64.225.21.138 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Mar 7 06:19:21 haigwepa sshd[32108]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=64.225.21.138 Mar 7 06:19:23 haigwepa sshd[32108]: Failed password for invalid user rtest from 64.225.21.138 port 43234 ssh2 ...	2020-03-07 18:11:19

Type

Details

Datetime

attack

Mar  7 06:19:21 haigwepa sshd[32108]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=64.225.21.138 
Mar  7 06:19:23 haigwepa sshd[32108]: Failed password for invalid user rtest from 64.225.21.138 port 43234 ssh2
...

2020-03-07 18:11:19

Comments on same subnet:

IP	Type	Details	Datetime
64.225.21.19	attack	Bot disrespecting robots.txt (0x363346-K44-XrGo5CdnXN3hxb@-20hX4QAAAQk)	2020-05-06 03:12:40
64.225.21.179	attackbotsspam	20 attempts against mh-ssh on echoip	2020-03-08 01:19:58
64.225.21.179	attackbots	Mar 7 05:30:20 toyboy sshd[11933]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=64.225.21.179 user=r.r Mar 7 05:30:22 toyboy sshd[11933]: Failed password for r.r from 64.225.21.179 port 60996 ssh2 Mar 7 05:30:22 toyboy sshd[11933]: Received disconnect from 64.225.21.179: 11: Bye Bye [preauth] Mar 7 05:44:16 toyboy sshd[12896]: Invalid user 321456 from 64.225.21.179 Mar 7 05:44:16 toyboy sshd[12896]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=64.225.21.179 Mar 7 05:44:18 toyboy sshd[12896]: Failed password for invalid user 321456 from 64.225.21.179 port 49820 ssh2 Mar 7 05:44:19 toyboy sshd[12896]: Received disconnect from 64.225.21.179: 11: Bye Bye [preauth] Mar 7 05:48:47 toyboy sshd[13246]: Invalid user artica from 64.225.21.179 Mar 7 05:48:47 toyboy sshd[13246]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=64.225.21.179 Mar 7 0........ -------------------------------	2020-03-07 16:38:28
64.225.21.125	attackspambots	Feb 3 22:00:30 rama sshd[122403]: reveeclipse mapping checking getaddrinfo for 888737475domnag.com [64.225.21.125] failed - POSSIBLE BREAK-IN ATTEMPT! Feb 3 22:00:30 rama sshd[122403]: Invalid user ff from 64.225.21.125 Feb 3 22:00:30 rama sshd[122403]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=64.225.21.125 Feb 3 22:00:32 rama sshd[122403]: Failed password for invalid user ff from 64.225.21.125 port 51066 ssh2 Feb 3 22:00:32 rama sshd[122403]: Received disconnect from 64.225.21.125: 11: Bye Bye [preauth] Feb 3 22:13:35 rama sshd[125812]: reveeclipse mapping checking getaddrinfo for 888737475domnag.com [64.225.21.125] failed - POSSIBLE BREAK-IN ATTEMPT! Feb 3 22:13:35 rama sshd[125812]: Invalid user asterick from 64.225.21.125 Feb 3 22:13:35 rama sshd[125812]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=64.225.21.125 Feb 3 22:13:36 rama sshd[125812]: Failed password for ........ -------------------------------	2020-02-04 08:45:54

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 64.225.21.138
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 27419
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;64.225.21.138.			IN	A

;; AUTHORITY SECTION:
.			440	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020030700 1800 900 604800 86400

