170.0.125.138 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Brazil

Internet Service Provider: Cas Servicos de Comunicacao Multimidia Ltda - ME

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	2019-10-07 06:46:19 H=138-125-0-170.castelecom.com.br [170.0.125.138]:60625 I=[192.147.25.65]:25 sender verify fail for : Unrouteable address 2019-10-07 06:46:19 H=138-125-0-170.castelecom.com.br [170.0.125.138]:60625 I=[192.147.25.65]:25 F= rejected RCPT : Sender verify failed 2019-10-07 06:46:21 H=138-125-0-170.castelecom.com.br [170.0.125.138]:60625 I=[192.147.25.65]:25 F= rejected RCPT : Sender verify failed ...	2019-10-07 21:46:41

Type

Details

Datetime

attackspambots

2019-10-07 06:46:19 H=138-125-0-170.castelecom.com.br [170.0.125.138]:60625 I=[192.147.25.65]:25 sender verify fail for : Unrouteable address
2019-10-07 06:46:19 H=138-125-0-170.castelecom.com.br [170.0.125.138]:60625 I=[192.147.25.65]:25 F= rejected RCPT : Sender verify failed
2019-10-07 06:46:21 H=138-125-0-170.castelecom.com.br [170.0.125.138]:60625 I=[192.147.25.65]:25 F= rejected RCPT : Sender verify failed
...

2019-10-07 21:46:41

Comments on same subnet:

IP	Type	Details	Datetime
170.0.125.120	attackspam	IP was detected trying to Brute-Force SSH, FTP, Web Apps, Port-Scan or Hacking.	2020-02-11 15:53:41
170.0.125.31	attack	spam	2020-01-28 13:16:49
170.0.125.226	attackbots	email spam	2020-01-24 16:17:21
170.0.125.200	attackspam	IP was detected trying to Brute-Force SSH, FTP, Web Apps, Port-Scan or Hacking.	2020-01-24 15:22:28
170.0.125.142	attack	spam	2020-01-24 14:52:56
170.0.125.226	attackbotsspam	spam	2020-01-22 17:02:12
170.0.125.142	attack	spam	2020-01-22 16:21:20
170.0.125.200	attack	email spam	2020-01-22 16:20:44
170.0.125.64	attackspambots	Sent mail to target address hacked/leaked from abandonia in 2016	2019-12-31 05:09:01
170.0.125.239	attack	Absender hat Spam-Falle ausgel?st	2019-12-19 16:13:43
170.0.125.105	attack	Sent mail to target address hacked/leaked from abandonia in 2016	2019-11-26 14:00:18
170.0.125.244	attackspam	Sent mail to target address hacked/leaked from abandonia in 2016	2019-11-26 03:42:31
170.0.125.161	attackbots	Unauthorized IMAP connection attempt	2019-11-14 16:28:53
170.0.125.219	attackspam	email spam	2019-11-05 21:17:04
170.0.125.230	attack	postfix	2019-11-03 22:29:51

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 170.0.125.138
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 40471
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;170.0.125.138.			IN	A

;; AUTHORITY SECTION:
.			504	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019100701 1800 900 604800 86400

;; Query time: 98 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Oct 07 21:46:37 CST 2019
;; MSG SIZE  rcvd: 117

