138.94.160.58 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Brazil

Internet Service Provider: F.A.A Provedor Ltda - ME

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Sep 25 05:55:16 hpm sshd\[15612\]: Invalid user db2inst1 from 138.94.160.58 Sep 25 05:55:16 hpm sshd\[15612\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58-160-94-138.turbonetburitis.com.br Sep 25 05:55:17 hpm sshd\[15612\]: Failed password for invalid user db2inst1 from 138.94.160.58 port 36896 ssh2 Sep 25 06:00:21 hpm sshd\[16019\]: Invalid user alien from 138.94.160.58 Sep 25 06:00:21 hpm sshd\[16019\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58-160-94-138.turbonetburitis.com.br	2019-09-26 00:11:39
attackspam	Sep 19 10:55:26 tdfoods sshd\[7252\]: Invalid user albtentac from 138.94.160.58 Sep 19 10:55:26 tdfoods sshd\[7252\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58-160-94-138.turbonetburitis.com.br Sep 19 10:55:28 tdfoods sshd\[7252\]: Failed password for invalid user albtentac from 138.94.160.58 port 49590 ssh2 Sep 19 11:00:41 tdfoods sshd\[7744\]: Invalid user stefan from 138.94.160.58 Sep 19 11:00:41 tdfoods sshd\[7744\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58-160-94-138.turbonetburitis.com.br	2019-09-20 05:08:14
attack	Sep 14 08:34:00 kapalua sshd\[21589\]: Invalid user Pass from 138.94.160.58 Sep 14 08:34:00 kapalua sshd\[21589\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58-160-94-138.turbonetburitis.com.br Sep 14 08:34:02 kapalua sshd\[21589\]: Failed password for invalid user Pass from 138.94.160.58 port 48606 ssh2 Sep 14 08:39:17 kapalua sshd\[22192\]: Invalid user 12345 from 138.94.160.58 Sep 14 08:39:17 kapalua sshd\[22192\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58-160-94-138.turbonetburitis.com.br	2019-09-15 02:53:24
attackspambots	Sep 6 17:37:57 lcl-usvr-01 sshd[18326]: Invalid user ansible from 138.94.160.58 Sep 6 17:37:57 lcl-usvr-01 sshd[18326]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.94.160.58 Sep 6 17:37:57 lcl-usvr-01 sshd[18326]: Invalid user ansible from 138.94.160.58 Sep 6 17:37:59 lcl-usvr-01 sshd[18326]: Failed password for invalid user ansible from 138.94.160.58 port 45710 ssh2 Sep 6 17:43:06 lcl-usvr-01 sshd[20033]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.94.160.58 user=ubuntu Sep 6 17:43:08 lcl-usvr-01 sshd[20033]: Failed password for ubuntu from 138.94.160.58 port 33240 ssh2	2019-09-06 20:52:34
attackbotsspam	Aug 31 00:16:56 rpi sshd[12820]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.94.160.58 Aug 31 00:16:58 rpi sshd[12820]: Failed password for invalid user ubuntu from 138.94.160.58 port 57450 ssh2	2019-08-31 06:43:42
attackbots	Aug 27 16:32:50 server sshd\[17752\]: Invalid user zabbix from 138.94.160.58 port 33324 Aug 27 16:32:50 server sshd\[17752\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.94.160.58 Aug 27 16:32:52 server sshd\[17752\]: Failed password for invalid user zabbix from 138.94.160.58 port 33324 ssh2 Aug 27 16:38:19 server sshd\[7775\]: User root from 138.94.160.58 not allowed because listed in DenyUsers Aug 27 16:38:19 server sshd\[7775\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.94.160.58 user=root	2019-08-27 21:59:08
attackspambots	Aug 24 21:48:27 vtv3 sshd\[10112\]: Invalid user tomcat from 138.94.160.58 port 60520 Aug 24 21:48:27 vtv3 sshd\[10112\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.94.160.58 Aug 24 21:48:29 vtv3 sshd\[10112\]: Failed password for invalid user tomcat from 138.94.160.58 port 60520 ssh2 Aug 24 21:54:44 vtv3 sshd\[13034\]: Invalid user ionut from 138.94.160.58 port 56087 Aug 24 21:54:44 vtv3 sshd\[13034\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.94.160.58 Aug 24 22:07:53 vtv3 sshd\[19759\]: Invalid user pedro from 138.94.160.58 port 47585 Aug 24 22:07:53 vtv3 sshd\[19759\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.94.160.58 Aug 24 22:07:55 vtv3 sshd\[19759\]: Failed password for invalid user pedro from 138.94.160.58 port 47585 ssh2 Aug 24 22:14:19 vtv3 sshd\[22924\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rho	2019-08-25 12:41:03

Comments on same subnet:

