140.5.52.71 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States of America (the)

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 140.5.52.71
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 37724
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;140.5.52.71.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025013000 1800 900 604800 86400

;; Query time: 16 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jan 30 19:19:52 CST 2025
;; MSG SIZE  rcvd: 104

Host info

Host 71.52.5.140.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

server can't find 140.5.52.71.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
42.6.209.16	attackspam	Unauthorised access (Mar 23) SRC=42.6.209.16 LEN=44 TTL=240 ID=5333 TCP DPT=1433 WINDOW=1024 SYN	2020-03-24 05:15:53
150.109.108.31	attackbotsspam	Mar 23 19:39:56 cloud sshd[10269]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.109.108.31 Mar 23 19:39:58 cloud sshd[10269]: Failed password for invalid user mb from 150.109.108.31 port 43968 ssh2	2020-03-24 05:51:39
46.14.0.162	attackbotsspam	2020-03-23T21:12:37.016095randservbullet-proofcloud-66.localdomain sshd[6865]: Invalid user admin from 46.14.0.162 port 43726 2020-03-23T21:12:37.020980randservbullet-proofcloud-66.localdomain sshd[6865]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.0.14.46.static.wline.lns.sme.cust.swisscom.ch 2020-03-23T21:12:37.016095randservbullet-proofcloud-66.localdomain sshd[6865]: Invalid user admin from 46.14.0.162 port 43726 2020-03-23T21:12:39.133883randservbullet-proofcloud-66.localdomain sshd[6865]: Failed password for invalid user admin from 46.14.0.162 port 43726 ssh2 ...	2020-03-24 05:48:14
170.130.187.14	attackbots	Port 3306 scan denied	2020-03-24 05:20:19
117.84.93.253	attackbots	IP reached maximum auth failures	2020-03-24 05:38:44
27.72.25.137	attackbotsspam	1584978203 - 03/23/2020 16:43:23 Host: 27.72.25.137/27.72.25.137 Port: 445 TCP Blocked	2020-03-24 05:20:48
49.89.249.22	attackspambots	Mar 23 16:21:27 garuda postfix/smtpd[38227]: connect from unknown[49.89.249.22] Mar 23 16:21:28 garuda postfix/smtpd[38227]: warning: unknown[49.89.249.22]: SASL LOGIN authentication failed: generic failure Mar 23 16:21:28 garuda postfix/smtpd[38227]: lost connection after AUTH from unknown[49.89.249.22] Mar 23 16:21:28 garuda postfix/smtpd[38227]: disconnect from unknown[49.89.249.22] ehlo=1 auth=0/1 commands=1/2 Mar 23 16:22:16 garuda postfix/smtpd[38327]: connect from unknown[49.89.249.22] Mar 23 16:22:18 garuda postfix/smtpd[38327]: warning: unknown[49.89.249.22]: SASL LOGIN authentication failed: generic failure Mar 23 16:22:18 garuda postfix/smtpd[38327]: lost connection after AUTH from unknown[49.89.249.22] Mar 23 16:22:18 garuda postfix/smtpd[38327]: disconnect from unknown[49.89.249.22] ehlo=1 auth=0/1 commands=1/2 Mar 23 16:22:49 garuda postfix/smtpd[38227]: connect from unknown[49.89.249.22] Mar 23 16:22:51 garuda postfix/smtpd[38227]: warning: unknown[49.89......... -------------------------------	2020-03-24 05:41:35
141.8.188.3	attackbots	[Mon Mar 23 22:43:31.123192 2020] [:error] [pid 25305:tid 140519759939328] [client 141.8.188.3:46275] [client 141.8.188.3] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "XnjZI0O@yxpJrJpacVIAdQAAAtE"] ...	2020-03-24 05:12:51
