168.194.13.138

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Brazil

运营商(isp): Flash Net Telecomunicacoes Ltda - ME

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Jan 11 05:50:58 grey postfix/smtpd\[16275\]: NOQUEUE: reject: RCPT from dedicado-wilsonet.flashnetpe.com.br\[168.194.13.138\]: 554 5.7.1 Service unavailable\; Client host \[168.194.13.138\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[168.194.13.138\]\; from=\ to=\ proto=ESMTP helo=\ ...	2020-01-11 17:53:23

类型

评论内容

时间

attackbotsspam

Jan 11 05:50:58 grey postfix/smtpd\[16275\]: NOQUEUE: reject: RCPT from dedicado-wilsonet.flashnetpe.com.br\[168.194.13.138\]: 554 5.7.1 Service unavailable\; Client host \[168.194.13.138\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[168.194.13.138\]\; from=\ to=\ proto=ESMTP helo=\
...

2020-01-11 17:53:23

相同子网IP讨论:

IP	类型	评论内容	时间
168.194.13.4	attackbots	$f2bV_matches	2020-10-05 07:05:57
168.194.13.4	attackspambots	Oct 4 12:55:19 *** sshd[27129]: User root from 168.194.13.4 not allowed because not listed in AllowUsers	2020-10-04 23:15:24
168.194.13.4	attackbotsspam	Bruteforce detected by fail2ban	2020-10-04 14:59:49
168.194.13.4	attackbots	Invalid user zq from 168.194.13.4 port 43848	2020-09-30 03:20:18
168.194.13.4	attack	Invalid user zq from 168.194.13.4 port 43848	2020-09-29 19:24:34
168.194.13.4	attack	Sep 17 12:25:59 ws12vmsma01 sshd[56776]: Failed password for root from 168.194.13.4 port 35424 ssh2 Sep 17 12:30:32 ws12vmsma01 sshd[57571]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.194.13.4 user=root Sep 17 12:30:34 ws12vmsma01 sshd[57571]: Failed password for root from 168.194.13.4 port 45572 ssh2 ...	2020-09-18 00:05:09
168.194.13.4	attackspam	2020-09-17T06:35:28.618798abusebot-6.cloudsearch.cf sshd[15535]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.194.13.4 user=root 2020-09-17T06:35:30.987345abusebot-6.cloudsearch.cf sshd[15535]: Failed password for root from 168.194.13.4 port 39124 ssh2 2020-09-17T06:39:53.148103abusebot-6.cloudsearch.cf sshd[15542]: Invalid user campbell from 168.194.13.4 port 50142 2020-09-17T06:39:53.153940abusebot-6.cloudsearch.cf sshd[15542]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.194.13.4 2020-09-17T06:39:53.148103abusebot-6.cloudsearch.cf sshd[15542]: Invalid user campbell from 168.194.13.4 port 50142 2020-09-17T06:39:55.236297abusebot-6.cloudsearch.cf sshd[15542]: Failed password for invalid user campbell from 168.194.13.4 port 50142 ssh2 2020-09-17T06:44:24.136880abusebot-6.cloudsearch.cf sshd[15552]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.194 ...	2020-09-17 16:08:13
168.194.13.4	attackspam	2020-09-16T23:00:16.821278dmca.cloudsearch.cf sshd[14640]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.194.13.4 user=root 2020-09-16T23:00:19.062437dmca.cloudsearch.cf sshd[14640]: Failed password for root from 168.194.13.4 port 50470 ssh2 2020-09-16T23:04:42.603600dmca.cloudsearch.cf sshd[14722]: Invalid user http from 168.194.13.4 port 34972 2020-09-16T23:04:42.609190dmca.cloudsearch.cf sshd[14722]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.194.13.4 2020-09-16T23:04:42.603600dmca.cloudsearch.cf sshd[14722]: Invalid user http from 168.194.13.4 port 34972 2020-09-16T23:04:44.699889dmca.cloudsearch.cf sshd[14722]: Failed password for invalid user http from 168.194.13.4 port 34972 ssh2 2020-09-16T23:09:03.502059dmca.cloudsearch.cf sshd[14874]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.194.13.4 user=root 2020-09-16T23:09:05.422338dmca.clouds ...	2020-09-17 07:14:27
168.194.13.4	attack	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-09-13T14:26:22Z and 2020-09-13T14:35:55Z	2020-09-14 00:04:10
168.194.13.4	attackspambots	Sep 13 09:27:13 [host] sshd[30472]: pam_unix(sshd: Sep 13 09:27:15 [host] sshd[30472]: Failed passwor Sep 13 09:29:56 [host] sshd[30604]: pam_unix(sshd: Sep 13 09:29:57 [host] sshd[30604]: Failed passwor	2020-09-13 15:54:59
168.194.13.4	attack	Triggered by Fail2Ban at Ares web server	2020-09-13 07:39:23
168.194.13.4	attackbotsspam	Sep 8 14:03:51 [host] sshd[3679]: Invalid user sc Sep 8 14:03:51 [host] sshd[3679]: pam_unix(sshd:a Sep 8 14:03:53 [host] sshd[3679]: Failed password	2020-09-08 20:30:59
168.194.13.4	attack	Sep 8 01:06:57 hosting sshd[1776]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.194.13.4 user=root Sep 8 01:06:58 hosting sshd[1776]: Failed password for root from 168.194.13.4 port 41616 ssh2 ...	2020-09-08 12:25:14
168.194.13.4	attack	Sep 7 23:44:09 hosting sshd[25818]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.194.13.4 user=root Sep 7 23:44:11 hosting sshd[25818]: Failed password for root from 168.194.13.4 port 42054 ssh2 ...	2020-09-08 05:02:08
168.194.13.4	attack	Invalid user cherry from 168.194.13.4 port 54596	2020-09-04 22:56:56

