116.239.252.49

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Shanghai Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
116.239.252.96	attackbotsspam	2019-12-25 00:25:45 H=(ylmf-pc) [116.239.252.96]:59191 I=[192.147.25.65]:25 rejected EHLO or HELO ylmf-pc: CHECK_HELO: ylmf-pc 2019-12-25 00:25:45 H=(ylmf-pc) [116.239.252.96]:56762 I=[192.147.25.65]:25 rejected EHLO or HELO ylmf-pc: CHECK_HELO: ylmf-pc 2019-12-25 00:25:45 H=(ylmf-pc) [116.239.252.96]:56722 I=[192.147.25.65]:25 rejected EHLO or HELO ylmf-pc: CHECK_HELO: ylmf-pc ...	2019-12-25 17:40:21
116.239.252.65	attack	Nov 29 09:54:18 eola postfix/smtpd[17528]: connect from unknown[116.239.252.65] Nov 29 09:54:19 eola postfix/smtpd[17528]: lost connection after AUTH from unknown[116.239.252.65] Nov 29 09:54:19 eola postfix/smtpd[17528]: disconnect from unknown[116.239.252.65] ehlo=1 auth=0/1 commands=1/2 Nov 29 09:54:19 eola postfix/smtpd[17528]: connect from unknown[116.239.252.65] Nov 29 09:54:21 eola postfix/smtpd[17528]: lost connection after AUTH from unknown[116.239.252.65] Nov 29 09:54:21 eola postfix/smtpd[17528]: disconnect from unknown[116.239.252.65] ehlo=1 auth=0/1 commands=1/2 Nov 29 09:54:21 eola postfix/smtpd[17528]: connect from unknown[116.239.252.65] Nov 29 09:54:22 eola postfix/smtpd[17528]: lost connection after AUTH from unknown[116.239.252.65] Nov 29 09:54:22 eola postfix/smtpd[17528]: disconnect from unknown[116.239.252.65] ehlo=1 auth=0/1 commands=1/2 Nov 29 09:54:25 eola postfix/smtpd[17528]: connect from unknown[116.239.252.65] Nov 29 09:54:26 eola postfix/sm........ -------------------------------	2019-11-30 01:48:36
116.239.252.40	attackbotsspam	Nov 24 09:50:25 web1 postfix/smtpd[27994]: warning: unknown[116.239.252.40]: SASL LOGIN authentication failed: authentication failure ...	2019-11-25 02:35:26
116.239.252.25	attack	SASL broute force	2019-10-13 00:44:28
116.239.252.57	attack	Sep 30 23:20:43 eola postfix/smtpd[23215]: connect from unknown[116.239.252.57] Sep 30 23:20:43 eola postfix/smtpd[23216]: connect from unknown[116.239.252.57] Sep 30 23:20:43 eola postfix/smtpd[23215]: lost connection after AUTH from unknown[116.239.252.57] Sep 30 23:20:43 eola postfix/smtpd[23215]: disconnect from unknown[116.239.252.57] ehlo=1 auth=0/1 commands=1/2 Sep 30 23:20:43 eola postfix/smtpd[23216]: lost connection after AUTH from unknown[116.239.252.57] Sep 30 23:20:43 eola postfix/smtpd[23216]: disconnect from unknown[116.239.252.57] ehlo=1 auth=0/1 commands=1/2 Sep 30 23:20:44 eola postfix/smtpd[23215]: connect from unknown[116.239.252.57] Sep 30 23:20:44 eola postfix/smtpd[23216]: connect from unknown[116.239.252.57] Sep 30 23:20:44 eola postfix/smtpd[23215]: lost connection after AUTH from unknown[116.239.252.57] Sep 30 23:20:44 eola postfix/smtpd[23215]: disconnect from unknown[116.239.252.57] ehlo=1 auth=0/1 commands=1/2 Sep 30 23:20:44 eola postfix/sm........ -------------------------------	2019-10-01 19:05:34

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.239.252.49
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 12722
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;116.239.252.49.			IN	A

;; AUTHORITY SECTION:
.			361	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019112700 1800 900 604800 86400

