116.52.118.92 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
116.52.118.253	attack	Unauthorized connection attempt detected from IP address 116.52.118.253 to port 4712 [T]	2020-04-15 02:07:01
116.52.118.52	attackbots	The IP has triggered Cloudflare WAF. CF-Ray: 5435ea1e4817eb19 \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: doku.skk.moe \| User-Agent: Mozilla/5.084743666 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/17.17134 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 05:13:51
116.52.118.239	attack	The IP has triggered Cloudflare WAF. CF-Ray: 5413a39aae84e7ad \| WAF_Rule_ID: 1112824 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: blog.skk.moe \| User-Agent: Mozilla/5.0 (Linux; U; Android 4.3; en-us; SM-N900T Build/JSS15J) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 03:35:34

Type

Details

Datetime

116.52.118.253

attack

Unauthorized connection attempt detected from IP address 116.52.118.253 to port 4712 [T]

2020-04-15 02:07:01

116.52.118.52

attackbots

The IP has triggered Cloudflare WAF. CF-Ray: 5435ea1e4817eb19 | WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 | WAF_Kind: firewall | CF_Action: drop | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: doku.skk.moe | User-Agent: Mozilla/5.084743666 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/17.17134 | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-12 05:13:51

116.52.118.239

attack

The IP has triggered Cloudflare WAF. CF-Ray: 5413a39aae84e7ad | WAF_Rule_ID: 1112824 | WAF_Kind: firewall | CF_Action: challenge | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: blog.skk.moe | User-Agent: Mozilla/5.0 (Linux; U; Android 4.3; en-us; SM-N900T Build/JSS15J) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30 | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-08 03:35:34

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.52.118.92
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 48208
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;116.52.118.92.			IN	A

;; AUTHORITY SECTION:
.			444	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022700 1800 900 604800 86400

;; Query time: 57 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 27 16:22:40 CST 2022
;; MSG SIZE  rcvd: 106

Host info

Host 92.118.52.116.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

server can't find 116.52.118.92.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
116.129.254.138	attackspam	Email login attempts - banned mail account name (SMTP)	2020-09-13 05:59:23
193.169.253.169	attack	Sep 12 22:17:21 galaxy event: galaxy/lswi: smtp: database@uni-potsdam.de [193.169.253.169] authentication failure using internet password Sep 12 22:17:21 galaxy event: galaxy/lswi: smtp: database@uni-potsdam.de [193.169.253.169] authentication failure using internet password Sep 12 22:17:21 galaxy event: galaxy/lswi: smtp: database@uni-potsdam.de [193.169.253.169] authentication failure using internet password Sep 12 22:17:22 galaxy event: galaxy/lswi: smtp: database@uni-potsdam.de [193.169.253.169] authentication failure using internet password Sep 12 22:17:22 galaxy event: galaxy/lswi: smtp: database@uni-potsdam.de [193.169.253.169] authentication failure using internet password ...	2020-09-13 06:13:08
201.216.120.59	attackbotsspam	Sep 12 11:57:13 mailman postfix/smtpd[12159]: warning: unknown[201.216.120.59]: SASL PLAIN authentication failed: authentication failure	2020-09-13 06:18:43
193.56.28.18	attackspambots	2020-09-12 20:06:45 dovecot_login authenticator failed for \(win-jm5ndcqfsu3.domain\) \[193.56.28.18\]: 535 Incorrect authentication data \(set_id=service\) 2020-09-12 20:07:00 dovecot_login authenticator failed for \(win-jm5ndcqfsu3.domain\) \[193.56.28.18\]: 535 Incorrect authentication data \(set_id=service\) 2020-09-12 20:07:15 dovecot_login authenticator failed for \(win-jm5ndcqfsu3.domain\) \[193.56.28.18\]: 535 Incorrect authentication data \(set_id=service\) 2020-09-12 20:07:31 dovecot_login authenticator failed for \(win-jm5ndcqfsu3.domain\) \[193.56.28.18\]: 535 Incorrect authentication data \(set_id=service\) 2020-09-12 20:07:49 dovecot_login authenticator failed for \(win-jm5ndcqfsu3.domain\) \[193.56.28.18\]: 535 Incorrect authentication data \(set_id=service\)	2020-09-13 06:05:34
185.220.102.252	attack	Failed password for invalid user from 185.220.102.252 port 6772 ssh2	2020-09-13 06:17:45
14.155.222.132	attackbots	RDP 445 protocol access attempt, port scan and brute force attack	2020-09-13 06:06:00
184.22.199.253	attackspam	Automatic report - Port Scan Attack	2020-09-13 05:53:14
2.57.122.186	attack	TCP (SYN) 2.57.122.186:56806 -> port 5555, len 44	2020-09-13 06:09:21
5.188.84.95	attackbotsspam	6,39-01/03 [bc01/m11] PostRequest-Spammer scoring: harare01_holz	2020-09-13 05:59:48
142.93.247.238	attackspam	Sep 12 17:48:44 game-panel sshd[23279]: Failed password for root from 142.93.247.238 port 52830 ssh2 Sep 12 17:52:47 game-panel sshd[23432]: Failed password for root from 142.93.247.238 port 36974 ssh2	2020-09-13 05:54:30
222.186.175.148	attackbotsspam	Sep 13 00:10:48 server sshd[17786]: Failed none for root from 222.186.175.148 port 56868 ssh2 Sep 13 00:10:50 server sshd[17786]: Failed password for root from 222.186.175.148 port 56868 ssh2 Sep 13 00:10:54 server sshd[17786]: Failed password for root from 222.186.175.148 port 56868 ssh2	2020-09-13 06:12:28
45.145.66.67	attackbots	Fail2Ban Ban Triggered	2020-09-13 06:23:54
60.251.183.90	attackspambots	Sep 12 23:15:49 mout sshd[15460]: Invalid user finance from 60.251.183.90 port 38169	2020-09-13 06:29:32
218.92.0.145	attack	Sep 12 17:38:33 plusreed sshd[26526]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.145 user=root Sep 12 17:38:35 plusreed sshd[26526]: Failed password for root from 218.92.0.145 port 51976 ssh2 ...	2020-09-13 06:01:48
194.26.25.119	attack	Multiport scan : 92 ports scanned 40 128 129 145 180 186 237 285 401 414 418 425 433 449 457 462 482 522 531 605 611 618 647 660 682 691 717 730 739 771 827 843 859 868 885 923 937 945 978 994 997 1010 1026 1057 1066 1078 1089 1110 1121 1122 1137 1153 1155 1226 1230 1251 1292 1308 1324 1340 1356 1385 1410 1419 1435 1436 1438 1447 1463 1552 1584 1597 1654 1687 1703 1712 1735 1751 1753 1767 1777 1784 1798 1799 1815 1816 1846 1880 1893 .....	2020-09-13 06:06:22

Recently Reported IPs

116.52.118.37	116.52.207.159	116.52.207.161	116.52.207.17
116.52.207.206	116.52.17.61	116.52.207.22	116.52.207.132
116.52.207.80	116.52.39.210	116.52.95.171	116.52.65.178
116.53.131.2	116.53.170.194	116.53.230.6	116.54.115.227
116.54.42.108	116.54.42.100	116.54.42.147	116.54.42.166