Must be a valid IPv4 or IPv6 ip address, e.g. 127.0.0.1 or 2001:DB8:0:0:8:800:200C:417A
Basic Info

City: unknown

Region: unknown

Country: Brazil

Internet Service Provider: Lanteca Telecom Ltda - ME

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:
Make a comment on this IP
Type Details Datetime
attack 
Sep 16 18:33:38 mail.srvfarm.net postfix/smtps/smtpd[3600946]: warning: 138-122-222-213.lanteca.com.br[138.122.222.213]: SASL PLAIN authentication failed: 
Sep 16 18:33:39 mail.srvfarm.net postfix/smtps/smtpd[3600946]: lost connection after AUTH from 138-122-222-213.lanteca.com.br[138.122.222.213]
Sep 16 18:37:53 mail.srvfarm.net postfix/smtpd[3601766]: warning: 138-122-222-213.lanteca.com.br[138.122.222.213]: SASL PLAIN authentication failed: 
Sep 16 18:37:53 mail.srvfarm.net postfix/smtpd[3601766]: lost connection after AUTH from 138-122-222-213.lanteca.com.br[138.122.222.213]
Sep 16 18:38:10 mail.srvfarm.net postfix/smtps/smtpd[3601499]: warning: 138-122-222-213.lanteca.com.br[138.122.222.213]: SASL PLAIN authentication failed:
 2020-09-18 01:34:33
attack 
Sep 16 18:33:38 mail.srvfarm.net postfix/smtps/smtpd[3600946]: warning: 138-122-222-213.lanteca.com.br[138.122.222.213]: SASL PLAIN authentication failed: 
Sep 16 18:33:39 mail.srvfarm.net postfix/smtps/smtpd[3600946]: lost connection after AUTH from 138-122-222-213.lanteca.com.br[138.122.222.213]
Sep 16 18:37:53 mail.srvfarm.net postfix/smtpd[3601766]: warning: 138-122-222-213.lanteca.com.br[138.122.222.213]: SASL PLAIN authentication failed: 
Sep 16 18:37:53 mail.srvfarm.net postfix/smtpd[3601766]: lost connection after AUTH from 138-122-222-213.lanteca.com.br[138.122.222.213]
Sep 16 18:38:10 mail.srvfarm.net postfix/smtps/smtpd[3601499]: warning: 138-122-222-213.lanteca.com.br[138.122.222.213]: SASL PLAIN authentication failed:
 2020-09-17 17:36:03
attack 
Sep 16 18:33:38 mail.srvfarm.net postfix/smtps/smtpd[3600946]: warning: 138-122-222-213.lanteca.com.br[138.122.222.213]: SASL PLAIN authentication failed: 
Sep 16 18:33:39 mail.srvfarm.net postfix/smtps/smtpd[3600946]: lost connection after AUTH from 138-122-222-213.lanteca.com.br[138.122.222.213]
Sep 16 18:37:53 mail.srvfarm.net postfix/smtpd[3601766]: warning: 138-122-222-213.lanteca.com.br[138.122.222.213]: SASL PLAIN authentication failed: 
Sep 16 18:37:53 mail.srvfarm.net postfix/smtpd[3601766]: lost connection after AUTH from 138-122-222-213.lanteca.com.br[138.122.222.213]
Sep 16 18:38:10 mail.srvfarm.net postfix/smtps/smtpd[3601499]: warning: 138-122-222-213.lanteca.com.br[138.122.222.213]: SASL PLAIN authentication failed:
 2020-09-17 08:42:48
Comments on same subnet:
IP Type Details Datetime
138.122.222.207 attack 
Attempted Brute Force (dovecot)
 2020-10-08 00:48:42
