1.118.254.28 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.118.254.28
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17665
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;1.118.254.28.			IN	A

;; AUTHORITY SECTION:
.			534	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022111100 1800 900 604800 86400

;; Query time: 95 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Nov 11 22:14:23 CST 2022
;; MSG SIZE  rcvd: 105

Host info

Host 28.254.118.1.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 28.254.118.1.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
171.244.140.174	attackbots	prod6 ...	2020-08-26 06:24:42
183.6.107.248	attack	Aug 26 02:35:01 gw1 sshd[5474]: Failed password for ubuntu from 183.6.107.248 port 50914 ssh2 ...	2020-08-26 05:57:59
101.99.23.105	attack	Unauthorized connection attempt from IP address 101.99.23.105 on Port 445(SMB)	2020-08-26 06:01:30
110.153.66.42	attack	Linksys WAG54G2 Web Management Remote Command Execution Vulnerability	2020-08-26 06:19:16
218.108.191.150	attack	[N10.H1.VM1] Port Scanner Detected Blocked by UFW	2020-08-26 06:01:56
144.34.172.241	attackspam	Aug 25 20:46:46 scw-focused-cartwright sshd[32608]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.34.172.241 Aug 25 20:46:48 scw-focused-cartwright sshd[32608]: Failed password for invalid user albatros from 144.34.172.241 port 47906 ssh2	2020-08-26 06:07:16
77.48.235.52	attackspam	Unauthorized connection attempt from IP address 77.48.235.52 on Port 465(SMTPS)	2020-08-26 05:56:46
79.137.33.20	attackspam	2020-08-26T00:53:17.519399lavrinenko.info sshd[24141]: Failed password for root from 79.137.33.20 port 41467 ssh2 2020-08-26T00:55:56.672592lavrinenko.info sshd[24320]: Invalid user isaac from 79.137.33.20 port 35624 2020-08-26T00:55:56.679245lavrinenko.info sshd[24320]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.137.33.20 2020-08-26T00:55:56.672592lavrinenko.info sshd[24320]: Invalid user isaac from 79.137.33.20 port 35624 2020-08-26T00:55:58.943043lavrinenko.info sshd[24320]: Failed password for invalid user isaac from 79.137.33.20 port 35624 ssh2 ...	2020-08-26 06:07:47
114.119.163.243	attackspam	[Wed Aug 26 04:19:51.244151 2020] [:error] [pid 10861:tid 139707031746304] [client 114.119.163.243:35702] [client 114.119.163.243] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/index.php/prakiraan-iklim/agroklimatologi/kalender-tanam/3824-kalender-tanam-katam-terpadu-pulau-kalimantan/kalender-tanam-katam-terpadu-provinsi-kalimantan-barat/kalender-tanam-katam-terpadu-kabupaten-sambas-provinsi-kalimantan-barat/kalender-tanam-k ...	2020-08-26 05:51:33
41.21.233.230	attackspambots	Auto Detect Rule! proto TCP (SYN), 41.21.233.230:50379->gjan.info:1433, len 40	2020-08-26 06:21:17
68.168.142.29	attack	SSH Invalid Login	2020-08-26 05:55:34
95.188.95.214	attackspam	Unauthorized connection attempt from IP address 95.188.95.214 on Port 445(SMB)	2020-08-26 06:10:17
14.160.24.104	attackbotsspam	Unauthorized connection attempt from IP address 14.160.24.104 on Port 445(SMB)	2020-08-26 06:04:41
185.180.128.148	attack	Auto Detect Rule! proto TCP (SYN), 185.180.128.148:63613->gjan.info:8080, len 44	2020-08-26 06:17:46
121.123.148.220	attack	firewall-block, port(s): 25814/tcp	2020-08-26 06:25:23

Recently Reported IPs

0.0.37.234	1.12.216.241	1.118.193.10	1.118.58.121
0.100.92.230	1.118.16.190	1.119.220.13	1.119.6.228
1.12.227.220	1.119.88.165	1.117.77.198	1.119.252.148
1.117.49.148	1.118.160.61	0.103.108.193	1.118.161.247
1.118.112.232	1.118.59.239	1.119.79.232	1.119.3.168