116.252.80.130

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Guangxi Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Port scan: Attack repeated for 24 hours	2020-07-18 13:41:40
attackbotsspam	Mar 31 23:30:13 debian-2gb-nbg1-2 kernel: \[7949264.233947\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=116.252.80.130 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=240 ID=26802 PROTO=TCP SPT=22266 DPT=1433 WINDOW=1024 RES=0x00 SYN URGP=0	2020-04-01 07:27:25

Type

Details

Datetime

attackbotsspam

Port scan: Attack repeated for 24 hours

2020-07-18 13:41:40

attackbotsspam

Mar 31 23:30:13 debian-2gb-nbg1-2 kernel: \[7949264.233947\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=116.252.80.130 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=240 ID=26802 PROTO=TCP SPT=22266 DPT=1433 WINDOW=1024 RES=0x00 SYN URGP=0

2020-04-01 07:27:25

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.252.80.130
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 41116
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;116.252.80.130.			IN	A

;; AUTHORITY SECTION:
.			367	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020033102 1800 900 604800 86400

;; Query time: 95 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Apr 01 07:27:20 CST 2020
;; MSG SIZE  rcvd: 118

Host info

130.80.252.116.in-addr.arpa has no PTR record

Nslookup info:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 130.80.252.116.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
222.186.175.161	attack	Oct 22 07:08:44 meumeu sshd[15960]: Failed password for root from 222.186.175.161 port 3674 ssh2 Oct 22 07:08:59 meumeu sshd[15960]: Failed password for root from 222.186.175.161 port 3674 ssh2 Oct 22 07:09:04 meumeu sshd[15960]: Failed password for root from 222.186.175.161 port 3674 ssh2 Oct 22 07:09:04 meumeu sshd[15960]: error: maximum authentication attempts exceeded for root from 222.186.175.161 port 3674 ssh2 [preauth] ...	2019-10-22 13:11:03
178.150.216.229	attackspambots	2019-10-22T03:56:26.354169abusebot.cloudsearch.cf sshd\[21700\]: Invalid user viable from 178.150.216.229 port 35310	2019-10-22 13:42:52
178.62.237.38	attackspam	Oct 22 07:06:20 dedicated sshd[9505]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.237.38 user=root Oct 22 07:06:22 dedicated sshd[9505]: Failed password for root from 178.62.237.38 port 33282 ssh2	2019-10-22 13:25:40
140.143.4.188	attack	2019-10-22T04:28:04.378705abusebot.cloudsearch.cf sshd\[22159\]: Invalid user front from 140.143.4.188 port 38246	2019-10-22 13:15:08
191.36.246.167	attackspambots	2019-10-22T04:31:28.347704abusebot-5.cloudsearch.cf sshd\[14425\]: Invalid user fd from 191.36.246.167 port 27802	2019-10-22 12:57:41
222.186.42.4	attack	$f2bV_matches	2019-10-22 13:10:04
78.186.54.193	attack	UTC: 2019-10-21 port: 23/tcp	2019-10-22 13:09:32
211.219.80.99	attackbots	Invalid user nagios from 211.219.80.99 port 37998	2019-10-22 13:06:41
62.234.73.249	attack	Oct 22 03:27:47 vtv3 sshd\[638\]: Invalid user user from 62.234.73.249 port 33412 Oct 22 03:27:47 vtv3 sshd\[638\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.73.249 Oct 22 03:27:48 vtv3 sshd\[638\]: Failed password for invalid user user from 62.234.73.249 port 33412 ssh2 Oct 22 03:32:22 vtv3 sshd\[2925\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.73.249 user=root Oct 22 03:32:24 vtv3 sshd\[2925\]: Failed password for root from 62.234.73.249 port 44306 ssh2 Oct 22 03:46:08 vtv3 sshd\[10112\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.73.249 user=root Oct 22 03:46:10 vtv3 sshd\[10112\]: Failed password for root from 62.234.73.249 port 48794 ssh2 Oct 22 03:50:51 vtv3 sshd\[12348\]: Invalid user ubuntu from 62.234.73.249 port 59700 Oct 22 03:50:51 vtv3 sshd\[12348\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ru	2019-10-22 13:18:55
222.186.190.92	attackspam	2019-10-22T05:04:13.592049abusebot.cloudsearch.cf sshd\[22693\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.190.92 user=root	2019-10-22 13:05:00
106.13.1.203	attack	Oct 22 06:56:56 h2177944 sshd\[14257\]: Invalid user real from 106.13.1.203 port 49838 Oct 22 06:56:56 h2177944 sshd\[14257\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.1.203 Oct 22 06:56:58 h2177944 sshd\[14257\]: Failed password for invalid user real from 106.13.1.203 port 49838 ssh2 Oct 22 07:02:11 h2177944 sshd\[14932\]: Invalid user av from 106.13.1.203 port 57708 ...	2019-10-22 13:50:50
138.197.176.130	attack	Oct 21 18:44:34 eddieflores sshd\[16689\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.176.130 user=root Oct 21 18:44:37 eddieflores sshd\[16689\]: Failed password for root from 138.197.176.130 port 52938 ssh2 Oct 21 18:48:46 eddieflores sshd\[17029\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.176.130 user=root Oct 21 18:48:48 eddieflores sshd\[17029\]: Failed password for root from 138.197.176.130 port 43708 ssh2 Oct 21 18:52:51 eddieflores sshd\[17323\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.176.130 user=root	2019-10-22 13:02:24
182.61.43.47	attackspambots	2019-10-22T04:59:49.037636abusebot-8.cloudsearch.cf sshd\[20509\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.43.47 user=root	2019-10-22 13:21:06
66.70.189.236	attack	Oct 22 05:53:28 SilenceServices sshd[8325]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.189.236 Oct 22 05:53:30 SilenceServices sshd[8325]: Failed password for invalid user !QAZ2wsx3ed from 66.70.189.236 port 50876 ssh2 Oct 22 05:57:17 SilenceServices sshd[9372]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.189.236	2019-10-22 13:06:26
104.131.22.72	attack	Brute force SMTP login attempted. ...	2019-10-22 13:20:09

Recently Reported IPs

134.122.61.205	111.120.16.2	103.45.106.55	222.77.77.162
183.111.197.102	109.73.176.53	103.25.58.129	213.238.181.236
121.122.97.162	110.93.91.95	114.79.144.99	89.223.93.15
110.87.106.72	116.90.145.153	82.0.24.21	53.39.108.147
77.40.131.162	208.126.209.0	95.170.239.20	206.208.188.181