212.253.140.117

Basic Info

City: Ankara

Region: Ankara

Country: Turkey

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 212.253.140.117
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56863
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;212.253.140.117.		IN	A

;; AUTHORITY SECTION:
.			3103	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019091200 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Sep 13 00:59:24 CST 2019
;; MSG SIZE  rcvd: 119

Host info

117.140.253.212.in-addr.arpa domain name pointer host-212-253-140-117.reverse.superonline.net.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
117.140.253.212.in-addr.arpa	name = host-212-253-140-117.reverse.superonline.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
185.234.219.57	attack	Honeypot hit, critical abuseConfidenceScore, incoming Traffic from this IP	2019-10-17 05:08:55
62.65.78.89	attack	Invalid user pi from 62.65.78.89 port 60186	2019-10-17 05:08:11
123.206.17.141	attack	2019-10-16T20:59:23.887018shield sshd\[16432\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.206.17.141 user=root 2019-10-16T20:59:26.109256shield sshd\[16432\]: Failed password for root from 123.206.17.141 port 40289 ssh2 2019-10-16T20:59:28.312151shield sshd\[16432\]: Failed password for root from 123.206.17.141 port 40289 ssh2 2019-10-16T20:59:30.460760shield sshd\[16432\]: Failed password for root from 123.206.17.141 port 40289 ssh2 2019-10-16T20:59:32.553403shield sshd\[16432\]: Failed password for root from 123.206.17.141 port 40289 ssh2	2019-10-17 05:02:32
203.60.2.111	attackbots	10/16/2019-15:27:37.719813 203.60.2.111 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-10-17 05:01:43
111.251.178.128	attackspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/111.251.178.128/ TW - 1H : (192) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : TW NAME ASN : ASN3462 IP : 111.251.178.128 CIDR : 111.251.0.0/16 PREFIX COUNT : 390 UNIQUE IP COUNT : 12267520 WYKRYTE ATAKI Z ASN3462 : 1H - 7 3H - 22 6H - 43 12H - 107 24H - 168 DateTime : 2019-10-16 21:27:52 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-10-17 04:50:39
193.201.224.214	attackspambots	Automatic report - Banned IP Access	2019-10-17 04:57:29
39.72.252.225	attackspam	Unauthorised access (Oct 16) SRC=39.72.252.225 LEN=40 TTL=49 ID=38033 TCP DPT=8080 WINDOW=46385 SYN Unauthorised access (Oct 14) SRC=39.72.252.225 LEN=40 TTL=49 ID=62391 TCP DPT=8080 WINDOW=46385 SYN	2019-10-17 04:56:39
59.39.177.195	attackbots	Oct 16 15:27:06 web1 postfix/smtpd[14814]: warning: unknown[59.39.177.195]: SASL LOGIN authentication failed: authentication failure ...	2019-10-17 05:18:41
106.12.189.235	attackspam	Oct 16 19:45:16 XXX sshd[41649]: Invalid user mcunningham from 106.12.189.235 port 56100	2019-10-17 05:27:46
222.137.188.84	attack	Unauthorised access (Oct 16) SRC=222.137.188.84 LEN=40 TTL=49 ID=6418 TCP DPT=8080 WINDOW=19020 SYN Unauthorised access (Oct 16) SRC=222.137.188.84 LEN=40 TTL=49 ID=20804 TCP DPT=8080 WINDOW=58356 SYN Unauthorised access (Oct 16) SRC=222.137.188.84 LEN=40 TTL=49 ID=3144 TCP DPT=8080 WINDOW=58356 SYN Unauthorised access (Oct 16) SRC=222.137.188.84 LEN=40 TTL=49 ID=45114 TCP DPT=8080 WINDOW=19020 SYN Unauthorised access (Oct 15) SRC=222.137.188.84 LEN=40 TTL=49 ID=3146 TCP DPT=8080 WINDOW=19020 SYN	2019-10-17 04:57:06
