113.250.2.138 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
113.250.254.108	attack	20 attempts against mh-ssh on lake	2020-09-19 20:44:15
113.250.254.108	attack	20 attempts against mh-ssh on lake	2020-09-19 12:41:22
113.250.254.108	attackspam	(sshd) Failed SSH login from 113.250.254.108 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 18 13:00:11 server4 sshd[20652]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.250.254.108 user=root Sep 18 13:00:13 server4 sshd[20652]: Failed password for root from 113.250.254.108 port 1396 ssh2 Sep 18 13:02:53 server4 sshd[22242]: Invalid user filter from 113.250.254.108 Sep 18 13:02:53 server4 sshd[22242]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.250.254.108 Sep 18 13:02:55 server4 sshd[22242]: Failed password for invalid user filter from 113.250.254.108 port 1132 ssh2	2020-09-19 04:18:37
113.250.255.232	attackspambots	Lines containing failures of 113.250.255.232 Sep 3 02:36:43 newdogma sshd[3773]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.250.255.232 user=r.r Sep 3 02:36:45 newdogma sshd[3773]: Failed password for r.r from 113.250.255.232 port 6674 ssh2 Sep 3 02:36:46 newdogma sshd[3773]: Received disconnect from 113.250.255.232 port 6674:11: Bye Bye [preauth] Sep 3 02:36:46 newdogma sshd[3773]: Disconnected from authenticating user r.r 113.250.255.232 port 6674 [preauth] Sep 3 02:38:20 newdogma sshd[4029]: Invalid user yxu from 113.250.255.232 port 6120 Sep 3 02:38:20 newdogma sshd[4029]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.250.255.232 Sep 3 02:38:22 newdogma sshd[4029]: Failed password for invalid user yxu from 113.250.255.232 port 6120 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=113.250.255.232	2020-09-04 23:22:15
113.250.254.107	attackbotsspam	Lines containing failures of 113.250.254.107 Sep 3 18:53:58 hgb10502 sshd[27549]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.250.254.107 user=r.r Sep 3 18:54:00 hgb10502 sshd[27549]: Failed password for r.r from 113.250.254.107 port 24382 ssh2 Sep 3 18:54:01 hgb10502 sshd[27549]: Received disconnect from 113.250.254.107 port 24382:11: Bye Bye [preauth] Sep 3 18:54:01 hgb10502 sshd[27549]: Disconnected from authenticating user r.r 113.250.254.107 port 24382 [preauth] Sep 3 18:59:11 hgb10502 sshd[28239]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.250.254.107 user=r.r Sep 3 18:59:13 hgb10502 sshd[28239]: Failed password for r.r from 113.250.254.107 port 24368 ssh2 Sep 3 18:59:15 hgb10502 sshd[28239]: Received disconnect from 113.250.254.107 port 24368:11: Bye Bye [preauth] Sep 3 18:59:15 hgb10502 sshd[28239]: Disconnected from authenticating user r.r 113.250.254.107 p........ ------------------------------	2020-09-04 21:20:02
