This IP address has been reported a total of
49
times from
28 distinct
sources.
140.249.250.254 was first reported on
, and the most recent report was
.
Old Reports:
The most recent abuse report for this IP address is from
. It is possible that this IP is no longer involved in abusive activities.
CSF Auto Report: (eximsyntax) Exim syntax errors from 140.249.250.254 (CN/China/-): 8 in the last 36 ...
show moreCSF Auto Report: (eximsyntax) Exim syntax errors from 140.249.250.254 (CN/China/-): 8 in the last 3600 secs
show less
Honeypot hit: HTTP/1.1 request on 1181
GET /jolokia/read/Users:database=UserDatabase,type=UserDatab ...
show moreHoneypot hit: HTTP/1.1 request on 1181
GET /jolokia/read/Users:database=UserDatabase,type=UserDatabase
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:1.9.7.20) Gecko/ Firefox/3.6.10
Accept: */*
Accept-Language: en
Accept-Encoding: gzip; 1181 [8] TCP
Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB
show less
Hacking
Bad Web Bot
Anonymous
Honeypot hit: HTTP/1.1 request on 12206
GET /jolokia/read/Users:database=UserDatabase,type=UserData ...
show moreHoneypot hit: HTTP/1.1 request on 12206
GET /jolokia/read/Users:database=UserDatabase,type=UserDatabase
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.6.4 Safari/605.1.15
Accept: */*
Accept-Language: en
Accept-Encoding: gzip; 12206 [8] TCP
Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB
show less
Honeypot [uk-production01]: HTTP/1.1 request on 12300
GET /jolokia/read/Users:database=UserDatabase ...
show moreHoneypot [uk-production01]: HTTP/1.1 request on 12300
GET /jolokia/read/Users:database=UserDatabase,type=UserDatabase
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10) AppleWebKit/537.16 (KHTML, like Gecko) Version/8.0 Safari/537.16
Accept: */*
Accept-Language: en
Accept-Encoding: gzip; 12300 [8] TCP
show less
Honeypot hit: HTTP/1.1 request on 1181
GET /index.jsp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win ...
show moreHoneypot hit: HTTP/1.1 request on 1181
GET /index.jsp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:140.0) Gecko/20100101 Firefox/140.2
Accept: */*
Accept-Language: en
Accept-Encoding: gzip; 1181 [4] TCP
Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB
show less
Hacking
Bad Web Bot
Anonymous
Honeypot hit: HTTP/1.1 request on 12206
GET /index.jsp
User-Agent: Mozilla/5.0 (SS; Linux x86_64) A ...
show moreHoneypot hit: HTTP/1.1 request on 12206
GET /index.jsp
User-Agent: Mozilla/5.0 (SS; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Accept: */*
Accept-Language: en
Accept-Encoding: gzip; 12206 [4] TCP
Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB
show less
Honeypot [fra-de-honeypot]: HTTP/1.1 request on 9008
GET /jolokia/read/Users:database=UserDatabase, ...
show moreHoneypot [fra-de-honeypot]: HTTP/1.1 request on 9008
GET /jolokia/read/Users:database=UserDatabase,type=UserDatabase
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 108) AppleWebKit/536.15 (KHTML like Gecko) Version/6.0 Safari/536.16
Accept: */*
Accept-Language: en
Accept-Encoding: gzip; 9008 [48] TCP
Reported by DisPaisy Enterprises (dispaisy.systems) using: https://github.com/sefinek/T-Pot-To-AbuseIPDB
show less
Honeypot [uk-production01]: HTTP/1.1 request on 12300
GET /?echo+pOGnTfwWNK
User-Agent: Mozilla/5.0 ...
show moreHoneypot [uk-production01]: HTTP/1.1 request on 12300
GET /?echo+pOGnTfwWNK
User-Agent: Mozilla/5.0 (Macintosh, Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Safari/605.1.15
Accept-Encoding: gzip; 12300 [4] TCP
show less
Honeypot [fra-de-honeypot]: HTTP/1.1 request on 9008
GET /?echo+pOGnTfwWNK
User-Agent: Mozilla/5.0 ...
show moreHoneypot [fra-de-honeypot]: HTTP/1.1 request on 9008
GET /?echo+pOGnTfwWNK
User-Agent: Mozilla/5.0 (Mac OS X 13_2) AppleWebKit/537.36 (KHTML, like Gecko) Edge/117.0 Safari/537.36
Accept-Encoding: gzip; 9008 [8] TCP
Reported by DisPaisy Enterprises (dispaisy.systems) using: https://github.com/sefinek/T-Pot-To-AbuseIPDB
show less
2026-06-09 03:46:55 connection from 140.249.250.254
2026-06-09 03:47:05 connection from 140.249.250. ...
show more2026-06-09 03:46:55 connection from 140.249.250.254
2026-06-09 03:47:05 connection from 140.249.250.254
2026-06-09 03:47:26 connection from 140.249.250.254
2026-06-09 03:47:28 connection from 140.249.250.254
2026-06-09 04:00:02 connection from 140.249.250.254
...
show less
Brute-Force
Port Scan
SSH
Showing 1 to
15
of 49 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