IP	Type	Details	Datetime
138.94.160.215	attackspambots	[ES hit] Tried to deliver spam.	2020-04-28 01:33:10
138.94.160.18	attack	2020-03-30T23:08:52.645821shield sshd\[9328\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=18-160-94-138.turbonetburitis.com.br user=root 2020-03-30T23:08:54.811707shield sshd\[9328\]: Failed password for root from 138.94.160.18 port 46738 ssh2 2020-03-30T23:13:27.471687shield sshd\[10560\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=18-160-94-138.turbonetburitis.com.br user=root 2020-03-30T23:13:29.393649shield sshd\[10560\]: Failed password for root from 138.94.160.18 port 53064 ssh2 2020-03-30T23:17:55.657212shield sshd\[11861\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=18-160-94-138.turbonetburitis.com.br user=root	2020-03-31 07:34:19
138.94.160.18	attackbotsspam	Invalid user ftpguest from 138.94.160.18 port 56728	2020-03-23 02:47:03
138.94.160.18	attackbotsspam	Feb 22 17:14:13 MK-Soft-Root2 sshd[5185]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.94.160.18 Feb 22 17:14:15 MK-Soft-Root2 sshd[5185]: Failed password for invalid user mailman2020 from 138.94.160.18 port 60672 ssh2 ...	2020-02-23 00:51:44
138.94.160.18	attack	Feb 9 01:17:46 markkoudstaal sshd[19991]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.94.160.18 Feb 9 01:17:48 markkoudstaal sshd[19991]: Failed password for invalid user cgl from 138.94.160.18 port 55192 ssh2 Feb 9 01:20:52 markkoudstaal sshd[20522]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.94.160.18	2020-02-09 08:39:16
138.94.160.18	attackspambots	SSH Login Bruteforce	2020-01-30 04:29:23
138.94.160.57	attackspam	SASL PLAIN auth failed: ruser=...	2020-01-11 01:25:49
138.94.160.57	attack	Automatic report - Banned IP Access	2019-12-30 20:46:58
138.94.160.57	attackbotsspam	Dec 19 16:13:58 ns382633 sshd\[26589\]: Invalid user wlodyka from 138.94.160.57 port 52222 Dec 19 16:13:58 ns382633 sshd\[26589\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.94.160.57 Dec 19 16:14:00 ns382633 sshd\[26589\]: Failed password for invalid user wlodyka from 138.94.160.57 port 52222 ssh2 Dec 19 16:24:04 ns382633 sshd\[28592\]: Invalid user wilfrid from 138.94.160.57 port 52472 Dec 19 16:24:04 ns382633 sshd\[28592\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.94.160.57	2019-12-20 03:09:50
138.94.160.57	attack	Dec 17 20:00:38 server sshd\[15556\]: Invalid user ave from 138.94.160.57 Dec 17 20:00:38 server sshd\[15556\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=57-160-94-138.turbonetburitis.com.br Dec 17 20:01:00 server sshd\[15556\]: Failed password for invalid user ave from 138.94.160.57 port 37136 ssh2 Dec 17 20:08:37 server sshd\[17224\]: Invalid user server from 138.94.160.57 Dec 17 20:08:37 server sshd\[17224\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=57-160-94-138.turbonetburitis.com.br ...	2019-12-18 01:40:35
138.94.160.154	attackbots	email spam	2019-12-17 21:33:55
138.94.160.57	attack	Dec 11 23:58:38 kapalua sshd\[11585\]: Invalid user rail from 138.94.160.57 Dec 11 23:58:38 kapalua sshd\[11585\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=57-160-94-138.turbonetburitis.com.br Dec 11 23:58:39 kapalua sshd\[11585\]: Failed password for invalid user rail from 138.94.160.57 port 39034 ssh2 Dec 12 00:07:57 kapalua sshd\[12610\]: Invalid user jubran from 138.94.160.57 Dec 12 00:07:57 kapalua sshd\[12610\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=57-160-94-138.turbonetburitis.com.br	2019-12-12 20:46:52
138.94.160.57	attackbotsspam	2019-12-08T16:33:01.906953abusebot-6.cloudsearch.cf sshd\[27070\]: Invalid user semenov from 138.94.160.57 port 46326 2019-12-08T16:33:01.912084abusebot-6.cloudsearch.cf sshd\[27070\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=57-160-94-138.turbonetburitis.com.br	2019-12-09 03:38:51
138.94.160.57	attack	Dec 6 22:18:55 wbs sshd\[25932\]: Invalid user anom from 138.94.160.57 Dec 6 22:18:55 wbs sshd\[25932\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=57-160-94-138.turbonetburitis.com.br Dec 6 22:18:57 wbs sshd\[25932\]: Failed password for invalid user anom from 138.94.160.57 port 50490 ssh2 Dec 6 22:26:47 wbs sshd\[26635\]: Invalid user leau from 138.94.160.57 Dec 6 22:26:47 wbs sshd\[26635\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=57-160-94-138.turbonetburitis.com.br	2019-12-07 16:41:17
138.94.160.57	attack	Dec 6 17:59:42 cvbnet sshd[1699]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.94.160.57 Dec 6 17:59:44 cvbnet sshd[1699]: Failed password for invalid user michail from 138.94.160.57 port 40918 ssh2 ...	2019-12-07 01:06:16

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.94.160.58
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56517
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.94.160.58.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019082401 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Aug 25 12:40:56 CST 2019
;; MSG SIZE  rcvd: 117

