40.132.138.49 - IPInfo

Basic Info

City: Janesville

Region: Wisconsin

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 40.132.138.49
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23587
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;40.132.138.49.			IN	A

;; AUTHORITY SECTION:
.			561	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020091202 1800 900 604800 86400

;; Query time: 183 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Sep 13 08:50:20 CST 2020
;; MSG SIZE  rcvd: 117

Host info

49.138.132.40.in-addr.arpa domain name pointer h49.138.132.40.static.ip.windstream.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
49.138.132.40.in-addr.arpa	name = h49.138.132.40.static.ip.windstream.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
181.198.35.108	attackspam	Sep 25 23:54:06 tux-35-217 sshd\[24631\]: Invalid user akiko from 181.198.35.108 port 60488 Sep 25 23:54:06 tux-35-217 sshd\[24631\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.198.35.108 Sep 25 23:54:08 tux-35-217 sshd\[24631\]: Failed password for invalid user akiko from 181.198.35.108 port 60488 ssh2 Sep 25 23:58:52 tux-35-217 sshd\[24649\]: Invalid user kondor from 181.198.35.108 port 45358 Sep 25 23:58:52 tux-35-217 sshd\[24649\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.198.35.108 ...	2019-09-26 08:20:39
185.176.27.6	attackspam	09/25/2019-19:26:52.610442 185.176.27.6 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-09-26 07:53:01
185.53.88.70	attack	1569444774 - 09/25/2019 22:52:54 Host: 185.53.88.70/185.53.88.70 Port: 5060 UDP Blocked	2019-09-26 08:05:56
125.71.232.107	attackspambots	Sep 25 19:39:44 xtremcommunity sshd\[1615\]: Invalid user cashier from 125.71.232.107 port 27240 Sep 25 19:39:44 xtremcommunity sshd\[1615\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.71.232.107 Sep 25 19:39:46 xtremcommunity sshd\[1615\]: Failed password for invalid user cashier from 125.71.232.107 port 27240 ssh2 Sep 25 19:44:58 xtremcommunity sshd\[1683\]: Invalid user sinus from 125.71.232.107 port 40170 Sep 25 19:44:58 xtremcommunity sshd\[1683\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.71.232.107 ...	2019-09-26 07:58:51
87.27.204.29	attackbotsspam	LGS,WP GET /wp-login.php	2019-09-26 08:10:24
103.230.241.39	attackbotsspam	[Thu Sep 26 03:53:40.417924 2019] [:error] [pid 27914:tid 140467660363520] [client 103.230.241.39:35167] [client 103.230.241.39] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.1.1/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "792"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.1.1"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "XYvT1F4MXwsM0Koah3AOawAAAM0"] ...	2019-09-26 07:49:33
144.217.243.216	attackspam	Sep 25 13:41:42 php1 sshd\[12211\]: Invalid user contas from 144.217.243.216 Sep 25 13:41:42 php1 sshd\[12211\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.217.243.216 Sep 25 13:41:44 php1 sshd\[12211\]: Failed password for invalid user contas from 144.217.243.216 port 58962 ssh2 Sep 25 13:46:10 php1 sshd\[12541\]: Invalid user ubnt from 144.217.243.216 Sep 25 13:46:10 php1 sshd\[12541\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.217.243.216	2019-09-26 07:55:45
180.167.141.51	attackbotsspam	$f2bV_matches	2019-09-26 07:50:58
150.95.52.70	attackbotsspam	10 attempts against mh-misc-ban on heat.magehost.pro	2019-09-26 08:13:39
180.254.227.124	attack	Automatic report - Port Scan Attack	2019-09-26 07:54:39
129.211.77.44	attackspam	Sep 26 01:42:46 www2 sshd\[51420\]: Invalid user admin from 129.211.77.44Sep 26 01:42:48 www2 sshd\[51420\]: Failed password for invalid user admin from 129.211.77.44 port 60328 ssh2Sep 26 01:47:30 www2 sshd\[51950\]: Invalid user jiao from 129.211.77.44 ...	2019-09-26 08:11:27
118.24.37.81	attackbots	Sep 25 17:27:17 vtv3 sshd\[29081\]: Invalid user kslewin from 118.24.37.81 port 44418 Sep 25 17:27:17 vtv3 sshd\[29081\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.37.81 Sep 25 17:27:19 vtv3 sshd\[29081\]: Failed password for invalid user kslewin from 118.24.37.81 port 44418 ssh2 Sep 25 17:31:55 vtv3 sshd\[31522\]: Invalid user opencoding from 118.24.37.81 port 45326 Sep 25 17:31:55 vtv3 sshd\[31522\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.37.81 Sep 25 17:45:17 vtv3 sshd\[7629\]: Invalid user docker from 118.24.37.81 port 48026 Sep 25 17:45:17 vtv3 sshd\[7629\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.37.81 Sep 25 17:45:19 vtv3 sshd\[7629\]: Failed password for invalid user docker from 118.24.37.81 port 48026 ssh2 Sep 25 17:49:59 vtv3 sshd\[9628\]: Invalid user jakob from 118.24.37.81 port 48940 Sep 25 17:49:59 vtv3 sshd\[9628\]: pam_unix	2019-09-26 07:49:12
27.210.158.137	attackbots	Unauthorised access (Sep 25) SRC=27.210.158.137 LEN=40 TTL=49 ID=42809 TCP DPT=8080 WINDOW=17065 SYN Unauthorised access (Sep 25) SRC=27.210.158.137 LEN=40 TTL=49 ID=21841 TCP DPT=8080 WINDOW=17065 SYN	2019-09-26 07:46:01
123.31.20.81	attack	Forbidden directory scan :: 2019/09/26 07:37:21 [error] 1103#1103: *281950 access forbidden by rule, client: 123.31.20.81, server: [censored_4], request: "GET //table.sql HTTP/1.1", host: "[censored_4]:443"	2019-09-26 08:21:07
107.180.79.20	attackspam	wp-login.php	2019-09-26 08:19:50

Recently Reported IPs

166.185.3.148	152.200.45.152	108.151.56.156	184.89.228.232
54.74.40.87	76.117.153.44	76.97.104.162	92.85.199.109
177.254.205.223	62.116.55.212	41.22.71.39	126.90.118.155
145.232.103.4	65.92.32.187	89.241.28.23	188.209.131.176
187.8.157.29	159.143.19.152	73.13.68.143	189.181.133.16