168.197.106.139

Basic Info

City: unknown

Region: unknown

Country: Brazil

Internet Service Provider: GTBA Telecom Ltda ME

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Automatic report - XMLRPC Attack	2020-01-31 06:12:24

Comments on same subnet:

IP	Type	Details	Datetime
168.197.106.58	attack	firewall-block, port(s): 80/tcp	2020-03-08 19:23:47

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 168.197.106.139
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63773
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;168.197.106.139.		IN	A

;; AUTHORITY SECTION:
.			406	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020013003 1800 900 604800 86400

;; Query time: 182 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jan 31 06:12:22 CST 2020
;; MSG SIZE  rcvd: 119

Host info

139.106.197.168.in-addr.arpa domain name pointer residencial-168-197-106-139.gtbatelecom.com.br.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
139.106.197.168.in-addr.arpa	name = residencial-168-197-106-139.gtbatelecom.com.br.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
61.133.232.253	attack	SSH brute force attempt	2020-04-28 04:21:27
123.153.1.189	attack	Apr 27 19:00:54 ip-172-31-62-245 sshd\[31548\]: Failed password for mysql from 123.153.1.189 port 43270 ssh2\ Apr 27 19:02:43 ip-172-31-62-245 sshd\[31568\]: Invalid user user0 from 123.153.1.189\ Apr 27 19:02:45 ip-172-31-62-245 sshd\[31568\]: Failed password for invalid user user0 from 123.153.1.189 port 40328 ssh2\ Apr 27 19:04:58 ip-172-31-62-245 sshd\[31590\]: Invalid user tanja from 123.153.1.189\ Apr 27 19:05:00 ip-172-31-62-245 sshd\[31590\]: Failed password for invalid user tanja from 123.153.1.189 port 37384 ssh2\	2020-04-28 04:15:54
148.227.227.67	attackbots	2020-04-27T20:37:28.080342shield sshd\[3496\]: Invalid user sci from 148.227.227.67 port 51754 2020-04-27T20:37:28.084006shield sshd\[3496\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.227.227.67 2020-04-27T20:37:29.862728shield sshd\[3496\]: Failed password for invalid user sci from 148.227.227.67 port 51754 ssh2 2020-04-27T20:39:46.301487shield sshd\[3756\]: Invalid user materna from 148.227.227.67 port 58628 2020-04-27T20:39:46.305890shield sshd\[3756\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.227.227.67	2020-04-28 04:48:01
222.186.175.23	attackbots	Apr 27 22:14:11 minden010 sshd[2428]: Failed password for root from 222.186.175.23 port 32949 ssh2 Apr 27 22:14:13 minden010 sshd[2428]: Failed password for root from 222.186.175.23 port 32949 ssh2 Apr 27 22:14:15 minden010 sshd[2428]: Failed password for root from 222.186.175.23 port 32949 ssh2 ...	2020-04-28 04:20:11
47.154.231.119	attack	Apr 27 16:12:46 www sshd\[18920\]: Invalid user pi from 47.154.231.119 Apr 27 16:12:46 www sshd\[18921\]: Invalid user pi from 47.154.231.119 ...	2020-04-28 04:34:13
114.67.235.83	attackbotsspam	Apr 27 22:09:14 mail sshd[16070]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.235.83 Apr 27 22:09:17 mail sshd[16070]: Failed password for invalid user augusto from 114.67.235.83 port 40278 ssh2 Apr 27 22:12:42 mail sshd[16706]: Failed password for postgres from 114.67.235.83 port 60984 ssh2	2020-04-28 04:38:07
189.91.239.194	attackbotsspam	Apr 27 14:09:12 server1 sshd\[2460\]: Invalid user zym from 189.91.239.194 Apr 27 14:09:12 server1 sshd\[2460\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.91.239.194 Apr 27 14:09:15 server1 sshd\[2460\]: Failed password for invalid user zym from 189.91.239.194 port 34025 ssh2 Apr 27 14:13:02 server1 sshd\[4255\]: Invalid user cvs from 189.91.239.194 Apr 27 14:13:02 server1 sshd\[4255\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.91.239.194 ...	2020-04-28 04:19:06
177.104.251.122	attackbotsspam	SSH Login Bruteforce	2020-04-28 04:53:38
43.255.71.195	attackbots	Apr 27 22:12:38 * sshd[1362]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.255.71.195 Apr 27 22:12:41 * sshd[1362]: Failed password for invalid user jr from 43.255.71.195 port 44125 ssh2	2020-04-28 04:40:21
211.159.169.78	attackspambots	nft/Honeypot/22/73e86	2020-04-28 04:13:57
106.12.181.144	attackbots	Apr 27 19:45:15 server sshd[8943]: Failed password for invalid user eab from 106.12.181.144 port 41582 ssh2 Apr 27 19:49:35 server sshd[10335]: Failed password for invalid user bj from 106.12.181.144 port 38274 ssh2 Apr 27 19:53:32 server sshd[11665]: Failed password for root from 106.12.181.144 port 34948 ssh2	2020-04-28 04:12:02
66.150.223.120	attackspambots	ICMP flood	2020-04-28 04:40:38
222.186.175.202	attack	SSH-bruteforce attempts	2020-04-28 04:39:25
139.199.229.228	attackbotsspam	Apr 27 22:17:00 vps333114 sshd[27173]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.229.228 Apr 27 22:17:02 vps333114 sshd[27173]: Failed password for invalid user andrew from 139.199.229.228 port 52200 ssh2 ...	2020-04-28 04:41:42
118.25.144.49	attack	20 attempts against mh-ssh on echoip	2020-04-28 04:46:18

Recently Reported IPs

17.27.120.97	225.70.255.110	187.84.133.173	202.5.219.132
118.71.97.173	128.245.132.64	129.211.151.50	175.100.239.35
83.226.205.254	39.126.103.229	75.208.61.186	10.114.38.93
105.225.39.227	136.50.20.109	8.205.233.83	138.207.24.174
118.98.236.103	198.225.60.72	11.226.26.46	167.172.31.204