116.52.144.30 - IPInfo

Basic Info

City: Kunming

Region: Yunnan

Country: China

Internet Service Provider: ChinaNet Yunnan Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Invalid user ubnt from 116.52.144.30 port 49213	2020-01-19 03:57:20

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.52.144.30
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 43566
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;116.52.144.30.			IN	A

;; AUTHORITY SECTION:
.			404	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020011800 1800 900 604800 86400

;; Query time: 123 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jan 19 03:57:16 CST 2020
;; MSG SIZE  rcvd: 117

Host info

30.144.52.116.in-addr.arpa domain name pointer 30.144.52.116.broad.km.yn.dynamic.163data.com.cn.

Nslookup info:

Server:		100.100.2.136
Address:	100.100.2.136#53

Non-authoritative answer:
30.144.52.116.IN-ADDR.ARPA	name = 30.144.52.116.broad.km.yn.dynamic.163data.com.cn.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
94.23.32.126	attack	xmlrpc attack	2019-09-26 08:47:48
80.82.78.85	attackbots	Sep 26 01:51:47 relay dovecot: pop3-login: Aborted login \(auth failed, 1 attempts in 2 secs\): user=\, method=PLAIN, rip=80.82.78.85, lip=176.9.177.164, session=\ Sep 26 02:03:23 relay dovecot: pop3-login: Aborted login \(auth failed, 1 attempts in 2 secs\): user=\, method=PLAIN, rip=80.82.78.85, lip=176.9.177.164, session=\<7TVif2mTZkJQUk5V\> Sep 26 02:06:44 relay dovecot: pop3-login: Aborted login \(auth failed, 1 attempts in 2 secs\): user=\, method=PLAIN, rip=80.82.78.85, lip=176.9.177.164, session=\ Sep 26 02:08:42 relay dovecot: pop3-login: Aborted login \(auth failed, 1 attempts in 2 secs\): user=\, method=PLAIN, rip=80.82.78.85, lip=176.9.177.164, session=\ Sep 26 02:09:43 relay dovecot: pop3-login: Aborted login \(auth failed, 1 attempts in 2 secs\): user=\, method=PLAIN, rip=80.82.78.85, lip=176.9. ...	2019-09-26 08:14:14
221.167.9.20	attackbots	Sep 25 22:51:09 icinga sshd[2208]: Failed password for root from 221.167.9.20 port 56248 ssh2 Sep 25 22:51:16 icinga sshd[2208]: Failed password for root from 221.167.9.20 port 56248 ssh2 ...	2019-09-26 08:45:52
46.229.168.129	attackspam	Automatic report - Banned IP Access	2019-09-26 08:21:39
81.22.45.236	attackspambots	09/25/2019-20:22:45.137001 81.22.45.236 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-09-26 08:29:49
103.92.25.199	attackspambots	Sep 25 14:12:47 aiointranet sshd\[25666\]: Invalid user js from 103.92.25.199 Sep 25 14:12:47 aiointranet sshd\[25666\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.92.25.199 Sep 25 14:12:49 aiointranet sshd\[25666\]: Failed password for invalid user js from 103.92.25.199 port 47964 ssh2 Sep 25 14:18:11 aiointranet sshd\[26071\]: Invalid user activemq from 103.92.25.199 Sep 25 14:18:11 aiointranet sshd\[26071\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.92.25.199	2019-09-26 08:33:40
118.187.7.103	attack	Sep 25 20:51:58 sshgateway sshd\[14863\]: Invalid user deploy from 118.187.7.103 Sep 25 20:51:58 sshgateway sshd\[14863\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.187.7.103 Sep 25 20:52:00 sshgateway sshd\[14863\]: Failed password for invalid user deploy from 118.187.7.103 port 57590 ssh2	2019-09-26 08:26:08
150.95.52.70	attackbotsspam	10 attempts against mh-misc-ban on heat.magehost.pro	2019-09-26 08:13:39
59.61.206.221	attackspam	Sep 26 00:07:01 ip-172-31-62-245 sshd\[26600\]: Invalid user tricia from 59.61.206.221\ Sep 26 00:07:03 ip-172-31-62-245 sshd\[26600\]: Failed password for invalid user tricia from 59.61.206.221 port 39589 ssh2\ Sep 26 00:11:42 ip-172-31-62-245 sshd\[26700\]: Invalid user odroid from 59.61.206.221\ Sep 26 00:11:44 ip-172-31-62-245 sshd\[26700\]: Failed password for invalid user odroid from 59.61.206.221 port 60035 ssh2\ Sep 26 00:16:27 ip-172-31-62-245 sshd\[26716\]: Invalid user test8 from 59.61.206.221\	2019-09-26 08:42:08
62.234.99.172	attack	Sep 26 02:11:38 s64-1 sshd[1985]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.99.172 Sep 26 02:11:40 s64-1 sshd[1985]: Failed password for invalid user weblogic from 62.234.99.172 port 55374 ssh2 Sep 26 02:16:30 s64-1 sshd[2058]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.99.172 ...	2019-09-26 08:30:48
77.247.108.185	attack	\[2019-09-25 18:40:41\] NOTICE\[1970\] chan_sip.c: Registration from '"900" \' failed for '77.247.108.185:5550' - Wrong password \[2019-09-25 18:40:41\] SECURITY\[1978\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-09-25T18:40:41.358-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="900",SessionID="0x7f9b34331198",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.247.108.185/5550",Challenge="1e885561",ReceivedChallenge="1e885561",ReceivedHash="e2215a0515804d93b2fa2e2f6fd0b4d7" \[2019-09-25 18:40:41\] NOTICE\[1970\] chan_sip.c: Registration from '"900" \' failed for '77.247.108.185:5550' - Wrong password \[2019-09-25 18:40:41\] SECURITY\[1978\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-09-25T18:40:41.503-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="900",SessionID="0x7f9b345a1f18",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/7	2019-09-26 08:48:04
77.42.124.142	attackbots	Automatic report - Port Scan Attack	2019-09-26 08:11:54
222.186.175.216	attackbots	19/9/25@20:19:29: FAIL: IoT-SSH address from=222.186.175.216 ...	2019-09-26 08:40:08
172.81.250.106	attack	Sep 26 02:43:40 dedicated sshd[32042]: Invalid user render from 172.81.250.106 port 55814	2019-09-26 08:48:54
191.100.9.207	attackbots	3389BruteforceFW21	2019-09-26 08:38:26

Recently Reported IPs

200.126.120.146	200.230.16.228	194.17.129.174	61.215.129.48
49.66.221.215	1.223.1.109	106.13.144.102	193.122.223.54
54.158.247.253	85.138.3.119	32.11.2.177	49.77.70.107
106.12.49.158	62.117.231.57	1.198.171.95	122.139.186.45
104.244.229.223	156.56.65.123	64.148.113.120	181.66.86.214