218.29.140.116

Basic Info

City: Zhengzhou

Region: Henan

Country: China

Internet Service Provider: China Unicom

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 218.29.140.116
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 34024
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;218.29.140.116.			IN	A

;; AUTHORITY SECTION:
.			581	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020021601 1800 900 604800 86400

;; Query time: 134 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 17 04:37:19 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 116.140.29.218.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 116.140.29.218.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
139.194.225.62	attackspam	Oct 8 22:24:18 kunden sshd[25644]: Address 139.194.225.62 maps to fm-dyn-139-194-225-62.fast.net.id, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Oct 8 22:24:18 kunden sshd[25644]: Invalid user admin from 139.194.225.62 Oct 8 22:24:19 kunden sshd[25644]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.194.225.62 Oct 8 22:24:21 kunden sshd[25644]: Failed password for invalid user admin from 139.194.225.62 port 45508 ssh2 Oct 8 22:24:21 kunden sshd[25644]: Connection closed by 139.194.225.62 [preauth] Oct 8 22:24:25 kunden sshd[25649]: Address 139.194.225.62 maps to fm-dyn-139-194-225-62.fast.net.id, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Oct 8 22:24:25 kunden sshd[25649]: Invalid user admin from 139.194.225.62 Oct 8 22:24:26 kunden sshd[25649]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.194.225.62 Oct 8 22:24:28........ -------------------------------	2020-10-09 19:19:38
58.87.69.15	attackspambots	Banned for a week because repeated abuses, for example SSH, but not only	2020-10-09 19:55:05
201.209.96.181	attackbotsspam	Port Scan ...	2020-10-09 19:54:46
54.154.186.217	attackspambots	(sshd) Failed SSH login from 54.154.186.217 (IE/Ireland/ec2-54-154-186-217.eu-west-1.compute.amazonaws.com): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 9 07:01:41 optimus sshd[30825]: Failed password for root from 54.154.186.217 port 60980 ssh2 Oct 9 07:01:44 optimus sshd[30924]: Failed password for root from 54.154.186.217 port 34112 ssh2 Oct 9 07:01:48 optimus sshd[30938]: Failed password for root from 54.154.186.217 port 35082 ssh2 Oct 9 07:01:51 optimus sshd[30955]: Failed password for root from 54.154.186.217 port 36358 ssh2 Oct 9 07:01:54 optimus sshd[30970]: Failed password for root from 54.154.186.217 port 37508 ssh2	2020-10-09 19:49:17
182.74.86.178	attackspam	Port Scan ...	2020-10-09 19:50:17
182.122.23.102	attackbots	21 attempts against mh-ssh on pole	2020-10-09 19:52:06
149.129.52.53	attackbots	WordPress (CMS) attack attempts. Date: 2020 Oct 09. 09:54:15 Source IP: 149.129.52.53 Portion of the log(s): 149.129.52.53 - [09/Oct/2020:09:54:09 +0200] "GET /wp-login.php HTTP/1.1" 200 1962 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 149.129.52.53 - [09/Oct/2020:09:54:11 +0200] "POST /wp-login.php HTTP/1.1" 200 2408 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 149.129.52.53 - [09/Oct/2020:09:54:13 +0200] "POST /xmlrpc.php HTTP/1.1" 404 118 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-10-09 19:19:13
106.12.121.179	attack	sshd: Failed password for invalid user .... from 106.12.121.179 port 54966 ssh2 (8 attempts)	2020-10-09 19:40:25
59.50.102.242	attackspambots	Found on CINS badguys / proto=6 . srcport=53562 . dstport=11123 . (227)	2020-10-09 19:18:10
67.45.32.216	attack	Brute forcing email accounts	2020-10-09 19:16:44
