116.207.130.138

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Hubei Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/116.207.130.138/ CN - 1H : (1856) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : CN NAME ASN : ASN136191 IP : 116.207.130.138 CIDR : 116.207.128.0/18 PREFIX COUNT : 2 UNIQUE IP COUNT : 16640 ATTACKS DETECTED ASN136191 : 1H - 1 3H - 1 6H - 1 12H - 3 24H - 3 DateTime : 2019-10-25 05:45:19 INFO : HACK ! - Looking for resource vulnerabilities Scan Detected and Blocked by ADMIN - data recovery	2019-10-25 19:56:35

Type

Details

Datetime

attackbotsspam

IP Ban Report :  
 https://help-dysk.pl/wordpress-firewall-plugins/ip/116.207.130.138/ 
 
 CN - 1H : (1856)  
 Protection Against DDoS WordPress plugin :  
 "odzyskiwanie danych help-dysk" 
 IP Address Ranges by Country : CN 
 NAME ASN : ASN136191 
 
 IP : 116.207.130.138 
 
 CIDR : 116.207.128.0/18 
 
 PREFIX COUNT : 2 
 
 UNIQUE IP COUNT : 16640 
 
 
 ATTACKS DETECTED ASN136191 :  
  1H - 1 
  3H - 1 
  6H - 1 
 12H - 3 
 24H - 3 
 
 DateTime : 2019-10-25 05:45:19 
 
 INFO :  HACK ! - Looking for resource vulnerabilities Scan Detected and Blocked by ADMIN  - data recovery

2019-10-25 19:56:35

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.207.130.138
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 65204
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;116.207.130.138.		IN	A

;; AUTHORITY SECTION:
.			270	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102500 1800 900 604800 86400

;; Query time: 104 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Oct 25 19:56:30 CST 2019
;; MSG SIZE  rcvd: 119

Host info

Host 138.130.207.116.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 138.130.207.116.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
118.89.139.150	attackbotsspam	C1,WP GET /wp-login.php	2019-08-09 13:46:58
134.209.82.3	attackspambots	fire	2019-08-09 13:57:18
178.128.215.16	attack	Unauthorized SSH login attempts	2019-08-09 14:02:04
49.212.148.139	attack	Aug 9 06:50:42 ubuntu-2gb-nbg1-dc3-1 sshd[28717]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.212.148.139 Aug 9 06:50:44 ubuntu-2gb-nbg1-dc3-1 sshd[28717]: Failed password for invalid user lim from 49.212.148.139 port 43270 ssh2 ...	2019-08-09 13:51:09
213.102.80.34	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-08-09 14:36:51
52.179.138.240	attackspam	RDP Bruteforce	2019-08-09 13:58:33
218.92.0.173	attack	Aug 9 03:30:26 *** sshd[12523]: User root from 218.92.0.173 not allowed because not listed in AllowUsers	2019-08-09 14:08:10
202.100.182.250	attack	Aug 8 16:41:39 oldtbh2 sshd[23548]: Failed unknown for invalid user admin from 202.100.182.250 port 40898 ssh2 Aug 8 16:41:39 oldtbh2 sshd[23548]: Failed unknown for invalid user admin from 202.100.182.250 port 40898 ssh2 Aug 8 16:41:40 oldtbh2 sshd[23548]: Failed unknown for invalid user admin from 202.100.182.250 port 40898 ssh2 ...	2019-08-09 14:16:15
51.68.46.156	attack	$f2bV_matches	2019-08-09 13:45:35
223.16.216.92	attackspam	Aug 9 02:53:14 MK-Soft-Root2 sshd\[21400\]: Invalid user karina from 223.16.216.92 port 45270 Aug 9 02:53:14 MK-Soft-Root2 sshd\[21400\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.16.216.92 Aug 9 02:53:15 MK-Soft-Root2 sshd\[21400\]: Failed password for invalid user karina from 223.16.216.92 port 45270 ssh2 ...	2019-08-09 13:56:52
35.195.238.142	attackspambots	Aug 9 05:59:49 [host] sshd[15358]: Invalid user public from 35.195.238.142 Aug 9 05:59:49 [host] sshd[15358]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.195.238.142 Aug 9 05:59:52 [host] sshd[15358]: Failed password for invalid user public from 35.195.238.142 port 40604 ssh2	2019-08-09 14:31:08
157.230.243.126	attack	Aug 8 06:27:44 srv1 sshd[11762]: Invalid user nicolas from 157.230.243.126 Aug 8 06:27:44 srv1 sshd[11762]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.243.126 Aug 8 06:27:46 srv1 sshd[11762]: Failed password for invalid user nicolas from 157.230.243.126 port 56028 ssh2 Aug 8 06:27:47 srv1 sshd[11762]: Received disconnect from 157.230.243.126: 11: Bye Bye [preauth] Aug 8 06:34:09 srv1 sshd[12302]: Invalid user tempuser from 157.230.243.126 Aug 8 06:34:09 srv1 sshd[12302]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.243.126 Aug 8 06:34:11 srv1 sshd[12302]: Failed password for invalid user tempuser from 157.230.243.126 port 37350 ssh2 Aug 8 06:34:12 srv1 sshd[12302]: Received disconnect from 157.230.243.126: 11: Bye Bye [preaut .... truncated .... Aug 8 06:27:44 srv1 sshd[11762]: Invalid user nicolas from 157.230.243.126 Aug 8 06:27:44 srv1 sshd[11762]: pa........ -------------------------------	2019-08-09 14:10:40
95.163.82.25	attackspambots	Spam trapped	2019-08-09 14:29:09
51.75.147.100	attack	Aug 8 21:41:22 MK-Soft-VM6 sshd\[28541\]: Invalid user andreea from 51.75.147.100 port 54024 Aug 8 21:41:22 MK-Soft-VM6 sshd\[28541\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.147.100 Aug 8 21:41:24 MK-Soft-VM6 sshd\[28541\]: Failed password for invalid user andreea from 51.75.147.100 port 54024 ssh2 ...	2019-08-09 14:26:40
177.38.178.25	attackspam	Aug 8 04:08:45 wp sshd[471]: Did not receive identification string from 177.38.178.25 Aug 8 04:10:41 wp sshd[486]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177-38-178-25.micks.com.br user=r.r Aug 8 04:10:43 wp sshd[486]: Failed password for r.r from 177.38.178.25 port 54366 ssh2 Aug 8 04:10:43 wp sshd[486]: Received disconnect from 177.38.178.25: 11: Normal Shutdown, Thank you for playing [preauth] Aug 8 04:11:49 wp sshd[488]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177-38-178-25.micks.com.br user=r.r Aug 8 04:11:50 wp sshd[488]: Failed password for r.r from 177.38.178.25 port 40478 ssh2 Aug 8 04:11:51 wp sshd[488]: Received disconnect from 177.38.178.25: 11: Normal Shutdown, Thank you for playing [preauth] Aug 8 04:12:55 wp sshd[492]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177-38-178-25.micks.com.br user=r.r Aug 8 0........ -------------------------------	2019-08-09 13:57:57

Recently Reported IPs

18.56.101.198	151.107.247.18	24.128.136.73	112.175.124.8
122.164.87.104	112.175.127.187	179.43.110.139	115.213.191.4
92.246.3.24	117.1.84.100	81.43.39.87	139.155.112.250
59.97.236.78	46.102.92.180	18.217.4.9	149.210.101.142
36.22.220.248	202.131.102.61	34.67.51.32	218.19.136.175