138.255.148.5 - IPInfo

Basic Info

City: Itaituba

Region: Para

Country: Brazil

Internet Service Provider: Clicfacil Computadores Servicos e Telecomunicacoe

Hostname: unknown

Organization: Clicfacil Computadores, Serviços e Telecomunicaçõe

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	scan r	2019-08-04 18:57:34
attackbots	2019-07-12T01:56:53.061091mail01 postfix/smtpd[4414]: warning: 5.148.255.138.clicfacilitb.com.br[138.255.148.5]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-07-12T01:57:00.423487mail01 postfix/smtpd[11248]: warning: 5.148.255.138.clicfacilitb.com.br[138.255.148.5]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-07-12T01:59:48.495639mail01 postfix/smtpd[17219]: warning: 5.148.255.138.clicfacilitb.com.br[138.255.148.5]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-07-12 13:24:38
attack	Jul 10 01:35:15 server1 postfix/smtpd\[17083\]: warning: 5.148.255.138.clicfacilitb.com.br\[138.255.148.5\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Jul 10 01:35:25 server1 postfix/smtpd\[17083\]: warning: 5.148.255.138.clicfacilitb.com.br\[138.255.148.5\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Jul 10 01:35:34 server1 postfix/smtpd\[17083\]: warning: 5.148.255.138.clicfacilitb.com.br\[138.255.148.5\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\	2019-07-10 08:04:45

Type

Details

Datetime

attackbots

scan r

2019-08-04 18:57:34

attackbots

2019-07-12T01:56:53.061091mail01 postfix/smtpd[4414]: warning: 5.148.255.138.clicfacilitb.com.br[138.255.148.5]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
2019-07-12T01:57:00.423487mail01 postfix/smtpd[11248]: warning: 5.148.255.138.clicfacilitb.com.br[138.255.148.5]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
2019-07-12T01:59:48.495639mail01 postfix/smtpd[17219]: warning: 5.148.255.138.clicfacilitb.com.br[138.255.148.5]: SASL LOGIN authentication failed: UGFzc3dvcmQ6

2019-07-12 13:24:38

attack

Jul 10 01:35:15 server1 postfix/smtpd\[17083\]: warning: 5.148.255.138.clicfacilitb.com.br\[138.255.148.5\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\
Jul 10 01:35:25 server1 postfix/smtpd\[17083\]: warning: 5.148.255.138.clicfacilitb.com.br\[138.255.148.5\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\
Jul 10 01:35:34 server1 postfix/smtpd\[17083\]: warning: 5.148.255.138.clicfacilitb.com.br\[138.255.148.5\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\

2019-07-10 08:04:45

Comments on same subnet:

