138.117.191.42

Basic Info

City: unknown

Region: unknown

Country: Brazil

Internet Service Provider: Link Net-Igarapava

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	(smtpauth) Failed SMTP AUTH login from 138.117.191.42 (BR/Brazil/138.117.191-42.linknet.srv.br): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-07-27 00:44:31 plain authenticator failed for ([138.117.191.42]) [138.117.191.42]: 535 Incorrect authentication data (set_id=info)	2020-07-27 06:09:35

Type

Details

Datetime

attack

(smtpauth) Failed SMTP AUTH login from 138.117.191.42 (BR/Brazil/138.117.191-42.linknet.srv.br): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-07-27 00:44:31 plain authenticator failed for ([138.117.191.42]) [138.117.191.42]: 535 Incorrect authentication data (set_id=info)

2020-07-27 06:09:35

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.117.191.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21665
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.117.191.42.			IN	A

;; AUTHORITY SECTION:
.			522	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020072601 1800 900 604800 86400

;; Query time: 90 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jul 27 06:09:31 CST 2020
;; MSG SIZE  rcvd: 118

Host info

42.191.117.138.in-addr.arpa domain name pointer 138.117.191-42.linknet.srv.br.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
42.191.117.138.in-addr.arpa	name = 138.117.191-42.linknet.srv.br.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
211.75.174.135	attackbots	(sshd) Failed SSH login from 211.75.174.135 (211-75-174-135.HINET-IP.hinet.net): 5 in the last 3600 secs	2019-12-30 20:53:05
150.95.153.137	attackspam	Dec 30 12:07:58 legacy sshd[27600]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.95.153.137 Dec 30 12:08:00 legacy sshd[27600]: Failed password for invalid user chevance from 150.95.153.137 port 45472 ssh2 Dec 30 12:11:25 legacy sshd[27725]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.95.153.137 ...	2019-12-30 21:13:27
104.236.28.167	attackspam	Dec 30 13:39:36 ns3110291 sshd\[12539\]: Invalid user mcgowen from 104.236.28.167 Dec 30 13:39:36 ns3110291 sshd\[12539\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.28.167 Dec 30 13:39:38 ns3110291 sshd\[12539\]: Failed password for invalid user mcgowen from 104.236.28.167 port 38416 ssh2 Dec 30 13:41:17 ns3110291 sshd\[12581\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.28.167 user=root Dec 30 13:41:19 ns3110291 sshd\[12581\]: Failed password for root from 104.236.28.167 port 55570 ssh2 ...	2019-12-30 20:44:22
188.165.251.196	attackbotsspam	188.165.251.196 has been banned for [WebApp Attack] ...	2019-12-30 20:38:08
62.28.160.141	attackbotsspam	Unauthorized connection attempt detected from IP address 62.28.160.141 to port 1433	2019-12-30 20:56:13
14.191.173.43	attackspambots	19/12/30@01:22:01: FAIL: Alarm-Network address from=14.191.173.43 19/12/30@01:22:01: FAIL: Alarm-Network address from=14.191.173.43 ...	2019-12-30 20:50:31
132.232.1.62	attackspam	Automatic report - Banned IP Access	2019-12-30 20:51:31
104.131.139.147	attack	Wordpress Admin Login attack	2019-12-30 21:09:31
80.11.253.50	attackspam	Lines containing failures of 80.11.253.50 Dec 30 07:20:13 MAKserver05 sshd[24825]: Invalid user guest from 80.11.253.50 port 60585 Dec 30 07:20:13 MAKserver05 sshd[24825]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.11.253.50 Dec 30 07:20:15 MAKserver05 sshd[24825]: Failed password for invalid user guest from 80.11.253.50 port 60585 ssh2 Dec 30 07:20:15 MAKserver05 sshd[24825]: Connection closed by invalid user guest 80.11.253.50 port 60585 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=80.11.253.50	2019-12-30 20:51:14
201.39.70.186	attackbotsspam	Unauthorized connection attempt detected from IP address 201.39.70.186 to port 22	2019-12-30 20:40:20
191.98.205.37	attackbots	(imapd) Failed IMAP login from 191.98.205.37 (CL/Chile/-): 1 in the last 3600 secs	2019-12-30 21:13:54
39.152.54.180	attackbotsspam	Dec 30 07:21:55 163-172-32-151 proftpd[23917]: 0.0.0.0 (39.152.54.180[39.152.54.180]) - USER anonymous: no such user found from 39.152.54.180 [39.152.54.180] to 163.172.32.151:21 ...	2019-12-30 20:54:04
217.172.119.89	attack	1577686904 - 12/30/2019 07:21:44 Host: 217.172.119.89/217.172.119.89 Port: 445 TCP Blocked	2019-12-30 21:01:42
27.78.14.83	attack	$f2bV_matches	2019-12-30 21:08:12
157.230.7.100	attackspam	Dec 30 09:39:24 silence02 sshd[29709]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.7.100 Dec 30 09:39:26 silence02 sshd[29709]: Failed password for invalid user shinbd from 157.230.7.100 port 34142 ssh2 Dec 30 09:42:36 silence02 sshd[29902]: Failed password for root from 157.230.7.100 port 35564 ssh2	2019-12-30 21:07:21

Recently Reported IPs

77.45.85.138	163.25.241.119	37.49.224.88	110.150.157.150
193.142.59.135	179.61.11.87	212.158.152.184	255.209.3.173
120.175.121.251	222.73.207.89	167.172.159.50	115.63.67.6
61.144.96.111	186.213.7.124	182.38.244.61	58.79.166.131
128.199.112.240	24.40.4.6	201.55.159.189	189.210.129.110