116.148.130.154

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: China Unicom

Hostname: unknown

Organization: CHINA UNICOM China169 Backbone

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	[portscan] tcp/23 [TELNET] *(RWIN=57577)(08041230)	2019-08-05 00:17:44

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.148.130.154
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 60727
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;116.148.130.154.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080400 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Aug 05 00:17:30 CST 2019
;; MSG SIZE  rcvd: 119

Host info

Host 154.130.148.116.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 154.130.148.116.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
213.32.23.58	attackbotsspam	SSH Brute Force	2020-05-25 02:29:37
62.109.3.222	attackspambots	May 24 10:10:08 propaganda sshd[48432]: Connection from 62.109.3.222 port 57180 on 10.0.0.161 port 22 rdomain "" May 24 10:10:11 propaganda sshd[48432]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.109.3.222 user=root May 24 10:10:13 propaganda sshd[48432]: Failed password for root from 62.109.3.222 port 57180 ssh2	2020-05-25 02:35:54
54.36.148.4	attack	Automatic report - Banned IP Access	2020-05-25 02:32:32
188.6.161.77	attackbots	$f2bV_matches	2020-05-25 02:33:02
142.93.235.47	attackbotsspam	May 24 17:49:28 sshgateway sshd\[6452\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.235.47 user=root May 24 17:49:30 sshgateway sshd\[6452\]: Failed password for root from 142.93.235.47 port 54312 ssh2 May 24 17:59:23 sshgateway sshd\[6554\]: Invalid user fwong from 142.93.235.47	2020-05-25 02:39:42
140.143.146.45	attackspambots	May 24 19:31:20 nextcloud sshd\[20335\]: Invalid user teodora from 140.143.146.45 May 24 19:31:20 nextcloud sshd\[20335\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.146.45 May 24 19:31:22 nextcloud sshd\[20335\]: Failed password for invalid user teodora from 140.143.146.45 port 50778 ssh2	2020-05-25 02:32:01
222.186.169.192	attack	May 24 20:39:11 * sshd[21702]: Failed password for root from 222.186.169.192 port 38402 ssh2 May 24 20:39:23 * sshd[21702]: Failed password for root from 222.186.169.192 port 38402 ssh2 May 24 20:39:23 * sshd[21702]: error: maximum authentication attempts exceeded for root from 222.186.169.192 port 38402 ssh2 [preauth]	2020-05-25 02:47:52
51.77.144.50	attackspambots	May 24 16:00:47 vpn01 sshd[23169]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.144.50 May 24 16:00:49 vpn01 sshd[23169]: Failed password for invalid user rafael from 51.77.144.50 port 44766 ssh2 ...	2020-05-25 02:34:05
95.235.194.114	attackbots	May 24 20:14:59 inter-technics sshd[3997]: Invalid user vsftpd from 95.235.194.114 port 51194 May 24 20:14:59 inter-technics sshd[3997]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.235.194.114 May 24 20:14:59 inter-technics sshd[3997]: Invalid user vsftpd from 95.235.194.114 port 51194 May 24 20:15:01 inter-technics sshd[3997]: Failed password for invalid user vsftpd from 95.235.194.114 port 51194 ssh2 May 24 20:18:45 inter-technics sshd[4398]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.235.194.114 user=root May 24 20:18:47 inter-technics sshd[4398]: Failed password for root from 95.235.194.114 port 54790 ssh2 ...	2020-05-25 02:26:52
116.6.234.145	attackbotsspam	(sshd) Failed SSH login from 116.6.234.145 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: May 24 18:19:09 amsweb01 sshd[3227]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.6.234.145 user=root May 24 18:19:11 amsweb01 sshd[3227]: Failed password for root from 116.6.234.145 port 29675 ssh2 May 24 18:27:28 amsweb01 sshd[4022]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.6.234.145 user=root May 24 18:27:31 amsweb01 sshd[4022]: Failed password for root from 116.6.234.145 port 29676 ssh2 May 24 18:30:09 amsweb01 sshd[4385]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.6.234.145 user=root	2020-05-25 02:52:32
1.9.128.17	attackbotsspam	May 24 18:24:57 ns382633 sshd\[18036\]: Invalid user phoenix from 1.9.128.17 port 61169 May 24 18:24:57 ns382633 sshd\[18036\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.9.128.17 May 24 18:24:59 ns382633 sshd\[18036\]: Failed password for invalid user phoenix from 1.9.128.17 port 61169 ssh2 May 24 18:40:13 ns382633 sshd\[21520\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.9.128.17 user=root May 24 18:40:15 ns382633 sshd\[21520\]: Failed password for root from 1.9.128.17 port 27618 ssh2	2020-05-25 02:50:14
95.179.34.146	attack	port	2020-05-25 02:38:52
101.89.135.53	attackbots	May 24 19:26:40 pornomens sshd\[20910\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.89.135.53 user=root May 24 19:26:42 pornomens sshd\[20910\]: Failed password for root from 101.89.135.53 port 42309 ssh2 May 24 19:29:36 pornomens sshd\[20950\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.89.135.53 user=root ...	2020-05-25 02:46:34
49.115.106.87	attackspam	Automatic report - Port Scan Attack	2020-05-25 02:23:51
45.134.179.57	attackspambots	May 24 20:00:52 debian-2gb-nbg1-2 kernel: \[12602059.648457\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.134.179.57 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=16574 PROTO=TCP SPT=42948 DPT=5398 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-25 02:28:32

Recently Reported IPs

112.197.59.29	121.57.110.54	31.183.7.28	111.254.218.93
53.173.76.119	111.79.107.164	109.189.156.131	118.166.124.134
111.130.91.168	49.67.153.209	103.199.100.238	157.43.10.78
181.133.107.18	180.18.126.107	223.202.16.85	103.74.111.11
96.33.235.92	103.53.188.188	103.37.80.198	67.15.19.73