138.99.85.8 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Brazil

Internet Service Provider: Flybyte Comunicacao Multimida Ltda.

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/138.99.85.8/ BR - 1H : (161) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : BR NAME ASN : ASN262802 IP : 138.99.85.8 CIDR : 138.99.84.0/23 PREFIX COUNT : 10 UNIQUE IP COUNT : 5120 ATTACKS DETECTED ASN262802 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 DateTime : 2019-11-23 07:29:13 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-11-23 15:31:57

Type

Details

Datetime

attackspambots

IP Ban Report :  
 https://help-dysk.pl/wordpress-firewall-plugins/ip/138.99.85.8/ 
 
 BR - 1H : (161)  
 Protection Against DDoS WordPress plugin :  
 "odzyskiwanie danych help-dysk" 
 IP Address Ranges by Country : BR 
 NAME ASN : ASN262802 
 
 IP : 138.99.85.8 
 
 CIDR : 138.99.84.0/23 
 
 PREFIX COUNT : 10 
 
 UNIQUE IP COUNT : 5120 
 
 
 ATTACKS DETECTED ASN262802 :  
  1H - 1 
  3H - 1 
  6H - 1 
 12H - 1 
 24H - 1 
 
 DateTime : 2019-11-23 07:29:13 
 
 INFO : Port Scan TELNET Detected and Blocked by ADMIN  - data recovery

2019-11-23 15:31:57

Comments on same subnet:

IP	Type	Details	Datetime
138.99.85.159	attackbots	Honeypot attack, port: 5555, PTR: 159.85.99.138.flybyte.com.br.	2020-03-30 19:57:42

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.99.85.8
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24650
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.99.85.8.			IN	A

;; AUTHORITY SECTION:
.			326	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019112300 1800 900 604800 86400

;; Query time: 289 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Nov 23 15:31:52 CST 2019
;; MSG SIZE  rcvd: 115

