116.0.1.138 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Indonesia

Internet Service Provider: PT Wifiku Indonesia

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Jul2305:47:05server2pure-ftpd:\(\?@116.0.1.138\)[WARNING]Authenticationfailedforuser[anonymous]Jul2305:48:49server2pure-ftpd:\(\?@116.0.1.138\)[WARNING]Authenticationfailedforuser[www]Jul2305:50:23server2pure-ftpd:\(\?@116.0.1.138\)[WARNING]Authenticationfailedforuser[www]Jul2305:51:03server2pure-ftpd:\(\?@116.0.1.138\)[WARNING]Authenticationfailedforuser[www]Jul2305:51:19server2pure-ftpd:\(\?@116.0.1.138\)[WARNING]Authenticationfailedforuser[www]	2020-07-23 18:32:54

Type

Details

Datetime

attack

Jul2305:47:05server2pure-ftpd:\(\?@116.0.1.138\)[WARNING]Authenticationfailedforuser[anonymous]Jul2305:48:49server2pure-ftpd:\(\?@116.0.1.138\)[WARNING]Authenticationfailedforuser[www]Jul2305:50:23server2pure-ftpd:\(\?@116.0.1.138\)[WARNING]Authenticationfailedforuser[www]Jul2305:51:03server2pure-ftpd:\(\?@116.0.1.138\)[WARNING]Authenticationfailedforuser[www]Jul2305:51:19server2pure-ftpd:\(\?@116.0.1.138\)[WARNING]Authenticationfailedforuser[www]

2020-07-23 18:32:54

Comments on same subnet:

IP	Type	Details	Datetime
116.0.1.250	attackbotsspam	Unauthorized connection attempt from IP address 116.0.1.250 on Port 445(SMB)	2020-01-31 15:55:29
116.0.134.123	attack	Scanning	2019-12-31 21:11:45
116.0.148.155	attack	Unauthorised access (Sep 21) SRC=116.0.148.155 LEN=40 TTL=47 ID=60302 TCP DPT=8080 WINDOW=22 SYN	2019-09-21 14:00:45
116.0.196.133	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2019-08-29 20:32:45

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.0.1.138
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 35443
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;116.0.1.138.			IN	A

;; AUTHORITY SECTION:
.			519	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020072300 1800 900 604800 86400

;; Query time: 35 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jul 23 18:32:50 CST 2020
;; MSG SIZE  rcvd: 115