Host info

58.160.94.138.in-addr.arpa domain name pointer 58-160-94-138.turbonetburitis.com.br.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
58.160.94.138.in-addr.arpa	name = 58-160-94-138.turbonetburitis.com.br.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
142.44.162.188	attackspam	Jun 20 07:39:43 rotator sshd\[25393\]: Invalid user ops from 142.44.162.188Jun 20 07:39:45 rotator sshd\[25393\]: Failed password for invalid user ops from 142.44.162.188 port 34862 ssh2Jun 20 07:45:00 rotator sshd\[26164\]: Invalid user sinus from 142.44.162.188Jun 20 07:45:02 rotator sshd\[26164\]: Failed password for invalid user sinus from 142.44.162.188 port 51014 ssh2Jun 20 07:48:33 rotator sshd\[26952\]: Invalid user ts from 142.44.162.188Jun 20 07:48:35 rotator sshd\[26952\]: Failed password for invalid user ts from 142.44.162.188 port 50850 ssh2 ...	2020-06-20 14:18:05
220.195.3.57	attackspam	" "	2020-06-20 14:04:01
49.207.139.230	attackbots	Automatic report - XMLRPC Attack	2020-06-20 13:48:30
185.111.88.158	attack	WordPress admin/config access attempt: "GET /wp-config.php.bak"	2020-06-20 13:49:49
187.189.32.5	attack	2020-06-19 05:21:39 Unauthorized connection attempt to IMAP/POP	2020-06-20 14:04:59
113.130.219.101	attackbots	Unauthorized IMAP connection attempt	2020-06-20 13:43:53
94.176.12.27	attackspambots	(Jun 20) LEN=40 TTL=242 ID=9088 DF TCP DPT=23 WINDOW=14600 SYN (Jun 19) LEN=40 TTL=242 ID=60307 DF TCP DPT=23 WINDOW=14600 SYN (Jun 17) LEN=40 TTL=242 ID=45996 DF TCP DPT=23 WINDOW=14600 SYN (Jun 17) LEN=40 TTL=242 ID=23231 DF TCP DPT=23 WINDOW=14600 SYN (Jun 16) LEN=40 TTL=242 ID=9408 DF TCP DPT=23 WINDOW=14600 SYN (Jun 16) LEN=40 TTL=242 ID=21690 DF TCP DPT=23 WINDOW=14600 SYN (Jun 16) LEN=40 TTL=242 ID=3358 DF TCP DPT=23 WINDOW=14600 SYN (Jun 15) LEN=40 TTL=242 ID=58853 DF TCP DPT=23 WINDOW=14600 SYN (Jun 14) LEN=40 TTL=242 ID=50111 DF TCP DPT=23 WINDOW=14600 SYN (Jun 14) LEN=40 TTL=242 ID=19077 DF TCP DPT=23 WINDOW=14600 SYN (Jun 14) LEN=40 TTL=242 ID=61737 DF TCP DPT=23 WINDOW=14600 SYN	2020-06-20 13:58:18
103.139.19.90	attackbotsspam	DATE:2020-06-20 05:54:27, IP:103.139.19.90, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2020-06-20 13:39:42
93.123.96.138	attack	Failed password for invalid user oracle from 93.123.96.138 port 47514 ssh2	2020-06-20 13:42:48
178.128.56.89	attack	Invalid user attachments from 178.128.56.89 port 38022	2020-06-20 13:44:22
170.106.9.125	attackspambots	SSH/22 MH Probe, BF, Hack -	2020-06-20 13:59:02
138.121.128.19	attackspam	frenzy	2020-06-20 14:08:36
118.186.2.18	attack	Jun 20 01:22:33 ny01 sshd[862]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.186.2.18 Jun 20 01:22:35 ny01 sshd[862]: Failed password for invalid user hxhtftp from 118.186.2.18 port 52013 ssh2 Jun 20 01:26:36 ny01 sshd[1771]: Failed password for root from 118.186.2.18 port 45903 ssh2	2020-06-20 13:35:07
202.158.123.42	attackspam	"Unauthorized connection attempt on SSHD detected"	2020-06-20 14:07:37
106.12.86.193	attack	2020-06-20T03:54:04.974094shield sshd\[6206\]: Invalid user mq from 106.12.86.193 port 60680 2020-06-20T03:54:04.977837shield sshd\[6206\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.86.193 2020-06-20T03:54:06.417795shield sshd\[6206\]: Failed password for invalid user mq from 106.12.86.193 port 60680 ssh2 2020-06-20T03:54:28.605416shield sshd\[6238\]: Invalid user hugo from 106.12.86.193 port 35234 2020-06-20T03:54:28.607860shield sshd\[6238\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.86.193	2020-06-20 13:38:27

Recently Reported IPs

89.44.25.253	193.116.234.191	78.106.136.208	143.194.85.94
163.100.225.204	151.241.116.10	182.195.240.226	210.207.35.199
202.122.32.255	191.53.57.185	86.241.111.42	150.180.114.8
221.230.225.102	197.136.66.43	24.196.156.20	177.68.229.40
201.104.135.71	179.57.19.101	217.82.167.110	209.124.36.234