116.21.1.53 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
116.21.124.109	attackspambots	Port Scan ...	2020-09-17 01:14:41
116.21.124.109	attack	Port Scan ...	2020-09-16 17:30:36
116.21.136.38	attackspambots	Fail2Ban Ban Triggered	2020-08-21 17:15:59
116.21.128.188	attackbots	Too many connections or unauthorized access detected from Arctic banned ip	2020-08-03 07:18:31
116.21.172.193	attack	Unauthorized connection attempt detected from IP address 116.21.172.193 to port 23	2020-05-30 01:23:12
116.21.146.5	attackspambots	Automatic report - Port Scan Attack	2020-05-25 01:43:49
116.21.125.72	attackspam	Unauthorized connection attempt detected from IP address 116.21.125.72 to port 8089 [T]	2020-04-01 05:20:10
116.21.1.8	attack	Unauthorized connection attempt detected from IP address 116.21.1.8 to port 23 [J]	2020-02-29 18:34:29
116.21.180.172	attackbotsspam	Feb 5 18:50:32 journals dovecot: pop3-login: Aborted login \(auth failed, 1 attempts in 5 secs\): user=\, method=PLAIN, rip=116.21.180.172, lip=212.111.212.230, session=\ Feb 5 18:50:41 journals dovecot: pop3-login: Aborted login \(auth failed, 1 attempts in 9 secs\): user=\, method=PLAIN, rip=116.21.180.172, lip=212.111.212.230, session=\<9sFt9NadeLl0FbSs\> Feb 5 18:50:56 journals dovecot: pop3-login: Aborted login \(auth failed, 1 attempts in 13 secs\): user=\, method=PLAIN, rip=116.21.180.172, lip=212.111.212.230, session=\ Feb 5 18:52:33 journals dovecot: pop3-login: Aborted login \(auth failed, 1 attempts in 5 secs\): user=\, method=PLAIN, rip=116.21.180.172, lip=212.111.212.230, session=\ Feb 5 18:52:42 journals dovecot: pop3-login: Aborted login \(auth failed, 1 attempts in 8 secs\): user=\, method=PLAIN, rip=116.21.180.17 ...	2020-02-06 03:33:31
116.21.175.240	attackspam	Sep 17 17:09:43 mxgate1 postfix/postscreen[20426]: CONNECT from [116.21.175.240]:43322 to [176.31.12.44]:25 Sep 17 17:09:43 mxgate1 postfix/dnsblog[20427]: addr 116.21.175.240 listed by domain cbl.abuseat.org as 127.0.0.2 Sep 17 17:09:43 mxgate1 postfix/dnsblog[20430]: addr 116.21.175.240 listed by domain zen.spamhaus.org as 127.0.0.11 Sep 17 17:09:43 mxgate1 postfix/dnsblog[20430]: addr 116.21.175.240 listed by domain zen.spamhaus.org as 127.0.0.4 Sep 17 17:09:43 mxgate1 postfix/dnsblog[20428]: addr 116.21.175.240 listed by domain bl.spamcop.net as 127.0.0.2 Sep 17 17:09:49 mxgate1 postfix/postscreen[20426]: DNSBL rank 4 for [116.21.175.240]:43322 Sep x@x Sep 17 17:09:50 mxgate1 postfix/postscreen[20426]: DISCONNECT [116.21.175.240]:43322 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=116.21.175.240	2019-09-17 23:25:48
116.21.127.96	attackbotsspam	port 23 attempt blocked	2019-09-14 23:07:41
116.21.132.6	attackbots	Sep 2 12:01:22 wp sshd[26875]: Invalid user gpq from 116.21.132.6 Sep 2 12:01:22 wp sshd[26875]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.21.132.6 Sep 2 12:01:25 wp sshd[26875]: Failed password for invalid user gpq from 116.21.132.6 port 11204 ssh2 Sep 2 12:01:25 wp sshd[26875]: Received disconnect from 116.21.132.6: 11: Bye Bye [preauth] Sep 2 12:03:20 wp sshd[26891]: Invalid user stas from 116.21.132.6 Sep 2 12:03:20 wp sshd[26891]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.21.132.6 Sep 2 12:03:22 wp sshd[26891]: Failed password for invalid user stas from 116.21.132.6 port 10720 ssh2 Sep 2 12:03:22 wp sshd[26891]: Received disconnect from 116.21.132.6: 11: Bye Bye [preauth] Sep 2 12:05:17 wp sshd[26914]: Invalid user admin from 116.21.132.6 Sep 2 12:05:17 wp sshd[26914]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost........ -------------------------------	2019-09-03 15:30:19
116.21.133.180	attackbots	Aug 31 14:46:17 plex sshd[16050]: Invalid user nbsuser from 116.21.133.180 port 32038	2019-08-31 21:07:43
116.21.133.180	attackspambots	Aug 30 17:54:21 fv15 sshd[30006]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.21.133.180 user=r.r Aug 30 17:54:23 fv15 sshd[30006]: Failed password for r.r from 116.21.133.180 port 33154 ssh2 Aug 30 17:54:23 fv15 sshd[30006]: Received disconnect from 116.21.133.180: 11: Bye Bye [preauth] Aug 30 18:18:06 fv15 sshd[26471]: Failed password for invalid user ftpuser from 116.21.133.180 port 32916 ssh2 Aug 30 18:18:06 fv15 sshd[26471]: Received disconnect from 116.21.133.180: 11: Bye Bye [preauth] Aug 30 18:24:32 fv15 sshd[9809]: Failed password for invalid user dekahostname from 116.21.133.180 port 30796 ssh2 Aug 30 18:24:32 fv15 sshd[9809]: Received disconnect from 116.21.133.180: 11: Bye Bye [preauth] Aug 30 18:30:58 fv15 sshd[24495]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.21.133.180 user=r.r Aug 30 18:31:00 fv15 sshd[24495]: Failed password for r.r from 116.21.133.180 po........ -------------------------------	2019-08-31 06:24:53
116.21.127.110	attackspam	Telnet Server BruteForce Attack	2019-07-31 22:57:00

