138.219.222.145

Basic Info

City: unknown

Region: unknown

Country: Brazil

Internet Service Provider: Goldweb Barretos Servicos de Telecomunicacoes Ltda

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	May 13 14:14:25 mail.srvfarm.net postfix/smtps/smtpd[553711]: warning: unknown[138.219.222.145]: SASL PLAIN authentication failed: May 13 14:14:25 mail.srvfarm.net postfix/smtps/smtpd[553711]: lost connection after AUTH from unknown[138.219.222.145] May 13 14:20:50 mail.srvfarm.net postfix/smtpd[553606]: warning: unknown[138.219.222.145]: SASL PLAIN authentication failed: May 13 14:20:50 mail.srvfarm.net postfix/smtpd[553606]: lost connection after AUTH from unknown[138.219.222.145] May 13 14:21:07 mail.srvfarm.net postfix/smtpd[553606]: warning: unknown[138.219.222.145]: SASL PLAIN authentication failed:	2020-05-14 02:48:08

Type

Details

Datetime

attackbotsspam

May 13 14:14:25 mail.srvfarm.net postfix/smtps/smtpd[553711]: warning: unknown[138.219.222.145]: SASL PLAIN authentication failed: 
May 13 14:14:25 mail.srvfarm.net postfix/smtps/smtpd[553711]: lost connection after AUTH from unknown[138.219.222.145]
May 13 14:20:50 mail.srvfarm.net postfix/smtpd[553606]: warning: unknown[138.219.222.145]: SASL PLAIN authentication failed: 
May 13 14:20:50 mail.srvfarm.net postfix/smtpd[553606]: lost connection after AUTH from unknown[138.219.222.145]
May 13 14:21:07 mail.srvfarm.net postfix/smtpd[553606]: warning: unknown[138.219.222.145]: SASL PLAIN authentication failed:

2020-05-14 02:48:08

Comments on same subnet:

IP	Type	Details	Datetime
138.219.222.83	attack	Unauthorized SMTP/IMAP/POP3 connection attempt	2019-09-11 13:00:24
138.219.222.41	attack	SASL PLAIN auth failed: ruser=...	2019-08-19 13:29:56
138.219.222.165	attackspambots	SASL PLAIN auth failed: ruser=...	2019-08-19 13:29:33

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.219.222.145
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 27127
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.219.222.145.		IN	A

;; AUTHORITY SECTION:
.			1100	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019081201 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Aug 13 11:33:39 CST 2019
;; MSG SIZE  rcvd: 119

