168.194.13.138

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Brazil

运营商(isp): Flash Net Telecomunicacoes Ltda - ME

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Jan 11 05:50:58 grey postfix/smtpd\[16275\]: NOQUEUE: reject: RCPT from dedicado-wilsonet.flashnetpe.com.br\[168.194.13.138\]: 554 5.7.1 Service unavailable\; Client host \[168.194.13.138\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[168.194.13.138\]\; from=\ to=\ proto=ESMTP helo=\ ...	2020-01-11 17:53:23

类型

评论内容

时间

attackbotsspam

Jan 11 05:50:58 grey postfix/smtpd\[16275\]: NOQUEUE: reject: RCPT from dedicado-wilsonet.flashnetpe.com.br\[168.194.13.138\]: 554 5.7.1 Service unavailable\; Client host \[168.194.13.138\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[168.194.13.138\]\; from=\ to=\ proto=ESMTP helo=\
...

2020-01-11 17:53:23

相同子网IP讨论:

IP	类型	评论内容	时间
168.194.13.4	attackbots	$f2bV_matches	2020-10-05 07:05:57
168.194.13.4	attackspambots	Oct 4 12:55:19 *** sshd[27129]: User root from 168.194.13.4 not allowed because not listed in AllowUsers	2020-10-04 23:15:24
168.194.13.4	attackbotsspam	Bruteforce detected by fail2ban	2020-10-04 14:59:49
168.194.13.4	attackbots	Invalid user zq from 168.194.13.4 port 43848	2020-09-30 03:20:18
168.194.13.4	attack	Invalid user zq from 168.194.13.4 port 43848	2020-09-29 19:24:34
168.194.13.4	attack	Sep 17 12:25:59 ws12vmsma01 sshd[56776]: Failed password for root from 168.194.13.4 port 35424 ssh2 Sep 17 12:30:32 ws12vmsma01 sshd[57571]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.194.13.4 user=root Sep 17 12:30:34 ws12vmsma01 sshd[57571]: Failed password for root from 168.194.13.4 port 45572 ssh2 ...	2020-09-18 00:05:09
168.194.13.4	attackspam	2020-09-17T06:35:28.618798abusebot-6.cloudsearch.cf sshd[15535]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.194.13.4 user=root 2020-09-17T06:35:30.987345abusebot-6.cloudsearch.cf sshd[15535]: Failed password for root from 168.194.13.4 port 39124 ssh2 2020-09-17T06:39:53.148103abusebot-6.cloudsearch.cf sshd[15542]: Invalid user campbell from 168.194.13.4 port 50142 2020-09-17T06:39:53.153940abusebot-6.cloudsearch.cf sshd[15542]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.194.13.4 2020-09-17T06:39:53.148103abusebot-6.cloudsearch.cf sshd[15542]: Invalid user campbell from 168.194.13.4 port 50142 2020-09-17T06:39:55.236297abusebot-6.cloudsearch.cf sshd[15542]: Failed password for invalid user campbell from 168.194.13.4 port 50142 ssh2 2020-09-17T06:44:24.136880abusebot-6.cloudsearch.cf sshd[15552]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.194 ...	2020-09-17 16:08:13
168.194.13.4	attackspam	2020-09-16T23:00:16.821278dmca.cloudsearch.cf sshd[14640]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.194.13.4 user=root 2020-09-16T23:00:19.062437dmca.cloudsearch.cf sshd[14640]: Failed password for root from 168.194.13.4 port 50470 ssh2 2020-09-16T23:04:42.603600dmca.cloudsearch.cf sshd[14722]: Invalid user http from 168.194.13.4 port 34972 2020-09-16T23:04:42.609190dmca.cloudsearch.cf sshd[14722]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.194.13.4 2020-09-16T23:04:42.603600dmca.cloudsearch.cf sshd[14722]: Invalid user http from 168.194.13.4 port 34972 2020-09-16T23:04:44.699889dmca.cloudsearch.cf sshd[14722]: Failed password for invalid user http from 168.194.13.4 port 34972 ssh2 2020-09-16T23:09:03.502059dmca.cloudsearch.cf sshd[14874]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.194.13.4 user=root 2020-09-16T23:09:05.422338dmca.clouds ...	2020-09-17 07:14:27
168.194.13.4	attack	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-09-13T14:26:22Z and 2020-09-13T14:35:55Z	2020-09-14 00:04:10
168.194.13.4	attackspambots	Sep 13 09:27:13 [host] sshd[30472]: pam_unix(sshd: Sep 13 09:27:15 [host] sshd[30472]: Failed passwor Sep 13 09:29:56 [host] sshd[30604]: pam_unix(sshd: Sep 13 09:29:57 [host] sshd[30604]: Failed passwor	2020-09-13 15:54:59
168.194.13.4	attack	Triggered by Fail2Ban at Ares web server	2020-09-13 07:39:23
168.194.13.4	attackbotsspam	Sep 8 14:03:51 [host] sshd[3679]: Invalid user sc Sep 8 14:03:51 [host] sshd[3679]: pam_unix(sshd:a Sep 8 14:03:53 [host] sshd[3679]: Failed password	2020-09-08 20:30:59
168.194.13.4	attack	Sep 8 01:06:57 hosting sshd[1776]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.194.13.4 user=root Sep 8 01:06:58 hosting sshd[1776]: Failed password for root from 168.194.13.4 port 41616 ssh2 ...	2020-09-08 12:25:14
168.194.13.4	attack	Sep 7 23:44:09 hosting sshd[25818]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.194.13.4 user=root Sep 7 23:44:11 hosting sshd[25818]: Failed password for root from 168.194.13.4 port 42054 ssh2 ...	2020-09-08 05:02:08
168.194.13.4	attack	Invalid user cherry from 168.194.13.4 port 54596	2020-09-04 22:56:56

