116.207.130.138

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Hubei Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/116.207.130.138/ CN - 1H : (1856) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : CN NAME ASN : ASN136191 IP : 116.207.130.138 CIDR : 116.207.128.0/18 PREFIX COUNT : 2 UNIQUE IP COUNT : 16640 ATTACKS DETECTED ASN136191 : 1H - 1 3H - 1 6H - 1 12H - 3 24H - 3 DateTime : 2019-10-25 05:45:19 INFO : HACK ! - Looking for resource vulnerabilities Scan Detected and Blocked by ADMIN - data recovery	2019-10-25 19:56:35

Type

Details

Datetime

attackbotsspam

IP Ban Report :  
 https://help-dysk.pl/wordpress-firewall-plugins/ip/116.207.130.138/ 
 
 CN - 1H : (1856)  
 Protection Against DDoS WordPress plugin :  
 "odzyskiwanie danych help-dysk" 
 IP Address Ranges by Country : CN 
 NAME ASN : ASN136191 
 
 IP : 116.207.130.138 
 
 CIDR : 116.207.128.0/18 
 
 PREFIX COUNT : 2 
 
 UNIQUE IP COUNT : 16640 
 
 
 ATTACKS DETECTED ASN136191 :  
  1H - 1 
  3H - 1 
  6H - 1 
 12H - 3 
 24H - 3 
 
 DateTime : 2019-10-25 05:45:19 
 
 INFO :  HACK ! - Looking for resource vulnerabilities Scan Detected and Blocked by ADMIN  - data recovery

2019-10-25 19:56:35

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.207.130.138
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 65204
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;116.207.130.138.		IN	A

;; AUTHORITY SECTION:
.			270	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102500 1800 900 604800 86400

;; Query time: 104 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Oct 25 19:56:30 CST 2019
;; MSG SIZE  rcvd: 119

Host info

Host 138.130.207.116.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 138.130.207.116.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
46.101.11.213	attackspam	Aug 20 03:02:43 ms-srv sshd[10008]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.11.213 Aug 20 03:02:45 ms-srv sshd[10008]: Failed password for invalid user carmen from 46.101.11.213 port 37488 ssh2	2020-02-03 04:52:46
78.189.102.160	attackspambots	DATE:2020-02-02 16:06:59, IP:78.189.102.160, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2020-02-03 04:42:48
193.151.226.48	attack	Mar 16 09:16:37 ms-srv sshd[64204]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.151.226.48 Mar 16 09:16:39 ms-srv sshd[64202]: Failed password for invalid user pi from 193.151.226.48 port 45922 ssh2 Mar 16 09:16:39 ms-srv sshd[64204]: Failed password for invalid user pi from 193.151.226.48 port 45930 ssh2	2020-02-03 04:53:57
185.227.6.108	attackspambots	2020-02-02 23:16:41 dovecot_plain authenticator failed for (ctdjcuusnm) [185.227.6.108]: 535 Incorrect authentication data (set_id=service@usmancity.ru) 2020-02-02 23:16:47 dovecot_login authenticator failed for (ctdjcuusnm) [185.227.6.108]: 535 Incorrect authentication data (set_id=service@usmancity.ru) 2020-02-02 23:16:58 dovecot_plain authenticator failed for (ctdjcuusnm) [185.227.6.108]: 535 Incorrect authentication data (set_id=service) ...	2020-02-03 04:54:47
190.83.139.21	attack	Unauthorized connection attempt detected from IP address 190.83.139.21 to port 23 [J]	2020-02-03 05:06:55
193.188.67.41	attack	Jan 30 08:24:16 ms-srv sshd[28869]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.188.67.41 Jan 30 08:24:18 ms-srv sshd[28869]: Failed password for invalid user teamspeak3 from 193.188.67.41 port 33692 ssh2	2020-02-03 04:40:47
198.251.84.216	attack	Unauthorized connection attempt detected from IP address 198.251.84.216 to port 2323 [J]	2020-02-03 05:05:38
193.140.134.102	attack	Aug 1 16:39:24 ms-srv sshd[16870]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.140.134.102 Aug 1 16:39:26 ms-srv sshd[16870]: Failed password for invalid user rpc from 193.140.134.102 port 9687 ssh2	2020-02-03 05:00:53
106.51.71.89	attack	DATE:2020-02-02 16:06:43, IP:106.51.71.89, PORT:1433 MSSQL brute force auth on honeypot server (honey-neo-dc)	2020-02-03 05:12:34
78.189.94.12	attack	Unauthorized connection attempt detected from IP address 78.189.94.12 to port 23 [J]	2020-02-03 04:41:30
170.81.242.10	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-02-03 05:15:04
148.72.232.130	attackbots	Sql/code injection probe	2020-02-03 05:19:52
110.137.80.117	attackbotsspam	DATE:2020-02-02 16:06:48, IP:110.137.80.117, PORT:1433 MSSQL brute force auth on honeypot server (honey-neo-dc)	2020-02-03 05:02:40
36.237.37.233	attack	20/2/2@10:06:53: FAIL: Alarm-Network address from=36.237.37.233 20/2/2@10:06:53: FAIL: Alarm-Network address from=36.237.37.233 ...	2020-02-03 04:51:01
45.148.10.83	attackbots	DATE:2020-02-02 16:06:54, IP:45.148.10.83, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2020-02-03 04:50:34

Recently Reported IPs

18.56.101.198	151.107.247.18	24.128.136.73	112.175.124.8
122.164.87.104	112.175.127.187	179.43.110.139	115.213.191.4
92.246.3.24	117.1.84.100	81.43.39.87	139.155.112.250
59.97.236.78	46.102.92.180	18.217.4.9	149.210.101.142
36.22.220.248	202.131.102.61	34.67.51.32	218.19.136.175