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.21.1.53
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 53847
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;116.21.1.53.			IN	A

;; AUTHORITY SECTION:
.			554	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022011000 1800 900 604800 86400

;; Query time: 48 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jan 10 22:41:58 CST 2022
;; MSG SIZE  rcvd: 104

Host info

Host 53.1.21.116.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 53.1.21.116.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
222.186.42.163	attackbots	Oct 8 16:26:40 rotator sshd\[27156\]: Failed password for root from 222.186.42.163 port 64266 ssh2Oct 8 16:26:42 rotator sshd\[27156\]: Failed password for root from 222.186.42.163 port 64266 ssh2Oct 8 16:26:44 rotator sshd\[27156\]: Failed password for root from 222.186.42.163 port 64266 ssh2Oct 8 16:34:26 rotator sshd\[28113\]: Failed password for root from 222.186.42.163 port 27630 ssh2Oct 8 16:34:29 rotator sshd\[28113\]: Failed password for root from 222.186.42.163 port 27630 ssh2Oct 8 16:34:31 rotator sshd\[28113\]: Failed password for root from 222.186.42.163 port 27630 ssh2 ...	2019-10-08 22:38:22
185.245.85.251	attackspam	Multiple directory traversal attempts	2019-10-08 22:07:40
46.176.77.24	attackspambots	Telnet Server BruteForce Attack	2019-10-08 22:22:21
109.94.174.128	attackspambots	B: Magento admin pass test (wrong country)	2019-10-08 22:21:20
159.65.153.102	attackspam	Lines containing failures of 159.65.153.102 (max 1000) Oct 5 18:08:35 localhost sshd[22020]: User r.r from 159.65.153.102 not allowed because listed in DenyUsers Oct 5 18:08:35 localhost sshd[22020]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.153.102 user=r.r Oct 5 18:08:36 localhost sshd[22020]: Failed password for invalid user r.r from 159.65.153.102 port 50670 ssh2 Oct 5 18:08:37 localhost sshd[22020]: Received disconnect from 159.65.153.102 port 50670:11: Bye Bye [preauth] Oct 5 18:08:37 localhost sshd[22020]: Disconnected from invalid user r.r 159.65.153.102 port 50670 [preauth] Oct 5 18:21:12 localhost sshd[24655]: User r.r from 159.65.153.102 not allowed because listed in DenyUsers Oct 5 18:21:12 localhost sshd[24655]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.153.102 user=r.r Oct 5 18:21:14 localhost sshd[24655]: Failed password for invalid user r.r ........ ------------------------------	2019-10-08 22:29:56
189.84.72.91	attackspam	Telnet Server BruteForce Attack	2019-10-08 22:34:01
139.59.14.115	attack	xmlrpc attack	2019-10-08 22:37:17
111.230.241.90	attackbots	Oct 8 14:56:35 xeon sshd[50469]: Failed password for root from 111.230.241.90 port 42324 ssh2	2019-10-08 22:39:30
125.46.218.27	attackbots	Unauthorised access (Oct 8) SRC=125.46.218.27 LEN=40 TTL=50 ID=22051 TCP DPT=23 WINDOW=56747 SYN	2019-10-08 22:17:33
35.137.198.190	attackspambots	Oct 8 13:54:14 tor-proxy-02 sshd\[27793\]: Invalid user pi from 35.137.198.190 port 41180 Oct 8 13:54:14 tor-proxy-02 sshd\[27794\]: Invalid user pi from 35.137.198.190 port 41182 Oct 8 13:54:15 tor-proxy-02 sshd\[27793\]: Connection closed by 35.137.198.190 port 41180 \[preauth\] ...	2019-10-08 22:27:40
153.36.236.35	attackbots	DATE:2019-10-08 16:12:44, IP:153.36.236.35, PORT:ssh SSH brute force auth on honeypot server (honey-neo-dc-bis)	2019-10-08 22:24:05
68.183.68.47	attackbots	xmlrpc attack	2019-10-08 21:59:38
92.116.120.125	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/92.116.120.125/ DE - 1H : (64) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : DE NAME ASN : ASN8881 IP : 92.116.120.125 CIDR : 92.116.64.0/18 PREFIX COUNT : 472 UNIQUE IP COUNT : 1347328 WYKRYTE ATAKI Z ASN8881 : 1H - 1 3H - 1 6H - 1 12H - 3 24H - 4 DateTime : 2019-10-08 13:54:10 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-10-08 22:30:19
222.209.55.63	attackbots	Automatic report - FTP Brute Force	2019-10-08 22:20:22
202.186.163.81	attackspambots	Oct 8 13:54:42 raspberrypi sshd\[26491\]: Did not receive identification string from 202.186.163.81 ...	2019-10-08 22:05:07

Recently Reported IPs

113.68.141.227	254.23.167.41	24.166.2.189	193.46.47.4
103.197.165.77	170.196.56.163	173.45.10.128	24.35.176.192
124.214.18.61	103.18.26.226	116.5.102.80	213.201.17.98
244.38.68.76	170.33.33.232	211.186.78.243	254.5.87.42
112.41.13.60	182.60.132.96	204.170.190.34	118.203.91.107