138.99.22.179 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Brazil

Internet Service Provider: Rasche & Stefenon Ltda - Alfanetwork

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Portscan or hack attempt detected by psad/fwsnort	2019-10-22 01:10:03

Comments on same subnet:

IP	Type	Details	Datetime
138.99.224.128	attackbotsspam	WordPress wp-login brute force :: 138.99.224.128 0.088 BYPASS [30/Sep/2020:20:41:34 0000] [censored_2] "POST /wp-login.php HTTP/1.1" 200 2577 "https://[censored_2]/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36"	2020-10-02 04:19:18
138.99.224.128	attack	WordPress wp-login brute force :: 138.99.224.128 0.088 BYPASS [30/Sep/2020:20:41:34 0000] [censored_2] "POST /wp-login.php HTTP/1.1" 200 2577 "https://[censored_2]/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36"	2020-10-01 20:33:30
138.99.224.128	attackbotsspam	WordPress wp-login brute force :: 138.99.224.128 0.088 BYPASS [30/Sep/2020:20:41:34 0000] [censored_2] "POST /wp-login.php HTTP/1.1" 200 2577 "https://[censored_2]/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36"	2020-10-01 12:44:58
138.99.224.201	attack	Jun 23 21:58:40 ovpn sshd\[16420\]: Invalid user admin from 138.99.224.201 Jun 23 21:58:40 ovpn sshd\[16420\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.99.224.201 Jun 23 21:58:43 ovpn sshd\[16420\]: Failed password for invalid user admin from 138.99.224.201 port 4720 ssh2 Jun 23 22:00:48 ovpn sshd\[16427\]: Invalid user bw from 138.99.224.201 Jun 23 22:00:48 ovpn sshd\[16427\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.99.224.201	2019-06-24 08:22:35
138.99.224.201	attackbots	ssh failed login	2019-06-21 19:10:31

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.99.22.179
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 62965
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.99.22.179.			IN	A

;; AUTHORITY SECTION:
.			433	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102100 1800 900 604800 86400

;; Query time: 99 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Oct 22 01:09:57 CST 2019
;; MSG SIZE  rcvd: 117

Host info

179.22.99.138.in-addr.arpa domain name pointer 179-22-99-138-dyn.cust-ljo.alfanetwork.com.br.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
179.22.99.138.in-addr.arpa	name = 179-22-99-138-dyn.cust-ljo.alfanetwork.com.br.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
37.187.120.121	attackspambots	Jul 17 10:28:52 MK-Soft-VM3 sshd\[2048\]: Invalid user multi3 from 37.187.120.121 port 36280 Jul 17 10:28:52 MK-Soft-VM3 sshd\[2048\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.187.120.121 Jul 17 10:28:54 MK-Soft-VM3 sshd\[2048\]: Failed password for invalid user multi3 from 37.187.120.121 port 36280 ssh2 ...	2019-07-17 19:27:02
110.232.86.40	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-17 00:39:18,662 INFO [shellcode_manager] (110.232.86.40) no match, writing hexdump (4c938feddc0b93cfd10673c5ccacd391 :2531471) - MS17010 (EternalBlue)	2019-07-17 20:04:32
109.63.212.69	attack	$f2bV_matches	2019-07-17 19:28:22
82.165.35.17	attackspambots	Invalid user gwen from 82.165.35.17 port 55226	2019-07-17 20:13:06
120.253.238.22	attackspam	Automatic report - Banned IP Access	2019-07-17 19:43:02
138.186.197.1	attackbotsspam	$f2bV_matches	2019-07-17 20:06:18
176.38.168.77	attackspambots	2019-07-17T13:31:21.887613lon01.zurich-datacenter.net sshd\[32246\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=host-176-38-168-77.la.net.ua user=redis 2019-07-17T13:31:24.004423lon01.zurich-datacenter.net sshd\[32246\]: Failed password for redis from 176.38.168.77 port 55595 ssh2 2019-07-17T13:31:25.233796lon01.zurich-datacenter.net sshd\[32246\]: Failed password for redis from 176.38.168.77 port 55595 ssh2 2019-07-17T13:31:26.603994lon01.zurich-datacenter.net sshd\[32246\]: Failed password for redis from 176.38.168.77 port 55595 ssh2 2019-07-17T13:31:29.108176lon01.zurich-datacenter.net sshd\[32246\]: Failed password for redis from 176.38.168.77 port 55595 ssh2 ...	2019-07-17 19:35:14
218.92.1.156	attack	Jul 17 13:44:52 piServer sshd\[31745\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.1.156 user=root Jul 17 13:44:55 piServer sshd\[31745\]: Failed password for root from 218.92.1.156 port 33976 ssh2 Jul 17 13:44:57 piServer sshd\[31745\]: Failed password for root from 218.92.1.156 port 33976 ssh2 Jul 17 13:45:00 piServer sshd\[31745\]: Failed password for root from 218.92.1.156 port 33976 ssh2 Jul 17 13:48:51 piServer sshd\[31925\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.1.156 user=root ...	2019-07-17 19:49:34
203.234.211.246	attackspam	SSH Brute Force, server-1 sshd[29514]: Failed password for invalid user vbox from 203.234.211.246 port 47016 ssh2	2019-07-17 19:50:30
197.253.6.249	attackspam	SSH Brute Force, server-1 sshd[29475]: Failed password for invalid user neo from 197.253.6.249 port 40761 ssh2	2019-07-17 19:51:20
91.93.73.233	attackspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-17 00:39:21,200 INFO [shellcode_manager] (91.93.73.233) no match, writing hexdump (3e020429eea21b07722aa35fa08102cf :2241235) - MS17010 (EternalBlue)	2019-07-17 19:42:29
200.66.118.129	attackspambots	$f2bV_matches	2019-07-17 20:16:29
107.173.40.120	attackbots	2019-07-17T12:38:29.852003lon01.zurich-datacenter.net sshd\[30483\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.173.40.120 user=redis 2019-07-17T12:38:31.501515lon01.zurich-datacenter.net sshd\[30483\]: Failed password for redis from 107.173.40.120 port 50040 ssh2 2019-07-17T12:38:33.844260lon01.zurich-datacenter.net sshd\[30483\]: Failed password for redis from 107.173.40.120 port 50040 ssh2 2019-07-17T12:38:36.127041lon01.zurich-datacenter.net sshd\[30483\]: Failed password for redis from 107.173.40.120 port 50040 ssh2 2019-07-17T12:38:38.153846lon01.zurich-datacenter.net sshd\[30483\]: Failed password for redis from 107.173.40.120 port 50040 ssh2 ...	2019-07-17 20:05:42
115.216.42.155	attackspambots	SASL Brute Force	2019-07-17 19:33:19
122.195.200.14	attack	Tried sshing with brute force.	2019-07-17 19:57:32

Recently Reported IPs

231.69.138.55	94.64.78.3	90.48.103.198	164.8.132.62
211.224.101.85	59.6.32.66	123.206.30.237	42.51.194.4
58.186.97.43	79.7.201.157	220.160.55.76	183.99.188.117
250.234.222.211	93.149.176.94	51.68.115.235	97.131.144.90
122.165.12.178	62.210.116.212	35.163.88.197	154.78.8.230