138.97.40.22 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Brazil

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
138.97.40.230	attackbotsspam	Automatic report - SSH Brute-Force Attack	2020-04-11 04:38:26
138.97.40.230	attackbotsspam	Apr 10 05:42:07 ws24vmsma01 sshd[131245]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.97.40.230 Apr 10 05:42:09 ws24vmsma01 sshd[131245]: Failed password for invalid user wang from 138.97.40.230 port 47940 ssh2 ...	2020-04-10 19:35:24
138.97.40.28	attackspambots	Unauthorized connection attempt from IP address 138.97.40.28 on Port 445(SMB)	2019-07-19 15:04:15

Type

Details

Datetime

138.97.40.230

attackbotsspam

Automatic report - SSH Brute-Force Attack

2020-04-11 04:38:26

138.97.40.230

attackbotsspam

Apr 10 05:42:07 ws24vmsma01 sshd[131245]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.97.40.230
Apr 10 05:42:09 ws24vmsma01 sshd[131245]: Failed password for invalid user wang from 138.97.40.230 port 47940 ssh2
...

2020-04-10 19:35:24

138.97.40.28

attackspambots

Unauthorized connection attempt from IP address 138.97.40.28 on Port 445(SMB)

2019-07-19 15:04:15

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.97.40.22
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 13529
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;138.97.40.22.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020702 1800 900 604800 86400

;; Query time: 69 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 08 08:26:17 CST 2022
;; MSG SIZE  rcvd: 105

Host info

22.40.97.138.in-addr.arpa domain name pointer Pool-22.40.97.138.g20telecom.net.br.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
22.40.97.138.in-addr.arpa	name = Pool-22.40.97.138.g20telecom.net.br.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
37.24.143.134	attackspambots	Jul 27 15:42:10 server sshd\[4632\]: User root from 37.24.143.134 not allowed because listed in DenyUsers Jul 27 15:42:10 server sshd\[4632\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.24.143.134 user=root Jul 27 15:42:13 server sshd\[4632\]: Failed password for invalid user root from 37.24.143.134 port 64629 ssh2 Jul 27 15:51:30 server sshd\[3770\]: User root from 37.24.143.134 not allowed because listed in DenyUsers Jul 27 15:51:30 server sshd\[3770\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.24.143.134 user=root	2019-07-27 21:05:35
62.117.95.154	attack	Automatic report - Port Scan Attack	2019-07-27 21:23:02
61.179.70.159	attackspam	:	2019-07-27 21:11:04
146.185.25.170	attackbots	Portscan or hack attempt detected by psad/fwsnort	2019-07-27 22:06:08
107.172.3.124	attackbots	FTP Brute-Force reported by Fail2Ban	2019-07-27 21:09:35
122.160.138.253	attackbotsspam	Jul 27 15:05:23 OPSO sshd\[20164\]: Invalid user zmkm from 122.160.138.253 port 36494 Jul 27 15:05:23 OPSO sshd\[20164\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.160.138.253 Jul 27 15:05:25 OPSO sshd\[20164\]: Failed password for invalid user zmkm from 122.160.138.253 port 36494 ssh2 Jul 27 15:10:47 OPSO sshd\[20738\]: Invalid user whoareyoug from 122.160.138.253 port 59636 Jul 27 15:10:47 OPSO sshd\[20738\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.160.138.253	2019-07-27 21:21:28
185.137.234.22	attack	Scanning (more than 2 packets) random ports - tries to find possible vulnerable services	2019-07-27 21:27:50
196.28.101.116	attackbots	[SMB remote code execution attempt: port tcp/445] *(RWIN=1024)(07271010)	2019-07-27 21:26:59
116.148.138.135	attackspambots	:	2019-07-27 21:50:46
37.49.227.12	attack	27.07.2019 11:41:35 Connection to port 81 blocked by firewall	2019-07-27 21:28:41
37.59.104.76	attackspam	Invalid user ubuntu from 37.59.104.76 port 36052	2019-07-27 21:23:59
94.20.55.169	attackbotsspam	[SMB remote code execution attempt: port tcp/445] *(RWIN=1024)(07271010)	2019-07-27 22:06:36
31.127.179.142	attackspambots	Invalid user cron from 31.127.179.142 port 54012	2019-07-27 21:08:53
183.57.42.102	attack	Multiple SSH auth failures recorded by fail2ban	2019-07-27 22:00:29
103.252.116.151	attackbotsspam	:	2019-07-27 21:56:27

Recently Reported IPs

36.91.44.55	175.182.218.97	182.152.79.53	84.76.183.140
178.141.241.144	69.58.118.212	185.118.25.161	82.163.32.75
103.214.9.35	111.12.244.79	47.208.246.201	212.47.142.50
167.94.138.87	172.30.23.107	103.167.35.116	64.62.197.135
60.53.10.19	43.131.66.97	2.57.121.64	27.215.127.68