113.250.255.232	attackbots	Sep 4 05:30:14 santamaria sshd\[9395\]: Invalid user steam from 113.250.255.232 Sep 4 05:30:14 santamaria sshd\[9395\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.250.255.232 Sep 4 05:30:16 santamaria sshd\[9395\]: Failed password for invalid user steam from 113.250.255.232 port 6820 ssh2 ...	2020-09-04 14:53:58
113.250.254.107	attackbots	$f2bV_matches	2020-09-04 12:59:01
113.250.255.232	attackspam	Invalid user ali from 113.250.255.232 port 5527	2020-09-04 07:18:01
113.250.254.107	attackspambots	Invalid user magno from 113.250.254.107 port 23857	2020-09-04 05:28:54
113.250.253.137	attackspambots	Aug 31 03:49:07 scw-6657dc sshd[1877]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.250.253.137 Aug 31 03:49:07 scw-6657dc sshd[1877]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.250.253.137 Aug 31 03:49:09 scw-6657dc sshd[1877]: Failed password for invalid user vinci from 113.250.253.137 port 29918 ssh2 ...	2020-08-31 18:40:44
113.250.252.111	attackbotsspam	Aug 20 19:01:43 scivo sshd[24668]: Invalid user firewall from 113.250.252.111 Aug 20 19:01:43 scivo sshd[24668]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.250.252.111 Aug 20 19:01:46 scivo sshd[24668]: Failed password for invalid user firewall from 113.250.252.111 port 9098 ssh2 Aug 20 19:01:46 scivo sshd[24668]: Received disconnect from 113.250.252.111: 11: Bye Bye [preauth] Aug 20 19:10:41 scivo sshd[25119]: Invalid user mmm from 113.250.252.111 Aug 20 19:10:41 scivo sshd[25119]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.250.252.111 Aug 20 19:10:43 scivo sshd[25119]: Failed password for invalid user mmm from 113.250.252.111 port 8305 ssh2 Aug 20 19:10:43 scivo sshd[25119]: Received disconnect from 113.250.252.111: 11: Bye Bye [preauth] Aug 20 19:13:43 scivo sshd[25271]: Invalid user cherie from 113.250.252.111 Aug 20 19:13:43 scivo sshd[25271]: pam_unix(sshd:auth): au........ -------------------------------	2020-08-22 06:51:53
113.250.255.241	attackbotsspam	Jul 25 17:11:50 prox sshd[14250]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.250.255.241 Jul 25 17:11:52 prox sshd[14250]: Failed password for invalid user pw from 113.250.255.241 port 3214 ssh2	2020-07-26 05:47:07
113.250.229.220	attackspambots	2020-07-21T15:20:45.954279ks3355764 sshd[26976]: Invalid user comtech from 113.250.229.220 port 2678 2020-07-21T15:20:47.824678ks3355764 sshd[26976]: Failed password for invalid user comtech from 113.250.229.220 port 2678 ssh2 ...	2020-07-21 21:36:38
113.250.252.120	attackbots	Invalid user dev from 113.250.252.120 port 8802	2020-07-18 02:34:23
113.250.252.99	attack	2020-07-15 UTC: (8x) - add,apagar,ashok,bill,midas,pgbouncer,student9,wmdemo	2020-07-16 19:50:13

