138.99.85.8 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Brazil

Internet Service Provider: Flybyte Comunicacao Multimida Ltda.

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/138.99.85.8/ BR - 1H : (161) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : BR NAME ASN : ASN262802 IP : 138.99.85.8 CIDR : 138.99.84.0/23 PREFIX COUNT : 10 UNIQUE IP COUNT : 5120 ATTACKS DETECTED ASN262802 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 DateTime : 2019-11-23 07:29:13 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-11-23 15:31:57

Type

Details

Datetime

attackspambots

IP Ban Report :  
 https://help-dysk.pl/wordpress-firewall-plugins/ip/138.99.85.8/ 
 
 BR - 1H : (161)  
 Protection Against DDoS WordPress plugin :  
 "odzyskiwanie danych help-dysk" 
 IP Address Ranges by Country : BR 
 NAME ASN : ASN262802 
 
 IP : 138.99.85.8 
 
 CIDR : 138.99.84.0/23 
 
 PREFIX COUNT : 10 
 
 UNIQUE IP COUNT : 5120 
 
 
 ATTACKS DETECTED ASN262802 :  
  1H - 1 
  3H - 1 
  6H - 1 
 12H - 1 
 24H - 1 
 
 DateTime : 2019-11-23 07:29:13 
 
 INFO : Port Scan TELNET Detected and Blocked by ADMIN  - data recovery

2019-11-23 15:31:57

Comments on same subnet:

IP	Type	Details	Datetime
138.99.85.159	attackbots	Honeypot attack, port: 5555, PTR: 159.85.99.138.flybyte.com.br.	2020-03-30 19:57:42

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.99.85.8
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24650
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.99.85.8.			IN	A

;; AUTHORITY SECTION:
.			326	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019112300 1800 900 604800 86400

;; Query time: 289 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Nov 23 15:31:52 CST 2019
;; MSG SIZE  rcvd: 115