112.35.79.100	attackspambots	[WedOct1621:27:26.2589272019][:error][pid18409:tid46955524249344][client112.35.79.100:23811][client112.35.79.100]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch"\(\?:\\\\\\\\\(chr\?\\\\\\\\\(\?[0-9]{1\,3}\?\\\\\\\\\)\\|\?=\?f\(\?:open\\|write\)\?\\\\\\\\\(\\|\\\\\\\\b\(\?:passthru\\|serialize\\|php_uname\\|phpinfo\\|shell_exec\\|preg_\\\\\\\\w \\|mysql_query\\|exec\\|eval\\|base64_decode\\|decode_base64\\|rot13\\|base64_url_decode\\|gz\(\?:inflate\\|decode\\|uncompress\)\\|strrev\\|zlib_\\\\\\\\w \)\\\\\\\\b\?\(\?..."atARGS:admin.[file"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf"][line"767"][id"340095"][rev"53"][msg"Atomicorp.comWAFRules:AttackBlocked-PHPfunctioninArgument-thismaybeanattack."][data"die\(@md5\,ARGS:admin"][severity"CRITICAL"][hostname"136.243.224.51"][uri"/33e0f388/admin.php"][unique_id"XadvHrYUUxsaVw1YNQ@4vAAAAJE"][WedOct1621:27:26.8015672019][:error][pid13312:tid46955606578944][client112.35.79.100:23999][client112.35.79.100]ModSecurity:Accessdeniedwithcode403\(phase2\).Pa	2019-10-17 05:05:31
49.81.199.22	attack	2019-10-16 19:39:26 H=(inboundcluster1.messageexchange.com) [49.81.199.22]:13127 I=[10.100.18.23]:25 sender verify fail for : Unrouteable address 2019-10-16 x@x 2019-10-16 21:14:04 H=(2shin.net) [49.81.199.22]:12082 I=[10.100.18.23]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=49.81.199.22) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=49.81.199.22	2019-10-17 04:53:21
132.255.70.76	attackspam	WordPress wp-login brute force :: 132.255.70.76 0.128 BYPASS [17/Oct/2019:06:27:55 1100] [censored_1] "POST /wp-login.php HTTP/1.1" 200 3972 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-10-17 04:50:19
171.221.230.220	attack	F2B jail: sshd. Time: 2019-10-16 22:14:39, Reported by: VKReport	2019-10-17 05:15:57
104.238.196.100	attack	Malicious phishing/spamvertising, ISP Timeweb Ltd – repetitive UBE IP; repetitive redirects; blacklists Unsolicited bulk spam - cannaboil.xyz, Timeweb ltd - 188.225.77.160 Spam link ketonews.3utilities.com = 176.57.208.235 Timeweb Ltd – blacklisted – malicious phishing redirect: - fitketolife.com = 104.238.196.100 Infiltrate, LLC - petitebanyan.com = 104.238.196.100 Infiltrate, LLC - earnyourprize.com = 176.119.28.33 Virtual Systems Llc - 104.223.143.184 = 104.223.143.184 E world USA Holding - 176.57.208.235 = 176.57.208.235 Timeweb Ltd - hwmanymore.com = 35.192.185.253 Google - goatshpprd.com = 35.192.185.253 Google - jbbrwaki.com = 18.191.57.178, Amazon - go.tiederl.com = 66.172.12.145, ChunkHost - ddnsking.com = 8.23.224.108, Vitalwerks Internet Solutions	2019-10-17 05:00:03

Recently Reported IPs

163.226.250.43	59.166.230.29	36.7.103.114	189.135.192.86
186.251.42.50	98.186.151.61	58.52.34.64	167.132.245.204
219.46.86.186	162.177.162.70	251.249.36.87	103.15.135.99
189.145.154.189	19.88.135.167	73.155.250.196	101.109.253.54
122.242.58.218	91.97.88.118	233.201.5.138	243.75.139.110