AbuseIPDB » 112.29.140.220

112.29.140.220 was found in our database!

This IP was reported 171 times. Confidence of Abuse is 100%: ?

100%

ISP	China Mobile Communications Corporation
Usage Type	Unknown
Domain Name	chinamobileltd.com
Country	China
City	Hefei, Anhui

Spot an error? IP info including ISP, Usage Type, and Location provided by IP2Location.

Report 112.29.140.220

Whois 112.29.140.220

IP Abuse Reports for 112.29.140.220:

This IP address has been reported a total of 171 times from 69 distinct sources. 112.29.140.220 was first reported on September 7th 2019, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago. It is possible that this IP is no longer involved in abusive activities.

Reporter	Date	Comment	Categories
JCB	24 Nov 2019	thinkphp	Hacking Web App Attack
nfsec.pl	15 Nov 2019	112.29.140.220 - - [06/Nov/2019:09:34:24 +0100] "GET /TP/public/index.php HTTP/1.1" 404 390 "-" "Moz ... show more112.29.140.220 - - [06/Nov/2019:09:34:24 +0100] "GET /TP/public/index.php HTTP/1.1" 404 390 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)" 112.29.140.220 - - [06/Nov/2019:09:34:25 +0100] "GET /TP/index.php HTTP/1.1" 404 390 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)" 112.29.140.220 - - [06/Nov/2019:09:34:25 +0100] "GET /thinkphp/html/public/index.php HTTP/1.1" 404 390 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)" 112.29.140.220 - - [06/Nov/2019:09:34:26 +0100] "GET /html/public/index.php HTTP/1.1" 404 390 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)" 112.29.140.220 - - [06/Nov/2019:09:34:26 +0100] "GET /public/index.php HTTP/1.1" 404 390 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100 ... show less	Web App Attack
Anonymous	14 Nov 2019		Port Scan
Marius	12 Nov 2019	Detected by Fail2Ban	Web App Attack
Lemmy	12 Nov 2019		Web App Attack
Scan	12 Nov 2019	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
april	12 Nov 2019	112.29.140.220 was recorded 5 times by 1 hosts attempting to connect to the following ports: 80,1433 ... show more112.29.140.220 was recorded 5 times by 1 hosts attempting to connect to the following ports: 80,1433,7001,8080,9200. Incident counter (4h, 24h, all-time): 5, 13, 77 show less	Port Scan
Anonymous	12 Nov 2019		Port Scan Web App Attack
april	11 Nov 2019	112.29.140.220 was recorded 5 times by 2 hosts attempting to connect to the following ports: 80,9200 ... show more112.29.140.220 was recorded 5 times by 2 hosts attempting to connect to the following ports: 80,9200,1433,7002. Incident counter (4h, 24h, all-time): 5, 5, 69 show less	Port Scan
Skyrider	11 Nov 2019	11/11/2019-12:55:24.685511 112.29.140.220 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	Hacking
JK	11 Nov 2019	$f2bV_matches	Brute-Force
Anonymous	11 Nov 2019	TCP Port Scanning	Port Scan
C A T	10 Nov 2019	Nov 11 03:28:28 h2177944 kernel: \[6314870.635023\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=112.29.140 ... show moreNov 11 03:28:28 h2177944 kernel: \[6314870.635023\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=112.29.140.220 DST=85.214.117.9 LEN=60 TOS=0x00 PREC=0x00 TTL=47 ID=55516 DF PROTO=TCP SPT=53602 DPT=7001 WINDOW=29200 RES=0x00 SYN URGP=0 Nov 11 03:28:29 h2177944 kernel: \[6314871.684060\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=112.29.140.220 DST=85.214.117.9 LEN=60 TOS=0x00 PREC=0x00 TTL=47 ID=26294 DF PROTO=TCP SPT=38854 DPT=8088 WINDOW=29200 RES=0x00 SYN URGP=0 Nov 11 03:28:31 h2177944 kernel: \[6314873.637583\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=112.29.140.220 DST=85.214.117.9 LEN=60 TOS=0x00 PREC=0x00 TTL=48 ID=53879 DF PROTO=TCP SPT=60830 DPT=6379 WINDOW=29200 RES=0x00 SYN URGP=0 Nov 11 03:28:32 h2177944 kernel: \[6314874.640997\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=112.29.140.220 DST=85.214.117.9 LEN=60 TOS=0x00 PREC=0x00 TTL=48 ID=13615 DF PROTO=TCP SPT=59214 DPT=6380 WINDOW=29200 RES=0x00 SYN URGP=0 Nov 11 03:28:33 h2177944 kernel: \[6314875.688579\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=112.29.140.220 show less	Hacking
Pornomens	10 Nov 2019	112.29.140.220 - - \[11/Nov/2019:02:54:51 +0100\] "GET /TP/public/index.php HTTP/1.1" 403 465 "-" "M ... show more112.29.140.220 - - \[11/Nov/2019:02:54:51 +0100\] "GET /TP/public/index.php HTTP/1.1" 403 465 "-" "Mozilla/5.0 \(Windows\; U\; Windows NT 6.0\;en-US\; rv:1.9.2\) Gecko/20100115 Firefox/3.6\)" 112.29.140.220 - - \[11/Nov/2019:02:54:52 +0100\] "GET /TP/index.php HTTP/1.1" 403 458 "-" "Mozilla/5.0 \(Windows\; U\; Windows NT 6.0\;en-US\; rv:1.9.2\) Gecko/20100115 Firefox/3.6\)" 112.29.140.220 - - \[11/Nov/2019:02:54:52 +0100\] "GET /thinkphp/html/public/index.php HTTP/1.1" 403 476 "-" "Mozilla/5.0 \(Windows\; U\; Windows NT 6.0\;en-US\; rv:1.9.2\) Gecko/20100115 Firefox/3.6\)" ... show less	Web App Attack
openstrike.co.uk	10 Nov 2019	8 attacks on PHP URLs: 112.29.140.220 - - [10/Nov/2019:05:50:56 +0000] "GET /index.php HTTP/1. ... show more8 attacks on PHP URLs: 112.29.140.220 - - [10/Nov/2019:05:50:56 +0000] "GET /index.php HTTP/1.1" 403 1251 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)" show less	Web App Attack

Is this your IP? You may request to takedown any associated reports. We will attempt to verify your ownership. Request Takedown 🚩