138.219.111.21

Basic Info

City: unknown

Region: unknown

Country: Brazil

Internet Service Provider: Fibernet Telecomunicacoes

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Automatic report - Port Scan Attack	2020-03-21 18:45:14

Comments on same subnet:

IP	Type	Details	Datetime
138.219.111.3	attackspam	Unauthorized connection attempt detected from IP address 138.219.111.3 to port 23	2020-03-17 21:58:31
138.219.111.42	attackbots	unauthorized connection attempt	2020-02-07 13:51:07
138.219.111.27	attack	unauthorized connection attempt	2020-01-17 18:49:31
138.219.111.161	attackbotsspam	Unauthorized connection attempt detected from IP address 138.219.111.161 to port 8080	2020-01-06 04:42:18

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.219.111.21
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 53853
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.219.111.21.			IN	A

;; AUTHORITY SECTION:
.			474	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020032001 1800 900 604800 86400

;; Query time: 45 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Mar 21 18:45:07 CST 2020
;; MSG SIZE  rcvd: 118

Host info

21.111.219.138.in-addr.arpa domain name pointer 138.219.111.21.dynamic.dnsfibernet.net.br.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
21.111.219.138.in-addr.arpa	name = 138.219.111.21.dynamic.dnsfibernet.net.br.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
189.41.4.9	attack	SSH login tried and failed	2020-05-27 20:29:59
207.154.206.212	attackbots	May 27 11:53:31 web8 sshd\[4775\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.154.206.212 user=root May 27 11:53:34 web8 sshd\[4775\]: Failed password for root from 207.154.206.212 port 40820 ssh2 May 27 11:57:42 web8 sshd\[6929\]: Invalid user elsceno from 207.154.206.212 May 27 11:57:42 web8 sshd\[6929\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.154.206.212 May 27 11:57:44 web8 sshd\[6929\]: Failed password for invalid user elsceno from 207.154.206.212 port 46004 ssh2	2020-05-27 20:12:19
36.111.181.248	attackspambots	May 27 13:46:22 roki-contabo sshd\[16615\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.111.181.248 user=root May 27 13:46:24 roki-contabo sshd\[16615\]: Failed password for root from 36.111.181.248 port 39718 ssh2 May 27 14:01:34 roki-contabo sshd\[17049\]: Invalid user guest from 36.111.181.248 May 27 14:01:34 roki-contabo sshd\[17049\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.111.181.248 May 27 14:01:35 roki-contabo sshd\[17049\]: Failed password for invalid user guest from 36.111.181.248 port 53464 ssh2 ...	2020-05-27 20:08:42
164.132.46.14	attack	May 27 13:57:42 sip sshd[426557]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.132.46.14 May 27 13:57:42 sip sshd[426557]: Invalid user danger from 164.132.46.14 port 41464 May 27 13:57:45 sip sshd[426557]: Failed password for invalid user danger from 164.132.46.14 port 41464 ssh2 ...	2020-05-27 20:14:17
104.131.29.92	attackbots	May 27 14:18:07 plex sshd[16494]: Invalid user kafka from 104.131.29.92 port 39368	2020-05-27 20:23:26
124.121.72.48	attack	Unauthorised access (May 27) SRC=124.121.72.48 LEN=40 PREC=0x20 TTL=50 ID=39400 TCP DPT=8080 WINDOW=28911 SYN	2020-05-27 20:09:25
119.57.127.12	attack	May 27 13:50:34 piServer sshd[12321]: Failed password for root from 119.57.127.12 port 45076 ssh2 May 27 13:54:11 piServer sshd[12545]: Failed password for root from 119.57.127.12 port 41547 ssh2 May 27 13:57:42 piServer sshd[12915]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.57.127.12 ...	2020-05-27 20:16:13
188.254.0.124	attackbots	Too many connections or unauthorized access detected from Arctic banned ip	2020-05-27 20:29:56
27.153.136.81	attack	probing sign-up form	2020-05-27 20:28:08
13.76.85.161	attackbotsspam	Brute forcing RDP port 3389	2020-05-27 20:22:04
65.34.120.176	attack	May 27 07:51:08 ny01 sshd[1170]: Failed password for root from 65.34.120.176 port 38001 ssh2 May 27 07:54:18 ny01 sshd[1837]: Failed password for root from 65.34.120.176 port 54512 ssh2	2020-05-27 20:20:36
70.37.98.52	attackspambots	May 27 14:03:35 PorscheCustomer sshd[3101]: Failed password for root from 70.37.98.52 port 51352 ssh2 May 27 14:07:28 PorscheCustomer sshd[3217]: Failed password for root from 70.37.98.52 port 34070 ssh2 ...	2020-05-27 20:27:38
120.53.9.188	attack	May 27 14:06:58 abendstille sshd\[17376\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.53.9.188 user=root May 27 14:06:59 abendstille sshd\[17376\]: Failed password for root from 120.53.9.188 port 53850 ssh2 May 27 14:11:23 abendstille sshd\[21832\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.53.9.188 user=root May 27 14:11:25 abendstille sshd\[21832\]: Failed password for root from 120.53.9.188 port 45788 ssh2 May 27 14:15:54 abendstille sshd\[26368\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.53.9.188 user=root ...	2020-05-27 20:30:47
139.219.5.244	attack	139.219.5.244 - - [27/May/2020:14:27:21 +0200] "POST /wp-login.php HTTP/1.1" 200 6070 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 139.219.5.244 - - [27/May/2020:14:27:23 +0200] "POST /wp-login.php HTTP/1.1" 200 6070 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 139.219.5.244 - - [27/May/2020:14:27:25 +0200] "POST /wp-login.php HTTP/1.1" 200 6070 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 139.219.5.244 - - [27/May/2020:14:27:29 +0200] "POST /wp-login.php HTTP/1.1" 200 6070 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 139.219.5.244 - - [27/May/2020:14:27:33 +0200] "POST /wp-login.php HTTP/1.1" 200 6070 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safar ...	2020-05-27 20:34:15
49.232.34.247	attack	Invalid user adobeadobe from 49.232.34.247 port 46610	2020-05-27 20:32:16

Recently Reported IPs

40.114.33.31	177.103.134.227	91.146.121.3	218.87.232.15
134.249.131.90	111.38.117.97	183.89.65.54	139.224.144.154
84.242.183.146	140.238.207.47	110.87.6.128	185.116.161.177
114.44.61.25	187.250.12.202	156.216.70.57	92.50.136.106
113.175.57.135	162.243.131.64	118.228.152.210	181.113.225.114