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 113.250.2.138
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 28819
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;113.250.2.138.			IN	A

;; AUTHORITY SECTION:
.			571	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022111701 1800 900 604800 86400

;; Query time: 59 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Nov 18 06:05:50 CST 2022
;; MSG SIZE  rcvd: 106

Host info

Host 138.2.250.113.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 138.2.250.113.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
139.59.41.6	attackspambots	Jun 28 07:36:14 [host] sshd[9343]: Invalid user aleks from 139.59.41.6 Jun 28 07:36:14 [host] sshd[9343]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.41.6 Jun 28 07:36:17 [host] sshd[9343]: Failed password for invalid user aleks from 139.59.41.6 port 55142 ssh2	2019-06-28 20:38:26
181.174.83.226	attack	Unauthorized connection attempt from IP address 181.174.83.226 on Port 445(SMB)	2019-06-28 21:05:19
159.65.82.105	attackspambots	Jun 28 08:16:41 Tower sshd[37875]: Connection from 159.65.82.105 port 42518 on 192.168.10.220 port 22 Jun 28 08:16:41 Tower sshd[37875]: Invalid user usuario from 159.65.82.105 port 42518 Jun 28 08:16:41 Tower sshd[37875]: error: Could not get shadow information for NOUSER Jun 28 08:16:41 Tower sshd[37875]: Failed password for invalid user usuario from 159.65.82.105 port 42518 ssh2 Jun 28 08:16:41 Tower sshd[37875]: Received disconnect from 159.65.82.105 port 42518:11: Normal Shutdown, Thank you for playing [preauth] Jun 28 08:16:41 Tower sshd[37875]: Disconnected from invalid user usuario 159.65.82.105 port 42518 [preauth]	2019-06-28 20:44:13
134.73.161.114	attack	Jun 28 06:52:08 xxxxxxx0 sshd[6888]: Invalid user gta from 134.73.161.114 port 49550 Jun 28 06:52:08 xxxxxxx0 sshd[6888]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.73.161.114 Jun 28 06:52:10 xxxxxxx0 sshd[6888]: Failed password for invalid user gta from 134.73.161.114 port 49550 ssh2 Jun 28 06:57:33 xxxxxxx0 sshd[7683]: Invalid user helen from 134.73.161.114 port 44634 Jun 28 06:57:33 xxxxxxx0 sshd[7683]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.73.161.114 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=134.73.161.114	2019-06-28 20:48:32
186.185.35.181	attack	Unauthorized connection attempt from IP address 186.185.35.181 on Port 445(SMB)	2019-06-28 20:23:24
106.12.92.88	attackbotsspam	Jun 28 06:50:05 mail sshd[18596]: Invalid user rafael from 106.12.92.88 Jun 28 06:50:05 mail sshd[18596]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.92.88 Jun 28 06:50:05 mail sshd[18596]: Invalid user rafael from 106.12.92.88 Jun 28 06:50:07 mail sshd[18596]: Failed password for invalid user rafael from 106.12.92.88 port 51970 ssh2 Jun 28 07:05:22 mail sshd[20622]: Invalid user wuchunpeng from 106.12.92.88 ...	2019-06-28 21:03:00
178.156.202.153	attackspambots	17 attacks on PHP URLs: 178.156.202.153 - - [27/Jun/2019:10:51:32 +0100] "POST /e/DoInfo/ecms.php HTTP/1.1" 404 1290 "http://www.aliceneel.com/e/DoInfo/ecms.php" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2)"	2019-06-28 20:29:03
181.111.226.131	attackbots	Unauthorized connection attempt from IP address 181.111.226.131 on Port 445(SMB)	2019-06-28 20:51:44
185.244.25.107	attackbotsspam	Fail2Ban Ban Triggered	2019-06-28 21:06:11
212.224.88.146	attackbotsspam	2019-06-28T06:19:59.074363WS-Zach sshd[9585]: User root from 212.224.88.146 not allowed because none of user's groups are listed in AllowGroups 2019-06-28T06:19:59.085222WS-Zach sshd[9585]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.224.88.146 user=root 2019-06-28T06:19:59.074363WS-Zach sshd[9585]: User root from 212.224.88.146 not allowed because none of user's groups are listed in AllowGroups 2019-06-28T06:20:01.262034WS-Zach sshd[9585]: Failed password for invalid user root from 212.224.88.146 port 53918 ssh2 2019-06-28T06:21:55.542655WS-Zach sshd[10658]: Invalid user henry from 212.224.88.146 port 43076 ...	2019-06-28 21:03:50
103.48.103.210	attackbotsspam	Unauthorized connection attempt from IP address 103.48.103.210 on Port 445(SMB)	2019-06-28 20:42:07
125.227.38.168	attack	Jun 28 07:37:09 lnxweb62 sshd[26829]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.227.38.168 Jun 28 07:37:09 lnxweb62 sshd[26829]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.227.38.168	2019-06-28 21:10:04
163.204.245.0	attackspam	2019-06-28 06:55:37 H=(localhost.localdomain) [163.204.245.0] F=: X-DNSBL-Warning: 163.204.245.0 is listed at cbl.abuseat.org (127.0.0.2) (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=163.204.245.0) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=163.204.245.0	2019-06-28 20:43:44
66.249.64.153	attackbotsspam	Automatic report - Web App Attack	2019-06-28 20:52:48
113.20.96.250	attackbots	Unauthorized connection attempt from IP address 113.20.96.250 on Port 445(SMB)	2019-06-28 20:41:18

Recently Reported IPs

83.87.66.31	81.91.71.209	149.138.228.40	243.166.233.213
98.149.17.61	186.102.118.227	7.60.12.244	87.204.80.130
188.172.109.250	66.2.231.251	233.96.129.48	118.67.100.29
52.190.62.175	109.252.87.108	64.184.93.186	88.171.186.2
144.63.62.148	235.1.150.134	32.46.193.187	30.53.219.148