116.52.1.214 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
116.52.175.150	attackbots	port scan and connect, tcp 1433 (ms-sql-s)	2020-10-05 03:18:26
116.52.175.150	attackspambots	port scan and connect, tcp 1433 (ms-sql-s)	2020-10-04 19:04:20
116.52.1.211	attack	SSH Invalid Login	2020-09-29 06:11:32
116.52.1.211	attackspambots	(sshd) Failed SSH login from 116.52.1.211 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 28 13:58:12 server2 sshd[13054]: Invalid user ca from 116.52.1.211 port 6680 Sep 28 13:58:14 server2 sshd[13054]: Failed password for invalid user ca from 116.52.1.211 port 6680 ssh2 Sep 28 14:08:42 server2 sshd[14880]: Invalid user test1 from 116.52.1.211 port 5410 Sep 28 14:08:44 server2 sshd[14880]: Failed password for invalid user test1 from 116.52.1.211 port 5410 ssh2 Sep 28 14:14:03 server2 sshd[15959]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.52.1.211 user=root	2020-09-28 22:36:34
116.52.1.211	attack	$f2bV_matches	2020-09-22 19:40:15
116.52.164.10	attackspambots	$f2bV_matches	2020-08-04 23:06:13
116.52.164.10	attack	Aug 4 03:47:32 vlre-nyc-1 sshd\[11373\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.52.164.10 user=root Aug 4 03:47:34 vlre-nyc-1 sshd\[11373\]: Failed password for root from 116.52.164.10 port 45945 ssh2 Aug 4 03:51:45 vlre-nyc-1 sshd\[11431\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.52.164.10 user=root Aug 4 03:51:47 vlre-nyc-1 sshd\[11431\]: Failed password for root from 116.52.164.10 port 20583 ssh2 Aug 4 03:55:53 vlre-nyc-1 sshd\[11501\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.52.164.10 user=root ...	2020-08-04 14:28:43
116.52.164.10	attackspambots	Jul 7 17:28:58 dhoomketu sshd[1349756]: Failed password for invalid user bernd from 116.52.164.10 port 18056 ssh2 Jul 7 17:30:50 dhoomketu sshd[1349812]: Invalid user test from 116.52.164.10 port 30564 Jul 7 17:30:50 dhoomketu sshd[1349812]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.52.164.10 Jul 7 17:30:50 dhoomketu sshd[1349812]: Invalid user test from 116.52.164.10 port 30564 Jul 7 17:30:51 dhoomketu sshd[1349812]: Failed password for invalid user test from 116.52.164.10 port 30564 ssh2 ...	2020-07-07 22:56:06
116.52.138.125	attackspambots	DATE:2020-07-07 14:03:08, IP:116.52.138.125, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-07-07 20:10:12
116.52.164.10	attack	Jun 30 12:14:22 vlre-nyc-1 sshd\[18449\]: Invalid user cmy from 116.52.164.10 Jun 30 12:14:22 vlre-nyc-1 sshd\[18449\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.52.164.10 Jun 30 12:14:24 vlre-nyc-1 sshd\[18449\]: Failed password for invalid user cmy from 116.52.164.10 port 54845 ssh2 Jun 30 12:17:53 vlre-nyc-1 sshd\[18545\]: Invalid user asteriskpbx from 116.52.164.10 Jun 30 12:17:53 vlre-nyc-1 sshd\[18545\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.52.164.10 ...	2020-07-01 04:05:49
116.52.164.10	attackbotsspam	Jun 22 21:02:14 server sshd[24182]: Failed password for root from 116.52.164.10 port 25228 ssh2 Jun 22 21:02:43 server sshd[24746]: Failed password for invalid user zgh from 116.52.164.10 port 28567 ssh2 Jun 22 21:03:13 server sshd[25220]: Failed password for root from 116.52.164.10 port 31908 ssh2	2020-06-23 03:59:51
116.52.164.10	attack	Jun 21 15:48:22 [host] sshd[30125]: Invalid user a Jun 21 15:48:22 [host] sshd[30125]: pam_unix(sshd: Jun 21 15:48:25 [host] sshd[30125]: Failed passwor	2020-06-21 21:51:57
116.52.115.227	attackbotsspam	06/18/2020-01:00:18.743929 116.52.115.227 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2020-06-18 17:18:07
116.52.164.10	attackbots	2020-06-07T06:23:59.854137galaxy.wi.uni-potsdam.de sshd[31161]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.52.164.10 user=root 2020-06-07T06:24:01.580956galaxy.wi.uni-potsdam.de sshd[31161]: Failed password for root from 116.52.164.10 port 34783 ssh2 2020-06-07T06:24:49.720801galaxy.wi.uni-potsdam.de sshd[31278]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.52.164.10 user=root 2020-06-07T06:24:51.649397galaxy.wi.uni-potsdam.de sshd[31278]: Failed password for root from 116.52.164.10 port 39530 ssh2 2020-06-07T06:25:38.412783galaxy.wi.uni-potsdam.de sshd[31369]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.52.164.10 user=root 2020-06-07T06:25:40.065781galaxy.wi.uni-potsdam.de sshd[31369]: Failed password for root from 116.52.164.10 port 44271 ssh2 2020-06-07T06:26:29.393098galaxy.wi.uni-potsdam.de sshd[31447]: pam_unix(sshd:auth): authenticati ...	2020-06-07 15:00:03
116.52.164.10	attack	Invalid user ts3 from 116.52.164.10 port 27672	2020-05-30 13:47:27

