138.219.100.162

Basic Info

City: unknown

Region: unknown

Country: Brazil

Internet Service Provider: Meganet Servicos de Comunicacao Multimidia Ltda

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt detected from IP address 138.219.100.162 to port 23 [J]	2020-01-19 06:26:59

Comments on same subnet:

IP	Type	Details	Datetime
138.219.100.78	attack	(sshd) Failed SSH login from 138.219.100.78 (BR/Brazil/138-219-100-78.meganetscm.net.br): 5 in the last 3600 secs	2020-10-06 01:07:38
138.219.100.78	attack	DATE:2020-10-05 09:06:04, IP:138.219.100.78, PORT:ssh SSH brute force auth (docker-dc)	2020-10-05 17:02:37

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.219.100.162
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 34246
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.219.100.162.		IN	A

;; AUTHORITY SECTION:
.			367	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020011800 1800 900 604800 86400

;; Query time: 54 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jan 19 06:26:56 CST 2020
;; MSG SIZE  rcvd: 119

Host info

162.100.219.138.in-addr.arpa domain name pointer 138-219-100-162.meganetscm.net.br.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
162.100.219.138.in-addr.arpa	name = 138-219-100-162.meganetscm.net.br.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
195.224.138.61	attackspambots	Oct 9 08:12:37 nextcloud sshd\[30612\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.224.138.61 user=root Oct 9 08:12:39 nextcloud sshd\[30612\]: Failed password for root from 195.224.138.61 port 40718 ssh2 Oct 9 08:16:24 nextcloud sshd\[4376\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.224.138.61 user=root ...	2019-10-09 15:12:33
164.8.11.120	attackspam	May 12 17:06:49 server sshd\[128726\]: Invalid user cisco from 164.8.11.120 May 12 17:06:50 server sshd\[128726\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.8.11.120 May 12 17:06:52 server sshd\[128726\]: Failed password for invalid user cisco from 164.8.11.120 port 42396 ssh2 ...	2019-10-09 15:12:51
164.132.230.244	attackbots	Apr 14 06:35:12 server sshd\[223741\]: Invalid user test7 from 164.132.230.244 Apr 14 06:35:12 server sshd\[223741\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.132.230.244 Apr 14 06:35:13 server sshd\[223741\]: Failed password for invalid user test7 from 164.132.230.244 port 42527 ssh2 ...	2019-10-09 15:28:25
163.172.157.162	attack	$f2bV_matches	2019-10-09 15:49:37
163.47.36.210	attack	Jun 24 14:42:05 server sshd\[93732\]: Invalid user teles from 163.47.36.210 Jun 24 14:42:05 server sshd\[93732\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.47.36.210 Jun 24 14:42:07 server sshd\[93732\]: Failed password for invalid user teles from 163.47.36.210 port 24357 ssh2 ...	2019-10-09 15:33:11
221.160.100.14	attackbotsspam	Oct 9 08:52:56 mail sshd[18080]: Invalid user test from 221.160.100.14 ...	2019-10-09 15:48:19
124.41.215.76	attack	Port Scan detected from 124.41.215.76 (NP/Nepal/-). 4 hits in the last 110 seconds	2019-10-09 15:14:47
164.132.225.151	attack	Jun 8 02:21:19 server sshd\[58581\]: Invalid user zimbra from 164.132.225.151 Jun 8 02:21:19 server sshd\[58581\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.132.225.151 Jun 8 02:21:21 server sshd\[58581\]: Failed password for invalid user zimbra from 164.132.225.151 port 41087 ssh2 ...	2019-10-09 15:29:33
