116.239.252.49

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Shanghai Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
116.239.252.96	attackbotsspam	2019-12-25 00:25:45 H=(ylmf-pc) [116.239.252.96]:59191 I=[192.147.25.65]:25 rejected EHLO or HELO ylmf-pc: CHECK_HELO: ylmf-pc 2019-12-25 00:25:45 H=(ylmf-pc) [116.239.252.96]:56762 I=[192.147.25.65]:25 rejected EHLO or HELO ylmf-pc: CHECK_HELO: ylmf-pc 2019-12-25 00:25:45 H=(ylmf-pc) [116.239.252.96]:56722 I=[192.147.25.65]:25 rejected EHLO or HELO ylmf-pc: CHECK_HELO: ylmf-pc ...	2019-12-25 17:40:21
116.239.252.65	attack	Nov 29 09:54:18 eola postfix/smtpd[17528]: connect from unknown[116.239.252.65] Nov 29 09:54:19 eola postfix/smtpd[17528]: lost connection after AUTH from unknown[116.239.252.65] Nov 29 09:54:19 eola postfix/smtpd[17528]: disconnect from unknown[116.239.252.65] ehlo=1 auth=0/1 commands=1/2 Nov 29 09:54:19 eola postfix/smtpd[17528]: connect from unknown[116.239.252.65] Nov 29 09:54:21 eola postfix/smtpd[17528]: lost connection after AUTH from unknown[116.239.252.65] Nov 29 09:54:21 eola postfix/smtpd[17528]: disconnect from unknown[116.239.252.65] ehlo=1 auth=0/1 commands=1/2 Nov 29 09:54:21 eola postfix/smtpd[17528]: connect from unknown[116.239.252.65] Nov 29 09:54:22 eola postfix/smtpd[17528]: lost connection after AUTH from unknown[116.239.252.65] Nov 29 09:54:22 eola postfix/smtpd[17528]: disconnect from unknown[116.239.252.65] ehlo=1 auth=0/1 commands=1/2 Nov 29 09:54:25 eola postfix/smtpd[17528]: connect from unknown[116.239.252.65] Nov 29 09:54:26 eola postfix/sm........ -------------------------------	2019-11-30 01:48:36
116.239.252.40	attackbotsspam	Nov 24 09:50:25 web1 postfix/smtpd[27994]: warning: unknown[116.239.252.40]: SASL LOGIN authentication failed: authentication failure ...	2019-11-25 02:35:26
116.239.252.25	attack	SASL broute force	2019-10-13 00:44:28
116.239.252.57	attack	Sep 30 23:20:43 eola postfix/smtpd[23215]: connect from unknown[116.239.252.57] Sep 30 23:20:43 eola postfix/smtpd[23216]: connect from unknown[116.239.252.57] Sep 30 23:20:43 eola postfix/smtpd[23215]: lost connection after AUTH from unknown[116.239.252.57] Sep 30 23:20:43 eola postfix/smtpd[23215]: disconnect from unknown[116.239.252.57] ehlo=1 auth=0/1 commands=1/2 Sep 30 23:20:43 eola postfix/smtpd[23216]: lost connection after AUTH from unknown[116.239.252.57] Sep 30 23:20:43 eola postfix/smtpd[23216]: disconnect from unknown[116.239.252.57] ehlo=1 auth=0/1 commands=1/2 Sep 30 23:20:44 eola postfix/smtpd[23215]: connect from unknown[116.239.252.57] Sep 30 23:20:44 eola postfix/smtpd[23216]: connect from unknown[116.239.252.57] Sep 30 23:20:44 eola postfix/smtpd[23215]: lost connection after AUTH from unknown[116.239.252.57] Sep 30 23:20:44 eola postfix/smtpd[23215]: disconnect from unknown[116.239.252.57] ehlo=1 auth=0/1 commands=1/2 Sep 30 23:20:44 eola postfix/sm........ -------------------------------	2019-10-01 19:05:34

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.239.252.49
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 12722
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;116.239.252.49.			IN	A

;; AUTHORITY SECTION:
.			361	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019112700 1800 900 604800 86400