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.52.1.214
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 37004
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;116.52.1.214.			IN	A

;; AUTHORITY SECTION:
.			177	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020702 1800 900 604800 86400

;; Query time: 45 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 08 11:12:00 CST 2022
;; MSG SIZE  rcvd: 105

Host info

b';; connection timed out; no servers could be reached
'

Nslookup info:

server can't find 116.52.1.214.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
1.6.187.33	attackspambots	Icarus honeypot on github	2020-08-30 15:13:33
65.151.160.89	attackbotsspam	Aug 30 06:09:37 vlre-nyc-1 sshd\[4274\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=65.151.160.89 user=root Aug 30 06:09:40 vlre-nyc-1 sshd\[4274\]: Failed password for root from 65.151.160.89 port 60276 ssh2 Aug 30 06:13:16 vlre-nyc-1 sshd\[4325\]: Invalid user pablo from 65.151.160.89 Aug 30 06:13:16 vlre-nyc-1 sshd\[4325\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=65.151.160.89 Aug 30 06:13:19 vlre-nyc-1 sshd\[4325\]: Failed password for invalid user pablo from 65.151.160.89 port 40840 ssh2 ...	2020-08-30 14:47:44
120.188.37.14	attack	Unauthorised access (Aug 30) SRC=120.188.37.14 LEN=52 TOS=0x08 PREC=0x40 TTL=113 ID=2127 DF TCP DPT=445 WINDOW=8192 SYN	2020-08-30 15:03:02
82.221.131.5	attackbotsspam	Aug 30 08:12:52 rotator sshd\[3555\]: Failed password for root from 82.221.131.5 port 35167 ssh2Aug 30 08:12:55 rotator sshd\[3555\]: Failed password for root from 82.221.131.5 port 35167 ssh2Aug 30 08:12:56 rotator sshd\[3555\]: Failed password for root from 82.221.131.5 port 35167 ssh2Aug 30 08:12:59 rotator sshd\[3555\]: Failed password for root from 82.221.131.5 port 35167 ssh2Aug 30 08:13:01 rotator sshd\[3555\]: Failed password for root from 82.221.131.5 port 35167 ssh2Aug 30 08:13:03 rotator sshd\[3555\]: Failed password for root from 82.221.131.5 port 35167 ssh2 ...	2020-08-30 14:55:20
61.177.172.61	attackbots	Aug 30 08:59:50 vps1 sshd[32487]: Failed none for invalid user root from 61.177.172.61 port 11421 ssh2 Aug 30 08:59:51 vps1 sshd[32487]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.61 user=root Aug 30 08:59:52 vps1 sshd[32487]: Failed password for invalid user root from 61.177.172.61 port 11421 ssh2 Aug 30 08:59:56 vps1 sshd[32487]: Failed password for invalid user root from 61.177.172.61 port 11421 ssh2 Aug 30 09:00:02 vps1 sshd[32487]: Failed password for invalid user root from 61.177.172.61 port 11421 ssh2 Aug 30 09:00:07 vps1 sshd[32487]: Failed password for invalid user root from 61.177.172.61 port 11421 ssh2 Aug 30 09:00:10 vps1 sshd[32487]: Failed password for invalid user root from 61.177.172.61 port 11421 ssh2 Aug 30 09:00:11 vps1 sshd[32487]: error: maximum authentication attempts exceeded for invalid user root from 61.177.172.61 port 11421 ssh2 [preauth] ...	2020-08-30 15:16:55
34.84.24.10	attackspam	34.84.24.10 - - [30/Aug/2020:06:34:27 +0100] "POST /wp-login.php HTTP/1.1" 200 1885 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 34.84.24.10 - - [30/Aug/2020:06:34:30 +0100] "POST /wp-login.php HTTP/1.1" 200 1868 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 34.84.24.10 - - [30/Aug/2020:06:34:31 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-30 14:38:57
103.45.183.19	attackbotsspam	Icarus honeypot on github	2020-08-30 14:54:53
192.241.224.91	attack	Input Traffic from this IP, but critial abuseconfidencescore	2020-08-30 15:13:46
