185.164.138.21

Basic Info

City: unknown

Region: unknown

Country: United Kingdom of Great Britain and Northern Ireland

Internet Service Provider: Clouvider Limited

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	2020-09-14T15:48:35.960691hostname sshd[67060]: Invalid user testftp from 185.164.138.21 port 58432 ...	2020-09-15 00:19:54
attackbots	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-09-14T07:14:40Z and 2020-09-14T07:23:59Z	2020-09-14 16:05:54
attack	SSH / Telnet Brute Force Attempts on Honeypot	2020-09-14 07:58:19
attackspambots	SSH authentication failure x 6 reported by Fail2Ban ...	2020-08-19 05:46:32
attackspambots	Connection to SSH Honeypot - Detected by HoneypotDB	2020-08-16 08:12:04
attack	Automatic report BANNED IP	2020-07-27 03:47:55
attack	Exploited Host.	2020-07-26 01:15:34
attack	$f2bV_matches	2020-07-25 06:12:33
attack	Invalid user mingo from 185.164.138.21 port 42096	2020-07-20 05:37:40
attack	Invalid user mongo from 185.164.138.21 port 56562	2020-07-14 20:56:32
attackbots	Jul 12 22:12:47 vserver sshd\[15838\]: Invalid user cheng from 185.164.138.21Jul 12 22:12:49 vserver sshd\[15838\]: Failed password for invalid user cheng from 185.164.138.21 port 53636 ssh2Jul 12 22:16:48 vserver sshd\[15890\]: Invalid user support from 185.164.138.21Jul 12 22:16:50 vserver sshd\[15890\]: Failed password for invalid user support from 185.164.138.21 port 50634 ssh2 ...	2020-07-13 05:00:49
attackspambots	Auto Fail2Ban report, multiple SSH login attempts.	2020-07-08 16:23:32
attackspam	$f2bV_matches	2020-07-08 08:12:36
attackspam	Jun 19 07:03:09 scw-tender-jepsen sshd[25545]: Failed password for root from 185.164.138.21 port 33636 ssh2 Jun 19 07:19:17 scw-tender-jepsen sshd[25890]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.164.138.21	2020-06-19 19:29:45
attack	ssh brute force	2020-05-29 13:19:28
attackspam	DATE:2020-05-21 21:03:18, IP:185.164.138.21, PORT:ssh SSH brute force auth (docker-dc)	2020-05-22 04:24:48
attackspam	Invalid user uftp from 185.164.138.21 port 55314	2020-05-11 16:28:59
attackspam	SASL PLAIN auth failed: ruser=...	2020-05-07 06:29:54
attackbots	<6 unauthorized SSH connections	2020-05-04 18:50:32
attackbotsspam	SSH Brute Force	2020-05-03 05:30:12
attackspam	Apr 27 05:56:32 plex sshd[17573]: Failed password for root from 185.164.138.21 port 60456 ssh2 Apr 27 05:59:36 plex sshd[17642]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.164.138.21 user=root Apr 27 05:59:39 plex sshd[17642]: Failed password for root from 185.164.138.21 port 51454 ssh2 Apr 27 05:59:36 plex sshd[17642]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.164.138.21 user=root Apr 27 05:59:39 plex sshd[17642]: Failed password for root from 185.164.138.21 port 51454 ssh2	2020-04-27 12:28:11
attackspam	Invalid user postgres from 185.164.138.21 port 49018	2020-04-24 05:38:16
attackbotsspam	Apr 15 21:58:18 ip-172-31-61-156 sshd[25915]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.164.138.21 Apr 15 21:58:18 ip-172-31-61-156 sshd[25915]: Invalid user vnc from 185.164.138.21 Apr 15 21:58:20 ip-172-31-61-156 sshd[25915]: Failed password for invalid user vnc from 185.164.138.21 port 33536 ssh2 Apr 15 22:02:27 ip-172-31-61-156 sshd[26065]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.164.138.21 user=ubuntu Apr 15 22:02:30 ip-172-31-61-156 sshd[26065]: Failed password for ubuntu from 185.164.138.21 port 34452 ssh2 ...	2020-04-16 06:26:58
attack	Automatic report - SSH Brute-Force Attack	2020-04-04 22:20:39
attackspambots	Mar 23 13:45:25 roki sshd[22030]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.164.138.21 user=nobody Mar 23 13:45:27 roki sshd[22030]: Failed password for nobody from 185.164.138.21 port 44718 ssh2 Mar 23 13:53:11 roki sshd[22612]: Invalid user mhlee from 185.164.138.21 Mar 23 13:53:11 roki sshd[22612]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.164.138.21 Mar 23 13:53:14 roki sshd[22612]: Failed password for invalid user mhlee from 185.164.138.21 port 37306 ssh2 ...	2020-03-23 22:01:27
attackbotsspam	Mar 20 15:39:20 haigwepa sshd[7581]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.164.138.21 Mar 20 15:39:22 haigwepa sshd[7581]: Failed password for invalid user zacharia from 185.164.138.21 port 53362 ssh2 ...	2020-03-21 05:17:32
attack	Mar 7 23:41:53 MK-Soft-VM3 sshd[1402]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.164.138.21 Mar 7 23:41:55 MK-Soft-VM3 sshd[1402]: Failed password for invalid user user from 185.164.138.21 port 34838 ssh2 ...	2020-03-08 07:40:51