;; Query time: 391 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Nov 27 19:06:49 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 49.252.239.116.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 49.252.239.116.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
192.99.34.42	attackbotsspam	192.99.34.42 - - [28/Apr/2020:12:47:57 +0200] "POST /wp-login.php HTTP/1.1" 200 6042 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 192.99.34.42 - - [28/Apr/2020:12:47:57 +0200] "POST /wp-login.php HTTP/1.1" 200 6042 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 192.99.34.42 - - [28/Apr/2020:12:47:58 +0200] "POST /wp-login.php HTTP/1.1" 200 6042 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 192.99.34.42 - - [28/Apr/2020:12:47:58 +0200] "POST /wp-login.php HTTP/1.1" 200 6042 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 192.99.34.42 - - [28/Apr/2020:12:47:58 +0200] "POST /wp-login.php HTTP/1.1" 200 6042 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537 ...	2020-04-28 18:55:17
36.92.109.147	attackspam	$f2bV_matches	2020-04-28 18:19:31
80.211.245.223	attackbots	Apr 28 09:09:56 prox sshd[28782]: Failed password for root from 80.211.245.223 port 45552 ssh2 Apr 28 09:20:51 prox sshd[8473]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.245.223	2020-04-28 18:56:49
180.100.213.63	attack	SSH login attempts.	2020-04-28 18:57:33
113.173.251.206	attack	2020-04-2805:45:471jTHBq-0007sD-Ad\<=info@whatsup2013.chH=$localhost$[123.16.142.191]:42821P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3135id=2ecd131a113aef1c3fc137646fbb82ae8d670644be@whatsup2013.chT="Flymetothesun"forhillaryisaacson@hotmail.comdoyce169@gmail.com2020-04-2805:46:351jTHCc-0007xB-Qr\<=info@whatsup2013.chH=$localhost$[123.20.30.14]:44329P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3116id=a6f299595279ac5f7c8274272cf8c1edce2449029c@whatsup2013.chT="Haveyoueverbeenintruelove\?"forandrewantonio43@gmail.comjhnic47@hotmail.com2020-04-2805:46:001jTHC3-0007ss-KA\<=info@whatsup2013.chH=$localhost$[1.238.117.15]:53973P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3056id=86064ed0dbf025d6f50bfdaea571486447ad91e958@whatsup2013.chT="Ineedtobeadored"forsapp6679@gmail.comaustincolwell15@gmail.com2020-04-2805:45:171jTHBM-0007nS-KP\<=info@whatsup2013.chH=\(localhost\	2020-04-28 18:29:21
103.81.115.35	attackbots	Unauthorized connection attempt from IP address 103.81.115.35 on Port 445(SMB)	2020-04-28 18:43:49
221.182.36.41	attackspambots	Apr 27 23:13:45 web1 sshd\[15741\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.182.36.41 user=root Apr 27 23:13:47 web1 sshd\[15741\]: Failed password for root from 221.182.36.41 port 31445 ssh2 Apr 27 23:14:59 web1 sshd\[15857\]: Invalid user aac from 221.182.36.41 Apr 27 23:15:00 web1 sshd\[15857\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.182.36.41 Apr 27 23:15:01 web1 sshd\[15857\]: Failed password for invalid user aac from 221.182.36.41 port 16679 ssh2	2020-04-28 18:46:29
52.7.163.250	attack	2020-04-28T08:59:02.744452ionos.janbro.de sshd[82458]: Invalid user gogs from 52.7.163.250 port 35898 2020-04-28T08:59:02.755932ionos.janbro.de sshd[82458]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.7.163.250 2020-04-28T08:59:02.744452ionos.janbro.de sshd[82458]: Invalid user gogs from 52.7.163.250 port 35898 2020-04-28T08:59:04.119138ionos.janbro.de sshd[82458]: Failed password for invalid user gogs from 52.7.163.250 port 35898 ssh2 2020-04-28T09:00:59.444541ionos.janbro.de sshd[82462]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.7.163.250 user=root 2020-04-28T09:01:01.871362ionos.janbro.de sshd[82462]: Failed password for root from 52.7.163.250 port 43910 ssh2 2020-04-28T09:03:09.212901ionos.janbro.de sshd[82500]: Invalid user dbird from 52.7.163.250 port 51930 2020-04-28T09:03:09.243755ionos.janbro.de sshd[82500]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ...	2020-04-28 18:44:02
117.192.10.186	attack	Unauthorized connection attempt from IP address 117.192.10.186 on Port 445(SMB)	2020-04-28 18:45:09
162.252.87.157	attack	Unauthorized connection attempt from IP address 162.252.87.157 on Port 445(SMB)	2020-04-28 18:51:10
217.172.27.181	attackspambots	Port probing on unauthorized port 17714	2020-04-28 18:41:17
117.4.32.116	attackspambots	Icarus honeypot on github	2020-04-28 18:18:25
184.168.193.14	attack	Automatic report - XMLRPC Attack	2020-04-28 18:32:17
106.13.68.101	attack	$f2bV_matches	2020-04-28 18:48:16
61.93.201.198	attackspambots	Apr 28 06:28:52 plex sshd[30841]: Invalid user support from 61.93.201.198 port 33321	2020-04-28 18:23:40

Recently Reported IPs

217.128.192.117	180.127.76.35	175.100.138.168	116.239.254.24
113.172.230.125	112.161.10.98	94.237.72.217	52.32.115.8
3.105.212.39	115.78.107.246	195.145.210.14	134.235.12.124
143.114.131.227	30.7.230.137	183.213.197.223	239.12.6.227
74.132.148.190	5.29.219.186	121.154.9.179	177.126.128.157