138.97.3.66 - IPInfo

Basic Info

City: Morrinhos

Region: Goias

Country: Brazil

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
138.97.37.225	attackspambots	SMB Server BruteForce Attack	2020-08-11 06:57:04
138.97.3.139	attack	Nov 26 11:31:27 mercury auth[30111]: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=josh@learnargentinianspanish.com rhost=138.97.3.139 ...	2020-03-04 02:09:09
138.97.31.81	attackspambots	Port probing on unauthorized port 23	2020-02-08 05:47:44
138.97.3.35	attack	Unauthorized connection attempt detected from IP address 138.97.3.35 to port 8080 [J]	2020-01-07 08:19:08
138.97.37.53	attackbots	1588/tcp 9200/tcp 8000/tcp [2019-09-22]3pkt	2019-09-25 05:20:45

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.97.3.66
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42428
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;138.97.3.66.			IN	A

;; AUTHORITY SECTION:
.			599	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022030803 1800 900 604800 86400

;; Query time: 117 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Mar 09 08:00:27 CST 2022
;; MSG SIZE  rcvd: 104

Host info

66.3.97.138.in-addr.arpa domain name pointer 66-3-97-138.clickturbo.com.br.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
66.3.97.138.in-addr.arpa	name = 66-3-97-138.clickturbo.com.br.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
222.105.177.33	attackspambots	Jun 16 15:33:31 tuxlinux sshd[16893]: Invalid user melanie from 222.105.177.33 port 35176 Jun 16 15:33:31 tuxlinux sshd[16893]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.105.177.33 Jun 16 15:33:31 tuxlinux sshd[16893]: Invalid user melanie from 222.105.177.33 port 35176 Jun 16 15:33:31 tuxlinux sshd[16893]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.105.177.33 Jun 16 15:33:31 tuxlinux sshd[16893]: Invalid user melanie from 222.105.177.33 port 35176 Jun 16 15:33:31 tuxlinux sshd[16893]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.105.177.33 Jun 16 15:33:33 tuxlinux sshd[16893]: Failed password for invalid user melanie from 222.105.177.33 port 35176 ssh2 ...	2020-06-16 22:49:54
49.233.160.103	attackspam	$f2bV_matches	2020-06-16 22:36:24
58.212.133.141	attackbotsspam	SSH brute force attempt	2020-06-16 23:16:12
46.38.150.203	attackbots	Jun 16 16:15:18 srv01 postfix/smtpd\[22635\]: warning: unknown\[46.38.150.203\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 16 16:15:18 srv01 postfix/smtpd\[17371\]: warning: unknown\[46.38.150.203\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 16 16:15:33 srv01 postfix/smtpd\[16847\]: warning: unknown\[46.38.150.203\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 16 16:15:43 srv01 postfix/smtpd\[22635\]: warning: unknown\[46.38.150.203\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 16 16:15:58 srv01 postfix/smtpd\[17371\]: warning: unknown\[46.38.150.203\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-06-16 22:36:04
141.98.81.208	attackspambots	Jun 16 16:20:03 haigwepa sshd[23662]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.98.81.208 Jun 16 16:20:05 haigwepa sshd[23662]: Failed password for invalid user Administrator from 141.98.81.208 port 16903 ssh2 ...	2020-06-16 22:35:12
190.189.12.210	attackbots	Failed password for invalid user mozilla from 190.189.12.210 port 47570 ssh2	2020-06-16 23:14:44
