116.52.41.29 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Yunnan Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	116.52.41.29 - - \[11/Apr/2020:14:12:07 +0200\] "GET http://api.gxout.com/proxy/check.aspx HTTP/1.1" 400 666 "http://api.gxout.com/proxy/check.aspx" "Mozilla/4.0 \(compatible\; MSIE 6.0\; Windows NT 5.1\)" ...	2020-04-12 04:12:43

Type

Details

Datetime

attackbotsspam

116.52.41.29 - - \[11/Apr/2020:14:12:07 +0200\] "GET http://api.gxout.com/proxy/check.aspx HTTP/1.1" 400 666 "http://api.gxout.com/proxy/check.aspx" "Mozilla/4.0 \(compatible\; MSIE 6.0\; Windows NT 5.1\)"
...

2020-04-12 04:12:43

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.52.41.29
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 9568
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;116.52.41.29.			IN	A

;; AUTHORITY SECTION:
.			271	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020041101 1800 900 604800 86400

;; Query time: 84 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Apr 12 04:12:40 CST 2020
;; MSG SIZE  rcvd: 116

Host info

29.41.52.116.in-addr.arpa domain name pointer 29.41.52.116.broad.km.yn.dynamic.163data.com.cn.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
29.41.52.116.in-addr.arpa	name = 29.41.52.116.broad.km.yn.dynamic.163data.com.cn.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
117.86.139.235	attackbots	[portscan] Port scan	2020-04-25 13:35:09
139.59.10.186	attackbotsspam	frenzy	2020-04-25 13:32:51
190.64.137.173	attack	Apr 25 07:34:27 server sshd[15607]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.64.137.173 Apr 25 07:34:29 server sshd[15607]: Failed password for invalid user nagios from 190.64.137.173 port 41698 ssh2 Apr 25 07:36:14 server sshd[15847]: Failed password for root from 190.64.137.173 port 53035 ssh2 ...	2020-04-25 13:44:12
217.112.142.231	attack	Apr 25 05:46:41 web01.agentur-b-2.de postfix/smtpd[920309]: NOQUEUE: reject: RCPT from unknown[217.112.142.231]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo= Apr 25 05:47:51 web01.agentur-b-2.de postfix/smtpd[923636]: NOQUEUE: reject: RCPT from unknown[217.112.142.231]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo= Apr 25 05:47:51 web01.agentur-b-2.de postfix/smtpd[923636]: NOQUEUE: reject: RCPT from unknown[217.112.142.231]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo= Apr 25 05:49:21 web01.agentur-b-2.de postfix/smtpd[923636]: NOQUEUE: reject: RCPT from unknown[217.112.142.231]: 450 4.7.1	2020-04-25 13:56:51
106.12.31.99	attack	Invalid user mv from 106.12.31.99 port 35230	2020-04-25 13:51:21
114.119.166.102	attackspam	Robots ignored. Multiple log-reports "Access denied"_	2020-04-25 13:47:25
185.50.149.15	attack	Apr 25 07:32:31 nlmail01.srvfarm.net postfix/smtpd[1122230]: warning: unknown[185.50.149.15]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 25 07:32:31 nlmail01.srvfarm.net postfix/smtpd[1122230]: lost connection after AUTH from unknown[185.50.149.15] Apr 25 07:32:37 nlmail01.srvfarm.net postfix/smtpd[1122230]: lost connection after AUTH from unknown[185.50.149.15] Apr 25 07:32:43 nlmail01.srvfarm.net postfix/smtpd[1122515]: lost connection after AUTH from unknown[185.50.149.15] Apr 25 07:32:48 nlmail01.srvfarm.net postfix/smtpd[1122230]: warning: unknown[185.50.149.15]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2020-04-25 14:01:33