138.122.222.207 attackspambots 
Attempted Brute Force (dovecot)
 2020-10-07 16:57:44
138.122.222.239 attackspam 
Sep 16 18:09:37 mail.srvfarm.net postfix/smtpd[3597748]: warning: 138-122-222-239.lanteca.com.br[138.122.222.239]: SASL PLAIN authentication failed: 
Sep 16 18:09:37 mail.srvfarm.net postfix/smtpd[3597748]: lost connection after AUTH from 138-122-222-239.lanteca.com.br[138.122.222.239]
Sep 16 18:18:04 mail.srvfarm.net postfix/smtps/smtpd[3600179]: warning: 138-122-222-239.lanteca.com.br[138.122.222.239]: SASL PLAIN authentication failed: 
Sep 16 18:18:04 mail.srvfarm.net postfix/smtps/smtpd[3600179]: lost connection after AUTH from 138-122-222-239.lanteca.com.br[138.122.222.239]
Sep 16 18:18:34 mail.srvfarm.net postfix/smtps/smtpd[3584298]: warning: 138-122-222-239.lanteca.com.br[138.122.222.239]: SASL PLAIN authentication failed:
 2020-09-18 01:50:56
138.122.222.239 attack 
Sep 16 18:09:37 mail.srvfarm.net postfix/smtpd[3597748]: warning: 138-122-222-239.lanteca.com.br[138.122.222.239]: SASL PLAIN authentication failed: 
Sep 16 18:09:37 mail.srvfarm.net postfix/smtpd[3597748]: lost connection after AUTH from 138-122-222-239.lanteca.com.br[138.122.222.239]
Sep 16 18:18:04 mail.srvfarm.net postfix/smtps/smtpd[3600179]: warning: 138-122-222-239.lanteca.com.br[138.122.222.239]: SASL PLAIN authentication failed: 
Sep 16 18:18:04 mail.srvfarm.net postfix/smtps/smtpd[3600179]: lost connection after AUTH from 138-122-222-239.lanteca.com.br[138.122.222.239]
Sep 16 18:18:34 mail.srvfarm.net postfix/smtps/smtpd[3584298]: warning: 138-122-222-239.lanteca.com.br[138.122.222.239]: SASL PLAIN authentication failed:
 2020-09-17 17:52:04
138.122.222.207 attackbotsspam 
Aug 16 05:21:35 mail.srvfarm.net postfix/smtps/smtpd[1874192]: warning: 138-122-222-207.lanteca.com.br[138.122.222.207]: SASL PLAIN authentication failed: 
Aug 16 05:21:36 mail.srvfarm.net postfix/smtps/smtpd[1874192]: lost connection after AUTH from 138-122-222-207.lanteca.com.br[138.122.222.207]
Aug 16 05:26:15 mail.srvfarm.net postfix/smtps/smtpd[1888818]: warning: 138-122-222-207.lanteca.com.br[138.122.222.207]: SASL PLAIN authentication failed: 
Aug 16 05:26:15 mail.srvfarm.net postfix/smtps/smtpd[1888818]: lost connection after AUTH from 138-122-222-207.lanteca.com.br[138.122.222.207]
Aug 16 05:29:00 mail.srvfarm.net postfix/smtpd[1888504]: warning: 138-122-222-207.lanteca.com.br[138.122.222.207]: SASL PLAIN authentication failed:
 2020-08-16 13:01:31
138.122.222.82 attackbotsspam 
SASL PLAIN auth failed: ruser=...
 2020-07-16 09:09:03
Whois info:
b
Dig info:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.122.222.213
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 784
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.122.222.213.		IN	A

