AbuseIPDB » 138.0.189.253

138.0.189.253 was found in our database!

This IP was reported 69 times. Confidence of Abuse is 2%: ?

2%

ISP	WN Telecom Ltda - ME
Usage Type	Fixed Line ISP
Hostname(s)	138-0-189-253.dynamic.wntelecom.net.br
Domain Name	wntelecom.net.br
Country	Brazil
City	Justino Polvora, Minas Gerais

IP info including ISP, Usage Type, and Location provided by IP2Location. Updated monthly.

Report 138.0.189.253

Whois 138.0.189.253

IP Abuse Reports for 138.0.189.253:

This IP address has been reported a total of 69 times from 22 distinct sources. 138.0.189.253 was first reported on April 25th 2021, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago. It is possible that this IP is no longer involved in abusive activities.

Reporter	Date	Comment	Categories
Anonymous	29 Jun 2022	[Wed Jun 29 06:27:44.435905 2022] [fcgid:warn] [pid 27469:tid 140017510889216] [client 138.0.189.253 ... show more[Wed Jun 29 06:27:44.435905 2022] [fcgid:warn] [pid 27469:tid 140017510889216] [client 138.0.189.253:49107] mod_fcgid: stderr: WP User : admin authentication failure | IP : 138.0.189.253 | URL https://akiliweb.fr/wp-admin/, referer: https://akiliweb.fr/wp-login.php [Wed Jun 29 06:27:58.054638 2022] [fcgid:warn] [pid 27469:tid 140017527674624] [client 138.0.189.253:49141] mod_fcgid: stderr: WP User : charlotte.papet authentication failure | IP : 138.0.189.253 | URL https://akiliweb.fr/wp-admin/, referer: https://akiliweb.fr/wp-login.php [Wed Jun 29 06:28:08.764092 2022] [fcgid:warn] [pid 27469:tid 140016302929664] [client 138.0.189.253:49177] mod_fcgid: stderr: WP User : user authentication failure | IP : 138.0.189.253 | URL https://akiliweb.fr/wp-admin/, referer: https://akiliweb.fr/wp-login.php ... show less	Brute-Force Web App Attack
Anonymous	07 Jun 2022	Attacks websites by trying to access known vulnerables of plugins, brute-force of backends or probin ... show moreAttacks websites by trying to access known vulnerables of plugins, brute-force of backends or probing of administrative tools show less	Brute-Force Web App Attack
unifr	30 May 2022	Unauthorized IMAP connection attempt	Brute-Force
PepilloElPunkie	29 Apr 2022	[Exchange Server SSRPF Vulnerability Check] - Try to access to email accounts by /autodiscover/autod ... show more[Exchange Server SSRPF Vulnerability Check] - Try to access to email accounts by /autodiscover/autodiscover.json from 138.0.189.253 port 443 show less	Hacking Web App Attack
JCB	28 Apr 2022	SMTP AUTH	Email Spam Brute-Force
Anonymous	24 Apr 2022	Email login attempts - banned mail account name (SMTP)	Email Spam Brute-Force
Paul Smith	24 Apr 2022	Email Auth Brute force attack 1/1 in last day	Brute-Force
Paul Smith	23 Apr 2022	Email Auth Brute force attack 1/1 in last day	Brute-Force
neverdown.eu	23 Apr 2022	138.0.189.253 (BR/Brazil/138-0-189-253.dynamic.wntelecom.net.br), 5 distributed smtpauth attacks on ... show more138.0.189.253 (BR/Brazil/138-0-189-253.dynamic.wntelecom.net.br), 5 distributed smtpauth attacks on account [h.diana] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: 2022-04-23 14:54:17 dovecot_login authenticator failed for ([138.0.189.253]) [138.0.189.253]:45734: 535 Incorrect authentication data (set_id=h.diana) 2022-04-23 15:30:54 dovecot_login authenticator failed for ([103.214.191.175]) [103.214.191.175]:50295: 535 Incorrect authentication data (set_id=h.diana) 2022-04-23 15:45:23 dovecot_login authenticator failed for ([127.0.0.1]) [101.33.61.166]:52188: 535 Incorrect authentication data (set_id=h.diana) 2022-04-23 15:00:13 dovecot_login authenticator failed for ([187.111.152.209]) [187.111.152.209]:37606: 535 Incorrect authentication data (set_id=h.diana) 2022-04-23 15:38:39 dovecot_login authenticator failed for 138-0-167-232.dualx.com.br [138.0.167.232]:59360: 535 Incorrect authentication data (set_id=h.diana) IP Addresses Blocked: show less	Port Scan
Anonymous	21 Apr 2022	$f2bV_matches	Email Spam Brute-Force
Dan Conway	20 Apr 2022	Brute forcing email accounts	Hacking Brute-Force
basing	18 Apr 2022	2022-04-18 12:48:32 bs SASL PLAIN auth failed: rhost=138.0.189.253...	Brute-Force
UM3	17 Apr 2022	Exim Auth Failed	Brute-Force
Yntegra2	12 Apr 2022	disconnect from unknown[138.0.189.253] ehlo=1 auth=0/1 commands=1/2	Email Spam Hacking Brute-Force
UKFast Security	11 Apr 2022	Postfix: Illegal address from unknown sender	Hacking

Is this your IP? You may request to takedown any associated reports. We will attempt to verify your ownership. Request Takedown 🚩