116.138.136.162

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: China Unicom

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Unauthorised access (Oct 13) SRC=116.138.136.162 LEN=40 TTL=49 ID=51539 TCP DPT=8080 WINDOW=39714 SYN Unauthorised access (Oct 13) SRC=116.138.136.162 LEN=40 TTL=49 ID=26737 TCP DPT=8080 WINDOW=46662 SYN	2019-10-14 03:54:39

Type

Details

Datetime

attackspam

Unauthorised access (Oct 13) SRC=116.138.136.162 LEN=40 TTL=49 ID=51539 TCP DPT=8080 WINDOW=39714 SYN 
Unauthorised access (Oct 13) SRC=116.138.136.162 LEN=40 TTL=49 ID=26737 TCP DPT=8080 WINDOW=46662 SYN

2019-10-14 03:54:39

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.138.136.162
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17923
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;116.138.136.162.		IN	A

;; AUTHORITY SECTION:
.			599	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019101301 1800 900 604800 86400

;; Query time: 96 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Oct 14 03:54:36 CST 2019
;; MSG SIZE  rcvd: 119

Host info

Host 162.136.138.116.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 162.136.138.116.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
67.227.152.142	attackspambots	Apr 11 01:55:09 debian-2gb-nbg1-2 kernel: \[8821914.705877\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=67.227.152.142 DST=195.201.40.59 LEN=40 TOS=0x08 PREC=0x00 TTL=237 ID=60095 PROTO=TCP SPT=32767 DPT=8545 WINDOW=1024 RES=0x00 SYN URGP=0	2020-04-11 08:27:12
106.18.137.11	attack	ET SCAN Suspicious inbound to MSSQL port 1433 - port: 1433 proto: TCP cat: Potentially Bad Traffic	2020-04-11 08:10:33
36.110.41.66	attack	ET SCAN Suspicious inbound to PostgreSQL port 5432 - port: 5432 proto: TCP cat: Potentially Bad Traffic	2020-04-11 08:00:50
94.102.56.181	attack	Apr 11 01:30:50 debian-2gb-nbg1-2 kernel: \[8820456.298512\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=94.102.56.181 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=40246 PROTO=TCP SPT=49646 DPT=9337 WINDOW=1024 RES=0x00 SYN URGP=0	2020-04-11 08:13:02
89.248.168.202	attack	Apr 11 01:49:20 debian-2gb-nbg1-2 kernel: \[8821566.126970\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=89.248.168.202 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=13048 PROTO=TCP SPT=49528 DPT=5991 WINDOW=1024 RES=0x00 SYN URGP=0	2020-04-11 08:18:36
185.175.93.3	attackbots	04/10/2020-19:24:23.944254 185.175.93.3 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-04-11 08:04:56
139.99.34.219	attack	22/tcp 22/tcp 22/tcp [2020-03-27/04-10]3pkt	2020-04-11 08:08:19
51.161.12.231	attackbots	Apr 11 01:50:46 debian-2gb-nbg1-2 kernel: \[8821652.466990\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=51.161.12.231 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=238 ID=10978 PROTO=TCP SPT=32767 DPT=8545 WINDOW=1024 RES=0x00 SYN URGP=0	2020-04-11 08:30:30
92.118.37.86	attackbots	Apr 11 02:14:13 debian-2gb-nbg1-2 kernel: \[8823059.288748\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=92.118.37.86 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=55788 PROTO=TCP SPT=42081 DPT=3388 WINDOW=1024 RES=0x00 SYN URGP=0	2020-04-11 08:16:47
122.228.120.190	attackbots	ET SCAN Suspicious inbound to MSSQL port 1433 - port: 1433 proto: TCP cat: Potentially Bad Traffic	2020-04-11 08:09:04
89.144.47.247	attackbotsspam	04/10/2020-19:05:31.568150 89.144.47.247 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-04-11 08:19:19
91.134.235.254	attackbots	Apr 10 18:10:36 server1 sshd\[27436\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.134.235.254 user=root Apr 10 18:10:38 server1 sshd\[27436\]: Failed password for root from 91.134.235.254 port 43090 ssh2 Apr 10 18:14:08 server1 sshd\[28526\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.134.235.254 user=root Apr 10 18:14:10 server1 sshd\[28526\]: Failed password for root from 91.134.235.254 port 51000 ssh2 Apr 10 18:17:41 server1 sshd\[29421\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.134.235.254 user=root ...	2020-04-11 08:17:48
87.251.74.12	attackbotsspam	Port-scan: detected 168 distinct ports within a 24-hour window.	2020-04-11 08:20:30
62.4.14.122	attackbots	Scanned 1 times in the last 24 hours on port 5060	2020-04-11 08:27:54
194.204.32.125	attackbots	ET SCAN Sipvicious Scan - port: 5060 proto: UDP cat: Attempted Information Leak	2020-04-11 08:38:14

Recently Reported IPs

129.32.177.216	96.85.84.25	174.117.94.198	120.71.98.157
198.212.22.229	201.240.46.35	60.116.27.43	149.69.21.151
43.233.88.124	79.91.30.61	80.248.107.33	115.107.164.109
222.202.253.220	196.137.124.244	64.89.82.55	70.132.43.89
162.226.86.158	20.187.232.107	217.104.15.90	72.121.162.78