116.252.0.140 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Guangxi Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	The IP has triggered Cloudflare WAF. CF-Ray: 5432d920bdb9eba1 \| WAF_Rule_ID: 1112824 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: disqus.skk.moe \| User-Agent: Mozilla/5.0 (Linux; U; Android 4.3; en-us; SM-N900T Build/JSS15J) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 01:55:52

Type

Details

Datetime

attack

The IP has triggered Cloudflare WAF. CF-Ray: 5432d920bdb9eba1 | WAF_Rule_ID: 1112824 | WAF_Kind: firewall | CF_Action: challenge | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: disqus.skk.moe | User-Agent: Mozilla/5.0 (Linux; U; Android 4.3; en-us; SM-N900T Build/JSS15J) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30 | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-12 01:55:52

Comments on same subnet:

IP	Type	Details	Datetime
116.252.0.186	attackbots	Unauthorized connection attempt detected from IP address 116.252.0.186 to port 8118	2020-06-22 06:13:50
116.252.0.38	attack	Unauthorized connection attempt detected from IP address 116.252.0.38 to port 999	2020-05-30 04:25:31
116.252.0.220	attackbotsspam	Fail2Ban Ban Triggered	2020-04-05 19:47:08
116.252.0.81	attackspambots	Unauthorized connection attempt detected from IP address 116.252.0.81 to port 8118 [J]	2020-03-02 21:33:58
116.252.0.76	attackbots	Unauthorized connection attempt detected from IP address 116.252.0.76 to port 8118 [J]	2020-03-02 21:02:18
116.252.0.3	attackspam	Unauthorized connection attempt detected from IP address 116.252.0.3 to port 8118 [J]	2020-03-02 20:00:43
116.252.0.58	attack	Unauthorized connection attempt detected from IP address 116.252.0.58 to port 8118 [J]	2020-03-02 18:07:31
116.252.0.26	attackbotsspam	Unauthorized connection attempt detected from IP address 116.252.0.26 to port 8082 [J]	2020-03-02 16:11:31
116.252.0.73	attack	Unauthorized connection attempt detected from IP address 116.252.0.73 to port 3128 [J]	2020-02-04 01:38:25
116.252.0.249	attackspambots	Unauthorized connection attempt detected from IP address 116.252.0.249 to port 80 [T]	2020-01-30 15:15:36
116.252.0.53	attack	Unauthorized connection attempt detected from IP address 116.252.0.53 to port 3128 [T]	2020-01-29 17:18:29
116.252.0.63	attackspam	Unauthorized connection attempt detected from IP address 116.252.0.63 to port 1080 [J]	2020-01-29 10:28:42
116.252.0.86	attackspambots	Unauthorized connection attempt detected from IP address 116.252.0.86 to port 8888 [J]	2020-01-29 09:46:06
116.252.0.203	attackspambots	Unauthorized connection attempt detected from IP address 116.252.0.203 to port 8081 [J]	2020-01-29 09:45:49
116.252.0.5	attackspambots	Unauthorized connection attempt detected from IP address 116.252.0.5 to port 3389 [T]	2020-01-29 08:17:51

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.252.0.140
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 36973
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;116.252.0.140.			IN	A

;; AUTHORITY SECTION:
.			394	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121101 1800 900 604800 86400

;; Query time: 51 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Dec 12 01:55:45 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 140.0.252.116.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 140.0.252.116.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
151.53.201.54	attackbotsspam	Telnet/23 MH Probe, BF, Hack -	2020-02-12 20:51:42
77.103.235.235	attackbotsspam	Automatic report - Port Scan Attack	2020-02-12 20:10:57
36.79.252.38	attackbotsspam	1581482974 - 02/12/2020 05:49:34 Host: 36.79.252.38/36.79.252.38 Port: 445 TCP Blocked	2020-02-12 20:22:00
54.39.196.150	attackbotsspam	Scanning and Vuln Attempts	2020-02-12 20:33:43
62.149.157.221	spam	Used since many times for SPAM, PHISHING and SCAM on STOLLEN list we don't know where without our agreement, as usual with LIERS and ROBERS !	2020-02-12 20:16:06
71.120.99.207	attackspam	1581512108 - 02/12/2020 19:55:08 Host: pool-71-120-99-207.ipslin.dsl-w.verizon.net/71.120.99.207 Port: 23 TCP Blocked ...	2020-02-12 20:57:03
51.79.44.52	attackbotsspam	Feb 12 09:41:19 legacy sshd[17145]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.79.44.52 Feb 12 09:41:21 legacy sshd[17145]: Failed password for invalid user 147258369 from 51.79.44.52 port 40488 ssh2 Feb 12 09:44:37 legacy sshd[17294]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.79.44.52 ...	2020-02-12 20:13:31
109.87.115.220	attackbots	Feb 12 11:26:29 work-partkepr sshd\[24538\]: Invalid user dis from 109.87.115.220 port 47409 Feb 12 11:26:29 work-partkepr sshd\[24538\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.87.115.220 ...	2020-02-12 20:15:05
87.201.130.190	attackspambots	DATE:2020-02-12 05:48:20, IP:87.201.130.190, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-02-12 20:10:40
36.110.19.71	attackspam	Invalid user olh from 36.110.19.71 port 50087	2020-02-12 20:31:26
52.244.163.96	attackspambots	Scanning and Vuln Attempts	2020-02-12 20:39:04
190.5.242.114	attackbots	Feb 11 23:58:31 hpm sshd\[13594\]: Invalid user zach123 from 190.5.242.114 Feb 11 23:58:31 hpm sshd\[13594\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.5.242.114 Feb 11 23:58:33 hpm sshd\[13594\]: Failed password for invalid user zach123 from 190.5.242.114 port 52699 ssh2 Feb 12 00:01:58 hpm sshd\[14029\]: Invalid user !QAZ@WSX from 190.5.242.114 Feb 12 00:01:58 hpm sshd\[14029\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.5.242.114	2020-02-12 20:20:54
182.76.77.20	attackbots	20/2/12@06:12:31: FAIL: Alarm-Network address from=182.76.77.20 20/2/12@06:12:31: FAIL: Alarm-Network address from=182.76.77.20 ...	2020-02-12 20:48:18
176.110.53.138	attack	port scan and connect, tcp 23 (telnet)	2020-02-12 20:42:23
93.152.159.11	attackspambots	Feb 12 07:19:54 vpn01 sshd[29678]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.152.159.11 Feb 12 07:19:56 vpn01 sshd[29678]: Failed password for invalid user all from 93.152.159.11 port 59182 ssh2 ...	2020-02-12 20:15:50

Recently Reported IPs

110.177.82.186	66.249.82.82	66.102.6.55	58.248.201.198
2a01:4f8:171:392d::e3a:d47d	36.110.171.104	2408:8648:1300:40:6353:6a6e:2b93:6407	2408:8648:1300:40:4aa9:170d:29b5:145
2408:8221:9e10:c480:64a1:73e9:e40e:2e22	2400:dd0d:2000:0:7fed:c2e6:668a:96b9	27.224.136.218	23.105.157.184
223.166.74.234	222.82.62.218	221.197.97.77	221.13.12.171
220.250.11.76	220.181.108.101	220.181.51.72	211.138.242.65