168.194.13.138

Basic Info

City: unknown

Region: unknown

Country: Brazil

Internet Service Provider: Flash Net Telecomunicacoes Ltda - ME

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Jan 11 05:50:58 grey postfix/smtpd\[16275\]: NOQUEUE: reject: RCPT from dedicado-wilsonet.flashnetpe.com.br\[168.194.13.138\]: 554 5.7.1 Service unavailable\; Client host \[168.194.13.138\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[168.194.13.138\]\; from=\ to=\ proto=ESMTP helo=\ ...	2020-01-11 17:53:23

Type

Details

Datetime

attackbotsspam

Jan 11 05:50:58 grey postfix/smtpd\[16275\]: NOQUEUE: reject: RCPT from dedicado-wilsonet.flashnetpe.com.br\[168.194.13.138\]: 554 5.7.1 Service unavailable\; Client host \[168.194.13.138\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[168.194.13.138\]\; from=\ to=\ proto=ESMTP helo=\
...

2020-01-11 17:53:23

Comments on same subnet:

IP	Type	Details	Datetime
168.194.13.4	attackbots	$f2bV_matches	2020-10-05 07:05:57
168.194.13.4	attackspambots	Oct 4 12:55:19 *** sshd[27129]: User root from 168.194.13.4 not allowed because not listed in AllowUsers	2020-10-04 23:15:24
168.194.13.4	attackbotsspam	Bruteforce detected by fail2ban	2020-10-04 14:59:49
168.194.13.4	attackbots	Invalid user zq from 168.194.13.4 port 43848	2020-09-30 03:20:18
168.194.13.4	attack	Invalid user zq from 168.194.13.4 port 43848	2020-09-29 19:24:34
168.194.13.4	attack	Sep 17 12:25:59 ws12vmsma01 sshd[56776]: Failed password for root from 168.194.13.4 port 35424 ssh2 Sep 17 12:30:32 ws12vmsma01 sshd[57571]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.194.13.4 user=root Sep 17 12:30:34 ws12vmsma01 sshd[57571]: Failed password for root from 168.194.13.4 port 45572 ssh2 ...	2020-09-18 00:05:09
168.194.13.4	attackspam	2020-09-17T06:35:28.618798abusebot-6.cloudsearch.cf sshd[15535]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.194.13.4 user=root 2020-09-17T06:35:30.987345abusebot-6.cloudsearch.cf sshd[15535]: Failed password for root from 168.194.13.4 port 39124 ssh2 2020-09-17T06:39:53.148103abusebot-6.cloudsearch.cf sshd[15542]: Invalid user campbell from 168.194.13.4 port 50142 2020-09-17T06:39:53.153940abusebot-6.cloudsearch.cf sshd[15542]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.194.13.4 2020-09-17T06:39:53.148103abusebot-6.cloudsearch.cf sshd[15542]: Invalid user campbell from 168.194.13.4 port 50142 2020-09-17T06:39:55.236297abusebot-6.cloudsearch.cf sshd[15542]: Failed password for invalid user campbell from 168.194.13.4 port 50142 ssh2 2020-09-17T06:44:24.136880abusebot-6.cloudsearch.cf sshd[15552]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.194 ...	2020-09-17 16:08:13
168.194.13.4	attackspam	2020-09-16T23:00:16.821278dmca.cloudsearch.cf sshd[14640]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.194.13.4 user=root 2020-09-16T23:00:19.062437dmca.cloudsearch.cf sshd[14640]: Failed password for root from 168.194.13.4 port 50470 ssh2 2020-09-16T23:04:42.603600dmca.cloudsearch.cf sshd[14722]: Invalid user http from 168.194.13.4 port 34972 2020-09-16T23:04:42.609190dmca.cloudsearch.cf sshd[14722]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.194.13.4 2020-09-16T23:04:42.603600dmca.cloudsearch.cf sshd[14722]: Invalid user http from 168.194.13.4 port 34972 2020-09-16T23:04:44.699889dmca.cloudsearch.cf sshd[14722]: Failed password for invalid user http from 168.194.13.4 port 34972 ssh2 2020-09-16T23:09:03.502059dmca.cloudsearch.cf sshd[14874]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.194.13.4 user=root 2020-09-16T23:09:05.422338dmca.clouds ...	2020-09-17 07:14:27
168.194.13.4	attack	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-09-13T14:26:22Z and 2020-09-13T14:35:55Z	2020-09-14 00:04:10
168.194.13.4	attackspambots	Sep 13 09:27:13 [host] sshd[30472]: pam_unix(sshd: Sep 13 09:27:15 [host] sshd[30472]: Failed passwor Sep 13 09:29:56 [host] sshd[30604]: pam_unix(sshd: Sep 13 09:29:57 [host] sshd[30604]: Failed passwor	2020-09-13 15:54:59
168.194.13.4	attack	Triggered by Fail2Ban at Ares web server	2020-09-13 07:39:23
168.194.13.4	attackbotsspam	Sep 8 14:03:51 [host] sshd[3679]: Invalid user sc Sep 8 14:03:51 [host] sshd[3679]: pam_unix(sshd:a Sep 8 14:03:53 [host] sshd[3679]: Failed password	2020-09-08 20:30:59
168.194.13.4	attack	Sep 8 01:06:57 hosting sshd[1776]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.194.13.4 user=root Sep 8 01:06:58 hosting sshd[1776]: Failed password for root from 168.194.13.4 port 41616 ssh2 ...	2020-09-08 12:25:14
168.194.13.4	attack	Sep 7 23:44:09 hosting sshd[25818]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.194.13.4 user=root Sep 7 23:44:11 hosting sshd[25818]: Failed password for root from 168.194.13.4 port 42054 ssh2 ...	2020-09-08 05:02:08
168.194.13.4	attack	Invalid user cherry from 168.194.13.4 port 54596	2020-09-04 22:56:56