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 168.194.13.138
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 16291
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;168.194.13.138.			IN	A

;; AUTHORITY SECTION:
.			388	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020011002 1800 900 604800 86400

;; Query time: 117 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jan 11 17:53:19 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

138.13.194.168.in-addr.arpa domain name pointer dedicado-wilsonet.flashnetpe.com.br.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
138.13.194.168.in-addr.arpa	name = dedicado-wilsonet.flashnetpe.com.br.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
139.99.144.191	attack	Jun 24 21:43:04 proxmox sshd[14693]: Invalid user niang from 139.99.144.191 port 46808 Jun 24 21:43:04 proxmox sshd[14693]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.144.191 Jun 24 21:43:05 proxmox sshd[14693]: Failed password for invalid user niang from 139.99.144.191 port 46808 ssh2 Jun 24 21:43:05 proxmox sshd[14693]: Received disconnect from 139.99.144.191 port 46808:11: Bye Bye [preauth] Jun 24 21:43:05 proxmox sshd[14693]: Disconnected from 139.99.144.191 port 46808 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=139.99.144.191	2019-06-27 16:55:01
113.108.140.114	attackspambots	Jun 26 22:47:00 gcems sshd\[5965\]: Invalid user vboxuser from 113.108.140.114 port 14848 Jun 26 22:47:00 gcems sshd\[5965\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.108.140.114 Jun 26 22:47:02 gcems sshd\[5965\]: Failed password for invalid user vboxuser from 113.108.140.114 port 14848 ssh2 Jun 26 22:48:36 gcems sshd\[5998\]: Invalid user dl from 113.108.140.114 port 33760 Jun 26 22:48:36 gcems sshd\[5998\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.108.140.114 ...	2019-06-27 16:54:34
54.39.98.253	attack	Jun 27 09:16:35 meumeu sshd[22654]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.98.253 Jun 27 09:16:37 meumeu sshd[22654]: Failed password for invalid user test from 54.39.98.253 port 46636 ssh2 Jun 27 09:19:43 meumeu sshd[22958]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.98.253 ...	2019-06-27 16:52:27
5.188.86.114	attackbots	Jun 27 07:42:14 TCP Attack: SRC=5.188.86.114 DST=[Masked] LEN=40 TOS=0x00 PREC=0x00 TTL=247 PROTO=TCP SPT=44840 DPT=2567 WINDOW=1024 RES=0x00 SYN URGP=0	2019-06-27 16:40:14
107.170.203.238	attack	16203/tcp 5631/tcp 1028/tcp... [2019-04-27/06-27]50pkt,40pt.(tcp),5pt.(udp)	2019-06-27 16:17:58
5.133.66.165	attackbotsspam	Postfix RBL failed	2019-06-27 16:56:34
107.170.239.109	attack	[portscan] tcp/110 [POP3] *(RWIN=65535)(06271037)	2019-06-27 16:16:39
193.32.161.19	attackspambots	27.06.2019 04:17:38 Connection to port 33893 blocked by firewall	2019-06-27 15:57:10
71.6.232.5	attack	$f2bV_matches	2019-06-27 16:32:38
88.214.26.102	attack	27.06.2019 07:20:18 Connection to port 1510 blocked by firewall	2019-06-27 16:24:47
185.244.25.106	attackspam	23/tcp 3702/udp... [2019-06-17/27]4pkt,1pt.(tcp),1pt.(udp)	2019-06-27 16:53:35
185.176.27.42	attackspambots	27.06.2019 07:52:33 Connection to port 2528 blocked by firewall	2019-06-27 16:02:37
81.22.45.149	attack	[MultiHost/MultiPort scan (8)] tcp/100, tcp/123, tcp/20, tcp/30, tcp/40, tcp/50, tcp/60, tcp/70 [scan/connect: 11 time(s)] *(RWIN=1024)(06271037)	2019-06-27 16:28:20
125.77.30.162	attack	firewall-block, port(s): 60001/tcp	2019-06-27 16:12:51
125.64.94.212	attackbots	27.06.2019 08:04:38 Connection to port 18086 blocked by firewall	2019-06-27 16:13:29

最近上报的IP列表

192.169.245.157	188.55.236.6	175.180.247.199	171.239.236.246
171.79.38.183	137.74.195.183	81.250.133.222	19.196.16.97
114.239.46.197	111.40.174.147	91.239.154.124	211.75.169.168
45.140.207.177	45.140.205.220	2a00:1158:2:6d00::2	159.203.96.51
54.91.14.232	79.154.170.211	106.200.60.90	176.32.230.13