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 185.164.138.21
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 12219
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;185.164.138.21.			IN	A

;; AUTHORITY SECTION:
.			162	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020030600 1800 900 604800 86400

;; Query time: 106 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Mar 06 23:43:20 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 21.138.164.185.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 21.138.164.185.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
94.253.50.214	attack	Automatic report - Port Scan Attack	2019-09-12 04:41:31
85.45.113.239	attackbotsspam	port scan and connect, tcp 23 (telnet)	2019-09-12 04:25:38
149.56.96.78	attackspam	Sep 11 10:14:36 hcbb sshd\[25808\]: Invalid user postgres from 149.56.96.78 Sep 11 10:14:36 hcbb sshd\[25808\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=78.ip-149-56-96.net Sep 11 10:14:39 hcbb sshd\[25808\]: Failed password for invalid user postgres from 149.56.96.78 port 23562 ssh2 Sep 11 10:20:11 hcbb sshd\[26292\]: Invalid user redmine from 149.56.96.78 Sep 11 10:20:11 hcbb sshd\[26292\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=78.ip-149-56-96.net	2019-09-12 04:26:24
173.248.242.25	attackbots	Sep 11 16:19:44 ny01 sshd[11400]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=173.248.242.25 Sep 11 16:19:46 ny01 sshd[11400]: Failed password for invalid user teamspeak from 173.248.242.25 port 41100 ssh2 Sep 11 16:28:51 ny01 sshd[13512]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=173.248.242.25	2019-09-12 04:55:16
218.98.26.175	attackspam	Sep 11 21:51:31 MainVPS sshd[26282]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.98.26.175 user=root Sep 11 21:51:33 MainVPS sshd[26282]: Failed password for root from 218.98.26.175 port 39599 ssh2 Sep 11 21:51:41 MainVPS sshd[26295]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.98.26.175 user=root Sep 11 21:51:44 MainVPS sshd[26295]: Failed password for root from 218.98.26.175 port 61831 ssh2 Sep 11 21:51:51 MainVPS sshd[26308]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.98.26.175 user=root Sep 11 21:51:53 MainVPS sshd[26308]: Failed password for root from 218.98.26.175 port 36246 ssh2 ...	2019-09-12 04:15:50
118.122.94.151	attackspam	Brute force attempt	2019-09-12 04:51:36
202.51.74.173	attack	Sep 12 01:52:07 itv-usvr-01 sshd[20954]: Invalid user postgres from 202.51.74.173 Sep 12 01:52:07 itv-usvr-01 sshd[20954]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.51.74.173 Sep 12 01:52:07 itv-usvr-01 sshd[20954]: Invalid user postgres from 202.51.74.173 Sep 12 01:52:09 itv-usvr-01 sshd[20954]: Failed password for invalid user postgres from 202.51.74.173 port 44512 ssh2 Sep 12 01:58:38 itv-usvr-01 sshd[21175]: Invalid user 233 from 202.51.74.173	2019-09-12 04:12:30
177.141.124.120	attack	postfix	2019-09-12 04:13:49
137.74.109.231	attackspambots	137.74.109.231 - - \[11/Sep/2019:20:57:39 +0200\] "POST /wp-login.php HTTP/1.1" 200 2111 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 137.74.109.231 - - \[11/Sep/2019:20:57:39 +0200\] "POST /wp-login.php HTTP/1.1" 200 2092 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" ...	2019-09-12 04:55:43
203.110.90.195	attackbots	ssh intrusion attempt	2019-09-12 04:31:48
222.186.42.94	attackspam	Sep 11 22:37:50 fr01 sshd[28478]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.94 user=root Sep 11 22:37:52 fr01 sshd[28478]: Failed password for root from 222.186.42.94 port 26798 ssh2 ...	2019-09-12 04:39:13
202.29.57.103	attack	09/11/2019-14:58:11.536691 202.29.57.103 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-09-12 04:31:04
42.99.180.135	attackspambots	Sep 11 16:11:24 plusreed sshd[29028]: Invalid user guest from 42.99.180.135 ...	2019-09-12 04:26:07
129.204.154.133	attack	Sep 11 21:58:07 rpi sshd[5493]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.154.133 Sep 11 21:58:09 rpi sshd[5493]: Failed password for invalid user sysadmin from 129.204.154.133 port 54598 ssh2	2019-09-12 04:11:50
103.39.133.110	attack	Sep 11 22:09:20 eventyay sshd[11139]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.39.133.110 Sep 11 22:09:22 eventyay sshd[11139]: Failed password for invalid user nagios from 103.39.133.110 port 40156 ssh2 Sep 11 22:15:45 eventyay sshd[11299]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.39.133.110 ...	2019-09-12 04:34:09

Recently Reported IPs

77.42.115.137	103.37.201.168	179.229.67.19	123.55.84.140
36.74.201.155	201.236.144.114	89.219.13.99	37.228.116.85
183.152.65.123	128.199.37.21	123.148.245.211	14.178.93.138
181.169.237.59	157.51.176.15	212.42.103.126	201.209.126.236
171.234.236.202	113.172.228.76	60.189.135.25	14.162.212.5