Host info

145.222.219.138.in-addr.arpa domain name pointer 138-219-222-145.goldweb.com.br.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
145.222.219.138.in-addr.arpa	name = 138-219-222-145.goldweb.com.br.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
23.235.219.107	attackspam	23.235.219.107 - - - [26/May/2020:17:55:39 +0200] "GET /wp-login.php HTTP/1.1" 404 162 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" "-"	2020-05-27 01:45:00
104.248.170.186	attack	Failed password for invalid user admin from 104.248.170.186 port 39157 ssh2	2020-05-27 02:03:28
46.101.128.28	attackbots	Fail2Ban - SSH Bruteforce Attempt	2020-05-27 02:01:32
179.217.63.241	attack	2020-05-26T17:05:12.378866abusebot-6.cloudsearch.cf sshd[13343]: Invalid user schulz from 179.217.63.241 port 33412 2020-05-26T17:05:12.386099abusebot-6.cloudsearch.cf sshd[13343]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.217.63.241 2020-05-26T17:05:12.378866abusebot-6.cloudsearch.cf sshd[13343]: Invalid user schulz from 179.217.63.241 port 33412 2020-05-26T17:05:14.306186abusebot-6.cloudsearch.cf sshd[13343]: Failed password for invalid user schulz from 179.217.63.241 port 33412 ssh2 2020-05-26T17:12:03.326003abusebot-6.cloudsearch.cf sshd[13690]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.217.63.241 user=root 2020-05-26T17:12:05.672342abusebot-6.cloudsearch.cf sshd[13690]: Failed password for root from 179.217.63.241 port 47618 ssh2 2020-05-26T17:13:50.012865abusebot-6.cloudsearch.cf sshd[13824]: Invalid user libuuid from 179.217.63.241 port 41474 ...	2020-05-27 02:15:07
45.55.88.94	attack	May 26 10:31:02 dignus sshd[17899]: Invalid user postgres from 45.55.88.94 port 38587 May 26 10:31:02 dignus sshd[17899]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.88.94 May 26 10:31:04 dignus sshd[17899]: Failed password for invalid user postgres from 45.55.88.94 port 38587 ssh2 May 26 10:36:03 dignus sshd[18166]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.88.94 user=root May 26 10:36:04 dignus sshd[18166]: Failed password for root from 45.55.88.94 port 42021 ssh2 ...	2020-05-27 01:55:55
93.174.93.143	attackbots	May 26 20:28:05 pkdns2 sshd\[6328\]: Address 93.174.93.143 maps to btc4swc.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!May 26 20:28:05 pkdns2 sshd\[6328\]: Invalid user thailandgo from 93.174.93.143May 26 20:28:06 pkdns2 sshd\[6328\]: Failed password for invalid user thailandgo from 93.174.93.143 port 42502 ssh2May 26 20:31:36 pkdns2 sshd\[6467\]: Address 93.174.93.143 maps to btc4swc.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!May 26 20:31:38 pkdns2 sshd\[6467\]: Failed password for root from 93.174.93.143 port 48488 ssh2May 26 20:35:18 pkdns2 sshd\[6646\]: Address 93.174.93.143 maps to btc4swc.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!May 26 20:35:18 pkdns2 sshd\[6646\]: Invalid user valid from 93.174.93.143May 26 20:35:20 pkdns2 sshd\[6646\]: Failed password for invalid user valid from 93.174.93.143 port 54474 ssh2 ...	2020-05-27 01:50:26
173.213.85.186	attack	Wordpress site brute force	2020-05-27 02:14:15
202.29.80.133	attack	May 26 15:55:08 *** sshd[7168]: User root from 202.29.80.133 not allowed because not listed in AllowUsers	2020-05-27 02:01:00
35.224.121.138	attack	May 26 18:55:57 pve1 sshd[11046]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.224.121.138 May 26 18:56:00 pve1 sshd[11046]: Failed password for invalid user bmaina from 35.224.121.138 port 38438 ssh2 ...	2020-05-27 01:50:04
134.73.56.115	attackbots	May 26 19:21:54 journals sshd\[3928\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.73.56.115 user=root May 26 19:21:56 journals sshd\[3928\]: Failed password for root from 134.73.56.115 port 41692 ssh2 May 26 19:24:16 journals sshd\[4160\]: Invalid user admin from 134.73.56.115 May 26 19:24:16 journals sshd\[4160\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.73.56.115 May 26 19:24:18 journals sshd\[4160\]: Failed password for invalid user admin from 134.73.56.115 port 52094 ssh2 ...	2020-05-27 02:04:02
217.160.214.48	attackspam	May 26 17:50:27 ns382633 sshd\[7558\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.160.214.48 user=root May 26 17:50:28 ns382633 sshd\[7558\]: Failed password for root from 217.160.214.48 port 59850 ssh2 May 26 17:54:44 ns382633 sshd\[7974\]: Invalid user weblogic from 217.160.214.48 port 43964 May 26 17:54:44 ns382633 sshd\[7974\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.160.214.48 May 26 17:54:46 ns382633 sshd\[7974\]: Failed password for invalid user weblogic from 217.160.214.48 port 43964 ssh2	2020-05-27 02:18:57
213.32.92.57	attackbots	May 26 22:09:16 dhoomketu sshd[220466]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.32.92.57 user=root May 26 22:09:18 dhoomketu sshd[220466]: Failed password for root from 213.32.92.57 port 37024 ssh2 May 26 22:11:34 dhoomketu sshd[220504]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.32.92.57 user=root May 26 22:11:36 dhoomketu sshd[220504]: Failed password for root from 213.32.92.57 port 48076 ssh2 May 26 22:13:52 dhoomketu sshd[220552]: Invalid user Includu135dx from 213.32.92.57 port 59136 ...	2020-05-27 01:42:42
78.176.47.73	attack	Automatic report - Port Scan Attack	2020-05-27 01:58:49
118.25.90.54	attack	May 26 20:03:11 vpn01 sshd[6026]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.90.54 May 26 20:03:13 vpn01 sshd[6026]: Failed password for invalid user aoyule from 118.25.90.54 port 54752 ssh2 ...	2020-05-27 02:05:08
148.70.125.207	attackspam	May 26 17:55:03 mail sshd[10962]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.125.207 user=root May 26 17:55:05 mail sshd[10962]: Failed password for root from 148.70.125.207 port 59764 ssh2 May 26 18:08:53 mail sshd[12786]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.125.207 user=root May 26 18:08:55 mail sshd[12786]: Failed password for root from 148.70.125.207 port 37616 ssh2 May 26 18:13:29 mail sshd[13430]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.125.207 user=root May 26 18:13:31 mail sshd[13430]: Failed password for root from 148.70.125.207 port 49412 ssh2 ...	2020-05-27 01:59:34

Recently Reported IPs

235.87.181.171	131.100.76.87	130.61.229.117	14.176.104.106
212.42.103.112	198.12.83.225	177.130.162.63	157.119.28.79
172.83.156.144	78.189.115.19	155.94.129.83	177.154.235.121
114.38.63.76	114.34.121.218	86.193.240.218	96.241.47.214
88.68.204.200	103.42.142.222	37.9.40.18	185.135.83.49