;; AUTHORITY SECTION:
.			173	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020091602 1800 900 604800 86400

;; Query time: 38 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Sep 17 08:42:43 CST 2020
;; MSG SIZE  rcvd: 119
Host info
213.222.122.138.in-addr.arpa domain name pointer 138-122-222-213.lanteca.com.br.
Nslookup info:
Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
213.222.122.138.in-addr.arpa	name = 138-122-222-213.lanteca.com.br.

Authoritative answers can be found from:
Related IP info:
138.122.222.172
138.122.222.26
138.122.222.176
138.122.222.48
138.122.222.98
138.122.222.72
138.122.222.82
138.122.222.119
138.122.222.68
138.122.222.129
138.122.222.43
138.122.222.188
138.122.222.248
138.122.222.30
138.122.222.160
138.122.222.148
138.122.222.150
138.122.222.155
138.122.222.233
138.122.222.178
138.122.222.195
138.122.222.219
138.122.222.86
138.122.222.81
138.122.222.134
138.122.222.121
138.122.222.239
138.122.222.35
138.122.222.15
138.122.222.62
138.122.222.96
138.122.222.52
138.122.222.41
138.122.222.44
138.122.222.118
138.122.222.165
138.122.222.2
138.122.222.14
138.122.222.10
138.122.222.76
138.122.222.157
138.122.222.167
138.122.222.223
138.122.222.39
138.122.222.227
138.122.222.221
138.122.222.93
138.122.222.246
138.122.222.152
138.122.222.177
138.122.222.114
138.122.222.174
138.122.222.27
138.122.222.45
138.122.222.101
138.122.222.217
138.122.222.56
138.122.222.185
138.122.222.164
138.122.222.97
138.122.222.13
138.122.222.102
138.122.222.83
138.122.222.19
138.122.222.171
138.122.222.173
138.122.222.189
138.122.222.25
138.122.222.180
138.122.222.105
138.122.222.230
138.122.222.133
138.122.222.73
138.122.222.166
138.122.222.139
138.122.222.163
138.122.222.145
138.122.222.218
138.122.222.85
138.122.222.107
138.122.222.7
138.122.222.47
138.122.222.237
138.122.222.130
138.122.222.63
138.122.222.77
138.122.222.209
138.122.222.28
138.122.222.181
138.122.222.116
138.122.222.154
138.122.222.156
138.122.222.51
138.122.222.201
138.122.222.34
138.122.222.65
138.122.222.135
138.122.222.87
138.122.222.168
138.122.222.213
138.122.222.151
138.122.222.229
138.122.222.243
138.122.222.232
138.122.222.202
138.122.222.249
138.122.222.143
138.122.222.67
138.122.222.183
138.122.222.182
138.122.222.144
138.122.222.124
138.122.222.1
138.122.222.59
138.122.222.91
138.122.222.99
138.122.222.115
138.122.222.137
138.122.222.69
138.122.222.37
138.122.222.210
138.122.222.238
138.122.222.193
138.122.222.128
138.122.222.197
138.122.222.61
138.122.222.58
138.122.222.207
138.122.222.245
138.122.222.100
138.122.222.194
138.122.222.33
138.122.222.235
138.122.222.18
138.122.222.122
138.122.222.24
138.122.222.110
138.122.222.89
138.122.222.125
138.122.222.46
138.122.222.206
138.122.222.108
138.122.222.222
138.122.222.149
138.122.222.253
138.122.222.158
138.122.222.161
138.122.222.21
138.122.222.60
138.122.222.104
138.122.222.5
138.122.222.198
138.122.222.42
138.122.222.199
138.122.222.71
138.122.222.236
138.122.222.75
138.122.222.141
138.122.222.123
138.122.222.23
138.122.222.120
138.122.222.251
138.122.222.22
138.122.222.142
138.122.222.103
138.122.222.226
138.122.222.132
138.122.222.127
138.122.222.80
138.122.222.191
138.122.222.254
138.122.222.228
138.122.222.159
138.122.222.106
138.122.222.90
138.122.222.153
138.122.222.247
138.122.222.29
138.122.222.8
138.122.222.184
138.122.222.31
138.122.222.146
138.122.222.54
138.122.222.231
138.122.222.169
138.122.222.36
138.122.222.4
138.122.222.140
138.122.222.111
138.122.222.12
138.122.222.225
138.122.222.74
138.122.222.147
138.122.222.95
138.122.222.252
138.122.222.79
138.122.222.208
138.122.222.78
138.122.222.94
138.122.222.38
138.122.222.9
138.122.222.3
138.122.222.250
138.122.222.6
