138.97.224.160

Basic Info

City: unknown

Region: unknown

Country: Brazil

Internet Service Provider: L L Net Comercio e Servico de Informatica Ltda ME

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	SMTP-sasl brute force ...	2019-06-29 03:57:35

Comments on same subnet:

IP	Type	Details	Datetime
138.97.224.88	attack	Automatic report - Port Scan Attack	2020-10-01 08:47:47
138.97.224.88	attackspam	Automatic report - Port Scan Attack	2020-10-01 01:23:20
138.97.224.88	attackbotsspam	Automatic report - Port Scan Attack	2020-09-30 17:35:18
138.97.224.241	attackbotsspam	Aug 11 05:08:26 mail.srvfarm.net postfix/smtps/smtpd[2148626]: warning: 138-97-224-241.llnet.com.br[138.97.224.241]: SASL PLAIN authentication failed: Aug 11 05:08:27 mail.srvfarm.net postfix/smtps/smtpd[2148626]: lost connection after AUTH from 138-97-224-241.llnet.com.br[138.97.224.241] Aug 11 05:08:57 mail.srvfarm.net postfix/smtpd[2145481]: warning: 138-97-224-241.llnet.com.br[138.97.224.241]: SASL PLAIN authentication failed: Aug 11 05:08:58 mail.srvfarm.net postfix/smtpd[2145481]: lost connection after AUTH from 138-97-224-241.llnet.com.br[138.97.224.241] Aug 11 05:17:21 mail.srvfarm.net postfix/smtpd[2161874]: warning: 138-97-224-241.llnet.com.br[138.97.224.241]: SASL PLAIN authentication failed:	2020-08-11 15:37:21
138.97.224.231	attackspambots	SASL PLAIN auth failed: ruser=...	2020-07-17 07:12:41
138.97.224.128	attack	Jun 16 05:42:30 mail.srvfarm.net postfix/smtps/smtpd[936248]: lost connection after CONNECT from 138-97-224-128.llnet.com.br[138.97.224.128] Jun 16 05:43:54 mail.srvfarm.net postfix/smtpd[962181]: warning: 138-97-224-128.llnet.com.br[138.97.224.128]: SASL PLAIN authentication failed: Jun 16 05:43:54 mail.srvfarm.net postfix/smtpd[962181]: lost connection after AUTH from 138-97-224-128.llnet.com.br[138.97.224.128] Jun 16 05:48:54 mail.srvfarm.net postfix/smtps/smtpd[959463]: warning: 138-97-224-128.llnet.com.br[138.97.224.128]: SASL PLAIN authentication failed: Jun 16 05:48:54 mail.srvfarm.net postfix/smtps/smtpd[959463]: lost connection after AUTH from 138-97-224-128.llnet.com.br[138.97.224.128]	2020-06-16 15:24:49
138.97.224.210	attackbots	1591907922 - 06/12/2020 03:38:42 Host: 138-97-224-210.llnet.com.br/138.97.224.210 Port: 8080 TCP Blocked ...	2020-06-12 05:54:03
138.97.224.89	attack	1581719092 - 02/15/2020 05:24:52 Host: 138-97-224-89.llnet.com.br/138.97.224.89 Port: 23 TCP Blocked ...	2020-02-15 07:40:48
138.97.224.9	attackspambots	web Attack on Website at 2020-01-02.	2020-01-03 02:46:39
138.97.224.80	attackbotsspam	Unauthorized connection attempt detected from IP address 138.97.224.80 to port 23	2019-12-31 19:00:27
138.97.224.84	attackbotsspam	DATE:2019-12-11 05:54:17, IP:138.97.224.84, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2019-12-11 14:09:07
138.97.224.162	attackbotsspam	8080/tcp [2019-08-02]1pkt	2019-08-03 10:22:45
138.97.224.128	attack	Excessive failed login attempts on port 25	2019-07-30 03:50:35
138.97.224.220	attackspam	SMTP-sasl brute force ...	2019-07-29 09:36:48
138.97.224.212	attackspambots	Brute force attempt	2019-07-18 06:48:05

