116.97.243.142

Basic Info

City: unknown

Region: unknown

Country: Viet Nam

Internet Service Provider: Viettel Group

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Unauthorized connection attempt from IP address 116.97.243.142 on Port 445(SMB)	2020-08-17 08:05:22
attack	Unauthorized connection attempt from IP address 116.97.243.142 on Port 445(SMB)	2020-07-14 06:30:53
attackbotsspam	1586866476 - 04/14/2020 14:14:36 Host: 116.97.243.142/116.97.243.142 Port: 445 TCP Blocked	2020-04-14 21:56:51
attackbotsspam	Unauthorised access (Nov 30) SRC=116.97.243.142 LEN=52 TOS=0x10 PREC=0x20 TTL=110 ID=13809 DF TCP DPT=445 WINDOW=8192 SYN Unauthorised access (Nov 30) SRC=116.97.243.142 LEN=52 TOS=0x10 PREC=0x20 TTL=110 ID=9448 DF TCP DPT=445 WINDOW=8192 SYN Unauthorised access (Nov 28) SRC=116.97.243.142 LEN=52 TOS=0x10 PREC=0x20 TTL=110 ID=29301 DF TCP DPT=445 WINDOW=8192 SYN Unauthorised access (Nov 28) SRC=116.97.243.142 LEN=52 TOS=0x10 PREC=0x20 TTL=110 ID=14848 DF TCP DPT=445 WINDOW=8192 SYN Unauthorised access (Nov 27) SRC=116.97.243.142 LEN=52 TOS=0x10 PREC=0x20 TTL=110 ID=26412 DF TCP DPT=445 WINDOW=8192 SYN	2019-11-30 20:57:39
attackbots	Scanning random ports - tries to find possible vulnerable services	2019-11-08 06:15:03
attack	445/tcp 445/tcp 445/tcp... [2019-09-07/10-22]11pkt,1pt.(tcp)	2019-10-23 04:48:01
attackspambots	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-09-06 02:23:33,934 INFO [amun_request_handler] PortScan Detected on Port: 445 (116.97.243.142)	2019-09-06 18:42:57
attackspambots	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-08-11 06:34:27,142 INFO [amun_request_handler] PortScan Detected on Port: 445 (116.97.243.142)	2019-08-11 20:28:51
attackbotsspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-08-04 00:26:32,156 INFO [amun_request_handler] PortScan Detected on Port: 445 (116.97.243.142)	2019-08-04 10:57:21
attackbots	Unauthorized connection attempt from IP address 116.97.243.142 on Port 445(SMB)	2019-07-11 07:20:17
attackspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-06-26 02:14:19,809 INFO [shellcode_manager] (116.97.243.142) no match, writing hexdump (254f481ebd9b1bd90abf7f6e834704a6 :2211044) - MS17010 (EternalBlue)	2019-06-27 10:57:04
attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-06-26 01:17:58,144 INFO [shellcode_manager] (116.97.243.142) no match, writing hexdump (a3b0267685e99055bd9035bfd74598a3 :2340083) - MS17010 (EternalBlue)	2019-06-27 03:39:22

Comments on same subnet:

IP	Type	Details	Datetime
116.97.243.38	attackbots	Unauthorized connection attempt from IP address 116.97.243.38 on Port 445(SMB)	2020-08-22 00:41:39
116.97.243.118	attack	20/5/6@08:00:09: FAIL: Alarm-Network address from=116.97.243.118 ...	2020-05-06 23:45:13
116.97.243.38	attackspam	Unauthorized connection attempt from IP address 116.97.243.38 on Port 445(SMB)	2019-08-23 07:36:36
116.97.243.26	attackbotsspam	Sat, 20 Jul 2019 21:54:18 +0000 likely compromised host or open proxy. ddos rate spidering	2019-07-21 13:41:52

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.97.243.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58311
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;116.97.243.142.			IN	A

;; AUTHORITY SECTION:
.			2070	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019032802 1800 900 604800 86400

;; Query time: 138 msec
;; SERVER: 183.60.82.98#53(183.60.82.98)
;; WHEN: Fri Mar 29 05:26:28 CST 2019
;; MSG SIZE  rcvd: 118