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 168.194.13.138
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 16291
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;168.194.13.138.			IN	A

;; AUTHORITY SECTION:
.			388	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020011002 1800 900 604800 86400

;; Query time: 117 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jan 11 17:53:19 CST 2020
;; MSG SIZE  rcvd: 118

Host info

138.13.194.168.in-addr.arpa domain name pointer dedicado-wilsonet.flashnetpe.com.br.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
138.13.194.168.in-addr.arpa	name = dedicado-wilsonet.flashnetpe.com.br.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
80.82.77.189	attack	03/07/2020-06:43:58.134602 80.82.77.189 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-03-07 20:27:46
171.217.92.33	attackspam	Mar 7 03:41:03 plusreed sshd[16525]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.217.92.33 user=www-data Mar 7 03:41:05 plusreed sshd[16525]: Failed password for www-data from 171.217.92.33 port 2639 ssh2 ...	2020-03-07 20:42:19
138.68.61.182	attackspam	Mar 2 15:46:53 xxxxxxx7446550 sshd[25134]: Invalid user ubuntu from 138.68.61.182 Mar 2 15:46:53 xxxxxxx7446550 sshd[25134]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.61.182 Mar 2 15:46:55 xxxxxxx7446550 sshd[25134]: Failed password for invalid user ubuntu from 138.68.61.182 port 35992 ssh2 Mar 2 15:46:55 xxxxxxx7446550 sshd[25135]: Received disconnect from 138.68.61.182: 11: Normal Shutdown Mar 2 15:50:24 xxxxxxx7446550 sshd[26472]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.61.182 user=r.r Mar 2 15:50:25 xxxxxxx7446550 sshd[26472]: Failed password for r.r from 138.68.61.182 port 61990 ssh2 Mar 2 15:50:25 xxxxxxx7446550 sshd[26473]: Received disconnect from 138.68.61.182: 11: Normal Shutdown Mar 2 15:53:50 xxxxxxx7446550 sshd[27441]: Invalid user ftpuser from 138.68.61.182 Mar 2 15:53:50 xxxxxxx7446550 sshd[27441]: pam_unix(sshd:auth): authentication fail........ -------------------------------	2020-03-07 20:41:23
47.190.18.35	attack	2020-03-07T04:49:51.637742abusebot.cloudsearch.cf sshd[8487]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.190.18.35 user=root 2020-03-07T04:49:53.632501abusebot.cloudsearch.cf sshd[8487]: Failed password for root from 47.190.18.35 port 57780 ssh2 2020-03-07T04:49:54.087999abusebot.cloudsearch.cf sshd[8491]: Invalid user DUP from 47.190.18.35 port 58478 2020-03-07T04:49:54.095233abusebot.cloudsearch.cf sshd[8491]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.190.18.35 2020-03-07T04:49:54.087999abusebot.cloudsearch.cf sshd[8491]: Invalid user DUP from 47.190.18.35 port 58478 2020-03-07T04:49:55.834048abusebot.cloudsearch.cf sshd[8491]: Failed password for invalid user DUP from 47.190.18.35 port 58478 ssh2 2020-03-07T04:49:56.318672abusebot.cloudsearch.cf sshd[8495]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.190.18.35 user=root 2020-03-07T04:49:57 ...	2020-03-07 20:26:20
80.82.65.74	attackspam	firewall-block, port(s): 3113/tcp, 10200/tcp, 20002/tcp	2020-03-07 20:25:20
159.89.126.252	attack	CMS (WordPress or Joomla) login attempt.	2020-03-07 20:47:09
51.77.223.62	attack	WordPress login Brute force / Web App Attack on client site.	2020-03-07 20:37:05