138.122.222.136
138.122.222.240
138.122.222.204
138.122.222.190
138.122.222.203
138.122.222.55
138.122.222.162
138.122.222.20
138.122.222.242
138.122.222.196
138.122.222.40
138.122.222.205
138.122.222.126
138.122.222.220
138.122.222.113
138.122.222.214
138.122.222.17
138.122.222.212
138.122.222.200
138.122.222.49
138.122.222.64
138.122.222.175
138.122.222.16
138.122.222.170
138.122.222.57
138.122.222.117
138.122.222.131
138.122.222.88
138.122.222.224
138.122.222.186
138.122.222.211
138.122.222.70
138.122.222.11
138.122.222.50
138.122.222.84
138.122.222.216
138.122.222.92
138.122.222.187
138.122.222.241
138.122.222.179
138.122.222.66
138.122.222.32
138.122.222.112
138.122.222.244
138.122.222.109
138.122.222.234
138.122.222.215
138.122.222.192
138.122.222.53
138.122.222.138
Related comments:
IP Type Details Datetime
200.116.160.38 attack 
Aug 16 18:46:18 vps691689 sshd[14439]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.116.160.38
Aug 16 18:46:19 vps691689 sshd[14439]: Failed password for invalid user sshadmin from 200.116.160.38 port 38620 ssh2
Aug 16 18:52:10 vps691689 sshd[14619]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.116.160.38
...
 2019-08-17 01:08:11
114.91.68.29 attackbotsspam 
Aug 15 23:11:55 GIZ-Server-02 sshd[13238]: Invalid user developer from 114.91.68.29
Aug 15 23:11:55 GIZ-Server-02 sshd[13238]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.91.68.29 
Aug 15 23:11:56 GIZ-Server-02 sshd[13238]: Failed password for invalid user developer from 114.91.68.29 port 40096 ssh2
Aug 15 23:11:57 GIZ-Server-02 sshd[13238]: Received disconnect from 114.91.68.29: 11: Bye Bye [preauth]
Aug 15 23:20:17 GIZ-Server-02 sshd[18230]: User r.r from 114.91.68.29 not allowed because not listed in AllowUsers
Aug 15 23:20:17 GIZ-Server-02 sshd[18230]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.91.68.29  user=r.r
Aug 15 23:20:19 GIZ-Server-02 sshd[18230]: Failed password for invalid user r.r from 114.91.68.29 port 35668 ssh2
Aug 15 23:20:20 GIZ-Server-02 sshd[18230]: Received disconnect from 114.91.68.29: 11: Bye Bye [preauth]
Aug 15 23:28:30 GIZ-Server-02 sshd[22021]: I........
-------------------------------
 2019-08-17 01:12:40
203.82.42.90 attackbotsspam 
Aug 16 19:27:49 vps647732 sshd[21269]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.82.42.90
Aug 16 19:27:50 vps647732 sshd[21269]: Failed password for invalid user usuario from 203.82.42.90 port 38658 ssh2
...
 2019-08-17 01:27:59
59.127.250.112 attack 
scan z
 2019-08-17 00:53:01
159.65.3.197 attack 
Aug 16 19:10:05 MK-Soft-Root2 sshd\[24176\]: Invalid user rh from 159.65.3.197 port 41607
Aug 16 19:10:05 MK-Soft-Root2 sshd\[24176\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.3.197
Aug 16 19:10:07 MK-Soft-Root2 sshd\[24176\]: Failed password for invalid user rh from 159.65.3.197 port 41607 ssh2
...
 2019-08-17 01:12:15
115.207.73.72 attackspam 
Aug 15 21:28:20 wildwolf ssh-honeypotd[26164]: Failed password for admin from 115.207.73.72 port 44678 ssh2 (target: 158.69.100.139:22, password: pfsense)
Aug 15 21:28:32 wildwolf ssh-honeypotd[26164]: Failed password for admin from 115.207.73.72 port 44678 ssh2 (target: 158.69.100.139:22, password: 1234)
Aug 15 21:28:36 wildwolf ssh-honeypotd[26164]: Failed password for admin from 115.207.73.72 port 44678 ssh2 (target: 158.69.100.139:22, password: aerohive)
Aug 15 21:28:38 wildwolf ssh-honeypotd[26164]: Failed password for admin from 115.207.73.72 port 44678 ssh2 (target: 158.69.100.139:22, password: 7ujMko0admin)
Aug 15 21:28:42 wildwolf ssh-honeypotd[26164]: Failed password for admin from 115.207.73.72 port 44678 ssh2 (target: 158.69.100.139:22, password: 12345)