;; Query time: 182 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Mar 07 18:11:11 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 138.21.225.64.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 138.21.225.64.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
177.87.201.206	attackspambots	Aug 16 05:25:35 mail.srvfarm.net postfix/smtps/smtpd[1890605]: warning: unknown[177.87.201.206]: SASL PLAIN authentication failed: Aug 16 05:25:36 mail.srvfarm.net postfix/smtps/smtpd[1890605]: lost connection after AUTH from unknown[177.87.201.206] Aug 16 05:30:42 mail.srvfarm.net postfix/smtps/smtpd[1888818]: warning: unknown[177.87.201.206]: SASL PLAIN authentication failed: Aug 16 05:30:42 mail.srvfarm.net postfix/smtps/smtpd[1888818]: lost connection after AUTH from unknown[177.87.201.206] Aug 16 05:35:09 mail.srvfarm.net postfix/smtps/smtpd[1888819]: warning: unknown[177.87.201.206]: SASL PLAIN authentication failed:	2020-08-16 12:59:18
177.21.213.138	attackbots	Aug 16 05:24:11 mail.srvfarm.net postfix/smtpd[1888503]: warning: unknown[177.21.213.138]: SASL PLAIN authentication failed: Aug 16 05:24:11 mail.srvfarm.net postfix/smtpd[1888503]: lost connection after AUTH from unknown[177.21.213.138] Aug 16 05:25:05 mail.srvfarm.net postfix/smtps/smtpd[1890437]: warning: unknown[177.21.213.138]: SASL PLAIN authentication failed: Aug 16 05:25:05 mail.srvfarm.net postfix/smtps/smtpd[1890437]: lost connection after AUTH from unknown[177.21.213.138] Aug 16 05:25:23 mail.srvfarm.net postfix/smtpd[1875198]: warning: unknown[177.21.213.138]: SASL PLAIN authentication failed:	2020-08-16 13:00:58
177.85.23.179	attack	Aug 16 05:42:46 mail.srvfarm.net postfix/smtpd[1906902]: warning: 179-23-85-177.netvale.psi.br[177.85.23.179]: SASL PLAIN authentication failed: Aug 16 05:42:46 mail.srvfarm.net postfix/smtpd[1906902]: lost connection after AUTH from 179-23-85-177.netvale.psi.br[177.85.23.179] Aug 16 05:45:06 mail.srvfarm.net postfix/smtpd[1907846]: warning: 179-23-85-177.netvale.psi.br[177.85.23.179]: SASL PLAIN authentication failed: Aug 16 05:45:06 mail.srvfarm.net postfix/smtpd[1907846]: lost connection after AUTH from 179-23-85-177.netvale.psi.br[177.85.23.179] Aug 16 05:49:25 mail.srvfarm.net postfix/smtpd[1910319]: warning: 179-23-85-177.netvale.psi.br[177.85.23.179]: SASL PLAIN authentication failed:	2020-08-16 12:22:52
87.204.167.252	attackbotsspam	Aug 16 05:39:23 mail.srvfarm.net postfix/smtpd[1907805]: warning: unknown[87.204.167.252]: SASL PLAIN authentication failed: Aug 16 05:39:23 mail.srvfarm.net postfix/smtpd[1907805]: lost connection after AUTH from unknown[87.204.167.252] Aug 16 05:44:44 mail.srvfarm.net postfix/smtpd[1908054]: warning: unknown[87.204.167.252]: SASL PLAIN authentication failed: Aug 16 05:44:44 mail.srvfarm.net postfix/smtpd[1908054]: lost connection after AUTH from unknown[87.204.167.252] Aug 16 05:47:05 mail.srvfarm.net postfix/smtps/smtpd[1888391]: warning: unknown[87.204.167.252]: SASL PLAIN authentication failed:	2020-08-16 12:28:01
177.91.182.79	attack	Aug 16 05:19:03 mail.srvfarm.net postfix/smtpd[1887514]: warning: unknown[177.91.182.79]: SASL PLAIN authentication failed: Aug 16 05:19:03 mail.srvfarm.net postfix/smtpd[1887514]: lost connection after AUTH from unknown[177.91.182.79] Aug 16 05:21:48 mail.srvfarm.net postfix/smtps/smtpd[1888391]: warning: unknown[177.91.182.79]: SASL PLAIN authentication failed: Aug 16 05:21:48 mail.srvfarm.net postfix/smtps/smtpd[1888391]: lost connection after AUTH from unknown[177.91.182.79] Aug 16 05:22:07 mail.srvfarm.net postfix/smtpd[1879275]: warning: unknown[177.91.182.79]: SASL PLAIN authentication failed:	2020-08-16 12:58:50
45.227.98.228	attackbots	Aug 16 05:36:14 mail.srvfarm.net postfix/smtps/smtpd[1888763]: warning: unknown[45.227.98.228]: SASL PLAIN authentication failed: Aug 16 05:36:14 mail.srvfarm.net postfix/smtps/smtpd[1888763]: lost connection after AUTH from unknown[45.227.98.228] Aug 16 05:42:40 mail.srvfarm.net postfix/smtpd[1907846]: warning: unknown[45.227.98.228]: SASL PLAIN authentication failed: Aug 16 05:42:40 mail.srvfarm.net postfix/smtpd[1907846]: lost connection after AUTH from unknown[45.227.98.228] Aug 16 05:43:43 mail.srvfarm.net postfix/smtps/smtpd[1888391]: warning: unknown[45.227.98.228]: SASL PLAIN authentication failed:	2020-08-16 12:32:01
121.201.74.154	attackbots	Aug 16 07:25:52 journals sshd\[60375\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.201.74.154 user=root Aug 16 07:25:54 journals sshd\[60375\]: Failed password for root from 121.201.74.154 port 48108 ssh2 Aug 16 07:29:00 journals sshd\[60681\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.201.74.154 user=root Aug 16 07:29:02 journals sshd\[60681\]: Failed password for root from 121.201.74.154 port 53294 ssh2 Aug 16 07:32:01 journals sshd\[60899\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.201.74.154 user=root ...	2020-08-16 12:46:00
