116.196.102.142

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Beijing Jingdong 360 Degree E-Commerce Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	HTTP/80/443 Probe, BF, WP, Hack -	2019-12-26 05:07:41

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.196.102.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 5760
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;116.196.102.142.		IN	A

;; AUTHORITY SECTION:
.			507	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019122502 1800 900 604800 86400

;; Query time: 100 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Dec 26 05:07:38 CST 2019
;; MSG SIZE  rcvd: 119

Host info

Host 142.102.196.116.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 142.102.196.116.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
165.227.96.190	attackspam	Unauthorized connection attempt detected from IP address 165.227.96.190 to port 2220 [J]	2020-02-02 18:50:36
117.41.229.187	attackspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-02-02 18:46:04
168.121.97.162	attack	CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2020-02-02 19:22:30
142.93.9.6	attackbotsspam	RDP Bruteforce	2020-02-02 19:23:56
116.108.28.144	attack	trying to access non-authorized port	2020-02-02 18:54:46
210.4.99.194	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-02-02 19:04:18
92.118.37.83	attackbots	02/02/2020-05:43:08.385934 92.118.37.83 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-02-02 19:07:05
206.189.102.149	attackbots	206.189.102.149 - - [02/Feb/2020:04:51:01 +0000] "POST /wp/wp-login.php HTTP/1.1" 200 6255 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 206.189.102.149 - - [02/Feb/2020:04:51:03 +0000] "POST /wp/xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-02-02 19:25:13
207.180.248.202	attack	Feb 2 06:23:48 baguette sshd\[9597\]: Invalid user postgres from 207.180.248.202 port 49120 Feb 2 06:23:48 baguette sshd\[9597\]: Invalid user postgres from 207.180.248.202 port 49120 Feb 2 06:24:16 baguette sshd\[9599\]: Invalid user oracle from 207.180.248.202 port 57330 Feb 2 06:24:16 baguette sshd\[9599\]: Invalid user oracle from 207.180.248.202 port 57330 Feb 2 06:24:43 baguette sshd\[9601\]: Invalid user user from 207.180.248.202 port 37304 Feb 2 06:24:43 baguette sshd\[9601\]: Invalid user user from 207.180.248.202 port 37304 ...	2020-02-02 19:22:07
102.40.189.63	attack	20/2/1@23:51:52: FAIL: Alarm-Telnet address from=102.40.189.63 ...	2020-02-02 18:42:58
220.225.126.55	attackbotsspam	Fail2Ban - SSH Bruteforce Attempt	2020-02-02 19:10:45
188.136.209.95	attackbotsspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-02-02 19:13:20
159.203.98.92	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-02-02 18:49:05
104.198.185.187	attackbotsspam	Feb 1 09:24:40 web1 sshd[13899]: Invalid user sinusbot from 104.198.185.187 Feb 1 09:24:41 web1 sshd[13899]: Failed password for invalid user sinusbot from 104.198.185.187 port 44268 ssh2 Feb 1 09:24:41 web1 sshd[13899]: Received disconnect from 104.198.185.187: 11: Bye Bye [preauth] Feb 1 09:39:56 web1 sshd[15272]: Invalid user testtest from 104.198.185.187 Feb 1 09:39:59 web1 sshd[15272]: Failed password for invalid user testtest from 104.198.185.187 port 50678 ssh2 Feb 1 09:39:59 web1 sshd[15272]: Received disconnect from 104.198.185.187: 11: Bye Bye [preauth] Feb 1 09:42:53 web1 sshd[15608]: Invalid user test from 104.198.185.187 Feb 1 09:42:55 web1 sshd[15608]: Failed password for invalid user test from 104.198.185.187 port 53092 ssh2 Feb 1 09:42:55 web1 sshd[15608]: Received disconnect from 104.198.185.187: 11: Bye Bye [preauth] Feb 1 09:47:50 web1 sshd[15997]: Invalid user vbox from 104.198.185.187 Feb 1 09:47:52 web1 sshd[15997]: Failed password for i........ -------------------------------	2020-02-02 19:00:31
223.100.82.155	attack	02/01/2020-23:51:14.351909 223.100.82.155 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2020-02-02 19:17:47

Recently Reported IPs

71.209.2.242	50.108.251.47	63.203.70.55	183.83.68.70
89.205.133.186	114.116.82.107	88.250.132.68	110.247.138.169
2604:a880:2:d0::19c0:d001	121.197.13.209	211.68.146.41	2604:a880:2:d0:0:19c0:d001:3704
193.61.248.176	113.220.18.227	195.110.134.170	86.241.251.96
47.248.67.104	176.240.169.105	220.86.55.196	201.172.6.105