IP	Type	Details	Datetime
138.255.148.35	attack	Oct 8 21:00:58 cho sshd[249549]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.255.148.35 user=root Oct 8 21:01:00 cho sshd[249549]: Failed password for root from 138.255.148.35 port 41109 ssh2 Oct 8 21:03:47 cho sshd[249644]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.255.148.35 user=root Oct 8 21:03:49 cho sshd[249644]: Failed password for root from 138.255.148.35 port 33072 ssh2 Oct 8 21:06:37 cho sshd[249832]: Invalid user admin from 138.255.148.35 port 53275 ...	2020-10-09 03:13:59
138.255.148.35	attackspam	$f2bV_matches	2020-10-08 19:18:01
138.255.148.35	attackspambots	Sep 27 14:48:46 george sshd[26094]: Failed password for invalid user alex from 138.255.148.35 port 39838 ssh2 Sep 27 14:53:13 george sshd[26135]: Invalid user larry from 138.255.148.35 port 43670 Sep 27 14:53:13 george sshd[26135]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.255.148.35 Sep 27 14:53:15 george sshd[26135]: Failed password for invalid user larry from 138.255.148.35 port 43670 ssh2 Sep 27 14:57:41 george sshd[28128]: Invalid user dms from 138.255.148.35 port 47504 ...	2020-09-28 04:40:30
138.255.148.35	attack	Ssh brute force	2020-09-27 20:57:39
138.255.148.35	attackbotsspam	Sep 1 00:42:07 eventyay sshd[845]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.255.148.35 Sep 1 00:42:09 eventyay sshd[845]: Failed password for invalid user simon from 138.255.148.35 port 55782 ssh2 Sep 1 00:44:15 eventyay sshd[930]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.255.148.35 ...	2020-09-01 07:02:34
138.255.148.35	attack	2020-08-13T17:28:13.863354linuxbox-skyline sshd[101342]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.255.148.35 user=root 2020-08-13T17:28:15.677173linuxbox-skyline sshd[101342]: Failed password for root from 138.255.148.35 port 42812 ssh2 ...	2020-08-14 08:51:40
138.255.148.35	attackbots	Aug 12 18:46:47 dhoomketu sshd[2316810]: Failed password for root from 138.255.148.35 port 46620 ssh2 Aug 12 18:47:28 dhoomketu sshd[2316816]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.255.148.35 user=root Aug 12 18:47:31 dhoomketu sshd[2316816]: Failed password for root from 138.255.148.35 port 50363 ssh2 Aug 12 18:48:12 dhoomketu sshd[2316826]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.255.148.35 user=root Aug 12 18:48:14 dhoomketu sshd[2316826]: Failed password for root from 138.255.148.35 port 54105 ssh2 ...	2020-08-12 23:36:41
138.255.148.35	attack	20 attempts against mh-ssh on echoip	2020-08-10 06:16:23
138.255.148.35	attack	Aug 4 19:16:10 ip-172-31-61-156 sshd[26176]: Failed password for root from 138.255.148.35 port 47875 ssh2 Aug 4 19:16:08 ip-172-31-61-156 sshd[26176]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.255.148.35 user=root Aug 4 19:16:10 ip-172-31-61-156 sshd[26176]: Failed password for root from 138.255.148.35 port 47875 ssh2 Aug 4 19:19:43 ip-172-31-61-156 sshd[26302]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.255.148.35 user=root Aug 4 19:19:44 ip-172-31-61-156 sshd[26302]: Failed password for root from 138.255.148.35 port 44026 ssh2 ...	2020-08-05 03:24:04
138.255.148.35	attack	Aug 1 07:26:07 mout sshd[6040]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.255.148.35 user=root Aug 1 07:26:09 mout sshd[6040]: Failed password for root from 138.255.148.35 port 48065 ssh2	2020-08-01 17:48:39
138.255.148.35	attackspam	Jul 31 13:10:19 rancher-0 sshd[684758]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.255.148.35 user=root Jul 31 13:10:21 rancher-0 sshd[684758]: Failed password for root from 138.255.148.35 port 45385 ssh2 ...	2020-07-31 19:39:03
138.255.148.35	attackbotsspam	Invalid user ramiro from 138.255.148.35 port 50633	2020-07-18 20:11:06
138.255.148.35	attackbotsspam	Jul 12 07:01:22 logopedia-1vcpu-1gb-nyc1-01 sshd[25715]: Invalid user elsearch from 138.255.148.35 port 59087 ...	2020-07-12 19:52:25
138.255.148.35	attack	2020-07-11T17:43:30.500696shield sshd\[13033\]: Invalid user pranava from 138.255.148.35 port 52100 2020-07-11T17:43:30.514973shield sshd\[13033\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.148.255.138.clicfacilitb.com.br 2020-07-11T17:43:32.494799shield sshd\[13033\]: Failed password for invalid user pranava from 138.255.148.35 port 52100 ssh2 2020-07-11T17:47:40.302110shield sshd\[14197\]: Invalid user yook from 138.255.148.35 port 50512 2020-07-11T17:47:40.312014shield sshd\[14197\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.148.255.138.clicfacilitb.com.br	2020-07-12 01:54:10
138.255.148.35	attack	2020-07-10T16:33:05.262747linuxbox-skyline sshd[828046]: Invalid user carmelie from 138.255.148.35 port 58722 ...	2020-07-11 06:34:17

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.255.148.5
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44767
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.255.148.5.			IN	A

;; AUTHORITY SECTION:
.			1237	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019070900 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Jul 09 23:52:51 CST 2019
;; MSG SIZE  rcvd: 117