189.91.3.137	attack	Aug 16 05:16:41 mail.srvfarm.net postfix/smtpd[1888509]: warning: unknown[189.91.3.137]: SASL PLAIN authentication failed: Aug 16 05:16:42 mail.srvfarm.net postfix/smtpd[1888509]: lost connection after AUTH from unknown[189.91.3.137] Aug 16 05:17:52 mail.srvfarm.net postfix/smtps/smtpd[1890437]: warning: unknown[189.91.3.137]: SASL PLAIN authentication failed: Aug 16 05:17:52 mail.srvfarm.net postfix/smtps/smtpd[1890437]: lost connection after AUTH from unknown[189.91.3.137] Aug 16 05:22:31 mail.srvfarm.net postfix/smtpd[1875198]: warning: unknown[189.91.3.137]: SASL PLAIN authentication failed:	2020-08-16 12:54:49
101.231.124.6	attack	Aug 16 05:56:39 db sshd[21432]: User root from 101.231.124.6 not allowed because none of user's groups are listed in AllowGroups ...	2020-08-16 12:50:08
193.169.254.103	attack	Hacking	2020-08-16 12:39:01
177.54.251.16	attackbotsspam	Aug 16 05:32:26 mail.srvfarm.net postfix/smtps/smtpd[1888715]: warning: unknown[177.54.251.16]: SASL PLAIN authentication failed: Aug 16 05:32:27 mail.srvfarm.net postfix/smtps/smtpd[1888715]: lost connection after AUTH from unknown[177.54.251.16] Aug 16 05:36:54 mail.srvfarm.net postfix/smtpd[1888511]: warning: unknown[177.54.251.16]: SASL PLAIN authentication failed: Aug 16 05:36:54 mail.srvfarm.net postfix/smtpd[1888511]: lost connection after AUTH from unknown[177.54.251.16] Aug 16 05:37:09 mail.srvfarm.net postfix/smtps/smtpd[1890605]: warning: unknown[177.54.251.16]: SASL PLAIN authentication failed:	2020-08-16 12:41:31
45.172.99.197	attackbots	Aug 16 05:35:57 mail.srvfarm.net postfix/smtps/smtpd[1890438]: warning: unknown[45.172.99.197]: SASL PLAIN authentication failed: Aug 16 05:35:57 mail.srvfarm.net postfix/smtps/smtpd[1890438]: lost connection after AUTH from unknown[45.172.99.197] Aug 16 05:36:46 mail.srvfarm.net postfix/smtps/smtpd[1888763]: warning: unknown[45.172.99.197]: SASL PLAIN authentication failed: Aug 16 05:36:47 mail.srvfarm.net postfix/smtps/smtpd[1888763]: lost connection after AUTH from unknown[45.172.99.197] Aug 16 05:40:15 mail.srvfarm.net postfix/smtps/smtpd[1907644]: warning: unknown[45.172.99.197]: SASL PLAIN authentication failed:	2020-08-16 12:34:00
177.223.64.119	attack	Aug 16 05:27:35 mail.srvfarm.net postfix/smtps/smtpd[1888391]: warning: unknown[177.223.64.119]: SASL PLAIN authentication failed: Aug 16 05:27:36 mail.srvfarm.net postfix/smtps/smtpd[1888391]: lost connection after AUTH from unknown[177.223.64.119] Aug 16 05:30:41 mail.srvfarm.net postfix/smtpd[1887708]: warning: unknown[177.223.64.119]: SASL PLAIN authentication failed: Aug 16 05:30:41 mail.srvfarm.net postfix/smtpd[1887708]: lost connection after AUTH from unknown[177.223.64.119] Aug 16 05:35:26 mail.srvfarm.net postfix/smtps/smtpd[1890600]: warning: unknown[177.223.64.119]: SASL PLAIN authentication failed:	2020-08-16 12:58:27
45.176.213.192	attackbots	Aug 16 05:33:04 mail.srvfarm.net postfix/smtps/smtpd[1906553]: warning: unknown[45.176.213.192]: SASL PLAIN authentication failed: Aug 16 05:33:05 mail.srvfarm.net postfix/smtps/smtpd[1906553]: lost connection after AUTH from unknown[45.176.213.192] Aug 16 05:34:41 mail.srvfarm.net postfix/smtpd[1887487]: warning: unknown[45.176.213.192]: SASL PLAIN authentication failed: Aug 16 05:34:41 mail.srvfarm.net postfix/smtpd[1887487]: lost connection after AUTH from unknown[45.176.213.192] Aug 16 05:37:56 mail.srvfarm.net postfix/smtps/smtpd[1888391]: warning: unknown[45.176.213.192]: SASL PLAIN authentication failed:	2020-08-16 12:43:30
212.70.149.19	attack	Aug 16 06:44:09 srv01 postfix/smtpd\[25060\]: warning: unknown\[212.70.149.19\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 16 06:44:16 srv01 postfix/smtpd\[25109\]: warning: unknown\[212.70.149.19\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 16 06:44:18 srv01 postfix/smtpd\[19261\]: warning: unknown\[212.70.149.19\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 16 06:44:23 srv01 postfix/smtpd\[25282\]: warning: unknown\[212.70.149.19\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 16 06:44:39 srv01 postfix/smtpd\[25109\]: warning: unknown\[212.70.149.19\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-08-16 12:52:41

Recently Reported IPs

99.121.198.180	36.25.72.183	171.236.246.222	155.4.200.17
45.146.203.95	182.28.192.30	128.201.204.65	103.226.185.250
93.125.49.90	59.115.69.154	184.186.203.226	21.96.156.250
180.76.181.47	179.111.172.25	182.101.172.196	120.112.77.90
42.116.167.172	56.69.32.68	115.45.138.165	179.7.157.77