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.97.224.160
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 49049
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.97.224.160.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019062801 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Jun 29 03:57:30 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 160.224.97.138.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 160.224.97.138.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
132.248.88.74	attack	Nov 11 22:46:34 eddieflores sshd\[10536\]: Invalid user hooker from 132.248.88.74 Nov 11 22:46:34 eddieflores sshd\[10536\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.248.88.74 Nov 11 22:46:36 eddieflores sshd\[10536\]: Failed password for invalid user hooker from 132.248.88.74 port 51694 ssh2 Nov 11 22:51:14 eddieflores sshd\[10931\]: Invalid user vsvs from 132.248.88.74 Nov 11 22:51:14 eddieflores sshd\[10931\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.248.88.74	2019-11-12 18:29:22
157.245.1.113	attack	Nov 12 00:43:07 php1 sshd\[16140\]: Invalid user pos from 157.245.1.113 Nov 12 00:43:07 php1 sshd\[16140\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.1.113 Nov 12 00:43:09 php1 sshd\[16140\]: Failed password for invalid user pos from 157.245.1.113 port 47760 ssh2 Nov 12 00:46:27 php1 sshd\[16428\]: Invalid user helem from 157.245.1.113 Nov 12 00:46:27 php1 sshd\[16428\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.1.113	2019-11-12 18:47:47
137.74.199.180	attackspambots	no	2019-11-12 18:15:08
141.255.162.34	attackspambots	Automatic report - XMLRPC Attack	2019-11-12 18:39:16
45.91.150.48	attack	Postfix RBL failed	2019-11-12 18:48:17
40.117.238.50	attackbotsspam	Nov 12 08:30:01 MK-Soft-VM7 sshd[8749]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.117.238.50 Nov 12 08:30:03 MK-Soft-VM7 sshd[8749]: Failed password for invalid user florence from 40.117.238.50 port 40882 ssh2 ...	2019-11-12 18:48:46
112.85.42.237	attackbots	Nov 12 05:07:19 TORMINT sshd\[8297\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.237 user=root Nov 12 05:07:21 TORMINT sshd\[8297\]: Failed password for root from 112.85.42.237 port 12370 ssh2 Nov 12 05:07:22 TORMINT sshd\[8297\]: Failed password for root from 112.85.42.237 port 12370 ssh2 ...	2019-11-12 18:12:54
1.193.160.164	attack	Nov 12 16:57:16 itv-usvr-01 sshd[18249]: Invalid user jq from 1.193.160.164 Nov 12 16:57:16 itv-usvr-01 sshd[18249]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.193.160.164 Nov 12 16:57:16 itv-usvr-01 sshd[18249]: Invalid user jq from 1.193.160.164 Nov 12 16:57:18 itv-usvr-01 sshd[18249]: Failed password for invalid user jq from 1.193.160.164 port 34138 ssh2 Nov 12 17:02:04 itv-usvr-01 sshd[18487]: Invalid user nfs from 1.193.160.164	2019-11-12 18:51:42
223.247.223.39	attack	Nov 12 11:33:28 lnxweb61 sshd[5935]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.247.223.39 Nov 12 11:33:30 lnxweb61 sshd[5935]: Failed password for invalid user kaleigh from 223.247.223.39 port 51040 ssh2 Nov 12 11:37:59 lnxweb61 sshd[10088]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.247.223.39	2019-11-12 18:46:48
170.231.81.165	attack	SSH Brute Force, server-1 sshd[31302]: Failed password for root from 170.231.81.165 port 47369 ssh2	2019-11-12 18:49:14
213.230.96.243	attack	213.230.96.243 - - \[12/Nov/2019:10:34:40 +0100\] "POST /wp-login.php HTTP/1.0" 200 5707 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 213.230.96.243 - - \[12/Nov/2019:10:34:42 +0100\] "POST /wp-login.php HTTP/1.0" 200 5707 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 213.230.96.243 - - \[12/Nov/2019:10:34:43 +0100\] "POST /xmlrpc.php HTTP/1.0" 200 802 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-11-12 18:46:28
108.222.68.232	attackspam	Nov 12 11:14:48 dedicated sshd[28250]: Invalid user ubuntu from 108.222.68.232 port 59082	2019-11-12 18:32:23
222.186.175.220	attack	Nov 12 11:08:25 minden010 sshd[10686]: Failed password for root from 222.186.175.220 port 27846 ssh2 Nov 12 11:08:29 minden010 sshd[10686]: Failed password for root from 222.186.175.220 port 27846 ssh2 Nov 12 11:08:32 minden010 sshd[10686]: Failed password for root from 222.186.175.220 port 27846 ssh2 Nov 12 11:08:36 minden010 sshd[10686]: Failed password for root from 222.186.175.220 port 27846 ssh2 ...	2019-11-12 18:10:19
76.186.81.229	attackbotsspam	Nov 11 22:47:31 wbs sshd\[13545\]: Invalid user alnes from 76.186.81.229 Nov 11 22:47:31 wbs sshd\[13545\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=cpe-76-186-81-229.tx.res.rr.com Nov 11 22:47:33 wbs sshd\[13545\]: Failed password for invalid user alnes from 76.186.81.229 port 54294 ssh2 Nov 11 22:54:02 wbs sshd\[14197\]: Invalid user vcsa from 76.186.81.229 Nov 11 22:54:02 wbs sshd\[14197\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=cpe-76-186-81-229.tx.res.rr.com	2019-11-12 18:18:13
180.250.115.98	attackbots	Nov 12 09:41:48 ncomp sshd[12538]: Invalid user mcadams from 180.250.115.98 Nov 12 09:41:48 ncomp sshd[12538]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.250.115.98 Nov 12 09:41:48 ncomp sshd[12538]: Invalid user mcadams from 180.250.115.98 Nov 12 09:41:50 ncomp sshd[12538]: Failed password for invalid user mcadams from 180.250.115.98 port 36116 ssh2	2019-11-12 18:25:16

Recently Reported IPs

177.184.245.69	212.69.18.4	39.59.26.151	93.79.156.46
114.225.34.114	121.14.17.89	31.132.177.216	183.192.240.211
181.91.90.22	177.180.236.242	122.138.222.30	216.244.66.248
114.38.37.75	85.173.113.6	29.130.121.140	79.113.89.132
108.93.130.67	171.89.252.100	189.90.146.49	46.163.116.130