138.219.97.217

Basic Info

City: unknown

Region: unknown

Country: Brazil

Internet Service Provider: Speed Turbo Telecom

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Automatic report - Port Scan Attack	2019-11-15 17:43:53

Comments on same subnet:

IP	Type	Details	Datetime
138.219.97.70	attack	Jun 23 12:27:44 ns41 sshd[15328]: Failed password for root from 138.219.97.70 port 51792 ssh2 Jun 23 12:36:12 ns41 sshd[15680]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.219.97.70 Jun 23 12:36:14 ns41 sshd[15680]: Failed password for invalid user tmax from 138.219.97.70 port 50884 ssh2	2020-06-23 19:02:18
138.219.97.70	attackspambots	Bruteforce detected by fail2ban	2020-06-15 20:01:32
138.219.97.70	attackbots	$f2bV_matches	2020-06-11 18:57:08

Type

Details

Datetime

138.219.97.70

attack

Jun 23 12:27:44 ns41 sshd[15328]: Failed password for root from 138.219.97.70 port 51792 ssh2
Jun 23 12:36:12 ns41 sshd[15680]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.219.97.70
Jun 23 12:36:14 ns41 sshd[15680]: Failed password for invalid user tmax from 138.219.97.70 port 50884 ssh2

2020-06-23 19:02:18

138.219.97.70

attackspambots

Bruteforce detected by fail2ban

2020-06-15 20:01:32

138.219.97.70

attackbots

$f2bV_matches

2020-06-11 18:57:08

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.219.97.217
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 34681
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.219.97.217.			IN	A

;; AUTHORITY SECTION:
.			481	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019111500 1800 900 604800 86400

;; Query time: 108 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Nov 15 17:43:49 CST 2019
;; MSG SIZE  rcvd: 118

