191.102.126.138

Basic Info

City: Bogotá

Region: Bogota D.C.

Country: Colombia

Internet Service Provider: TV Azteca Sucursal Colombia

Hostname: unknown

Organization: TV AZTECA SUCURSAL COLOMBIA

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	IP was detected trying to Brute-Force SSH, FTP, Web Apps or Hacking.	2019-12-09 02:47:11
attackbots	SpamReport	2019-11-27 22:55:31
attackspambots	postfix (unknown user, SPF fail or relay access denied)	2019-10-23 12:02:02
attack	Sent mail to target address hacked/leaked from abandonia in 2016	2019-06-29 15:59:02

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 191.102.126.138
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 54115
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;191.102.126.138.		IN	A

;; AUTHORITY SECTION:
.			2662	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040400 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Thu Apr 04 19:05:26 +08 2019
;; MSG SIZE  rcvd: 119

Host info

138.126.102.191.in-addr.arpa domain name pointer azteca-comunicaciones.com.

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
138.126.102.191.in-addr.arpa	name = azteca-comunicaciones.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
180.76.153.46	attackspam	...	2020-03-10 20:35:16
71.237.171.150	attackbots	Brute-force attempt banned	2020-03-10 20:50:05
64.225.104.142	attackspam	Lines containing failures of 64.225.104.142 (max 1000) Mar 10 07:17:14 localhost sshd[22438]: Invalid user rizon from 64.225.104.142 port 42898 Mar 10 07:17:14 localhost sshd[22438]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=64.225.104.142 Mar 10 07:17:16 localhost sshd[22438]: Failed password for invalid user rizon from 64.225.104.142 port 42898 ssh2 Mar 10 07:17:16 localhost sshd[22438]: Received disconnect from 64.225.104.142 port 42898:11: Bye Bye [preauth] Mar 10 07:17:16 localhost sshd[22438]: Disconnected from invalid user rizon 64.225.104.142 port 42898 [preauth] Mar 10 07:28:54 localhost sshd[25791]: Invalid user xbmc from 64.225.104.142 port 45784 Mar 10 07:28:54 localhost sshd[25791]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=64.225.104.142 Mar 10 07:28:56 localhost sshd[25791]: Failed password for invalid user xbmc from 64.225.104.142 port 45784 ssh2 Mar 10 07:28:57 ........ ------------------------------	2020-03-10 20:50:22
120.29.153.130	attack	scan r	2020-03-10 20:44:45
1.53.250.136	attackspambots	Automatic report - Port Scan Attack	2020-03-10 20:29:47
196.178.157.93	attack	Email rejected due to spam filtering	2020-03-10 21:01:37
185.200.118.82	attack	185.200.118.82 was recorded 6 times by 6 hosts attempting to connect to the following ports: 1194. Incident counter (4h, 24h, all-time): 6, 6, 152	2020-03-10 21:00:48
51.77.157.78	attackbotsspam	fail2ban	2020-03-10 20:18:16
171.234.193.14	attackbots	1583832248 - 03/10/2020 10:24:08 Host: 171.234.193.14/171.234.193.14 Port: 445 TCP Blocked	2020-03-10 20:43:53
14.29.249.248	attackbots	Lines containing failures of 14.29.249.248 Mar 10 02:44:05 smtp-out sshd[11173]: Invalid user kelly from 14.29.249.248 port 48202 Mar 10 02:44:05 smtp-out sshd[11173]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.29.249.248 Mar 10 02:44:07 smtp-out sshd[11173]: Failed password for invalid user kelly from 14.29.249.248 port 48202 ssh2 Mar 10 02:44:09 smtp-out sshd[11173]: Received disconnect from 14.29.249.248 port 48202:11: Bye Bye [preauth] Mar 10 02:44:09 smtp-out sshd[11173]: Disconnected from invalid user kelly 14.29.249.248 port 48202 [preauth] Mar 10 02:53:46 smtp-out sshd[11499]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.29.249.248 user=r.r Mar 10 02:53:48 smtp-out sshd[11499]: Failed password for r.r from 14.29.249.248 port 52340 ssh2 Mar 10 02:53:48 smtp-out sshd[11499]: Received disconnect from 14.29.249.248 port 52340:11: Bye Bye [preauth] Mar 10 02:53:48 smtp-out ........ ------------------------------	2020-03-10 20:29:14
134.175.17.32	attack	Mar 10 10:14:09 mail sshd[17050]: Invalid user chris from 134.175.17.32 Mar 10 10:14:09 mail sshd[17050]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.17.32 Mar 10 10:14:09 mail sshd[17050]: Invalid user chris from 134.175.17.32 Mar 10 10:14:11 mail sshd[17050]: Failed password for invalid user chris from 134.175.17.32 port 45180 ssh2 Mar 10 10:24:25 mail sshd[441]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.17.32 user=root Mar 10 10:24:27 mail sshd[441]: Failed password for root from 134.175.17.32 port 40490 ssh2 ...	2020-03-10 20:32:18
152.250.250.194	attackspambots	DATE:2020-03-10 10:21:13, IP:152.250.250.194, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-03-10 20:42:28
183.88.243.250	attack	Brute force attempt	2020-03-10 20:57:21
188.68.93.39	attack	RU_mnt-ru-csu-1_<177>1583832280 [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2]: {TCP} 188.68.93.39:53064	2020-03-10 20:20:45
106.13.140.110	attack	Mar 10 09:19:23 vlre-nyc-1 sshd\[9245\]: Invalid user gmod from 106.13.140.110 Mar 10 09:19:23 vlre-nyc-1 sshd\[9245\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.140.110 Mar 10 09:19:25 vlre-nyc-1 sshd\[9245\]: Failed password for invalid user gmod from 106.13.140.110 port 35428 ssh2 Mar 10 09:23:46 vlre-nyc-1 sshd\[9345\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.140.110 user=root Mar 10 09:23:47 vlre-nyc-1 sshd\[9345\]: Failed password for root from 106.13.140.110 port 34688 ssh2 ...	2020-03-10 20:59:00

Recently Reported IPs

198.20.103.244	88.202.190.149	222.112.250.9	103.253.183.175
54.89.242.57	46.175.132.219	195.206.55.154	5.251.221.121
5.178.142.142	177.158.167.5	162.243.11.104	93.23.6.66
27.213.38.210	216.218.206.69	124.135.15.55	81.22.10.229
75.4.214.93	60.54.119.170	41.37.148.142	18.235.66.149