222.91.151.175	attackspambots	Oct 8 01:37:37 km20725 sshd[14449]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.91.151.175 user=r.r Oct 8 01:37:39 km20725 sshd[14449]: Failed password for r.r from 222.91.151.175 port 9247 ssh2 Oct 8 01:37:39 km20725 sshd[14449]: Received disconnect from 222.91.151.175: 11: Bye Bye [preauth] Oct 8 02:07:55 km20725 sshd[16331]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.91.151.175 user=r.r Oct 8 02:07:57 km20725 sshd[16331]: Failed password for r.r from 222.91.151.175 port 10324 ssh2 Oct 8 02:07:57 km20725 sshd[16331]: Received disconnect from 222.91.151.175: 11: Bye Bye [preauth] Oct 8 02:11:41 km20725 sshd[16732]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.91.151.175 user=r.r Oct 8 02:11:42 km20725 sshd[16732]: Failed password for r.r from 222.91.151.175 port 9779 ssh2 Oct 8 02:11:43 km20725 sshd[16732]: Received........ -------------------------------	2019-10-09 15:28:57
164.132.107.245	attackbots	Apr 29 16:36:35 server sshd\[116486\]: Invalid user twister from 164.132.107.245 Apr 29 16:36:35 server sshd\[116486\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.132.107.245 Apr 29 16:36:37 server sshd\[116486\]: Failed password for invalid user twister from 164.132.107.245 port 34402 ssh2 ...	2019-10-09 15:32:23
164.160.142.85	attack	Apr 11 03:03:03 server sshd\[98531\]: Invalid user www from 164.160.142.85 Apr 11 03:03:03 server sshd\[98531\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.160.142.85 Apr 11 03:03:05 server sshd\[98531\]: Failed password for invalid user www from 164.160.142.85 port 23434 ssh2 ...	2019-10-09 15:19:49
176.57.69.248	attackbots	Oct 6 03:56:54 mail sshd[9679]: reveeclipse mapping checking getaddrinfo for xn--shaman-ag-8yh.had.su [176.57.69.248] failed - POSSIBLE BREAK-IN ATTEMPT! Oct 6 03:56:54 mail sshd[9679]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.57.69.248 user=r.r Oct 6 03:56:56 mail sshd[9679]: Failed password for r.r from 176.57.69.248 port 45290 ssh2 Oct 6 03:56:56 mail sshd[9679]: Received disconnect from 176.57.69.248: 11: Bye Bye [preauth] Oct 6 04:11:21 mail sshd[12183]: reveeclipse mapping checking getaddrinfo for xn--shaman-ag-8yh.had.su [176.57.69.248] failed - POSSIBLE BREAK-IN ATTEMPT! Oct 6 04:11:21 mail sshd[12183]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.57.69.248 user=r.r Oct 6 04:11:23 mail sshd[12183]: Failed password for r.r from 176.57.69.248 port 53824 ssh2 Oct 6 04:11:23 mail sshd[12183]: Received disconnect from 176.57.69.248: 11: Bye Bye [preauth] Oct 6........ -------------------------------	2019-10-09 15:21:47
45.168.56.231	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/45.168.56.231/ BR - 1H : (290) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : BR NAME ASN : ASN268030 IP : 45.168.56.231 CIDR : 45.168.56.0/22 PREFIX COUNT : 1 UNIQUE IP COUNT : 1024 WYKRYTE ATAKI Z ASN268030 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 DateTime : 2019-10-09 05:55:00 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-10-09 15:20:26
45.227.253.131	attack	SMTP blocked logins 388. Dates: 1-10-2019 / 9-10-2019	2019-10-09 15:46:09
129.28.188.115	attackspambots	Oct 9 06:09:18 MK-Soft-VM5 sshd[11849]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.28.188.115 Oct 9 06:09:20 MK-Soft-VM5 sshd[11849]: Failed password for invalid user Pa55w0rd2018 from 129.28.188.115 port 60176 ssh2 ...	2019-10-09 15:16:59

Recently Reported IPs

124.152.108.35	119.117.249.53	118.174.88.228	117.0.197.187
115.135.220.178	115.127.77.28	114.134.11.31	91.187.123.152
114.33.240.77	67.39.64.251	113.226.176.100	109.227.125.47
91.124.250.47	90.189.112.123	89.136.193.55	86.110.182.6
84.241.1.105	78.159.60.104	66.155.39.56	64.121.105.2