154.183.141.172	attackbots	Lines containing failures of 154.183.141.172 (max 1000) Jun 16 12:09:39 jomu postfix/smtpd[4276]: warning: hostname host-154.183.172.141-static.tedata.net does not resolve to address 154.183.141.172: Name or service not known Jun 16 12:09:39 jomu postfix/smtpd[4276]: connect from unknown[154.183.141.172] Jun 16 12:09:40 jomu postfix/smtpd[4276]: Anonymous TLS connection established from unknown[154.183.141.172]: TLSv1.2 whostnameh cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bhostnames) Jun 16 12:09:42 jomu postfix/smtpd[4276]: warning: unknown[154.183.141.172]: SASL PLAIN authentication failed: Jun 16 12:09:48 jomu postfix/smtpd[4276]: warning: unknown[154.183.141.172]: SASL LOGIN authentication failed: VXNlcm5hbWU6 Jun 16 12:09:48 jomu postfix/smtpd[4276]: lost connection after AUTH from unknown[154.183.141.172] Jun 16 12:09:48 jomu postfix/smtpd[4276]: disconnect from unknown[154.183.141.172] ehlo=2 starttls=1 auth=0/2 commands=3/5 ........ ----------------------------------------------- https://www.block	2020-06-16 23:11:48
190.66.3.92	attackspam	$f2bV_matches	2020-06-16 23:13:52
46.38.150.188	attackspam	2020-06-16T08:30:56.010707linuxbox-skyline auth[433424]: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=stun rhost=46.38.150.188 ...	2020-06-16 22:50:31
163.172.165.95	attackspambots	2020-06-16 13:37:43 unexpected disconnection while reading SMTP command from messier32.com [163.172.165.95]:52449 I=[10.100.18.25]:25 2020-06-16 14:01:02 unexpected disconnection while reading SMTP command from messier32.com [163.172.165.95]:40886 I=[10.100.18.25]:25 2020-06-16 14:05:03 unexpected disconnection while reading SMTP command from messier32.com [163.172.165.95]:59449 I=[10.100.18.25]:25 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=163.172.165.95	2020-06-16 22:56:25
222.186.30.76	attack	2020-06-16T14:40:09.172356abusebot-4.cloudsearch.cf sshd[25587]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.76 user=root 2020-06-16T14:40:11.177204abusebot-4.cloudsearch.cf sshd[25587]: Failed password for root from 222.186.30.76 port 21499 ssh2 2020-06-16T14:40:13.737703abusebot-4.cloudsearch.cf sshd[25587]: Failed password for root from 222.186.30.76 port 21499 ssh2 2020-06-16T14:40:09.172356abusebot-4.cloudsearch.cf sshd[25587]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.76 user=root 2020-06-16T14:40:11.177204abusebot-4.cloudsearch.cf sshd[25587]: Failed password for root from 222.186.30.76 port 21499 ssh2 2020-06-16T14:40:13.737703abusebot-4.cloudsearch.cf sshd[25587]: Failed password for root from 222.186.30.76 port 21499 ssh2 2020-06-16T14:40:09.172356abusebot-4.cloudsearch.cf sshd[25587]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruse ...	2020-06-16 22:43:57
112.85.42.232	attackbots	Jun 16 17:03:33 home sshd[4352]: Failed password for root from 112.85.42.232 port 56115 ssh2 Jun 16 17:04:39 home sshd[4430]: Failed password for root from 112.85.42.232 port 40123 ssh2 ...	2020-06-16 23:10:44
192.241.246.167	attack	SSH/22 MH Probe, BF, Hack -	2020-06-16 22:33:23
159.93.70.107	attackspam	Lines containing failures of 159.93.70.107 Jun 16 13:41:04 shared06 sshd[26368]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.93.70.107 user=r.r Jun 16 13:41:05 shared06 sshd[26368]: Failed password for r.r from 159.93.70.107 port 51808 ssh2 Jun 16 13:41:05 shared06 sshd[26368]: Received disconnect from 159.93.70.107 port 51808:11: Bye Bye [preauth] Jun 16 13:41:05 shared06 sshd[26368]: Disconnected from authenticating user r.r 159.93.70.107 port 51808 [preauth] Jun 16 13:51:04 shared06 sshd[29480]: Invalid user webmaster from 159.93.70.107 port 37262 Jun 16 13:51:04 shared06 sshd[29480]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.93.70.107 Jun 16 13:51:06 shared06 sshd[29480]: Failed password for invalid user webmaster from 159.93.70.107 port 37262 ssh2 Jun 16 13:51:06 shared06 sshd[29480]: Received disconnect from 159.93.70.107 port 37262:11: Bye Bye [preauth] Jun 16 13:51:........ ------------------------------	2020-06-16 23:12:48
211.169.234.55	attackbots	odoo8 ...	2020-06-16 22:59:15

Recently Reported IPs

138.97.3.65	138.97.3.85	138.97.3.76	138.97.3.6
138.97.3.90	138.97.3.92	118.194.242.42	138.97.3.97
138.97.30.131	138.97.3.95	138.97.30.142	138.97.30.144
138.97.30.177	138.97.30.140	138.97.30.169	138.97.30.187
138.97.30.234	118.194.242.44	138.97.30.241	138.97.30.245