138.185.136.145

Basic Info

City: unknown

Region: unknown

Country: Ecuador

Internet Service Provider: Soluciones Avanzadas Informaticas Y Telecomunicaciones Saitel

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Nov 17 11:44:03 www sshd\[87383\]: Invalid user server from 138.185.136.145 Nov 17 11:44:03 www sshd\[87383\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.185.136.145 Nov 17 11:44:04 www sshd\[87383\]: Failed password for invalid user server from 138.185.136.145 port 57738 ssh2 ...	2019-11-17 17:51:19
attackspam	Nov 16 19:42:04 web1 sshd\[13375\]: Invalid user daniellacunha from 138.185.136.145 Nov 16 19:42:04 web1 sshd\[13375\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.185.136.145 Nov 16 19:42:06 web1 sshd\[13375\]: Failed password for invalid user daniellacunha from 138.185.136.145 port 39724 ssh2 Nov 16 19:46:22 web1 sshd\[13585\]: Invalid user spy from 138.185.136.145 Nov 16 19:46:22 web1 sshd\[13585\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.185.136.145	2019-11-17 06:36:48

Type

Details

Datetime

attackspam

Nov 17 11:44:03 www sshd\[87383\]: Invalid user server from 138.185.136.145
Nov 17 11:44:03 www sshd\[87383\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.185.136.145
Nov 17 11:44:04 www sshd\[87383\]: Failed password for invalid user server from 138.185.136.145 port 57738 ssh2
...

2019-11-17 17:51:19

attackspam

Nov 16 19:42:04 web1 sshd\[13375\]: Invalid user daniellacunha from 138.185.136.145
Nov 16 19:42:04 web1 sshd\[13375\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.185.136.145
Nov 16 19:42:06 web1 sshd\[13375\]: Failed password for invalid user daniellacunha from 138.185.136.145 port 39724 ssh2
Nov 16 19:46:22 web1 sshd\[13585\]: Invalid user spy from 138.185.136.145
Nov 16 19:46:22 web1 sshd\[13585\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.185.136.145

2019-11-17 06:36:48

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.185.136.145
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17508
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.185.136.145.		IN	A

;; AUTHORITY SECTION:
.			530	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019111601 1800 900 604800 86400

;; Query time: 183 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Nov 17 06:36:45 CST 2019
;; MSG SIZE  rcvd: 119

Host info

Host 145.136.185.138.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 145.136.185.138.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
185.153.198.211	attack	Multiport scan 81 ports : 80 443 1024 1111 2048 2222 3300 3311 3322 3333 3344 3355 3366 3377 3388 3390 3391 3392 3393 3394 3395 3396 3397 3398 3399 3400 4096 4444 5555 6666 7777 8192 8888 9999 11110 11111 11112 11113 11114 11115 11116 11117 11118 11119 12222 13333 13388 13389 13390 13399 14444 15555 16384 16666 17777 18888 19999 21111 22220 22221 22222 22223 22224 22225 22226 22227 22228 22229 23333 23388 23389 23390 23399 24444 25555 26666 27777 28888 29999 31111 32222	2020-05-02 08:04:45
194.116.229.234	attackspambots		2020-05-02 07:42:14
220.127.177.166	attackbots	port 23	2020-05-02 07:53:15
190.11.92.156	attackbotsspam	WordPress wp-login brute force :: 190.11.92.156 0.056 BYPASS [01/May/2020:20:11:12 0000] [censored_2] "POST /wp-login.php HTTP/1.1" 200 2255 "https://[censored_2]/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36"	2020-05-02 08:02:09
213.217.0.134	attackspam	May 2 01:09:16 [host] kernel: [5003476.095892] [U May 2 01:17:07 [host] kernel: [5003946.748274] [U May 2 01:21:22 [host] kernel: [5004201.918865] [U May 2 01:23:39 [host] kernel: [5004339.174318] [U May 2 01:26:01 [host] kernel: [5004481.010658] [U May 2 01:26:25 [host] kernel: [5004504.351581] [U	2020-05-02 07:55:49
190.73.40.33	attackbotsspam	1588363850 - 05/01/2020 22:10:50 Host: 190.73.40.33/190.73.40.33 Port: 445 TCP Blocked	2020-05-02 08:19:57
210.121.223.61	attackspam	May 2 00:29:13 host sshd[41044]: Invalid user pascal from 210.121.223.61 port 37054 ...	2020-05-02 07:54:25
5.196.67.41	attackbotsspam	May 2 00:26:20 prod4 sshd\[3305\]: Invalid user shailesh from 5.196.67.41 May 2 00:26:22 prod4 sshd\[3305\]: Failed password for invalid user shailesh from 5.196.67.41 port 37630 ssh2 May 2 00:33:40 prod4 sshd\[5450\]: Failed password for root from 5.196.67.41 port 34466 ssh2 ...	2020-05-02 08:04:23
149.56.15.98	attackspam	Invalid user admin from 149.56.15.98 port 59604	2020-05-02 08:08:50
213.202.211.200	attackbots	May 1 01:09:45 XXX sshd[26520]: Invalid user noc from 213.202.211.200 port 46298	2020-05-02 08:15:59
5.188.84.76	attackspam	Tried to spam blog comments: Kamagra Pills Uk https://cheapcialisir.com/# – Cialis Honeymoon Cystitis Keflex Cialis Propecia Cruz Roja	2020-05-02 08:07:32
185.210.39.202	attack		2020-05-02 07:44:30
181.16.126.228	attack		2020-05-02 07:45:18
197.2.112.81	attackbotsspam		2020-05-02 07:41:01
113.218.134.13	attack	SSH-bruteforce attempts	2020-05-02 08:15:09

Recently Reported IPs

114.38.3.153	156.194.83.97	114.40.69.52	115.216.212.229
91.185.236.124	41.211.112.195	173.82.245.106	151.80.129.115
217.61.61.246	124.235.138.239	113.172.0.111	13.229.139.86
203.150.162.126	155.73.51.213	58.192.33.203	79.186.5.230
233.224.92.210	96.89.25.165	39.2.121.187	252.38.95.45