154.8.164.214	attack	Mar 7 05:49:27 santamaria sshd\[6089\]: Invalid user rootbsd from 154.8.164.214 Mar 7 05:49:27 santamaria sshd\[6089\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.8.164.214 Mar 7 05:49:29 santamaria sshd\[6089\]: Failed password for invalid user rootbsd from 154.8.164.214 port 44556 ssh2 ...	2020-03-07 20:46:37
188.166.236.211	attack	Automatic report - Banned IP Access	2020-03-07 20:38:54
187.189.11.49	attackspam	2020-03-07T08:26:56.540315dmca.cloudsearch.cf sshd[9888]: Invalid user anik from 187.189.11.49 port 33226 2020-03-07T08:26:56.545861dmca.cloudsearch.cf sshd[9888]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=fixed-187-189-11-49.totalplay.net 2020-03-07T08:26:56.540315dmca.cloudsearch.cf sshd[9888]: Invalid user anik from 187.189.11.49 port 33226 2020-03-07T08:26:58.647108dmca.cloudsearch.cf sshd[9888]: Failed password for invalid user anik from 187.189.11.49 port 33226 ssh2 2020-03-07T08:31:52.687209dmca.cloudsearch.cf sshd[10191]: Invalid user ServerSQL from 187.189.11.49 port 49968 2020-03-07T08:31:52.693231dmca.cloudsearch.cf sshd[10191]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=fixed-187-189-11-49.totalplay.net 2020-03-07T08:31:52.687209dmca.cloudsearch.cf sshd[10191]: Invalid user ServerSQL from 187.189.11.49 port 49968 2020-03-07T08:31:54.763926dmca.cloudsearch.cf sshd[10191]: Failed passwo ...	2020-03-07 20:21:16
198.245.63.94	attack	2020-03-07T10:26:19.274315shield sshd\[345\]: Invalid user mattermos from 198.245.63.94 port 58126 2020-03-07T10:26:19.280364shield sshd\[345\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns508619.ip-198-245-63.net 2020-03-07T10:26:21.409857shield sshd\[345\]: Failed password for invalid user mattermos from 198.245.63.94 port 58126 ssh2 2020-03-07T10:32:10.451754shield sshd\[1775\]: Invalid user andrew from 198.245.63.94 port 56382 2020-03-07T10:32:10.459171shield sshd\[1775\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns508619.ip-198-245-63.net	2020-03-07 20:45:47
14.240.223.55	attack	Honeypot attack, port: 81, PTR: static.vnpt.vn.	2020-03-07 20:43:49
222.186.30.248	attack	SSH authentication failure x 6 reported by Fail2Ban ...	2020-03-07 20:53:07
146.88.240.4	attackspam	146.88.240.4 was recorded 15 times by 11 hosts attempting to connect to the following ports: 123,3702. Incident counter (4h, 24h, all-time): 15, 294, 63936	2020-03-07 20:40:56
115.85.73.53	attack	Mar 7 14:14:57 server sshd\[11559\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.85.73.53 user=root Mar 7 14:14:59 server sshd\[11559\]: Failed password for root from 115.85.73.53 port 33636 ssh2 Mar 7 14:21:15 server sshd\[13071\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.85.73.53 user=root Mar 7 14:21:17 server sshd\[13071\]: Failed password for root from 115.85.73.53 port 57588 ssh2 Mar 7 14:26:13 server sshd\[14008\]: Invalid user xiaoyun from 115.85.73.53 ...	2020-03-07 20:19:50

Recently Reported IPs

192.169.245.157	188.55.236.6	175.180.247.199	171.239.236.246
171.79.38.183	137.74.195.183	81.250.133.222	19.196.16.97
114.239.46.197	111.40.174.147	91.239.154.124	211.75.169.168
45.140.207.177	45.140.205.220	2a00:1158:2:6d00::2	159.203.96.51
54.91.14.232	79.154.170.211	106.200.60.90	176.32.230.13