138.201.6.11 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: None

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
138.201.63.8	attack	Automatic report - XMLRPC Attack	2020-04-26 02:13:46
138.201.60.47	attack	The IP has triggered Cloudflare WAF. CF-Ray: 54110087ca66d72d \| WAF_Rule_ID: 53b8357af6d244d3a132bcf913c3a388 \| WAF_Kind: firewall \| CF_Action: drop \| Country: DE \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: skk.moe \| User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; ru; rv:1.9.0.1) Gecko/2008070208 \| CF_DC: FRA. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 04:08:59
138.201.64.18	attack	138.201.64.18 - - [12/Oct/2019:18:20:32 +0000] "GET / HTTP/1.1" 403 153 "-" "Mozilla/5.0 zgrab/0.x"	2019-10-13 03:30:02

Type

Details

Datetime

138.201.63.8

attack

Automatic report - XMLRPC Attack

2020-04-26 02:13:46

138.201.60.47

attack

The IP has triggered Cloudflare WAF. CF-Ray: 54110087ca66d72d | WAF_Rule_ID: 53b8357af6d244d3a132bcf913c3a388 | WAF_Kind: firewall | CF_Action: drop | Country: DE | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: skk.moe | User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; ru; rv:1.9.0.1) Gecko/2008070208 | CF_DC: FRA. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-08 04:08:59

138.201.64.18

attack

138.201.64.18 - - [12/Oct/2019:18:20:32 +0000] "GET / HTTP/1.1" 403 153 "-" "Mozilla/5.0 zgrab/0.x"

2019-10-13 03:30:02

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.201.6.11
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31350
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;138.201.6.11.			IN	A

;; AUTHORITY SECTION:
.			254	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022701 1800 900 604800 86400

;; Query time: 18 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 28 04:03:15 CST 2022
;; MSG SIZE  rcvd: 105

Host info

11.6.201.138.in-addr.arpa domain name pointer web.ca4tech.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
11.6.201.138.in-addr.arpa	name = web.ca4tech.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
103.133.111.73	attackbots	06.07.2019 13:17:12 Connection to port 3389 blocked by firewall	2019-07-07 05:45:01
91.236.239.151	attackspambots	Rude login attack (35 tries in 1d)	2019-07-07 06:08:20
86.101.236.161	attackspambots	Jul 6 15:17:55 * sshd[8791]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=86.101.236.161 Jul 6 15:17:57 * sshd[8791]: Failed password for invalid user mis from 86.101.236.161 port 59124 ssh2	2019-07-07 05:36:58
164.132.230.244	attackbots	Jul 6 20:59:42 unicornsoft sshd\[5638\]: Invalid user gary from 164.132.230.244 Jul 6 20:59:42 unicornsoft sshd\[5638\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.132.230.244 Jul 6 20:59:44 unicornsoft sshd\[5638\]: Failed password for invalid user gary from 164.132.230.244 port 58395 ssh2	2019-07-07 05:36:26
182.75.139.222	attackbotsspam	Trying to deliver email spam, but blocked by RBL	2019-07-07 05:54:16
89.238.154.42	attack	0,41-01/02 concatform PostRequest-Spammer scoring: Dodoma	2019-07-07 06:16:01
94.231.132.26	attack	WordPress wp-login brute force :: 94.231.132.26 0.096 BYPASS [06/Jul/2019:23:17:17 1000] www.[censored_4] "POST /wp-login.php HTTP/1.1" 200 3538 "https://[censored_4]/wp-login.php" "Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0"	2019-07-07 05:44:30
168.228.150.229	attackspambots	SMTP-sasl brute force ...	2019-07-07 05:56:49
91.121.179.17	attack	Jul 6 23:12:35 ns37 sshd[8852]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.121.179.17 Jul 6 23:12:37 ns37 sshd[8852]: Failed password for invalid user user from 91.121.179.17 port 59962 ssh2 Jul 6 23:16:17 ns37 sshd[9055]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.121.179.17	2019-07-07 06:15:11
106.12.28.10	attack	[ssh] SSH attack	2019-07-07 05:58:12
139.220.192.57	attack	Probing for vulnerable services	2019-07-07 05:55:12
104.236.250.88	attack	Jul 6 16:45:27 lnxmail61 sshd[6317]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.250.88	2019-07-07 05:29:47
54.37.157.219	attack	k+ssh-bruteforce	2019-07-07 05:34:31
77.234.46.201	attackbotsspam	Web App Attack	2019-07-07 06:05:03
200.94.22.27	attack	TCP port 993 (IMAP) attempt blocked by hMailServer IP-check. Abuse score 45%	2019-07-07 05:40:09

Recently Reported IPs

138.201.58.235	138.201.6.81	248.221.71.206	138.201.60.196
138.201.62.254	138.201.74.204	138.201.65.237	138.201.62.174
138.201.83.205	138.201.63.97	138.201.66.168	138.201.82.219
138.201.66.30	138.201.83.87	138.201.86.160	138.201.93.17
138.201.91.40	138.201.93.91	138.201.95.27	138.201.96.195