165.22.101.100	attack	165.22.101.100 - - [30/Aug/2020:08:07:49 +0100] "POST /wp-login.php HTTP/1.1" 200 2046 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 165.22.101.100 - - [30/Aug/2020:08:07:52 +0100] "POST /wp-login.php HTTP/1.1" 200 2020 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 165.22.101.100 - - [30/Aug/2020:08:07:55 +0100] "POST /wp-login.php HTTP/1.1" 200 2019 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-30 15:12:36
112.85.42.195	attack	2020-08-30T02:50:14.388863xentho-1 sshd[302530]: Failed password for root from 112.85.42.195 port 44764 ssh2 2020-08-30T02:50:12.199547xentho-1 sshd[302530]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.195 user=root 2020-08-30T02:50:14.388863xentho-1 sshd[302530]: Failed password for root from 112.85.42.195 port 44764 ssh2 2020-08-30T02:50:18.860719xentho-1 sshd[302530]: Failed password for root from 112.85.42.195 port 44764 ssh2 2020-08-30T02:50:12.199547xentho-1 sshd[302530]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.195 user=root 2020-08-30T02:50:14.388863xentho-1 sshd[302530]: Failed password for root from 112.85.42.195 port 44764 ssh2 2020-08-30T02:50:18.860719xentho-1 sshd[302530]: Failed password for root from 112.85.42.195 port 44764 ssh2 2020-08-30T02:50:22.097496xentho-1 sshd[302530]: Failed password for root from 112.85.42.195 port 44764 ssh2 2020-08-30T02:51:52.79 ...	2020-08-30 14:59:52
177.67.49.26	attack	1598759373 - 08/30/2020 05:49:33 Host: 177.67.49.26/177.67.49.26 Port: 445 TCP Blocked	2020-08-30 14:57:42
189.31.60.193	attack	Aug 30 08:31:38 vps1 sshd[32305]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.31.60.193 user=root Aug 30 08:31:40 vps1 sshd[32305]: Failed password for invalid user root from 189.31.60.193 port 38008 ssh2 Aug 30 08:35:08 vps1 sshd[32333]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.31.60.193 Aug 30 08:35:11 vps1 sshd[32333]: Failed password for invalid user cyr from 189.31.60.193 port 54872 ssh2 Aug 30 08:36:26 vps1 sshd[32352]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.31.60.193 Aug 30 08:36:29 vps1 sshd[32352]: Failed password for invalid user felix from 189.31.60.193 port 60816 ssh2 Aug 30 08:37:42 vps1 sshd[32357]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.31.60.193 ...	2020-08-30 15:06:45
86.56.201.25	attackspam	2020-08-30T03:43:16.178228abusebot-6.cloudsearch.cf sshd[28826]: Invalid user oracle from 86.56.201.25 port 44506 2020-08-30T03:43:16.183980abusebot-6.cloudsearch.cf sshd[28826]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=cm56-201-25.liwest.at 2020-08-30T03:43:16.178228abusebot-6.cloudsearch.cf sshd[28826]: Invalid user oracle from 86.56.201.25 port 44506 2020-08-30T03:43:17.944257abusebot-6.cloudsearch.cf sshd[28826]: Failed password for invalid user oracle from 86.56.201.25 port 44506 ssh2 2020-08-30T03:50:10.687895abusebot-6.cloudsearch.cf sshd[28883]: Invalid user safeuser from 86.56.201.25 port 56666 2020-08-30T03:50:10.693266abusebot-6.cloudsearch.cf sshd[28883]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=cm56-201-25.liwest.at 2020-08-30T03:50:10.687895abusebot-6.cloudsearch.cf sshd[28883]: Invalid user safeuser from 86.56.201.25 port 56666 2020-08-30T03:50:13.290783abusebot-6.cloudsearch.cf ...	2020-08-30 14:40:06
85.209.0.101	attack	Aug 30 08:13:32 haigwepa sshd[30570]: Failed password for root from 85.209.0.101 port 35416 ssh2 Aug 30 08:13:32 haigwepa sshd[30571]: Failed password for root from 85.209.0.101 port 35402 ssh2 ...	2020-08-30 14:52:12
223.247.130.195	attack	Invalid user linux from 223.247.130.195 port 45310	2020-08-30 14:39:39

Recently Reported IPs

164.163.2.9	103.93.176.99	113.134.221.50	200.52.149.120
95.71.78.112	59.17.184.226	111.18.61.23	123.154.198.84
101.108.158.82	187.167.178.179	49.86.137.244	77.222.99.16
60.11.120.137	45.10.165.141	167.172.226.163	120.89.74.233
181.49.85.10	45.83.67.39	200.77.198.64	191.240.115.30