Host info

5.148.255.138.in-addr.arpa domain name pointer 5.148.255.138.clicfacilitb.com.br.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
5.148.255.138.in-addr.arpa	name = 5.148.255.138.clicfacilitb.com.br.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
52.170.250.228	botsattack	Attack	2020-06-05 19:02:56
138.68.105.194	attackbots	web-1 [ssh_2] SSH Attack	2020-06-05 18:49:28
5.160.130.104	attackbots	firewall-block, port(s): 8080/tcp	2020-06-05 18:58:23
122.255.5.42	attack	odoo8 ...	2020-06-05 19:06:36
198.108.66.116	attackspam	2082/tcp 3389/tcp 1883/tcp... [2020-05-01/06-04]9pkt,7pt.(tcp),1pt.(udp)	2020-06-05 18:38:01
34.93.211.49	attackspambots	Jun 5 02:10:57 NPSTNNYC01T sshd[28870]: Failed password for root from 34.93.211.49 port 34432 ssh2 Jun 5 02:15:26 NPSTNNYC01T sshd[29176]: Failed password for root from 34.93.211.49 port 38016 ssh2 ...	2020-06-05 18:36:33
61.133.232.250	attackbotsspam	(sshd) Failed SSH login from 61.133.232.250 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jun 5 12:44:42 s1 sshd[4838]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.133.232.250 user=root Jun 5 12:44:44 s1 sshd[4838]: Failed password for root from 61.133.232.250 port 46378 ssh2 Jun 5 12:47:59 s1 sshd[4944]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.133.232.250 user=root Jun 5 12:48:01 s1 sshd[4944]: Failed password for root from 61.133.232.250 port 24436 ssh2 Jun 5 12:59:10 s1 sshd[5252]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.133.232.250 user=root	2020-06-05 18:36:14
103.83.178.230	attackspambots	LGS,WP GET /wp-login.php	2020-06-05 19:03:11
196.52.43.101	attackspambots	TCP (SYN) 196.52.43.101:61966 -> port 1521, len 44	2020-06-05 18:40:39
67.143.176.156	attackbots	Brute forcing email accounts	2020-06-05 18:47:56
106.13.20.73	attackbots	fail2ban -- 106.13.20.73 ...	2020-06-05 18:35:30
194.42.112.107	attackspambots	firewall-block, port(s): 23/tcp	2020-06-05 18:43:57
159.65.134.146	attack	Lines containing failures of 159.65.134.146 Jun 2 07:53:20 ris sshd[11634]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.134.146 user=r.r Jun 2 07:53:23 ris sshd[11634]: Failed password for r.r from 159.65.134.146 port 53970 ssh2 Jun 2 07:53:24 ris sshd[11634]: Received disconnect from 159.65.134.146 port 53970:11: Bye Bye [preauth] Jun 2 07:53:24 ris sshd[11634]: Disconnected from authenticating user r.r 159.65.134.146 port 53970 [preauth] Jun 2 07:57:08 ris sshd[12296]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.134.146 user=r.r Jun 2 07:57:10 ris sshd[12296]: Failed password for r.r from 159.65.134.146 port 49426 ssh2 Jun 2 07:57:12 ris sshd[12296]: Received disconnect from 159.65.134.146 port 49426:11: Bye Bye [preauth] Jun 2 07:57:12 ris sshd[12296]: Disconnected from authenticating user r.r 159.65.134.146 port 49426 [preauth] ........ ----------------------------------------------- https://w	2020-06-05 18:49:02
195.136.95.82	attackspam	(PL/Poland/-) SMTP Bruteforcing attempts	2020-06-05 18:59:03
180.76.143.116	attackspambots	Lines containing failures of 180.76.143.116 Jun 1 05:20:45 dns01 sshd[3307]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.143.116 user=r.r Jun 1 05:20:47 dns01 sshd[3307]: Failed password for r.r from 180.76.143.116 port 35414 ssh2 Jun 1 05:20:47 dns01 sshd[3307]: Received disconnect from 180.76.143.116 port 35414:11: Bye Bye [preauth] Jun 1 05:20:47 dns01 sshd[3307]: Disconnected from authenticating user r.r 180.76.143.116 port 35414 [preauth] Jun 1 05:37:38 dns01 sshd[7319]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.143.116 user=r.r Jun 1 05:37:40 dns01 sshd[7319]: Failed password for r.r from 180.76.143.116 port 51930 ssh2 Jun 1 05:37:40 dns01 sshd[7319]: Received disconnect from 180.76.143.116 port 51930:11: Bye Bye [preauth] Jun 1 05:37:40 dns01 sshd[7319]: Disconnected from authenticating user r.r 180.76.143.116 port 51930 [preauth] Jun 1 05:41:06 dns01........ ------------------------------	2020-06-05 18:35:15

Recently Reported IPs

1.48.123.76	62.20.1.160	58.137.223.244	173.82.202.20
212.136.26.130	1.106.97.240	66.55.69.78	212.169.107.90
5.162.95.79	5.107.110.129	96.171.59.74	54.159.195.177
17.192.81.170	198.71.230.72	191.169.69.28	170.53.193.1
113.173.11.128	80.240.36.219	170.109.142.89	14.232.206.211