Host info

Host 138.1.0.116.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 138.1.0.116.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
132.148.151.162	attack	Automatic report - Banned IP Access	2019-10-14 01:27:24
178.128.216.127	attackbots	Triggered by Fail2Ban at Vostok web server	2019-10-14 00:47:47
189.112.109.185	attack	2019-10-13T17:12:54.311828abusebot-8.cloudsearch.cf sshd\[17076\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.112.109.185 user=root	2019-10-14 01:15:18
66.249.79.30	attack	Automatic report - Banned IP Access	2019-10-14 00:55:56
41.242.102.66	attack	2019-10-13T16:27:31.317364abusebot-2.cloudsearch.cf sshd\[27839\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=hst-102-66.irenala.edu.mg user=root	2019-10-14 00:40:44
220.117.175.165	attack	Oct 13 20:09:39 sauna sshd[165169]: Failed password for root from 220.117.175.165 port 35004 ssh2 ...	2019-10-14 01:22:27
95.78.176.107	attackbots	Oct 13 19:06:24 vps647732 sshd[27621]: Failed password for root from 95.78.176.107 port 49684 ssh2 ...	2019-10-14 01:27:02
104.246.113.80	attackspambots	2019-10-13T13:45:35.989687lon01.zurich-datacenter.net sshd\[11365\]: Invalid user admin!@\# from 104.246.113.80 port 50112 2019-10-13T13:45:35.997598lon01.zurich-datacenter.net sshd\[11365\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ool-68f67150.dyn.optonline.net 2019-10-13T13:45:37.954716lon01.zurich-datacenter.net sshd\[11365\]: Failed password for invalid user admin!@\# from 104.246.113.80 port 50112 ssh2 2019-10-13T13:49:56.509238lon01.zurich-datacenter.net sshd\[11427\]: Invalid user Password@2016 from 104.246.113.80 port 60830 2019-10-13T13:49:56.516098lon01.zurich-datacenter.net sshd\[11427\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ool-68f67150.dyn.optonline.net ...	2019-10-14 00:38:24
181.222.143.177	attackspambots	Oct 13 18:06:18 dev0-dcde-rnet sshd[32172]: Failed password for root from 181.222.143.177 port 59497 ssh2 Oct 13 18:11:37 dev0-dcde-rnet sshd[32197]: Failed password for root from 181.222.143.177 port 51178 ssh2	2019-10-14 01:16:32
49.235.226.43	attack	$f2bV_matches	2019-10-14 00:40:14
51.75.205.122	attackbots	Oct 13 14:32:14 eventyay sshd[2551]: Failed password for root from 51.75.205.122 port 56624 ssh2 Oct 13 14:36:05 eventyay sshd[2743]: Failed password for root from 51.75.205.122 port 38682 ssh2 ...	2019-10-14 01:29:22
35.199.154.128	attackspam	2019-10-13T14:01:42.473676hub.schaetter.us sshd\[14964\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.154.199.35.bc.googleusercontent.com user=root 2019-10-13T14:01:44.311464hub.schaetter.us sshd\[14964\]: Failed password for root from 35.199.154.128 port 57872 ssh2 2019-10-13T14:05:17.122825hub.schaetter.us sshd\[14986\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.154.199.35.bc.googleusercontent.com user=root 2019-10-13T14:05:18.498781hub.schaetter.us sshd\[14986\]: Failed password for root from 35.199.154.128 port 39830 ssh2 2019-10-13T14:08:40.994812hub.schaetter.us sshd\[15017\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.154.199.35.bc.googleusercontent.com user=root ...	2019-10-14 01:29:53
45.70.32.250	attack	Unauthorised access (Oct 13) SRC=45.70.32.250 LEN=44 TTL=241 ID=21198 DF TCP DPT=23 WINDOW=14600 SYN Unauthorised access (Oct 10) SRC=45.70.32.250 LEN=44 TTL=241 ID=50078 DF TCP DPT=23 WINDOW=14600 SYN	2019-10-14 01:17:15
60.222.254.231	attackbotsspam	2019-10-13 dovecot_login authenticator failed for $REMOVED$ \[60.222.254.231\]: 535 Incorrect authentication data $set_id=nologin@REMOVED$ 2019-10-13 dovecot_login authenticator failed for $REMOVED$ \[60.222.254.231\]: 535 Incorrect authentication data $set_id=private@REMOVED$ 2019-10-13 dovecot_login authenticator failed for $REMOVED$ \[60.222.254.231\]: 535 Incorrect authentication data $set_id=private@REMOVED$	2019-10-14 01:22:04
156.208.20.67	attackspambots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/156.208.20.67/ EG - 1H : (94) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : EG NAME ASN : ASN8452 IP : 156.208.20.67 CIDR : 156.208.0.0/18 PREFIX COUNT : 833 UNIQUE IP COUNT : 7610368 WYKRYTE ATAKI Z ASN8452 : 1H - 2 3H - 9 6H - 18 12H - 39 24H - 95 DateTime : 2019-10-13 13:49:05 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-10-14 01:11:11

Recently Reported IPs

24.192.51.205	170.26.8.94	83.20.182.100	120.238.90.201
18.2.31.14	189.88.160.191	184.204.242.230	125.152.32.123
77.21.237.128	113.183.53.141	123.58.3.14	121.201.95.66
58.215.219.2	115.132.187.64	198.42.103.119	71.146.37.87
209.13.8.230	50.3.177.109	114.37.70.49	79.33.73.158