Host info

8.85.99.138.in-addr.arpa domain name pointer 8.85.99.138.flybyte.com.br.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
8.85.99.138.in-addr.arpa	name = 8.85.99.138.flybyte.com.br.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
190.248.158.146	attackbots	2019-12-21 16:56:45 H=(cable190-248-158-146.une.net.co) [190.248.158.146]:48524 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.4, 127.0.0.11, 127.0.0.3) (https://www.spamhaus.org/query/ip/190.248.158.146) 2019-12-21 16:56:46 H=(cable190-248-158-146.une.net.co) [190.248.158.146]:48524 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.11, 127.0.0.3, 127.0.0.4) (https://www.spamhaus.org/query/ip/190.248.158.146) 2019-12-21 16:56:47 H=(cable190-248-158-146.une.net.co) [190.248.158.146]:48524 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.4, 127.0.0.11, 127.0.0.3) (https://www.spamhaus.org/query/ip/190.248.158.146) ...	2019-12-22 09:05:13
176.67.36.17	attackbotsspam	2019-12-21 16:57:17 H=(tomshannoncpa.com) [176.67.36.17]:41864 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.4, 127.0.0.3) (https://www.spamhaus.org/query/ip/176.67.36.17) 2019-12-21 16:57:17 H=(tomshannoncpa.com) [176.67.36.17]:41864 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.4, 127.0.0.3) (https://www.spamhaus.org/query/ip/176.67.36.17) 2019-12-21 16:57:17 H=(tomshannoncpa.com) [176.67.36.17]:41864 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.4, 127.0.0.3) (https://www.spamhaus.org/query/ip/176.67.36.17) ...	2019-12-22 08:30:38
173.236.144.82	attackbotsspam	173.236.144.82 - - \[22/Dec/2019:01:29:31 +0100\] "POST /wp-login.php HTTP/1.0" 200 7427 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 173.236.144.82 - - \[22/Dec/2019:01:29:33 +0100\] "POST /wp-login.php HTTP/1.0" 200 7242 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 173.236.144.82 - - \[22/Dec/2019:01:29:35 +0100\] "POST /wp-login.php HTTP/1.0" 200 7239 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-12-22 08:44:33
106.37.72.234	attackbotsspam	Dec 21 23:57:15 pornomens sshd\[27301\]: Invalid user biotech from 106.37.72.234 port 50642 Dec 21 23:57:15 pornomens sshd\[27301\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.37.72.234 Dec 21 23:57:16 pornomens sshd\[27301\]: Failed password for invalid user biotech from 106.37.72.234 port 50642 ssh2 ...	2019-12-22 08:31:38
217.61.2.97	attack	Invalid user ellie from 217.61.2.97 port 49814	2019-12-22 09:07:25
209.105.243.145	attackbotsspam	Invalid user admin from 209.105.243.145 port 47646	2019-12-22 08:43:24
179.217.5.25	attack	Honeypot attack, port: 23, PTR: b3d90519.virtua.com.br.	2019-12-22 08:38:03
122.51.83.191	attackbots	Port scan detected on ports: 1433[TCP], 1433[TCP], 1433[TCP]	2019-12-22 08:36:46
210.245.89.85	attackspambots	Dec 22 02:46:48 microserver sshd[17994]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.245.89.85 user=root Dec 22 02:46:50 microserver sshd[17994]: Failed password for root from 210.245.89.85 port 55040 ssh2 Dec 22 02:46:52 microserver sshd[17994]: Failed password for root from 210.245.89.85 port 55040 ssh2 Dec 22 02:46:54 microserver sshd[17994]: Failed password for root from 210.245.89.85 port 55040 ssh2 Dec 22 02:46:57 microserver sshd[17994]: Failed password for root from 210.245.89.85 port 55040 ssh2 Dec 22 02:57:01 microserver sshd[19545]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.245.89.85 user=root Dec 22 02:57:02 microserver sshd[19545]: Failed password for root from 210.245.89.85 port 52769 ssh2 Dec 22 02:57:04 microserver sshd[19545]: Failed password for root from 210.245.89.85 port 52769 ssh2 Dec 22 02:57:07 microserver sshd[19545]: Failed password for root from 210.245.89.85 port 52769 ssh2 Dec 22 02	2019-12-22 08:39:02
190.175.18.135	attackspam	Honeypot attack, port: 23, PTR: 190-175-18-135.speedy.com.ar.	2019-12-22 09:00:12
50.73.116.41	attack	Detected by Maltrail	2019-12-22 08:54:19
148.70.210.77	attackspam	$f2bV_matches	2019-12-22 09:04:38
165.22.43.33	attackbotsspam	Detected by Maltrail	2019-12-22 08:49:47
106.13.140.121	attackbots	Dec 22 01:18:03 mail sshd[2557]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.140.121 user=mysql Dec 22 01:18:05 mail sshd[2557]: Failed password for mysql from 106.13.140.121 port 34612 ssh2 Dec 22 01:38:08 mail sshd[6047]: Invalid user estrellita from 106.13.140.121 Dec 22 01:38:08 mail sshd[6047]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.140.121 Dec 22 01:38:08 mail sshd[6047]: Invalid user estrellita from 106.13.140.121 Dec 22 01:38:11 mail sshd[6047]: Failed password for invalid user estrellita from 106.13.140.121 port 41394 ssh2 ...	2019-12-22 08:52:12
112.80.133.216	attack	Dec 22 01:56:44 server sshd\[1981\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.80.133.216 user=root Dec 22 01:56:46 server sshd\[1981\]: Failed password for root from 112.80.133.216 port 55968 ssh2 Dec 22 01:56:46 server sshd\[1982\]: Received disconnect from 112.80.133.216: 3: com.jcraft.jsch.JSchException: Auth fail Dec 22 01:56:48 server sshd\[1989\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.80.133.216 user=root Dec 22 01:56:50 server sshd\[1989\]: Failed password for root from 112.80.133.216 port 56428 ssh2 ...	2019-12-22 09:03:34

Recently Reported IPs

191.71.228.31	1.239.163.235	245.151.194.111	130.105.67.12
254.4.166.27	130.216.1.36	191.147.46.87	82.195.11.5
123.181.61.195	27.69.220.202	167.114.223.188	5.61.44.225
72.93.4.48	202.78.236.37	157.245.54.18	109.86.255.206
189.26.173.199	121.132.132.3	111.123.51.17	178.45.24.6