78.111.48.49	attack	Lines containing failures of 78.111.48.49 /var/log/apache/pucorp.org.log:Oct 8 22:24:25 server01 postfix/smtpd[26530]: connect from unknown[78.111.48.49] /var/log/apache/pucorp.org.log:Oct x@x /var/log/apache/pucorp.org.log:Oct x@x /var/log/apache/pucorp.org.log:Oct 8 22:24:27 server01 postfix/policy-spf[26541]: : Policy action=PREPEND Received-SPF: none (parquet-terrasse-bois.fr: No applicable sender policy available) receiver=x@x /var/log/apache/pucorp.org.log:Oct x@x /var/log/apache/pucorp.org.log:Oct 8 22:24:27 server01 postfix/smtpd[26530]: lost connection after DATA from unknown[78.111.48.49] /var/log/apache/pucorp.org.log:Oct 8 22:24:27 server01 postfix/smtpd[26530]: disconnect from unknown[78.111.48.49] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=78.111.48.49	2020-10-09 19:21:42
88.157.229.58	attackspam	(sshd) Failed SSH login from 88.157.229.58 (PT/Portugal/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 9 11:33:41 server2 sshd[15164]: Invalid user majordom from 88.157.229.58 port 36938 Oct 9 11:33:43 server2 sshd[15164]: Failed password for invalid user majordom from 88.157.229.58 port 36938 ssh2 Oct 9 11:38:47 server2 sshd[16040]: Invalid user backup from 88.157.229.58 port 58130 Oct 9 11:38:49 server2 sshd[16040]: Failed password for invalid user backup from 88.157.229.58 port 58130 ssh2 Oct 9 11:42:18 server2 sshd[16672]: Invalid user nagios1 from 88.157.229.58 port 33652	2020-10-09 19:48:02
123.149.212.142	attackbotsspam	Lines containing failures of 123.149.212.142 (max 1000) Oct 7 02:53:18 localhost sshd[26175]: User r.r from 123.149.212.142 not allowed because listed in DenyUsers Oct 7 02:53:18 localhost sshd[26175]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.149.212.142 user=r.r Oct 7 02:53:20 localhost sshd[26175]: Failed password for invalid user r.r from 123.149.212.142 port 2540 ssh2 Oct 7 02:53:22 localhost sshd[26175]: Received disconnect from 123.149.212.142 port 2540:11: Bye Bye [preauth] Oct 7 02:53:22 localhost sshd[26175]: Disconnected from invalid user r.r 123.149.212.142 port 2540 [preauth] Oct 7 03:26:38 localhost sshd[3438]: User r.r from 123.149.212.142 not allowed because listed in DenyUsers Oct 7 03:26:38 localhost sshd[3438]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.149.212.142 user=r.r Oct 7 03:26:40 localhost sshd[3438]: Failed password for invalid user r......... ------------------------------	2020-10-09 19:21:04
175.24.68.241	attack	Oct 9 05:51:35 OPSO sshd\[21269\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.24.68.241 user=root Oct 9 05:51:36 OPSO sshd\[21269\]: Failed password for root from 175.24.68.241 port 50716 ssh2 Oct 9 05:54:56 OPSO sshd\[21737\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.24.68.241 user=root Oct 9 05:54:58 OPSO sshd\[21737\]: Failed password for root from 175.24.68.241 port 60226 ssh2 Oct 9 05:59:38 OPSO sshd\[22602\]: Invalid user tests from 175.24.68.241 port 41518 Oct 9 05:59:38 OPSO sshd\[22602\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.24.68.241	2020-10-09 19:37:01
62.234.6.147	attack	2020-10-09T13:34:48.790595cyberdyne sshd[1708733]: Invalid user testman from 62.234.6.147 port 33320 2020-10-09T13:34:50.829197cyberdyne sshd[1708733]: Failed password for invalid user testman from 62.234.6.147 port 33320 ssh2 2020-10-09T13:39:43.926568cyberdyne sshd[1709600]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.6.147 user=root 2020-10-09T13:39:45.788730cyberdyne sshd[1709600]: Failed password for root from 62.234.6.147 port 38098 ssh2 ...	2020-10-09 19:51:32

Recently Reported IPs

38.114.138.198	184.82.169.0	212.201.111.95	90.73.211.15
86.102.1.189	211.153.77.78	194.199.164.196	171.101.106.9
185.179.24.37	221.14.210.157	91.150.146.161	184.82.110.165
65.191.149.38	32.97.174.196	159.203.64.91	182.244.196.167
115.194.223.111	39.186.178.138	150.125.159.45	52.188.139.247