138.59.40.168 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Brazil

Internet Service Provider: Alfa Telecomunicacoes

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	failed_logins	2020-09-09 19:27:34
attackspam	failed_logins	2020-09-09 13:26:03
attack	failed_logins	2020-09-09 05:38:58

Comments on same subnet:

IP	Type	Details	Datetime
138.59.40.199	attack	Attempted Brute Force (dovecot)	2020-10-14 01:28:30
138.59.40.199	attackspambots	Attempted Brute Force (dovecot)	2020-10-13 16:38:14
138.59.40.202	attackspambots	Attempted Brute Force (dovecot)	2020-09-01 04:01:18
138.59.40.199	attack	Aug 27 05:07:39 mail.srvfarm.net postfix/smtpd[1339899]: warning: static-138-59-40-199.alfatelecomunicacoes.net.br[138.59.40.199]: SASL PLAIN authentication failed: Aug 27 05:07:39 mail.srvfarm.net postfix/smtpd[1339899]: lost connection after AUTH from static-138-59-40-199.alfatelecomunicacoes.net.br[138.59.40.199] Aug 27 05:08:21 mail.srvfarm.net postfix/smtpd[1354723]: warning: static-138-59-40-199.alfatelecomunicacoes.net.br[138.59.40.199]: SASL PLAIN authentication failed: Aug 27 05:08:22 mail.srvfarm.net postfix/smtpd[1354723]: lost connection after AUTH from static-138-59-40-199.alfatelecomunicacoes.net.br[138.59.40.199] Aug 27 05:10:46 mail.srvfarm.net postfix/smtpd[1354724]: warning: static-138-59-40-199.alfatelecomunicacoes.net.br[138.59.40.199]: SASL PLAIN authentication failed:	2020-08-28 08:35:24
138.59.40.33	attackspambots	"Account brute force using dictionary attack against Exchange Online"	2019-08-06 00:43:59

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.59.40.168
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 54016
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.59.40.168.			IN	A

;; AUTHORITY SECTION:
.			235	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020090801 1800 900 604800 86400

;; Query time: 113 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Sep 09 05:38:55 CST 2020
;; MSG SIZE  rcvd: 117

Host info

168.40.59.138.in-addr.arpa domain name pointer static-138-59-40-168.alfatelecomunicacoes.net.br.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
168.40.59.138.in-addr.arpa	name = static-138-59-40-168.alfatelecomunicacoes.net.br.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
83.110.220.134	attack	Jun 1 10:09:40 fwservlet sshd[10165]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=83.110.220.134 user=r.r Jun 1 10:09:42 fwservlet sshd[10165]: Failed password for r.r from 83.110.220.134 port 16440 ssh2 Jun 1 10:09:42 fwservlet sshd[10165]: Received disconnect from 83.110.220.134 port 16440:11: Bye Bye [preauth] Jun 1 10:09:42 fwservlet sshd[10165]: Disconnected from 83.110.220.134 port 16440 [preauth] Jun 1 10:12:40 fwservlet sshd[10240]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=83.110.220.134 user=r.r Jun 1 10:12:41 fwservlet sshd[10240]: Failed password for r.r from 83.110.220.134 port 39780 ssh2 Jun 1 10:12:41 fwservlet sshd[10240]: Received disconnect from 83.110.220.134 port 39780:11: Bye Bye [preauth] Jun 1 10:12:41 fwservlet sshd[10240]: Disconnected from 83.110.220.134 port 39780 [preauth] Jun 1 10:13:46 fwservlet sshd[10263]: pam_unix(sshd:auth): authenticati........ -------------------------------	2020-06-02 01:52:34
122.51.197.3	attackspambots	frenzy	2020-06-02 01:41:46
123.206.59.235	attackbots	$f2bV_matches	2020-06-02 01:27:03
40.127.104.214	attackbotsspam	RDP port	2020-06-02 01:19:53
91.183.149.230	attack	Tried to login my mail server.	2020-06-02 01:32:32
157.245.194.35	attackspambots	fail2ban/Jun 1 19:03:20 h1962932 sshd[32671]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.194.35 user=root Jun 1 19:03:22 h1962932 sshd[32671]: Failed password for root from 157.245.194.35 port 53438 ssh2 Jun 1 19:06:49 h1962932 sshd[552]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.194.35 user=root Jun 1 19:06:51 h1962932 sshd[552]: Failed password for root from 157.245.194.35 port 51594 ssh2 Jun 1 19:10:19 h1962932 sshd[643]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.194.35 user=root Jun 1 19:10:22 h1962932 sshd[643]: Failed password for root from 157.245.194.35 port 49752 ssh2	2020-06-02 01:59:36
185.132.251.230	attack	Jun 1 14:00:29 www sshd[7900]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.132.251.230 user=r.r Jun 1 14:00:31 www sshd[7900]: Failed password for r.r from 185.132.251.230 port 53588 ssh2 Jun 1 14:00:34 www sshd[7900]: Failed password for r.r from 185.132.251.230 port 53588 ssh2 Jun 1 14:00:36 www sshd[7900]: Failed password for r.r from 185.132.251.230 port 53588 ssh2 Jun 1 14:00:38 www sshd[7900]: Failed password for r.r from 185.132.251.230 port 53588 ssh2 Jun 1 14:00:40 www sshd[7900]: Failed password for r.r from 185.132.251.230 port 53588 ssh2 Jun 1 14:00:42 www sshd[7900]: Failed password for r.r from 185.132.251.230 port 53588 ssh2 Jun 1 14:00:42 www sshd[7900]: PAM 5 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.132.251.230 user=r.r ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=185.132.251.230	2020-06-02 01:47:35
103.95.41.9	attackbotsspam	Jun 1 16:05:24 electroncash sshd[17463]: Failed password for root from 103.95.41.9 port 53794 ssh2 Jun 1 16:07:48 electroncash sshd[18090]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.95.41.9 user=root Jun 1 16:07:50 electroncash sshd[18090]: Failed password for root from 103.95.41.9 port 42158 ssh2 Jun 1 16:10:19 electroncash sshd[18719]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.95.41.9 user=root Jun 1 16:10:20 electroncash sshd[18719]: Failed password for root from 103.95.41.9 port 58764 ssh2 ...	2020-06-02 01:21:10
36.76.172.20	attackspambots	1591030775 - 06/01/2020 18:59:35 Host: 36.76.172.20/36.76.172.20 Port: 445 TCP Blocked	2020-06-02 02:01:24
137.74.195.183	attackspam	ENG,WP GET /news/wp-includes/wlwmanifest.xml	2020-06-02 01:54:14
61.152.70.126	attackspam	Jun 1 14:01:03 jane sshd[27926]: Failed password for root from 61.152.70.126 port 33434 ssh2 ...	2020-06-02 01:30:35
45.252.250.106	attackspam	CMS (WordPress or Joomla) login attempt.	2020-06-02 01:27:57
45.142.152.131	attack	IP 45.142.152.131 attacked honeypot on port: 1433 at 6/1/2020 1:05:05 PM	2020-06-02 01:25:43
134.209.148.107	attackbotsspam	" "	2020-06-02 01:37:48
86.57.234.172	attack	detected by Fail2Ban	2020-06-02 01:57:55

Recently Reported IPs

180.248.147.172	34.70.217.179	110.249.201.121	144.172.93.124
207.38.83.210	0.45.175.134	186.214.191.155	125.24.7.109
192.82.65.23	101.31.140.188	123.7.118.111	112.135.232.170
116.193.216.231	191.118.230.23	60.166.22.74	251.246.42.95
83.51.121.14	36.4.103.85	14.115.28.120	222.186.136.164