Host info

138.125.0.170.in-addr.arpa domain name pointer 138-125-0-170.castelecom.com.br.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
138.125.0.170.in-addr.arpa	name = 138-125-0-170.castelecom.com.br.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
159.65.30.66	attackbots	Sep 13 08:09:09 IngegnereFirenze sshd[14623]: User root from 159.65.30.66 not allowed because not listed in AllowUsers ...	2020-09-13 18:30:32
192.35.169.16	attackbotsspam	IP was detected trying to Brute-Force SSH, FTP, Web Apps, Port-Scan or Hacking.	2020-09-13 18:35:10
67.204.44.3	attack	SSH break in attempt ...	2020-09-13 18:24:14
45.55.224.209	attackspambots	(sshd) Failed SSH login from 45.55.224.209 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 13 04:08:19 idl1-dfw sshd[152269]: Invalid user mongodb from 45.55.224.209 port 39048 Sep 13 04:08:20 idl1-dfw sshd[152269]: Failed password for invalid user mongodb from 45.55.224.209 port 39048 ssh2 Sep 13 04:15:32 idl1-dfw sshd[157868]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.224.209 user=root Sep 13 04:15:34 idl1-dfw sshd[157868]: Failed password for root from 45.55.224.209 port 56655 ssh2 Sep 13 04:17:24 idl1-dfw sshd[159268]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.224.209 user=root	2020-09-13 18:09:24
117.211.126.230	attackspambots	Sep 13 10:03:28 ift sshd\[41507\]: Invalid user oracle from 117.211.126.230Sep 13 10:03:31 ift sshd\[41507\]: Failed password for invalid user oracle from 117.211.126.230 port 48340 ssh2Sep 13 10:07:28 ift sshd\[42038\]: Invalid user robers from 117.211.126.230Sep 13 10:07:30 ift sshd\[42038\]: Failed password for invalid user robers from 117.211.126.230 port 50206 ssh2Sep 13 10:11:31 ift sshd\[42553\]: Failed password for root from 117.211.126.230 port 51998 ssh2 ...	2020-09-13 18:37:07
194.165.99.231	attack	SSH/22 MH Probe, BF, Hack -	2020-09-13 18:24:35
103.237.58.123	attackbots	Brute force attempt	2020-09-13 18:26:27
197.45.22.130	attack	firewall-block, port(s): 445/tcp	2020-09-13 18:49:44
161.35.65.2	attackspam	(sshd) Failed SSH login from 161.35.65.2 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 13 06:15:20 optimus sshd[15075]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=161.35.65.2 user=root Sep 13 06:15:21 optimus sshd[15075]: Failed password for root from 161.35.65.2 port 46448 ssh2 Sep 13 06:17:12 optimus sshd[15538]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=161.35.65.2 user=root Sep 13 06:17:14 optimus sshd[15538]: Failed password for root from 161.35.65.2 port 50530 ssh2 Sep 13 06:19:12 optimus sshd[16029]: Invalid user osdbook from 161.35.65.2	2020-09-13 18:40:10
217.164.120.90	attackspam	xmlrpc attack	2020-09-13 18:12:09
78.195.178.119	attack	Sep 13 11:16:36 tor-proxy-08 sshd\[10949\]: Invalid user pi from 78.195.178.119 port 60338 Sep 13 11:16:37 tor-proxy-08 sshd\[10949\]: Connection closed by 78.195.178.119 port 60338 \[preauth\] Sep 13 11:16:37 tor-proxy-08 sshd\[10951\]: Invalid user pi from 78.195.178.119 port 60339 Sep 13 11:16:37 tor-proxy-08 sshd\[10951\]: Connection closed by 78.195.178.119 port 60339 \[preauth\] ...	2020-09-13 18:38:24
218.75.210.46	attack	Sep 13 11:40:21 jane sshd[32654]: Failed password for root from 218.75.210.46 port 3419 ssh2 ...	2020-09-13 18:36:21
3.16.181.33	attackspambots	mue-Direct access to plugin not allowed	2020-09-13 18:44:47
115.99.145.58	attackbotsspam	1599929475 - 09/12/2020 23:51:15 Host: 115.99.145.58/115.99.145.58 Port: 23 TCP Blocked ...	2020-09-13 18:19:19
61.177.172.13	attack	trying to connect to our public ips	2020-09-13 18:27:53

Recently Reported IPs

101.72.41.180	75.152.46.77	178.35.143.118	94.125.61.196
84.115.242.173	41.32.99.226	194.5.94.160	182.61.187.206
45.118.49.127	174.26.87.219	118.225.165.159	116.174.135.35
134.13.18.163	42.194.67.154	111.222.156.66	121.129.97.216
105.111.222.137	186.222.31.8	35.52.120.19	247.51.24.8