116.138.152.213

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: China Unicom

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-11-22 04:30:09

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.138.152.213
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 46383
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;116.138.152.213.		IN	A

;; AUTHORITY SECTION:
.			564	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019112101 1800 900 604800 86400

;; Query time: 593 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Nov 22 04:30:06 CST 2019
;; MSG SIZE  rcvd: 119

Host info

Host 213.152.138.116.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 213.152.138.116.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
103.74.111.11	attackbotsspam	[SMB remote code execution attempt: port tcp/445] *(RWIN=8192)(08041230)	2019-08-05 00:24:27
64.32.122.166	attackbotsspam	[SMB remote code execution attempt: port tcp/445] *(RWIN=8192)(08041230)	2019-08-04 23:46:30
110.255.39.54	attackspambots	[portscan] tcp/23 [TELNET] *(RWIN=44819)(08041230)	2019-08-04 23:37:39
162.243.149.130	attackspambots	[portscan] tcp/115 [sftp] *(RWIN=65535)(08041230)	2019-08-04 23:28:17
112.202.229.187	attack	[SMB remote code execution attempt: port tcp/445] *(RWIN=8192)(08041230)	2019-08-05 00:19:13
189.8.1.50	attackspam	Aug 4 06:53:35 plusreed sshd[11755]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.8.1.50 user=root Aug 4 06:53:36 plusreed sshd[11755]: Failed password for root from 189.8.1.50 port 55264 ssh2 ...	2019-08-04 23:24:24
43.240.117.219	attack	[SMB remote code execution attempt: port tcp/445] *(RWIN=1024)(08041230)	2019-08-04 23:50:54
95.65.98.184	attack	[SMB remote code execution attempt: port tcp/445] *(RWIN=1024)(08041230)	2019-08-05 00:26:35
180.245.38.32	attackspambots	[portscan] tcp/139 [NetBIOS Session Service] *(RWIN=1024)(08041230)	2019-08-05 00:08:24
188.244.141.38	attack	[portscan] tcp/139 [NetBIOS Session Service] [SMB remote code execution attempt: port tcp/445] [scan/connect: 7 time(s)] *(RWIN=8192)(08041230)	2019-08-04 23:24:53
64.32.21.254	attackbots	[SMB remote code execution attempt: port tcp/445] *(RWIN=1024)(08041230)	2019-08-04 23:46:56
183.82.117.78	attackspam	[SMB remote code execution attempt: port tcp/445] *(RWIN=8192)(08041230)	2019-08-05 00:07:50
118.88.71.234	attack	[portscan] tcp/23 [TELNET] *(RWIN=39663)(08041230)	2019-08-05 00:17:20
189.212.149.165	attack	[SMB remote code execution attempt: port tcp/445] *(RWIN=1024)(08041230)	2019-08-04 23:23:03
162.62.26.128	attack	[portscan] tcp/43 [WHOIS] *(RWIN=65535)(08041230)	2019-08-05 00:10:20

Recently Reported IPs

190.130.235.198	132.203.40.129	5.53.124.102	180.198.135.133
108.18.230.237	76.210.255.57	217.69.0.241	153.104.236.117
115.79.61.20	169.252.57.24	161.49.112.188	54.149.66.131
193.75.196.56	64.71.86.48	56.97.43.200	74.65.156.190
79.200.9.194	172.96.192.25	36.205.89.236	153.229.37.185