IP: 138.94.176.182Brazil Near: Brasilia, Distrito Federal, Brazil
Country:
Brazil
Region:
07
City:
Brasilia
Latitude:
-15.7833
Longitude:
-47.9167
NetRange: 138.94.0.0 - 138.94.255.255
CIDR: 138.94.0.0/16
NetName: LACNIC-ERX-138-94-0-0
NetHandle: NET-138-94-0-0-1
Parent: NET138 (NET-138-0-0-0-0)
NetType: Transferred to LACNIC
OriginAS:
Organization: Latin American and Caribbean IP address Regional Registry (LACNIC)
RegDate: 2010-11-19
Updated: 2010-11-19
Comment: This IP address range is under LACNIC responsibility
Comment: for further allocations to users in LACNIC region.
Comment: Please see http://www.lacnic.net/ for further details,
Comment: or check the WHOIS server located at http://whois.lacnic.net
Ref: https://rdap.arin.net/registry/ip/138.94.0.0

ResourceLink: http://lacnic.net/cgi-bin/lacnic/whois
ResourceLink: whois.lacnic.net

OrgName: Latin American and Caribbean IP address Regional Registry
OrgId: LACNIC
Address: Rambla Republica de Mexico 6125
City: Montevideo
StateProv:
PostalCode: 11400
Country: UY
RegDate: 2002-07-26
Updated: 2018-03-15
Ref: https://rdap.arin.net/registry/entity/LACNIC

ReferralServer: whois://whois.lacnic.net
ResourceLink: http://lacnic.net/cgi-bin/lacnic/whois

OrgTechHandle: LACNIC-ARIN
OrgTechName: LACNIC Whois Info
OrgTechPhone: +598-2604-2222
OrgTechEmail: whois-contact@lacnic.net
OrgTechRef: https://rdap.arin.net/registry/entity/LACNIC-ARIN

OrgAbuseHandle: LWI100-ARIN
OrgAbuseName: LACNIC Whois Info
OrgAbusePhone: +598-2604-2222
OrgAbuseEmail: abuse@lacnic.net
OrgAbuseRef: https://rdap.arin.net/registry/entity/LWI100-ARIN
DNS BlackList results:
Most recent complaints on 138.94.176.182
Complaint by John Andersson :

Sextorsion scam Received: from client-bsb-138-94-176-182.ti5.net.br ([138.94.176.182]) by cmsmtp with ESMTP id I4EZiCSDyozssI4EbiJaCA; Wed, 09 Oct 2019 07:10:03 +0200 X-CP-SUBJECT-TAG: 1 X-TeliaCompany-Spam: Suspected Spam X-Spam-Verdict: Spam X-CMAE-Score: 100.00 X-Spam-Verdict: Suspect Message-ID: <DB42185794810DDB42185794810DDB42@X4Q37S4X4Q3> From: <andersson.john@telia.com> To: <andersson.john@telia.com> Subject: [Suspected Spam] Your account has been hacked! You need to unlock. Date: 8 Oct 2019 21:33:58 -0400 MIME-Version: 1.0 Content-Type: text/plain; charset="ibm852" Content-Transfer-Encoding: 8bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.4533 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.4533 X-CMAE-Envelope: MS4wfJBtrryiFUioV0+q/Qt7RgzwzKdiBFU+wJGFKao3DYb1wyfNPl4BDnydPIAoZj7TvHsF0TowxWtjnqg6alvOEj8FT5SBZKHxxOr8JvsC8THLCR0MT5Vj df05pDoxEJn/IpMU74tcNIZOOcx/y0lxQcMSVjmREnL/dwCpU5SFV4PG1oScJqXr4IX5qOI84V1qWV41Zls8VN3L9EvQO0s4+mU= Hello! I have very bad news for you. 17/07/2019 - on this day I hacked your OS and got full access to your account andersson.john@telia.com. You can check it - I sent this message from your account. So, you can change the password, yes.. But my malware intercepts it every time. How I made it: In the software of the router, through which you went online, was a vulnerability. I just hacked this router and placed my malicious code on it. When you went online, my trojan was installed on the OS of your device. After that, I made a full dump of your disk (I have all your address book, history of viewing sites, all files, phone numbers and addresses of all your contacts). A month ago, I wanted to lock your device and ask for a not big amount of btc to unlock. But I looked at the sites that you regularly visit, and I was shocked by what I saw!!! I'm talk you about sites for adults. I want to say - you are a BIG pervert. Your fantasy is shifted far away from the normal course! And I got an idea.... I made a screenshot of the adult sites where you have fun (do you understand what it is about, huh?). After that, I made a screenshot of your joys (using the camera of your device) and glued them together. Turned out amazing! You are so spectacular! I'm know that you would not like to show these screenshots to your friends, relatives or colleagues. I think $975 is a very, very small amount for my silence. Besides, I have been spying on you for so long, having spent a lot of time! Pay ONLY in Bitcoins! My BTC wallet: 15yF8WkUg8PRjJehYW4tGdqcyzc4z7dScM You do not know how to use bitcoins? Enter a query in any search engine: "how to replenish btc wallet". It's extremely easy For this payment I give you two days (48 hours). As soon as this letter is opened, the timer will work. After payment, my virus and dirty screenshots with your enjoys will be self-destruct automatically. If I do not receive from you the specified amount, then your device will be locked, and all your contacts will receive a screenshots with your "enjoys". I hope you understand your situation. - Do not try to find and destroy my virus! (All your data, files and screenshots is already uploaded to a remote server) - Do not try to contact me (you yourself will see that this is impossible, I sent you an email from your account) - Various security services will not help you; formatting a disk or destroying a device will not help, since your data is already on a remote server. P.S. You are not my single victim. so, I guarantee you that I will not disturb you again after payment! This is the word of honor hacker. I also ask you to regularly update your antiviruses in the future. This way you will no longer fall into a similar situation. Do not hold evil! I just do my job. Good luck.

Reported on: 9th, Oct. 2019

Please help us keep Internet safer and cleaner by leaving a descriptive comment about 138.94.176.182 IP address


DNSBL* - is a list of IP addresses published through the Internet Domain Name Service (DNS) either as a zone file that can be used by DNS server software, or as a live DNS zone that can be queried in real-time. DNSBLs are most often used to publish the addresses of computers or networks linked to spamming; most mail server software can be configured to reject or flag messages which have been sent from a site listed on one or more such lists.

WHOIS** - is a query/response protocol that is widely used for querying databases in order to determine the registrant or assignee of Internet resources, such as a domain name, an IP address block, or an autonomous system number. WHOIS lookups were traditionally performed with a command line interface application, and network administrators predominantly still use this method, but many simplified web-based tools exist. WHOIS services are typically communicated using the Transmission Control Protocol (TCP). Servers listen to requests on the well-known port number 43.

** Approximate Geographic Location - This is NOT the exact geographical location of the person/organization with the given IP address. However, this should still give you a good idea about the area/region where this person/orgranization is located.