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 168.194.13.138
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 16291
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;168.194.13.138.			IN	A

;; AUTHORITY SECTION:
.			388	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020011002 1800 900 604800 86400

;; Query time: 117 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jan 11 17:53:19 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

138.13.194.168.in-addr.arpa domain name pointer dedicado-wilsonet.flashnetpe.com.br.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
138.13.194.168.in-addr.arpa	name = dedicado-wilsonet.flashnetpe.com.br.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
79.126.115.240	attackbotsspam	1587660132 - 04/23/2020 18:42:12 Host: 79.126.115.240/79.126.115.240 Port: 445 TCP Blocked	2020-04-24 04:46:04
185.156.73.54	attack	Apr 23 22:35:05 debian-2gb-nbg1-2 kernel: \[9933053.154480\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=185.156.73.54 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=59686 PROTO=TCP SPT=57510 DPT=1208 WINDOW=1024 RES=0x00 SYN URGP=0	2020-04-24 04:45:19
187.109.10.100	attackbots	Apr 23 20:40:20 marvibiene sshd[9268]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.109.10.100 user=root Apr 23 20:40:22 marvibiene sshd[9268]: Failed password for root from 187.109.10.100 port 56652 ssh2 Apr 23 20:47:41 marvibiene sshd[9333]: Invalid user pb from 187.109.10.100 port 44372 ...	2020-04-24 05:09:56
191.34.162.186	attack	$f2bV_matches	2020-04-24 04:46:46
159.89.177.46	attackbots	Apr 23 21:17:24 v22018086721571380 sshd[13284]: Failed password for invalid user gituser from 159.89.177.46 port 53670 ssh2	2020-04-24 04:59:37
210.195.166.71	attackbots	php WP PHPmyadamin ABUSE blocked for 12h	2020-04-24 04:59:14
35.231.219.146	attack	Apr 23 20:31:04 game-panel sshd[10041]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.231.219.146 Apr 23 20:31:05 game-panel sshd[10041]: Failed password for invalid user ac from 35.231.219.146 port 51898 ssh2 Apr 23 20:34:57 game-panel sshd[10155]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.231.219.146	2020-04-24 04:47:20
114.88.159.60	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-04-24 05:15:25
195.231.79.74	attackbotsspam	Apr 23 22:09:05 server sshd[21292]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.231.79.74 Apr 23 22:09:07 server sshd[21292]: Failed password for invalid user zf from 195.231.79.74 port 44240 ssh2 Apr 23 22:14:24 server sshd[22692]: Failed password for root from 195.231.79.74 port 59990 ssh2 ...	2020-04-24 04:42:49
37.47.247.107	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/37.47.247.107/ PL - 1H : (15) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : PL NAME ASN : ASN5617 IP : 37.47.247.107 CIDR : 37.47.0.0/16 PREFIX COUNT : 183 UNIQUE IP COUNT : 5363456 ATTACKS DETECTED ASN5617 : 1H - 1 3H - 1 6H - 1 12H - 4 24H - 5 DateTime : 2020-04-23 18:41:52 INFO : Looking for resource vulnerabilities 403 Detected and Blocked by ADMIN - data recovery	2020-04-24 05:03:51
78.128.113.30	attackbotsspam	1 attempts against mh-modsecurity-ban on comet	2020-04-24 04:58:43
110.49.142.46	attack	SSH Brute-Force Attack	2020-04-24 04:42:01
49.235.10.177	attackbots	Found by fail2ban	2020-04-24 05:02:45
202.106.10.66	attack	Apr 23 18:24:37 ws25vmsma01 sshd[202070]: Failed password for root from 202.106.10.66 port 25534 ssh2 ...	2020-04-24 04:49:39
52.232.65.108	attackbotsspam	RDP Bruteforce	2020-04-24 05:12:43

最近上报的IP列表

192.169.245.157	188.55.236.6	175.180.247.199	171.239.236.246
171.79.38.183	137.74.195.183	81.250.133.222	19.196.16.97
114.239.46.197	111.40.174.147	91.239.154.124	211.75.169.168
45.140.207.177	45.140.205.220	2a00:1158:2:6d00::2	159.203.96.51
54.91.14.232	79.154.170.211	106.200.60.90	176.32.230.13