138.219.201.59

Basic Info

City: unknown

Region: unknown

Country: Brazil

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
138.219.201.42	attackspam	Oct 4 17:04:33 mail.srvfarm.net postfix/smtps/smtpd[1047457]: warning: porta42.santana.internettelecom.com.br[138.219.201.42]: SASL PLAIN authentication failed: Oct 4 17:04:33 mail.srvfarm.net postfix/smtps/smtpd[1047457]: lost connection after AUTH from porta42.santana.internettelecom.com.br[138.219.201.42] Oct 4 17:06:51 mail.srvfarm.net postfix/smtpd[1046612]: warning: porta42.santana.internettelecom.com.br[138.219.201.42]: SASL PLAIN authentication failed: Oct 4 17:06:52 mail.srvfarm.net postfix/smtpd[1046612]: lost connection after AUTH from porta42.santana.internettelecom.com.br[138.219.201.42] Oct 4 17:07:55 mail.srvfarm.net postfix/smtpd[1047103]: warning: porta42.santana.internettelecom.com.br[138.219.201.42]: SASL PLAIN authentication failed:	2020-10-05 05:20:57
138.219.201.42	attackspam	Oct 4 05:11:02 mail.srvfarm.net postfix/smtpd[714208]: warning: porta42.santana.internettelecom.com.br[138.219.201.42]: SASL PLAIN authentication failed: Oct 4 05:11:02 mail.srvfarm.net postfix/smtpd[714208]: lost connection after AUTH from porta42.santana.internettelecom.com.br[138.219.201.42] Oct 4 05:15:57 mail.srvfarm.net postfix/smtps/smtpd[727896]: warning: porta42.santana.internettelecom.com.br[138.219.201.42]: SASL PLAIN authentication failed: Oct 4 05:15:57 mail.srvfarm.net postfix/smtps/smtpd[727896]: lost connection after AUTH from porta42.santana.internettelecom.com.br[138.219.201.42] Oct 4 05:16:16 mail.srvfarm.net postfix/smtpd[727586]: warning: porta42.santana.internettelecom.com.br[138.219.201.42]: SASL PLAIN authentication failed:	2020-10-04 21:15:13
138.219.201.42	attack	Oct 4 05:11:02 mail.srvfarm.net postfix/smtpd[714208]: warning: porta42.santana.internettelecom.com.br[138.219.201.42]: SASL PLAIN authentication failed: Oct 4 05:11:02 mail.srvfarm.net postfix/smtpd[714208]: lost connection after AUTH from porta42.santana.internettelecom.com.br[138.219.201.42] Oct 4 05:15:57 mail.srvfarm.net postfix/smtps/smtpd[727896]: warning: porta42.santana.internettelecom.com.br[138.219.201.42]: SASL PLAIN authentication failed: Oct 4 05:15:57 mail.srvfarm.net postfix/smtps/smtpd[727896]: lost connection after AUTH from porta42.santana.internettelecom.com.br[138.219.201.42] Oct 4 05:16:16 mail.srvfarm.net postfix/smtpd[727586]: warning: porta42.santana.internettelecom.com.br[138.219.201.42]: SASL PLAIN authentication failed:	2020-10-04 13:01:03
138.219.201.25	attack	5x Failed Password	2020-09-17 20:03:20
138.219.201.25	attackbotsspam	2020-09-17T01:40:29.276815abusebot-8.cloudsearch.cf sshd[2370]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=porta25.santana.internettelecom.com.br user=root 2020-09-17T01:40:31.219407abusebot-8.cloudsearch.cf sshd[2370]: Failed password for root from 138.219.201.25 port 40586 ssh2 2020-09-17T01:45:16.071630abusebot-8.cloudsearch.cf sshd[2536]: Invalid user klaus from 138.219.201.25 port 52478 2020-09-17T01:45:16.078598abusebot-8.cloudsearch.cf sshd[2536]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=porta25.santana.internettelecom.com.br 2020-09-17T01:45:16.071630abusebot-8.cloudsearch.cf sshd[2536]: Invalid user klaus from 138.219.201.25 port 52478 2020-09-17T01:45:17.755292abusebot-8.cloudsearch.cf sshd[2536]: Failed password for invalid user klaus from 138.219.201.25 port 52478 ssh2 2020-09-17T01:50:00.547645abusebot-8.cloudsearch.cf sshd[2592]: pam_unix(sshd:auth): authentication failure; lognam ...	2020-09-17 12:13:52
138.219.201.25	attackspam	Brute-Force,SSH	2020-09-17 03:30:26
138.219.201.25	attack	Aug 25 09:28:00 vps46666688 sshd[12456]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.219.201.25 Aug 25 09:28:02 vps46666688 sshd[12456]: Failed password for invalid user dbadmin from 138.219.201.25 port 57704 ssh2 ...	2020-08-25 23:45:44
138.219.201.25	attack	Invalid user srm from 138.219.201.25 port 38316	2020-08-21 18:46:01
138.219.201.240	attackspam	Automatic report - Port Scan Attack	2019-12-28 13:14:07
138.219.201.13	attackspam	SMTP/25/465/587-993/995 Probe, Reject, BadAuth, Hack, SPAM -	2019-07-08 18:56:02