167.71.202.162	attack	Mar 23 22:00:55 v22018086721571380 sshd[1065]: Failed password for invalid user antoinette from 167.71.202.162 port 35752 ssh2	2020-03-24 05:28:43
175.144.232.178	attack	Automatic report - Port Scan Attack	2020-03-24 05:32:11
171.36.220.234	attack	Mar 23 07:41:21 ACSRAD user.debug kernel: PACKET DROP IN= OUT=wwan0 SRC=166.252.210.43 DST=171.36.220.234 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=26290 PROTO=TCP SPT=22 DPT=38280 WINDOW=3888 RES=0x00 ACK FIN URGP=0 Mar 23 07:41:52 ACSRAD auth.info sshd[25358]: Invalid user vicente from 171.36.220.234 port 51786 Mar 23 07:41:52 ACSRAD auth.info sshd[25358]: Failed password for invalid user vicente from 171.36.220.234 port 51786 ssh2 Mar 23 07:41:53 ACSRAD auth.info sshd[25358]: Received disconnect from 171.36.220.234 port 51786:11: Bye Bye [preauth] Mar 23 07:41:53 ACSRAD auth.info sshd[25358]: Disconnected from 171.36.220.234 port 51786 [preauth] Mar 23 07:41:53 ACSRAD auth.notice sshguard[19685]: Attack from "171.36.220.234" on service 100 whostnameh danger 10. Mar 23 07:41:53 ACSRAD auth.notice sshguard[19685]: Attack from "171.36.220.234" on service 100 whostnameh danger 10. Mar 23 07:41:53 ACSRAD auth.notice sshguard[19685]: Attack from "171.36.220.234" on service 1........ ------------------------------	2020-03-24 05:18:57
14.139.187.171	attack	(sshd) Failed SSH login from 14.139.187.171 (IN/India/-): 10 in the last 3600 secs	2020-03-24 05:29:50
51.75.203.178	attackbotsspam	2020-03-23T19:16:20.706351abusebot-4.cloudsearch.cf sshd[5713]: Invalid user ttt from 51.75.203.178 port 33668 2020-03-23T19:16:20.711819abusebot-4.cloudsearch.cf sshd[5713]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.ip-51-75-203.eu 2020-03-23T19:16:20.706351abusebot-4.cloudsearch.cf sshd[5713]: Invalid user ttt from 51.75.203.178 port 33668 2020-03-23T19:16:23.334877abusebot-4.cloudsearch.cf sshd[5713]: Failed password for invalid user ttt from 51.75.203.178 port 33668 ssh2 2020-03-23T19:23:15.251091abusebot-4.cloudsearch.cf sshd[6152]: Invalid user shari from 51.75.203.178 port 45046 2020-03-23T19:23:15.257169abusebot-4.cloudsearch.cf sshd[6152]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.ip-51-75-203.eu 2020-03-23T19:23:15.251091abusebot-4.cloudsearch.cf sshd[6152]: Invalid user shari from 51.75.203.178 port 45046 2020-03-23T19:23:18.229903abusebot-4.cloudsearch.cf sshd[6152]: Failed p ...	2020-03-24 05:48:00
128.201.137.252	attackbots	Fail2Ban - FTP Abuse Attempt	2020-03-24 05:49:34
31.13.115.4	attackspambots	[Mon Mar 23 22:42:58.798364 2020] [:error] [pid 25293:tid 140519810295552] [client 31.13.115.4:58544] [client 31.13.115.4] ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "&REQUEST_HEADERS:Transfer-Encoding" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "202"] [id "920171"] [msg "GET or HEAD Request with Transfer-Encoding."] [data "1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [tag "CAPEC-272"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/IcoMoon.woff"] [unique_id "XnjZArdSec56q6n39A6CDQAAAAE"] ...	2020-03-24 05:37:42

Recently Reported IPs

61.32.82.61	227.108.208.89	26.153.113.132	154.80.186.162
86.68.190.168	221.31.152.193	212.183.78.201	193.242.162.163
170.120.173.28	221.38.186.46	202.118.152.206	39.60.205.201
85.93.102.211	47.230.241.44	210.194.9.116	66.194.122.110
218.244.181.55	138.135.223.27	186.224.211.196	218.147.61.244