;; Query time: 391 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Nov 27 19:06:49 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 49.252.239.116.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 49.252.239.116.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
113.118.12.86	attackbots	DATE:2020-07-06 01:26:18, IP:113.118.12.86, PORT:1433 - MSSQL brute force auth on a honeypot server (epe-dc)	2020-07-06 08:42:22
222.186.173.142	attackbotsspam	[MK-VM2] SSH login failed	2020-07-06 08:47:04
36.6.57.245	attackspam	Jul 6 02:36:10 srv01 postfix/smtpd\[28950\]: warning: unknown\[36.6.57.245\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 6 02:36:56 srv01 postfix/smtpd\[28950\]: warning: unknown\[36.6.57.245\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 6 02:39:31 srv01 postfix/smtpd\[24411\]: warning: unknown\[36.6.57.245\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 6 02:43:00 srv01 postfix/smtpd\[24123\]: warning: unknown\[36.6.57.245\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 6 02:43:12 srv01 postfix/smtpd\[24123\]: warning: unknown\[36.6.57.245\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-07-06 08:56:05
60.174.2.55	attackbots	Tried our host z.	2020-07-06 08:39:19
45.134.179.57	attack	Jul 6 05:55:19 debian-2gb-nbg1-2 kernel: \[16266329.291442\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.134.179.57 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=16405 PROTO=TCP SPT=47572 DPT=62845 WINDOW=1024 RES=0x00 SYN URGP=0	2020-07-06 12:05:53
40.123.207.179	attackbots	2020-07-06T03:50:18.039030abusebot-3.cloudsearch.cf sshd[16700]: Invalid user admin from 40.123.207.179 port 55316 2020-07-06T03:50:18.044668abusebot-3.cloudsearch.cf sshd[16700]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.123.207.179 2020-07-06T03:50:18.039030abusebot-3.cloudsearch.cf sshd[16700]: Invalid user admin from 40.123.207.179 port 55316 2020-07-06T03:50:20.901436abusebot-3.cloudsearch.cf sshd[16700]: Failed password for invalid user admin from 40.123.207.179 port 55316 ssh2 2020-07-06T03:52:45.498932abusebot-3.cloudsearch.cf sshd[16706]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.123.207.179 user=root 2020-07-06T03:52:47.868880abusebot-3.cloudsearch.cf sshd[16706]: Failed password for root from 40.123.207.179 port 54170 ssh2 2020-07-06T03:55:08.158062abusebot-3.cloudsearch.cf sshd[16711]: Invalid user rm from 40.123.207.179 port 53018 ...	2020-07-06 12:19:17
156.215.141.3	attackspam	Jun 29 09:32:47 derzbach sshd[15342]: Invalid user otp from 156.215.141.3 port 52714 Jun 29 09:32:47 derzbach sshd[15342]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=156.215.141.3 Jun 29 09:32:47 derzbach sshd[15342]: Invalid user otp from 156.215.141.3 port 52714 Jun 29 09:32:49 derzbach sshd[15342]: Failed password for invalid user otp from 156.215.141.3 port 52714 ssh2 Jun 29 09:34:41 derzbach sshd[22927]: Invalid user test from 156.215.141.3 port 53200 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=156.215.141.3	2020-07-06 08:52:43
111.229.68.113	attackspam	Jul 5 21:46:53 server1 sshd\[26932\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.68.113 Jul 5 21:46:55 server1 sshd\[26932\]: Failed password for invalid user es from 111.229.68.113 port 42742 ssh2 Jul 5 21:51:07 server1 sshd\[28124\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.68.113 user=root Jul 5 21:51:09 server1 sshd\[28124\]: Failed password for root from 111.229.68.113 port 60030 ssh2 Jul 5 21:55:22 server1 sshd\[29310\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.68.113 user=root ...	2020-07-06 12:00:40
218.92.0.223	attackspambots	Jul 6 03:59:54 scw-6657dc sshd[32141]: Failed password for root from 218.92.0.223 port 32699 ssh2 Jul 6 03:59:54 scw-6657dc sshd[32141]: Failed password for root from 218.92.0.223 port 32699 ssh2 Jul 6 03:59:59 scw-6657dc sshd[32141]: Failed password for root from 218.92.0.223 port 32699 ssh2 ...	2020-07-06 12:07:45
14.239.227.21	attack	1594007705 - 07/06/2020 05:55:05 Host: 14.239.227.21/14.239.227.21 Port: 445 TCP Blocked	2020-07-06 12:20:37
45.183.195.249	attackspambots	1594007718 - 07/06/2020 10:55:18 Host: 45.183.195.249/45.183.195.249 Port: 23 TCP Blocked ...	2020-07-06 12:01:30
139.99.237.183	attackbots	Jul 6 03:29:19 server2 sshd\[15820\]: Invalid user mudehwec from 139.99.237.183 Jul 6 03:29:19 server2 sshd\[15822\]: Invalid user mudehwec from 139.99.237.183 Jul 6 03:29:19 server2 sshd\[15824\]: Invalid user mudehwec from 139.99.237.183 Jul 6 03:30:45 server2 sshd\[16013\]: Invalid user mujr from 139.99.237.183 Jul 6 03:30:46 server2 sshd\[16015\]: Invalid user mujr from 139.99.237.183 Jul 6 03:30:46 server2 sshd\[16017\]: Invalid user mujr from 139.99.237.183	2020-07-06 08:54:02
212.70.149.18	attack	Jul 6 02:54:07 srv3 postfix/smtpd\[31830\]: warning: unknown\[212.70.149.18\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 6 02:54:44 srv3 postfix/smtpd\[31830\]: warning: unknown\[212.70.149.18\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 6 02:54:58 srv3 postfix/smtpd\[31854\]: warning: unknown\[212.70.149.18\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-07-06 08:57:02
62.234.20.73	attack	Jul 5 21:11:17 mockhub sshd[4179]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.20.73 Jul 5 21:11:18 mockhub sshd[4179]: Failed password for invalid user deploy from 62.234.20.73 port 40524 ssh2 ...	2020-07-06 12:19:01
103.151.118.253	attackspambots	Fail2Ban Ban Triggered SMTP Abuse Attempt	2020-07-06 12:18:31

Recently Reported IPs

217.128.192.117	180.127.76.35	175.100.138.168	116.239.254.24
113.172.230.125	112.161.10.98	94.237.72.217	52.32.115.8
3.105.212.39	115.78.107.246	195.145.210.14	134.235.12.124
143.114.131.227	30.7.230.137	183.213.197.223	239.12.6.227
74.132.148.190	5.29.219.186	121.154.9.179	177.126.128.157