Host info

142.243.97.116.in-addr.arpa domain name pointer linhgroup.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
142.243.97.116.in-addr.arpa	name = linhgroup.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
1.40.80.156	attackspambots	xmlrpc attack	2020-04-25 12:35:33
222.186.31.166	attack	Apr 24 18:00:46 tdfoods sshd\[24108\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.31.166 user=root Apr 24 18:00:48 tdfoods sshd\[24108\]: Failed password for root from 222.186.31.166 port 14180 ssh2 Apr 24 18:00:55 tdfoods sshd\[24125\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.31.166 user=root Apr 24 18:00:56 tdfoods sshd\[24125\]: Failed password for root from 222.186.31.166 port 30515 ssh2 Apr 24 18:01:04 tdfoods sshd\[24149\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.31.166 user=root	2020-04-25 12:08:50
106.13.88.196	attackspambots	Apr 25 05:45:23 ns382633 sshd\[12791\]: Invalid user schmetterling from 106.13.88.196 port 40442 Apr 25 05:45:23 ns382633 sshd\[12791\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.88.196 Apr 25 05:45:25 ns382633 sshd\[12791\]: Failed password for invalid user schmetterling from 106.13.88.196 port 40442 ssh2 Apr 25 05:59:05 ns382633 sshd\[14710\]: Invalid user test from 106.13.88.196 port 40766 Apr 25 05:59:05 ns382633 sshd\[14710\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.88.196	2020-04-25 12:38:00
195.54.160.243	attack	Apr 25 05:59:47 debian-2gb-nbg1-2 kernel: \[10046128.544222\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=195.54.160.243 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=2197 PROTO=TCP SPT=49093 DPT=33890 WINDOW=1024 RES=0x00 SYN URGP=0	2020-04-25 12:06:08
165.227.211.13	attackbots	$f2bV_matches	2020-04-25 12:05:55
181.58.14.19	attackbots	Invalid user dennis from 181.58.14.19 port 49170	2020-04-25 12:01:19
103.145.12.87	attackspam	[2020-04-24 23:59:38] NOTICE[1170][C-00004ed8] chan_sip.c: Call from '' (103.145.12.87:61676) to extension '9011442037698349' rejected because extension not found in context 'public'. [2020-04-24 23:59:38] SECURITY[1184] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-04-24T23:59:38.405-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="9011442037698349",SessionID="0x7f6c083b8aa8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/103.145.12.87/61676",ACLName="no_extension_match" [2020-04-24 23:59:40] NOTICE[1170][C-00004ed9] chan_sip.c: Call from '' (103.145.12.87:50262) to extension '01146812400368' rejected because extension not found in context 'public'. [2020-04-24 23:59:40] SECURITY[1184] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-04-24T23:59:40.823-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="01146812400368",SessionID="0x7f6c08101b78",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/ ...	2020-04-25 12:11:46
200.89.178.197	attack	Invalid user test1 from 200.89.178.197 port 44064	2020-04-25 12:36:19
111.229.246.61	attackspam	2020-04-25T05:54:27.363145sd-86998 sshd[38794]: Invalid user anna from 111.229.246.61 port 55920 2020-04-25T05:54:27.368769sd-86998 sshd[38794]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.246.61 2020-04-25T05:54:27.363145sd-86998 sshd[38794]: Invalid user anna from 111.229.246.61 port 55920 2020-04-25T05:54:29.246583sd-86998 sshd[38794]: Failed password for invalid user anna from 111.229.246.61 port 55920 ssh2 2020-04-25T05:59:27.897019sd-86998 sshd[39119]: Invalid user dominic from 111.229.246.61 port 52872 ...	2020-04-25 12:22:00
218.78.105.98	attackspambots	Apr 25 05:59:16 [host] sshd[1433]: Invalid user vb Apr 25 05:59:16 [host] sshd[1433]: pam_unix(sshd:a Apr 25 05:59:18 [host] sshd[1433]: Failed password	2020-04-25 12:30:13
222.186.30.76	attackspam	Apr 25 06:38:23 srv01 sshd[9850]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.76 user=root Apr 25 06:38:24 srv01 sshd[9850]: Failed password for root from 222.186.30.76 port 49466 ssh2 Apr 25 06:38:27 srv01 sshd[9850]: Failed password for root from 222.186.30.76 port 49466 ssh2 Apr 25 06:38:23 srv01 sshd[9850]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.76 user=root Apr 25 06:38:24 srv01 sshd[9850]: Failed password for root from 222.186.30.76 port 49466 ssh2 Apr 25 06:38:27 srv01 sshd[9850]: Failed password for root from 222.186.30.76 port 49466 ssh2 Apr 25 06:38:23 srv01 sshd[9850]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.76 user=root Apr 25 06:38:24 srv01 sshd[9850]: Failed password for root from 222.186.30.76 port 49466 ssh2 Apr 25 06:38:27 srv01 sshd[9850]: Failed password for root from 222.186.30.76 port 49466 ...	2020-04-25 12:42:34
34.64.218.102	attack	SG - - [24/Apr/2020:23:16:58 +0300] POST /wp-login.php HTTP/1.1 200 4865 - Mozilla/5.0 X11; Ubuntu; Linux x86_64; rv:62.0 Gecko/20100101 Firefox/62.0	2020-04-25 12:36:50
51.91.111.73	attackbotsspam	Apr 24 23:55:22 NPSTNNYC01T sshd[16492]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.91.111.73 Apr 24 23:55:24 NPSTNNYC01T sshd[16492]: Failed password for invalid user psycho from 51.91.111.73 port 46278 ssh2 Apr 24 23:59:26 NPSTNNYC01T sshd[16826]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.91.111.73 ...	2020-04-25 12:23:53
187.153.113.115	normal	log	2020-04-25 11:34:01
124.149.173.250	attack	xmlrpc attack	2020-04-25 12:16:43

Recently Reported IPs

79.137.84.144	5.39.88.4	115.239.239.98	110.170.40.252
35.188.27.107	45.55.232.84	163.172.93.131	195.231.6.16
218.246.5.113	139.220.192.57	84.47.111.110	183.203.214.212
45.55.20.128	91.228.165.43	113.193.127.138	165.227.9.145
111.231.63.14	198.199.66.10	162.243.143.136	138.122.202.200