138.97.66.142 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Brazil

Internet Service Provider: Westlink Tecnologia e Comunicacao Ltda. - ME

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Chat Spam	2019-08-03 00:34:04
attackspam	Jul 31 21:25:09 master sshd[17428]: Failed password for invalid user admin from 138.97.66.142 port 40496 ssh2	2019-08-01 07:18:38

Comments on same subnet:

IP	Type	Details	Datetime
138.97.66.57	attack	Disconnected $auth failed, 1 attempts in 12 secs$:	2020-01-30 03:14:18
138.97.66.113	attackbotsspam	$f2bV_matches	2019-12-16 00:06:15
138.97.66.252	attack	Unauthorized SMTP/IMAP/POP3 connection attempt	2019-11-29 03:08:53
138.97.66.252	attackbots	Brute force attempt	2019-11-27 03:21:53
138.97.66.205	attackbots	Invalid user admin from 138.97.66.205 port 40122	2019-11-20 04:01:14
138.97.66.113	attackspambots	failed_logins	2019-08-17 17:14:49
138.97.66.113	attackbots	Autoban 138.97.66.113 ABORTED AUTH	2019-07-06 07:25:19

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.97.66.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 45088
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.97.66.142.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019073101 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Aug 01 07:18:22 CST 2019
;; MSG SIZE  rcvd: 117

Host info

142.66.97.138.in-addr.arpa domain name pointer 138-97-66-142.westlink.net.br.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
142.66.97.138.in-addr.arpa	name = 138-97-66-142.westlink.net.br.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
159.65.8.65	attack	Jun 7 21:44:07 server sshd[11060]: Failed password for root from 159.65.8.65 port 43730 ssh2 Jun 7 21:47:38 server sshd[14831]: Failed password for root from 159.65.8.65 port 46020 ssh2 Jun 7 21:51:19 server sshd[19441]: Failed password for root from 159.65.8.65 port 48308 ssh2	2020-06-08 03:59:01
103.238.63.130	attack	Unauthorized connection attempt from IP address 103.238.63.130 on Port 445(SMB)	2020-06-08 04:04:38
185.176.27.174	attackbots	06/07/2020-15:43:16.378612 185.176.27.174 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-06-08 03:46:42
89.37.2.65	attack	Unauthorized connection attempt from IP address 89.37.2.65 on Port 445(SMB)	2020-06-08 03:50:28
101.89.197.232	attackspambots	Jun 7 13:53:37 prod4 sshd\[26631\]: Failed password for root from 101.89.197.232 port 54964 ssh2 Jun 7 13:56:07 prod4 sshd\[27298\]: Failed password for root from 101.89.197.232 port 46950 ssh2 Jun 7 14:01:53 prod4 sshd\[30105\]: Failed password for root from 101.89.197.232 port 59180 ssh2 ...	2020-06-08 03:40:45
49.233.128.229	attackspambots	bruteforce detected	2020-06-08 03:36:05
183.91.2.115	attackspam	Unauthorized connection attempt from IP address 183.91.2.115 on Port 445(SMB)	2020-06-08 03:58:39
196.27.127.61	attackspambots	Unauthorised connection attempt detected at AUO NODE 4. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-06-08 03:28:39
178.34.156.249	attackspambots	Jun 7 16:35:42 lnxweb61 sshd[11597]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.34.156.249	2020-06-08 03:57:41
69.194.92.245	attackbots	Unauthorized connection attempt from IP address 69.194.92.245 on Port 445(SMB)	2020-06-08 03:35:33
222.186.173.238	attackbotsspam	2020-06-07T21:31:35.525331 sshd[8631]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.238 user=root 2020-06-07T21:31:37.116510 sshd[8631]: Failed password for root from 222.186.173.238 port 48682 ssh2 2020-06-07T21:31:40.979871 sshd[8631]: Failed password for root from 222.186.173.238 port 48682 ssh2 2020-06-07T21:31:35.525331 sshd[8631]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.238 user=root 2020-06-07T21:31:37.116510 sshd[8631]: Failed password for root from 222.186.173.238 port 48682 ssh2 2020-06-07T21:31:40.979871 sshd[8631]: Failed password for root from 222.186.173.238 port 48682 ssh2 ...	2020-06-08 03:35:12
183.83.71.170	attackspam	Unauthorized connection attempt detected from IP address 183.83.71.170 to port 445	2020-06-08 04:06:29
175.97.137.10	attack	(sshd) Failed SSH login from 175.97.137.10 (TW/Taiwan/175-97-137-10.dynamic.tfn.net.tw): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jun 7 15:20:49 ubnt-55d23 sshd[21384]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.97.137.10 user=root Jun 7 15:20:51 ubnt-55d23 sshd[21384]: Failed password for root from 175.97.137.10 port 49328 ssh2	2020-06-08 03:45:14
79.11.249.33	attack	Telnet Honeypot -> Telnet Bruteforce / Login	2020-06-08 03:42:17
203.192.219.201	attackbotsspam	Jun 8 01:03:24 web1 sshd[32580]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.192.219.201 user=root Jun 8 01:03:26 web1 sshd[32580]: Failed password for root from 203.192.219.201 port 33974 ssh2 Jun 8 01:08:31 web1 sshd[1639]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.192.219.201 user=root Jun 8 01:08:33 web1 sshd[1639]: Failed password for root from 203.192.219.201 port 51608 ssh2 Jun 8 01:12:01 web1 sshd[2535]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.192.219.201 user=root Jun 8 01:12:03 web1 sshd[2535]: Failed password for root from 203.192.219.201 port 44476 ssh2 Jun 8 01:15:30 web1 sshd[3535]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.192.219.201 user=root Jun 8 01:15:32 web1 sshd[3535]: Failed password for root from 203.192.219.201 port 37348 ssh2 Jun 8 01:18:53 web1 sshd[ ...	2020-06-08 03:38:41

Recently Reported IPs

121.100.28.199	246.242.18.32	222.186.138.68	168.228.150.219
177.52.249.151	76.72.8.136	95.217.144.172	104.40.240.94
60.170.245.153	61.228.177.5	164.77.188.109	144.217.166.19
198.245.49.73	80.179.37.78	104.238.118.103	121.33.247.107
173.164.244.137	195.201.130.252	189.63.19.129	201.140.1.56

IP	Type	Details	Datetime
138.97.66.57	attack	Disconnected \(auth failed, 1 attempts in 12 secs\):	2020-01-30 03:14:18
138.97.66.113	attackbotsspam	$f2bV_matches	2019-12-16 00:06:15
138.97.66.252	attack	Unauthorized SMTP/IMAP/POP3 connection attempt	2019-11-29 03:08:53
138.97.66.252	attackbots	Brute force attempt	2019-11-27 03:21:53
138.97.66.205	attackbots	Invalid user admin from 138.97.66.205 port 40122	2019-11-20 04:01:14
138.97.66.113	attackspambots	failed_logins	2019-08-17 17:14:49
138.97.66.113	attackbots	Autoban 138.97.66.113 ABORTED AUTH	2019-07-06 07:25:19