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.219.201.59
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61635
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;138.219.201.59.			IN	A

;; AUTHORITY SECTION:
.			481	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020700 1800 900 604800 86400

;; Query time: 59 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 07 17:44:33 CST 2022
;; MSG SIZE  rcvd: 107

Host info

59.201.219.138.in-addr.arpa domain name pointer porta59.santana.internettelecom.com.br.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
59.201.219.138.in-addr.arpa	name = porta59.santana.internettelecom.com.br.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
46.3.96.69	attackspambots	26.07.2019 01:48:50 Connection to port 21005 blocked by firewall	2019-07-26 10:16:57
176.153.75.234	attackbotsspam	Automatic report - Port Scan Attack	2019-07-26 10:06:25
140.143.236.227	attackspambots	Jul 26 03:03:50 mail sshd\[28544\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.236.227 Jul 26 03:03:51 mail sshd\[28544\]: Failed password for invalid user xd from 140.143.236.227 port 35628 ssh2 Jul 26 03:06:28 mail sshd\[28905\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.236.227 user=root Jul 26 03:06:29 mail sshd\[28905\]: Failed password for root from 140.143.236.227 port 33688 ssh2 Jul 26 03:10:40 mail sshd\[29529\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.236.227 user=root	2019-07-26 10:40:44
195.201.218.173	attackbots	Jul 26 00:17:43 sshgateway sshd\[14672\]: Invalid user marilena from 195.201.218.173 Jul 26 00:17:43 sshgateway sshd\[14672\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.201.218.173 Jul 26 00:17:45 sshgateway sshd\[14672\]: Failed password for invalid user marilena from 195.201.218.173 port 46096 ssh2	2019-07-26 10:57:55
200.52.80.34	attackspam	Jul 26 03:14:34 MK-Soft-Root1 sshd\[25948\]: Invalid user samantha from 200.52.80.34 port 33334 Jul 26 03:14:34 MK-Soft-Root1 sshd\[25948\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.52.80.34 Jul 26 03:14:36 MK-Soft-Root1 sshd\[25948\]: Failed password for invalid user samantha from 200.52.80.34 port 33334 ssh2 ...	2019-07-26 10:04:42
150.95.129.175	attack	150.95.129.175 - - [26/Jul/2019:01:06:01 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 150.95.129.175 - - [26/Jul/2019:01:06:03 +0200] "POST /wp-login.php HTTP/1.1" 200 1503 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 150.95.129.175 - - [26/Jul/2019:01:06:04 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 150.95.129.175 - - [26/Jul/2019:01:06:05 +0200] "POST /wp-login.php HTTP/1.1" 200 1486 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 150.95.129.175 - - [26/Jul/2019:01:06:06 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 150.95.129.175 - - [26/Jul/2019:01:06:08 +0200] "POST /wp-login.php HTTP/1.1" 200 1486 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-07-26 10:06:01
148.70.254.106	attack	2019-07-26T01:53:27.185951abusebot-5.cloudsearch.cf sshd\[14823\]: Invalid user csl from 148.70.254.106 port 46528	2019-07-26 10:13:24
209.251.20.203	attackspambots	GET /wp-login.php?action=register	2019-07-26 10:33:48
118.25.184.154	attackbotsspam	Jul 25 22:07:28 vps200512 sshd\[24089\]: Invalid user kodi from 118.25.184.154 Jul 25 22:07:28 vps200512 sshd\[24089\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.184.154 Jul 25 22:07:30 vps200512 sshd\[24089\]: Failed password for invalid user kodi from 118.25.184.154 port 58702 ssh2 Jul 25 22:10:30 vps200512 sshd\[24227\]: Invalid user hw from 118.25.184.154 Jul 25 22:10:30 vps200512 sshd\[24227\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.184.154	2019-07-26 10:46:20
