116.48.140.28 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Hong Kong

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
116.48.140.149	attack	Unauthorized connection attempt detected from IP address 116.48.140.149 to port 4567 [J]	2020-03-01 06:07:58
116.48.140.186	attack	Unauthorized connection attempt detected from IP address 116.48.140.186 to port 81 [J]	2020-01-28 23:44:16

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.48.140.28
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7733
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;116.48.140.28.			IN	A

;; AUTHORITY SECTION:
.			543	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022030400 1800 900 604800 86400

;; Query time: 20 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Mar 04 19:24:26 CST 2022
;; MSG SIZE  rcvd: 106

Host info

28.140.48.116.in-addr.arpa domain name pointer 028.140.48.116.static.netvigator.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
28.140.48.116.in-addr.arpa	name = 028.140.48.116.static.netvigator.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
88.157.239.6	attackbotsspam	WordPress XMLRPC scan :: 88.157.239.6 0.168 - [10/Oct/2020:20:45:48 0000] [censored_1] "POST /xmlrpc.php HTTP/1.1" 503 18233 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "HTTP/1.1"	2020-10-11 09:27:22
66.57.151.234	attack	Icarus honeypot on github	2020-10-11 09:30:42
34.92.27.85	attack	Oct 11 01:01:00 Ubuntu-1404-trusty-64-minimal sshd\[6597\]: Invalid user office from 34.92.27.85 Oct 11 01:01:00 Ubuntu-1404-trusty-64-minimal sshd\[6597\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=34.92.27.85 Oct 11 01:01:02 Ubuntu-1404-trusty-64-minimal sshd\[6597\]: Failed password for invalid user office from 34.92.27.85 port 51828 ssh2 Oct 11 01:27:23 Ubuntu-1404-trusty-64-minimal sshd\[18602\]: Invalid user library1 from 34.92.27.85 Oct 11 01:27:23 Ubuntu-1404-trusty-64-minimal sshd\[18602\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=34.92.27.85	2020-10-11 09:46:35
106.12.46.179	attack	(sshd) Failed SSH login from 106.12.46.179 (US/United States/California/San Jose/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 10 19:37:33 atlas sshd[29029]: Invalid user tomcat from 106.12.46.179 port 43730 Oct 10 19:37:35 atlas sshd[29029]: Failed password for invalid user tomcat from 106.12.46.179 port 43730 ssh2 Oct 10 19:45:27 atlas sshd[30708]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.46.179 user=root Oct 10 19:45:29 atlas sshd[30708]: Failed password for root from 106.12.46.179 port 48532 ssh2 Oct 10 19:49:17 atlas sshd[31459]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.46.179 user=root	2020-10-11 09:42:00
178.90.110.78	attackbotsspam	SMB Server BruteForce Attack	2020-10-11 09:45:15
142.93.193.63	attackspambots	142.93.193.63 - - [10/Oct/2020:23:36:39 +0100] "POST /wp-login.php HTTP/1.1" 200 2302 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.193.63 - - [10/Oct/2020:23:36:41 +0100] "POST /wp-login.php HTTP/1.1" 200 2238 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.193.63 - - [10/Oct/2020:23:36:43 +0100] "POST /wp-login.php HTTP/1.1" 200 2282 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-11 09:30:22
207.154.199.63	attack	Oct 11 03:16:41 relay postfix/smtpd\[28665\]: warning: unknown\[207.154.199.63\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 11 03:16:46 relay postfix/smtpd\[28766\]: warning: unknown\[207.154.199.63\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 11 03:21:27 relay postfix/smtpd\[28663\]: warning: unknown\[207.154.199.63\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 11 03:21:32 relay postfix/smtpd\[28768\]: warning: unknown\[207.154.199.63\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 11 03:26:13 relay postfix/smtpd\[376\]: warning: unknown\[207.154.199.63\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-10-11 09:36:03
118.193.35.169	attackbotsspam	118.193.35.169 - - [11/Oct/2020:02:51:15 +0200] "POST /wp-login.php HTTP/1.0" 200 4793 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-11 09:19:10
112.85.42.230	attack	Oct 11 01:47:40 ip-172-31-61-156 sshd[11632]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.230 user=root Oct 11 01:47:41 ip-172-31-61-156 sshd[11632]: Failed password for root from 112.85.42.230 port 37082 ssh2 ...	2020-10-11 09:54:53
59.46.13.137	attack	Oct 10 20:18:13 kernel: [22528.514245] IN=enp34s0 OUT= MAC=SERVERMAC SRC=59.46.13.137 DST=MYSERVERIP LEN=40 TOS=0x00 PREC=0x00 TTL=240 ID=58583 PROTO=TCP SPT=41713 DPT=1433 WINDOW=1024 RES=0x00 SYN URGP=0 Ports: 1433	2020-10-11 09:38:55
103.207.36.44	attackspambots	[H1.VM7] Blocked by UFW	2020-10-11 09:19:28
186.93.220.199	attack	Unauthorized connection attempt from IP address 186.93.220.199 on Port 445(SMB)	2020-10-11 09:50:57
59.90.200.187	attackbots	Oct 11 01:24:31 vmd26974 sshd[10895]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.90.200.187 Oct 11 01:24:33 vmd26974 sshd[10895]: Failed password for invalid user ocadmin from 59.90.200.187 port 36710 ssh2 ...	2020-10-11 09:32:10
42.112.26.30	attack	Oct 11 01:12:57 django-0 sshd[25776]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.112.26.30 user=root Oct 11 01:12:59 django-0 sshd[25776]: Failed password for root from 42.112.26.30 port 33070 ssh2 ...	2020-10-11 09:55:40
195.154.232.205	attack	Attacks websites by trying to access known vulnerables of plugins, brute-force of backends or probing of administrative tools	2020-10-11 09:31:18

Recently Reported IPs

116.47.151.28	116.48.106.87	116.48.16.169	116.48.149.49
116.48.166.119	116.48.187.188	116.48.15.185	116.48.166.62
116.48.166.193	116.48.235.12	116.48.26.25	116.48.187.23
116.48.25.86	114.106.172.169	116.48.27.91	116.48.44.125
116.48.38.88	116.48.166.120	116.48.44.192	116.48.44.162