116.118.0.142 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Viet Nam

Internet Service Provider: Vietnam Post and Telecom Corporation

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Telnet Server BruteForce Attack	2020-02-12 15:25:50

Comments on same subnet:

IP	Type	Details	Datetime
116.118.0.84	attackbotsspam	Automatic report - Port Scan Attack	2020-09-29 02:29:15
116.118.0.84	attackspambots	Automatic report - Port Scan Attack	2020-09-28 18:37:01

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.118.0.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 62622
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;116.118.0.142.			IN	A

;; AUTHORITY SECTION:
.			594	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020021200 1800 900 604800 86400

;; Query time: 488 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Feb 12 15:25:43 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 142.0.118.116.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 142.0.118.116.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
68.183.153.161	attackbotsspam	TCP (SYN) 68.183.153.161:55535 -> port 7212, len 44	2020-06-26 20:21:04
207.46.13.144	attackbotsspam	[Fri Jun 26 18:29:53.058064 2020] [:error] [pid 16617:tid 140192808445696] [client 207.46.13.144:20256] [client 207.46.13.144] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/robots.txt"] [unique_id "XvXcMWGdoQ43IVQ2pFM27wAAAZY"] ...	2020-06-26 20:45:12
193.169.212.160	attackbotsspam	Spammer	2020-06-26 20:29:37
180.235.135.182	attack	Email login attempts - bad mail account name (SMTP)	2020-06-26 20:27:38
114.86.219.114	attackbotsspam	Jun 26 12:26:12 rush sshd[4606]: Failed password for root from 114.86.219.114 port 35432 ssh2 Jun 26 12:28:46 rush sshd[4635]: Failed password for root from 114.86.219.114 port 40160 ssh2 ...	2020-06-26 20:43:38
218.52.61.227	attackspam	Jun 26 05:56:21 server1 sshd\[17853\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.52.61.227 user=ubuntu Jun 26 05:56:23 server1 sshd\[17853\]: Failed password for ubuntu from 218.52.61.227 port 55616 ssh2 Jun 26 05:59:50 server1 sshd\[20248\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.52.61.227 user=root Jun 26 05:59:51 server1 sshd\[20248\]: Failed password for root from 218.52.61.227 port 53716 ssh2 Jun 26 06:03:14 server1 sshd\[22043\]: Invalid user sidney from 218.52.61.227 Jun 26 06:03:14 server1 sshd\[22043\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.52.61.227 ...	2020-06-26 20:59:55
106.12.6.55	attackbots	Jun 26 05:58:35 server1 sshd\[19387\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.6.55 user=root Jun 26 05:58:36 server1 sshd\[19387\]: Failed password for root from 106.12.6.55 port 38232 ssh2 Jun 26 06:01:36 server1 sshd\[21202\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.6.55 user=root Jun 26 06:01:38 server1 sshd\[21202\]: Failed password for root from 106.12.6.55 port 50912 ssh2 Jun 26 06:04:57 server1 sshd\[23126\]: Invalid user ec2 from 106.12.6.55 Jun 26 06:04:58 server1 sshd\[23126\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.6.55 Jun 26 06:05:01 server1 sshd\[23126\]: Failed password for invalid user ec2 from 106.12.6.55 port 35370 ssh2 ...	2020-06-26 20:46:51
106.55.22.186	attackbotsspam	Jun 26 13:25:35 [host] sshd[27155]: pam_unix(sshd: Jun 26 13:25:37 [host] sshd[27155]: Failed passwor Jun 26 13:29:39 [host] sshd[27269]: pam_unix(sshd:	2020-06-26 20:56:56
218.92.0.248	attackspam	Too many connections or unauthorized access detected from Arctic banned ip	2020-06-26 20:48:57
190.254.10.209	attackbotsspam	Unauthorized connection attempt from IP address 190.254.10.209 on Port 445(SMB)	2020-06-26 20:27:12
49.233.147.108	attackbotsspam	Invalid user zqe from 49.233.147.108 port 45802	2020-06-26 20:32:10
106.75.32.229	attackbots	Invalid user mary from 106.75.32.229 port 56708	2020-06-26 20:41:19
113.4.236.36	attackbotsspam	[portscan] Port scan	2020-06-26 20:30:23
139.155.35.114	attack	General_bad_requests	2020-06-26 20:28:48
45.80.64.246	attack	Jun 26 11:29:56 *** sshd[18295]: Invalid user tp from 45.80.64.246	2020-06-26 20:36:37

Recently Reported IPs

201.178.153.57	171.103.49.122	101.255.40.18	119.29.247.187
182.183.230.101	187.152.233.53	190.80.28.7	45.162.98.70
195.206.105.22	36.76.144.74	85.106.86.255	14.183.203.83
201.236.158.203	94.103.82.187	14.186.210.93	175.208.70.30
173.245.202.210	0.211.2.187	118.173.253.131	101.108.182.41