138.185.136.145

Basic Info

City: unknown

Region: unknown

Country: Ecuador

Internet Service Provider: Soluciones Avanzadas Informaticas Y Telecomunicaciones Saitel

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Nov 17 11:44:03 www sshd\[87383\]: Invalid user server from 138.185.136.145 Nov 17 11:44:03 www sshd\[87383\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.185.136.145 Nov 17 11:44:04 www sshd\[87383\]: Failed password for invalid user server from 138.185.136.145 port 57738 ssh2 ...	2019-11-17 17:51:19
attackspam	Nov 16 19:42:04 web1 sshd\[13375\]: Invalid user daniellacunha from 138.185.136.145 Nov 16 19:42:04 web1 sshd\[13375\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.185.136.145 Nov 16 19:42:06 web1 sshd\[13375\]: Failed password for invalid user daniellacunha from 138.185.136.145 port 39724 ssh2 Nov 16 19:46:22 web1 sshd\[13585\]: Invalid user spy from 138.185.136.145 Nov 16 19:46:22 web1 sshd\[13585\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.185.136.145	2019-11-17 06:36:48

Type

Details

Datetime

attackspam

Nov 17 11:44:03 www sshd\[87383\]: Invalid user server from 138.185.136.145
Nov 17 11:44:03 www sshd\[87383\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.185.136.145
Nov 17 11:44:04 www sshd\[87383\]: Failed password for invalid user server from 138.185.136.145 port 57738 ssh2
...

2019-11-17 17:51:19

attackspam

Nov 16 19:42:04 web1 sshd\[13375\]: Invalid user daniellacunha from 138.185.136.145
Nov 16 19:42:04 web1 sshd\[13375\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.185.136.145
Nov 16 19:42:06 web1 sshd\[13375\]: Failed password for invalid user daniellacunha from 138.185.136.145 port 39724 ssh2
Nov 16 19:46:22 web1 sshd\[13585\]: Invalid user spy from 138.185.136.145
Nov 16 19:46:22 web1 sshd\[13585\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.185.136.145

2019-11-17 06:36:48

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.185.136.145
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17508
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.185.136.145.		IN	A

;; AUTHORITY SECTION:
.			530	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019111601 1800 900 604800 86400

;; Query time: 183 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Nov 17 06:36:45 CST 2019
;; MSG SIZE  rcvd: 119

Host info

Host 145.136.185.138.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 145.136.185.138.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
31.129.173.162	attackspambots	SSH Bruteforce attack	2020-09-10 08:00:58
2607:5300:203:d86::	attack	xmlrpc attack	2020-09-10 08:15:07
188.18.49.246	attackspam	TCP (SYN) 188.18.49.246:57696 -> port 18515, len 44	2020-09-10 08:03:38
80.82.77.33	attackbotsspam	TCP (SYN) 80.82.77.33:13443 -> port 5984, len 44	2020-09-10 08:17:30
45.141.84.99	attackbotsspam	firewall-block, port(s): 80/tcp, 13000/tcp	2020-09-10 07:48:15
51.91.212.80	attackbots	Brute force attack stopped by firewall	2020-09-10 08:15:23
113.160.248.80	attack	Time: Wed Sep 9 16:47:23 2020 +0000 IP: 113.160.248.80 (VN/Vietnam/static.vnpt.vn) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 9 16:32:17 vps3 sshd[23881]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.160.248.80 user=root Sep 9 16:32:19 vps3 sshd[23881]: Failed password for root from 113.160.248.80 port 39223 ssh2 Sep 9 16:44:24 vps3 sshd[26577]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.160.248.80 user=root Sep 9 16:44:26 vps3 sshd[26577]: Failed password for root from 113.160.248.80 port 57989 ssh2 Sep 9 16:47:22 vps3 sshd[27231]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.160.248.80 user=root	2020-09-10 08:14:17
218.104.198.139	attack	" "	2020-09-10 07:56:25
31.163.178.77	attack	TCP (SYN) 31.163.178.77:26085 -> port 23, len 40	2020-09-10 07:58:11
106.12.208.99	attackspam	Sep 7 21:53:59 v26 sshd[27516]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.208.99 user=r.r Sep 7 21:54:01 v26 sshd[27516]: Failed password for r.r from 106.12.208.99 port 42106 ssh2 Sep 7 21:54:01 v26 sshd[27516]: Received disconnect from 106.12.208.99 port 42106:11: Bye Bye [preauth] Sep 7 21:54:01 v26 sshd[27516]: Disconnected from 106.12.208.99 port 42106 [preauth] Sep 7 22:11:10 v26 sshd[29162]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.208.99 user=r.r Sep 7 22:11:12 v26 sshd[29162]: Failed password for r.r from 106.12.208.99 port 45240 ssh2 Sep 7 22:11:12 v26 sshd[29162]: Received disconnect from 106.12.208.99 port 45240:11: Bye Bye [preauth] Sep 7 22:11:12 v26 sshd[29162]: Disconnected from 106.12.208.99 port 45240 [preauth] Sep 7 22:14:05 v26 sshd[29528]: Invalid user januario from 106.12.208.99 port 57512 Sep 7 22:14:05 v26 sshd[29528]: pam_unix(s........ -------------------------------	2020-09-10 07:57:41
103.105.59.80	attackspambots	SSH / Telnet Brute Force Attempts on Honeypot	2020-09-10 08:04:55
119.42.67.37	attackbots	Brute forcing email accounts	2020-09-10 07:59:23
94.102.51.29	attackspam	Multiport scan : 5 ports scanned 3395 4489 8000 8889 9000	2020-09-10 07:43:12
165.227.193.157	attackbotsspam	2020-09-09T18:11:02.3805441495-001 sshd[40324]: Failed password for invalid user operatore from 165.227.193.157 port 44250 ssh2 2020-09-09T18:14:48.2810781495-001 sshd[40496]: Invalid user ruby from 165.227.193.157 port 42074 2020-09-09T18:14:48.2882521495-001 sshd[40496]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.193.157 2020-09-09T18:14:48.2810781495-001 sshd[40496]: Invalid user ruby from 165.227.193.157 port 42074 2020-09-09T18:14:50.1825631495-001 sshd[40496]: Failed password for invalid user ruby from 165.227.193.157 port 42074 ssh2 2020-09-09T18:18:17.8152501495-001 sshd[40667]: Invalid user twyla from 165.227.193.157 port 39898 ...	2020-09-10 07:50:17
206.189.141.73	attackspam	206.189.141.73 - - [09/Sep/2020:18:49:17 +0200] "POST /wp-login.php HTTP/1.0" 200 4794 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-10 08:11:12

Recently Reported IPs

114.38.3.153	156.194.83.97	114.40.69.52	115.216.212.229
91.185.236.124	41.211.112.195	173.82.245.106	151.80.129.115
217.61.61.246	124.235.138.239	113.172.0.111	13.229.139.86
203.150.162.126	155.73.51.213	58.192.33.203	79.186.5.230
233.224.92.210	96.89.25.165	39.2.121.187	252.38.95.45