35.164.105.2	attack	Jul 26 10:42:19 [hidden] sshd[10011]: refused connect from 35.164.105.2 (35.164.105.2) Jul 26 10:42:54 [hidden] sshd[10036]: refused connect from 35.164.105.2 (35.164.105.2) Jul 26 10:43:12 [hidden] sshd[10058]: refused connect from 35.164.105.2 (35.164.105.2)	2019-07-26 10:49:54
46.166.139.1	attackspam	\[2019-07-25 21:50:19\] SECURITY\[2326\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-07-25T21:50:19.310-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="9011441244739005",SessionID="0x7ff4d0043b88",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/46.166.139.1/57157",ACLName="no_extension_match" \[2019-07-25 21:50:19\] SECURITY\[2326\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-07-25T21:50:19.878-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="011441254929805",SessionID="0x7ff4d004fe18",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/46.166.139.1/55942",ACLName="no_extension_match" \[2019-07-25 21:50:27\] SECURITY\[2326\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-07-25T21:50:27.642-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="9011441254929805",SessionID="0x7ff4d01617e8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/46.166.139.1/65182",ACLName="no_exte	2019-07-26 10:09:42
68.183.236.92	attack	Jul 26 03:09:30 MainVPS sshd[28359]: Invalid user teste from 68.183.236.92 port 50500 Jul 26 03:09:30 MainVPS sshd[28359]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.236.92 Jul 26 03:09:30 MainVPS sshd[28359]: Invalid user teste from 68.183.236.92 port 50500 Jul 26 03:09:31 MainVPS sshd[28359]: Failed password for invalid user teste from 68.183.236.92 port 50500 ssh2 Jul 26 03:14:36 MainVPS sshd[28743]: Invalid user tom from 68.183.236.92 port 46280 ...	2019-07-26 10:35:57
74.63.226.142	attackbots	Jul 26 04:15:39 OPSO sshd\[18418\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=74.63.226.142 user=admin Jul 26 04:15:41 OPSO sshd\[18418\]: Failed password for admin from 74.63.226.142 port 44008 ssh2 Jul 26 04:20:15 OPSO sshd\[19485\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=74.63.226.142 user=admin Jul 26 04:20:16 OPSO sshd\[19485\]: Failed password for admin from 74.63.226.142 port 49668 ssh2 Jul 26 04:24:37 OPSO sshd\[20554\]: Invalid user ha from 74.63.226.142 port 54874 Jul 26 04:24:37 OPSO sshd\[20554\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=74.63.226.142	2019-07-26 10:39:20
47.204.197.188	attackspambots	Jul 26 01:04:59 nginx webmin[72875]: Non-existent login as root from 47.204.197.188 Jul 26 01:05:01 nginx webmin[72899]: Non-existent login as root from 47.204.197.188 Jul 26 01:05:03 nginx webmin[72904]: Non-existent login as root from 47.204.197.188 Jul 26 01:05:07 nginx webmin[73488]: Non-existent login as root from 47.204.197.188 Jul 26 01:05:12 nginx webmin[73502]: Non-existent login as root from 47.204.197.188	2019-07-26 10:52:09
71.234.39.112	attack	Automatic report - Port Scan Attack	2019-07-26 10:08:29

Recently Reported IPs

36.81.248.165	118.47.213.169	185.66.57.184	115.159.208.222
64.227.178.33	42.233.161.160	170.247.74.114	45.117.157.64
186.219.238.235	201.46.60.34	41.205.12.151	17.121.114.78
183.17.225.212	171.96.204.113	47.110.36.11	187.176.63.108
216.154.53.206	177.32.73.208	78.158.186.123	181.137.230.9