIC
ReferralServer: whois://whois.lacnic.net
ResourceLink: http://lacnic.net/cgi-bin/lacnic/whois
OrgAbuseHandle: LWI100-ARIN
OrgAbuseName: LACNIC Whois Info
OrgAbusePhone: +598-2604-2222
OrgAbuseEmail: abuse@lacnic.net
OrgAbuseRef: https://rdap.arin.net/registry/entity/LWI100-ARIN
OrgTechHandle: LACNIC-ARIN
OrgTechName: LACNIC Whois Info
OrgTechPhone: +598-2604-2222
OrgTechEmail: whois-contact@lacnic.net
OrgTechRef: https://rdap.arin.net/registry/entity/LACNIC-ARIN
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2025, American Registry for Internet Numbers, Ltd.
#
Found a referral to whois.lacnic.net.
% IP Client: 124.223.158.242
% Copyright (c) Nic.br - Use of this data is governed by the Use and
% Privacy Policy at https://registro.br/upp . Distribution,
% commercialization, reproduction, and use for advertising or similar
% purposes are expressly prohibited.
% 2025-09-29T12:01:51-03:00 - 124.223.158.242
inetnum: 138.97.232.0/22
aut-num: AS264204
abuse-c: CATEL29
owner: CAS TELECOMUNICACOES EIRELI
ownerid: 17.404.232/0001-08
responsible: ANTHONY HENRIQUE CASTRO DE OLIVEIRA
owner-c: CATEL29
tech-c: CATEL29
inetrev: 138.97.232.0/23
nserver: ns1.castelecom.com.br [lame - not published]
nsstat: 20250929 UH
nslastaa: 20240220
nserver: ns2.castelecom.com.br [lame - not published]
nsstat: 20250929 UH
nslastaa: 20240320
created: 20150407
changed: 20150407
nic-hdl-br: CATEL29
person: CAS TELECOM
created: 20150108
changed: 20150325
% Security and mail abuse issues should also be addressed to cert.br,
% respectivelly to cert@cert.br and mail-abuse@cert.br
%
% whois.registro.br only accepts exact match queries for domains,
% registrants, contacts, tickets, providers, IPs, and ASNs.; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.97.233.212
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63000
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;138.97.233.212. IN A
;; AUTHORITY SECTION:
. 29 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025092900 1800 900 604800 86400
;; Query time: 60 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Sep 29 23:01:52 CST 2025
;; MSG SIZE rcvd: 107Host 212.233.97.138.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 212.233.97.138.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 175.148.109.188 | attackbots | Unauthorised access (Sep 29) SRC=175.148.109.188 LEN=40 TTL=49 ID=21889 TCP DPT=8080 WINDOW=819 SYN Unauthorised access (Sep 28) SRC=175.148.109.188 LEN=40 TTL=49 ID=57861 TCP DPT=8080 WINDOW=819 SYN Unauthorised access (Sep 28) SRC=175.148.109.188 LEN=40 TTL=49 ID=42676 TCP DPT=8080 WINDOW=819 SYN Unauthorised access (Sep 26) SRC=175.148.109.188 LEN=40 TTL=49 ID=48462 TCP DPT=8080 WINDOW=819 SYN Unauthorised access (Sep 23) SRC=175.148.109.188 LEN=40 TTL=49 ID=5557 TCP DPT=8080 WINDOW=819 SYN Unauthorised access (Sep 23) SRC=175.148.109.188 LEN=40 TTL=49 ID=333 TCP DPT=8080 WINDOW=819 SYN Unauthorised access (Sep 23) SRC=175.148.109.188 LEN=40 TTL=49 ID=36968 TCP DPT=8080 WINDOW=819 SYN |
2019-09-29 07:19:35 |
| 86.125.104.96 | attackbotsspam | Automatic report - Banned IP Access |
2019-09-29 07:02:09 |
| 111.93.191.154 | attackspam | Sep 28 12:55:36 php1 sshd\[7605\]: Invalid user abc from 111.93.191.154 Sep 28 12:55:36 php1 sshd\[7605\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.93.191.154 Sep 28 12:55:38 php1 sshd\[7605\]: Failed password for invalid user abc from 111.93.191.154 port 42080 ssh2 Sep 28 13:01:02 php1 sshd\[8646\]: Invalid user proteu123 from 111.93.191.154 Sep 28 13:01:02 php1 sshd\[8646\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.93.191.154 |
2019-09-29 07:08:05 |
| 167.71.221.90 | attack | F2B jail: sshd. Time: 2019-09-29 01:21:04, Reported by: VKReport |
2019-09-29 07:25:40 |
| 103.56.113.201 | attackspam | Invalid user dnsadrc from 103.56.113.201 port 38957 |
2019-09-29 07:44:03 |
| 218.86.16.36 | attackspam | 3389BruteforceStormFW21 |
2019-09-29 07:21:45 |
| 213.135.239.146 | attackspambots | 2019-09-28T22:54:26.028269abusebot-4.cloudsearch.cf sshd\[27312\]: Invalid user admin from 213.135.239.146 port 17497 |
2019-09-29 07:07:02 |
| 159.203.197.168 | attack | firewall-block, port(s): 1527/tcp |
2019-09-29 07:34:11 |
| 218.1.116.178 | attackbots | Attempt to attack host OS, exploiting network vulnerabilities, on 28-09-2019 21:50:17. |
2019-09-29 07:21:59 |
| 112.33.16.34 | attackbots | Sep 29 00:55:51 vps691689 sshd[29127]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.33.16.34 Sep 29 00:55:53 vps691689 sshd[29127]: Failed password for invalid user ts3srv from 112.33.16.34 port 60228 ssh2 ... |
2019-09-29 07:06:20 |
| 62.7.90.34 | attack | 2019-09-28T23:29:33.570133abusebot-4.cloudsearch.cf sshd\[27530\]: Invalid user hdduser from 62.7.90.34 port 41208 |
2019-09-29 07:37:51 |
| 70.35.204.95 | attackspambots | Sep 29 02:45:05 areeb-Workstation sshd[4164]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=70.35.204.95 Sep 29 02:45:07 areeb-Workstation sshd[4164]: Failed password for invalid user power from 70.35.204.95 port 41776 ssh2 ... |
2019-09-29 07:04:30 |
| 104.131.22.72 | attackbotsspam | Sep 29 01:08:22 cp sshd[14294]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.22.72 |
2019-09-29 07:09:15 |
| 92.188.124.228 | attackbots | Sep 28 23:10:12 game-panel sshd[17903]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.188.124.228 Sep 28 23:10:15 game-panel sshd[17903]: Failed password for invalid user hn from 92.188.124.228 port 36178 ssh2 Sep 28 23:14:07 game-panel sshd[18037]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.188.124.228 |
2019-09-29 07:17:09 |
| 106.13.84.25 | attack | F2B jail: sshd. Time: 2019-09-29 01:17:49, Reported by: VKReport |
2019-09-29 07:32:34 |