Aug 15 21:28:46 wildwolf ssh-honeypotd[26164]: Failed password for admin from 115.207.73.72 port 44678 ssh2 (target: 158.69.100.139:22, password: 1111)
Aug 15 21:28:49 wildwolf ssh-honeypotd[26164]: Failed pas........
------------------------------
 2019-08-17 01:07:05
95.130.9.90 attack 
Aug 16 18:58:31 vpn01 sshd\[24198\]: Invalid user 666666 from 95.130.9.90
Aug 16 18:58:31 vpn01 sshd\[24198\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.130.9.90
Aug 16 18:58:33 vpn01 sshd\[24198\]: Failed password for invalid user 666666 from 95.130.9.90 port 52034 ssh2
 2019-08-17 01:02:02
13.67.67.168 attackbotsspam 
Aug 16 06:36:10 lcdev sshd\[410\]: Invalid user one from 13.67.67.168
Aug 16 06:36:10 lcdev sshd\[410\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.67.67.168
Aug 16 06:36:12 lcdev sshd\[410\]: Failed password for invalid user one from 13.67.67.168 port 3456 ssh2
Aug 16 06:45:48 lcdev sshd\[1398\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.67.67.168  user=root
Aug 16 06:45:50 lcdev sshd\[1398\]: Failed password for root from 13.67.67.168 port 3456 ssh2
 2019-08-17 00:57:22
183.238.193.227 attack 
Aug 16 12:50:55 xtremcommunity sshd\[21047\]: Invalid user rsync from 183.238.193.227 port 21627
Aug 16 12:50:55 xtremcommunity sshd\[21047\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.238.193.227
Aug 16 12:50:57 xtremcommunity sshd\[21047\]: Failed password for invalid user rsync from 183.238.193.227 port 21627 ssh2
Aug 16 12:57:16 xtremcommunity sshd\[21297\]: Invalid user ec2-user from 183.238.193.227 port 45316
Aug 16 12:57:16 xtremcommunity sshd\[21297\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.238.193.227
...
 2019-08-17 01:03:33
23.129.64.209 attackspambots 
'Fail2Ban'
 2019-08-17 00:43:53
207.180.235.203 attackspam 
Aug 16 06:31:05 sachi sshd\[19899\]: Invalid user gose from 207.180.235.203
Aug 16 06:31:05 sachi sshd\[19899\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=vmi287485.contaboserver.net
Aug 16 06:31:08 sachi sshd\[19899\]: Failed password for invalid user gose from 207.180.235.203 port 34466 ssh2
Aug 16 06:35:36 sachi sshd\[20255\]: Invalid user ts3server from 207.180.235.203
Aug 16 06:35:36 sachi sshd\[20255\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=vmi287485.contaboserver.net
 2019-08-17 00:38:05
142.93.203.108 attackbotsspam 
Aug 16 16:47:46 web8 sshd\[26499\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108  user=root
Aug 16 16:47:48 web8 sshd\[26499\]: Failed password for root from 142.93.203.108 port 47294 ssh2
Aug 16 16:52:12 web8 sshd\[28613\]: Invalid user test from 142.93.203.108
Aug 16 16:52:12 web8 sshd\[28613\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.203.108
Aug 16 16:52:15 web8 sshd\[28613\]: Failed password for invalid user test from 142.93.203.108 port 39268 ssh2
 2019-08-17 01:08:40
220.167.100.60 attack 
Aug 16 17:16:57 debian sshd\[22575\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.167.100.60  user=root
Aug 16 17:16:59 debian sshd\[22575\]: Failed password for root from 220.167.100.60 port 47968 ssh2
...
 2019-08-17 01:19:41
119.61.26.165 attack 
2019-08-16T16:48:03.096229abusebot-8.cloudsearch.cf sshd\[22647\]: Invalid user bill from 119.61.26.165 port 49423
 2019-08-17 01:16:08
85.40.208.178 attack 
2019-08-16T16:17:34.391750abusebot-7.cloudsearch.cf sshd\[26202\]: Invalid user raoul from 85.40.208.178 port 3246
 2019-08-17 00:44:35

Recently Reported IPs

123.3.88.143 103.207.6.243 23.126.34.48 187.223.92.109
103.79.164.180 220.62.20.239 126.101.111.195 222.54.239.141
71.194.178.165 180.123.111.67 217.86.236.82 103.58.65.181
121.46.245.9 184.193.97.2 76.1.97.81 211.55.234.92
81.28.168.118 220.172.105.37 201.221.108.64 94.74.188.192