85.204.246.240	attackbotsspam	WordPress XMLRPC scan :: 85.204.246.240 0.028 - [25/Apr/2020:03:57:31 0000] www.[censored_1] "POST /xmlrpc.php HTTP/1.1" 503 18039 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.90 Safari/537.36 2345Explorer/9.3.2.17331" "HTTP/1.1"	2020-04-25 13:37:03
185.50.149.17	attackbots	Apr 25 13:58:56 bacztwo courieresmtpd[31908]: error,relay=::ffff:185.50.149.17,msg="535 Authentication failed.",cmd: AUTH LOGIN andcycle-w7club@andcycle.idv.tw Apr 25 13:58:56 bacztwo courieresmtpd[31906]: error,relay=::ffff:185.50.149.17,msg="535 Authentication failed.",cmd: AUTH LOGIN andcycle-bitcointalk.org@andcycle.idv.tw Apr 25 13:58:56 bacztwo courieresmtpd[31907]: error,relay=::ffff:185.50.149.17,msg="535 Authentication failed.",cmd: AUTH LOGIN andcycle-w7club@andcycle.idv.tw Apr 25 13:58:58 bacztwo courieresmtpd[32150]: error,relay=::ffff:185.50.149.17,msg="535 Authentication failed.",cmd: AUTH LOGIN andcycle-bitcointalk.org Apr 25 13:58:58 bacztwo courieresmtpd[32149]: error,relay=::ffff:185.50.149.17,msg="535 Authentication failed.",cmd: AUTH LOGIN andcycle-w7club ...	2020-04-25 14:01:08
95.170.118.79	attackspambots	Apr 25 06:24:15 mail.srvfarm.net postfix/smtpd[855472]: NOQUEUE: reject: RCPT from unknown[95.170.118.79]: 554 5.7.1 Service unavailable; Client host [95.170.118.79] blocked using bl.spamcop.net; Blocked - see https://www.spamcop.net/bl.shtml?95.170.118.79; from= to= proto=ESMTP helo= Apr 25 06:24:15 mail.srvfarm.net postfix/smtpd[855472]: NOQUEUE: reject: RCPT from unknown[95.170.118.79]: 554 5.7.1 Service unavailable; Client host [95.170.118.79] blocked using bl.spamcop.net; Blocked - see https://www.spamcop.net/bl.shtml?95.170.118.79; from= to= proto=ESMTP helo= Apr 25 06:24:15 mail.srvfarm.net postfix/smtpd[855472]: NOQUEUE: reject: RCPT from unknown[95.170.118.79]: 554 5.7.1 Service unavailable; Client host [95.170.118.79] blocked using bl.spamcop.net; Blocked - see https://www.spamcop.net/bl.shtml?95.170.118.79; from= to=	2020-04-25 14:02:54
195.136.61.93	attack	xmlrpc attack	2020-04-25 13:46:32
222.186.30.35	attackspam	Unauthorized connection attempt detected from IP address 222.186.30.35 to port 22 [T]	2020-04-25 13:32:10
95.110.235.17	attackbotsspam	Invalid user test from 95.110.235.17 port 47524	2020-04-25 13:51:33
2002:b9ea:db51::b9ea:db51	attackspam	Apr 25 08:00:29 web01.agentur-b-2.de postfix/smtpd[946357]: warning: unknown[2002:b9ea:db51::b9ea:db51]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 25 08:00:29 web01.agentur-b-2.de postfix/smtpd[946357]: lost connection after AUTH from unknown[2002:b9ea:db51::b9ea:db51] Apr 25 08:02:04 web01.agentur-b-2.de postfix/smtpd[946790]: warning: unknown[2002:b9ea:db51::b9ea:db51]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 25 08:02:04 web01.agentur-b-2.de postfix/smtpd[946790]: lost connection after AUTH from unknown[2002:b9ea:db51::b9ea:db51] Apr 25 08:04:11 web01.agentur-b-2.de postfix/smtpd[946361]: warning: unknown[2002:b9ea:db51::b9ea:db51]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2020-04-25 14:08:40
134.175.92.233	attackspam	DATE:2020-04-25 06:06:55, IP:134.175.92.233, PORT:ssh SSH brute force auth (docker-dc)	2020-04-25 13:34:35

Recently Reported IPs

35.215.235.85	36.194.60.193	205.213.138.130	5.132.41.150
76.113.180.168	208.138.167.119	96.127.236.93	181.81.74.167
47.184.195.186	251.141.143.246	131.152.182.210	17.252.145.213
121.143.176.147	42.167.42.198	164.73.217.186	202.22.129.67
7.102.15.166	196.69.19.183	220.110.55.46	213.5.171.189