Host info

8.85.99.138.in-addr.arpa domain name pointer 8.85.99.138.flybyte.com.br.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
8.85.99.138.in-addr.arpa	name = 8.85.99.138.flybyte.com.br.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
157.245.100.56	attack	Aug 20 23:40:18 meumeu sshd[20582]: Invalid user openstack from 157.245.100.56 port 52940 Aug 20 23:40:18 meumeu sshd[20582]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.100.56 Aug 20 23:40:18 meumeu sshd[20582]: Invalid user openstack from 157.245.100.56 port 52940 Aug 20 23:40:20 meumeu sshd[20582]: Failed password for invalid user openstack from 157.245.100.56 port 52940 ssh2 Aug 20 23:44:09 meumeu sshd[20842]: Invalid user test from 157.245.100.56 port 60356 Aug 20 23:44:09 meumeu sshd[20842]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.100.56 Aug 20 23:44:09 meumeu sshd[20842]: Invalid user test from 157.245.100.56 port 60356 Aug 20 23:44:11 meumeu sshd[20842]: Failed password for invalid user test from 157.245.100.56 port 60356 ssh2 Aug 20 23:48:07 meumeu sshd[21023]: Invalid user userftp from 157.245.100.56 port 39540 ...	2020-08-21 06:58:28
49.235.93.156	attackbots	20 attempts against mh-ssh on echoip	2020-08-21 07:01:50
117.69.12.15	attackbotsspam	Aug 20 22:26:44 vps639187 sshd\[1815\]: Invalid user test from 117.69.12.15 port 58617 Aug 20 22:26:44 vps639187 sshd\[1815\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.69.12.15 Aug 20 22:26:46 vps639187 sshd\[1815\]: Failed password for invalid user test from 117.69.12.15 port 58617 ssh2 ...	2020-08-21 06:50:22
139.59.44.117	attackspam	Aug 18 11:41:11 h2040555 sshd[7686]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.44.117 user=r.r Aug 18 11:41:13 h2040555 sshd[7686]: Failed password for r.r from 139.59.44.117 port 60460 ssh2 Aug 18 11:41:13 h2040555 sshd[7686]: Received disconnect from 139.59.44.117: 11: Bye Bye [preauth] Aug 18 11:55:56 h2040555 sshd[7756]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.44.117 user=r.r Aug 18 11:55:58 h2040555 sshd[7756]: Failed password for r.r from 139.59.44.117 port 38502 ssh2 Aug 18 11:55:58 h2040555 sshd[7756]: Received disconnect from 139.59.44.117: 11: Bye Bye [preauth] Aug 18 12:00:26 h2040555 sshd[7779]: Invalid user norbert from 139.59.44.117 Aug 18 12:00:26 h2040555 sshd[7779]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.44.117 Aug 18 12:00:28 h2040555 sshd[7779]: Failed password for invalid user norbert f........ -------------------------------	2020-08-21 07:12:06
88.202.190.141	attackbots	TCP (SYN) 88.202.190.141:23 -> port 23, len 44	2020-08-21 06:49:44
139.155.89.11	attack	Aug 20 18:55:01 firewall sshd[2147]: Invalid user deb from 139.155.89.11 Aug 20 18:55:03 firewall sshd[2147]: Failed password for invalid user deb from 139.155.89.11 port 35466 ssh2 Aug 20 18:58:36 firewall sshd[2234]: Invalid user cdm from 139.155.89.11 ...	2020-08-21 06:47:19
51.79.145.158	attackspambots	Tried sshing with brute force.	2020-08-21 06:50:06
125.25.15.68	attackspambots	Port Scan ...	2020-08-21 06:53:08
111.231.89.140	attack	Aug 20 18:19:38 ny01 sshd[8407]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.89.140 Aug 20 18:19:40 ny01 sshd[8407]: Failed password for invalid user vd from 111.231.89.140 port 30977 ssh2 Aug 20 18:22:28 ny01 sshd[8746]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.89.140	2020-08-21 06:50:41
218.92.0.175	attack	Aug 20 22:55:40 ip-172-31-16-56 sshd\[31810\]: Failed password for root from 218.92.0.175 port 20010 ssh2\ Aug 20 22:55:43 ip-172-31-16-56 sshd\[31810\]: Failed password for root from 218.92.0.175 port 20010 ssh2\ Aug 20 22:55:46 ip-172-31-16-56 sshd\[31810\]: Failed password for root from 218.92.0.175 port 20010 ssh2\ Aug 20 22:55:49 ip-172-31-16-56 sshd\[31810\]: Failed password for root from 218.92.0.175 port 20010 ssh2\ Aug 20 22:55:53 ip-172-31-16-56 sshd\[31810\]: Failed password for root from 218.92.0.175 port 20010 ssh2\	2020-08-21 07:07:00
87.251.74.6	attackspam	Aug 20 22:50:26 marvibiene sshd[7828]: Invalid user admin from 87.251.74.6 port 63296 Aug 20 22:50:26 marvibiene sshd[7829]: Invalid user from 87.251.74.6 port 63136	2020-08-21 07:03:09
140.143.137.170	attack	Aug 20 23:55:20 abendstille sshd\[3946\]: Invalid user dw from 140.143.137.170 Aug 20 23:55:20 abendstille sshd\[3946\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.137.170 Aug 20 23:55:22 abendstille sshd\[3946\]: Failed password for invalid user dw from 140.143.137.170 port 36142 ssh2 Aug 20 23:59:53 abendstille sshd\[8232\]: Invalid user hyegyeong from 140.143.137.170 Aug 20 23:59:53 abendstille sshd\[8232\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.137.170 ...	2020-08-21 07:05:58
94.102.51.78	attack	Unauthorized access detected from black listed ip!	2020-08-21 07:04:27
45.129.33.155	attackbots	TCP (SYN) 45.129.33.155:52750 -> port 5556, len 44	2020-08-21 07:23:24
114.235.181.159	attack	2020-08-21T00:18:15.579893n23.at sshd[788730]: Invalid user minecraft from 114.235.181.159 port 9716 2020-08-21T00:18:17.262662n23.at sshd[788730]: Failed password for invalid user minecraft from 114.235.181.159 port 9716 ssh2 2020-08-21T00:20:50.724741n23.at sshd[790849]: Invalid user surya from 114.235.181.159 port 11562 ...	2020-08-21 07:01:04

Recently Reported IPs

191.71.228.31	1.239.163.235	245.151.194.111	130.105.67.12
254.4.166.27	130.216.1.36	191.147.46.87	82.195.11.5
123.181.61.195	27.69.220.202	167.114.223.188	5.61.44.225
72.93.4.48	202.78.236.37	157.245.54.18	109.86.255.206
189.26.173.199	121.132.132.3	111.123.51.17	178.45.24.6