Host info

217.97.219.138.in-addr.arpa domain name pointer dynamic-138-219-97-217.speedturbo.net.br.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
217.97.219.138.in-addr.arpa	name = dynamic-138-219-97-217.speedturbo.net.br.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
119.109.235.221	attackspambots	23/tcp [2019-09-04]1pkt	2019-09-04 21:51:12
61.188.17.58	attackspambots	1433/tcp 1433/tcp [2019-09-04]2pkt	2019-09-04 22:44:46
218.98.40.151	attack	Sep 4 16:32:51 herz-der-gamer sshd[19187]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.98.40.151 user=root Sep 4 16:32:53 herz-der-gamer sshd[19187]: Failed password for root from 218.98.40.151 port 37696 ssh2 ...	2019-09-04 22:39:40
37.187.6.235	attack	Sep 4 09:09:34 aat-srv002 sshd[14612]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.187.6.235 Sep 4 09:09:36 aat-srv002 sshd[14612]: Failed password for invalid user haupt from 37.187.6.235 port 35294 ssh2 Sep 4 09:14:15 aat-srv002 sshd[14753]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.187.6.235 Sep 4 09:14:17 aat-srv002 sshd[14753]: Failed password for invalid user mati from 37.187.6.235 port 51316 ssh2 ...	2019-09-04 22:31:32
221.140.151.235	attack	Sep 4 10:47:04 vtv3 sshd\[31870\]: Invalid user serv_pv from 221.140.151.235 port 44775 Sep 4 10:47:04 vtv3 sshd\[31870\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.140.151.235 Sep 4 10:47:06 vtv3 sshd\[31870\]: Failed password for invalid user serv_pv from 221.140.151.235 port 44775 ssh2 Sep 4 10:55:26 vtv3 sshd\[4065\]: Invalid user marisa from 221.140.151.235 port 38325 Sep 4 10:55:26 vtv3 sshd\[4065\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.140.151.235 Sep 4 11:09:44 vtv3 sshd\[11066\]: Invalid user dasusr1 from 221.140.151.235 port 60698 Sep 4 11:09:44 vtv3 sshd\[11066\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.140.151.235 Sep 4 11:09:46 vtv3 sshd\[11066\]: Failed password for invalid user dasusr1 from 221.140.151.235 port 60698 ssh2 Sep 4 11:14:30 vtv3 sshd\[13559\]: Invalid user postgres from 221.140.151.235 port 49893 Sep 4 11:14:	2019-09-04 21:46:09
134.175.36.138	attackspam	Sep 4 09:07:47 aat-srv002 sshd[14532]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.36.138 Sep 4 09:07:49 aat-srv002 sshd[14532]: Failed password for invalid user maxadmin from 134.175.36.138 port 58350 ssh2 Sep 4 09:13:19 aat-srv002 sshd[14717]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.36.138 Sep 4 09:13:21 aat-srv002 sshd[14717]: Failed password for invalid user elly from 134.175.36.138 port 45432 ssh2 ...	2019-09-04 22:34:19
43.226.40.60	attack	Sep 4 14:47:53 debian sshd\[10358\]: Invalid user test from 43.226.40.60 port 55314 Sep 4 14:47:53 debian sshd\[10358\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.226.40.60 ...	2019-09-04 21:55:14
81.22.45.85	attackbotsspam	firewall-block, port(s): 3389/tcp	2019-09-04 22:07:02
94.177.233.182	attackbotsspam	Aug 29 20:50:55 itv-usvr-01 sshd[8862]: Invalid user testuser from 94.177.233.182 Aug 29 20:50:55 itv-usvr-01 sshd[8862]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.177.233.182 Aug 29 20:50:55 itv-usvr-01 sshd[8862]: Invalid user testuser from 94.177.233.182 Aug 29 20:50:57 itv-usvr-01 sshd[8862]: Failed password for invalid user testuser from 94.177.233.182 port 35118 ssh2 Aug 29 20:55:25 itv-usvr-01 sshd[9033]: Invalid user info2 from 94.177.233.182	2019-09-04 22:40:18
49.234.206.45	attack	Sep 4 16:07:02 jupiter sshd\[12501\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.206.45 user=mysql Sep 4 16:07:03 jupiter sshd\[12501\]: Failed password for mysql from 49.234.206.45 port 56098 ssh2 Sep 4 16:21:42 jupiter sshd\[12708\]: Invalid user seth from 49.234.206.45 Sep 4 16:21:42 jupiter sshd\[12708\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.206.45 ...	2019-09-04 22:40:50
144.217.161.22	attack	xmlrpc attack	2019-09-04 21:47:54
37.114.177.247	attackspam	$f2bV_matches_ltvn	2019-09-04 22:37:53
122.116.174.239	attack	Sep 4 10:19:44 plusreed sshd[20742]: Invalid user dst from 122.116.174.239 ...	2019-09-04 22:28:15
222.186.15.101	attack	Sep 4 16:18:42 root sshd[26463]: Failed password for root from 222.186.15.101 port 31918 ssh2 Sep 4 16:18:45 root sshd[26463]: Failed password for root from 222.186.15.101 port 31918 ssh2 Sep 4 16:18:47 root sshd[26463]: Failed password for root from 222.186.15.101 port 31918 ssh2 ...	2019-09-04 22:33:12
121.18.39.18	attack	Sep 4 03:40:46 friendsofhawaii sshd\[10441\]: Invalid user admin from 121.18.39.18 Sep 4 03:40:46 friendsofhawaii sshd\[10441\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.18.39.18 Sep 4 03:40:48 friendsofhawaii sshd\[10441\]: Failed password for invalid user admin from 121.18.39.18 port 19674 ssh2 Sep 4 03:46:42 friendsofhawaii sshd\[10938\]: Invalid user rk from 121.18.39.18 Sep 4 03:46:42 friendsofhawaii sshd\[10938\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.18.39.18	2019-09-04 21:54:06

Recently Reported IPs

137.101.142.233	177.76.237.227	72.255.1.29	188.17.164.77
168.121.165.9	183.225.19.126	113.173.68.18	178.238.226.57
250.155.116.116	205.177.2.219	179.97.198.248	34.64.110.155
39.137.19.5	45.162.99.126	82.76.245.28	85.214.60.200
218.19.169.35	114.164.105.250	138.201.14.212	47.174.177.129