116.21.1.53 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
116.21.124.109	attackspambots	Port Scan ...	2020-09-17 01:14:41
116.21.124.109	attack	Port Scan ...	2020-09-16 17:30:36
116.21.136.38	attackspambots	Fail2Ban Ban Triggered	2020-08-21 17:15:59
116.21.128.188	attackbots	Too many connections or unauthorized access detected from Arctic banned ip	2020-08-03 07:18:31
116.21.172.193	attack	Unauthorized connection attempt detected from IP address 116.21.172.193 to port 23	2020-05-30 01:23:12
116.21.146.5	attackspambots	Automatic report - Port Scan Attack	2020-05-25 01:43:49
116.21.125.72	attackspam	Unauthorized connection attempt detected from IP address 116.21.125.72 to port 8089 [T]	2020-04-01 05:20:10
116.21.1.8	attack	Unauthorized connection attempt detected from IP address 116.21.1.8 to port 23 [J]	2020-02-29 18:34:29
116.21.180.172	attackbotsspam	Feb 5 18:50:32 journals dovecot: pop3-login: Aborted login $auth failed, 1 attempts in 5 secs$: user=\, method=PLAIN, rip=116.21.180.172, lip=212.111.212.230, session=\ Feb 5 18:50:41 journals dovecot: pop3-login: Aborted login $auth failed, 1 attempts in 9 secs$: user=\, method=PLAIN, rip=116.21.180.172, lip=212.111.212.230, session=\<9sFt9NadeLl0FbSs\> Feb 5 18:50:56 journals dovecot: pop3-login: Aborted login $auth failed, 1 attempts in 13 secs$: user=\, method=PLAIN, rip=116.21.180.172, lip=212.111.212.230, session=\ Feb 5 18:52:33 journals dovecot: pop3-login: Aborted login $auth failed, 1 attempts in 5 secs$: user=\, method=PLAIN, rip=116.21.180.172, lip=212.111.212.230, session=\ Feb 5 18:52:42 journals dovecot: pop3-login: Aborted login $auth failed, 1 attempts in 8 secs$: user=\, method=PLAIN, rip=116.21.180.17 ...	2020-02-06 03:33:31
116.21.175.240	attackspam	Sep 17 17:09:43 mxgate1 postfix/postscreen[20426]: CONNECT from [116.21.175.240]:43322 to [176.31.12.44]:25 Sep 17 17:09:43 mxgate1 postfix/dnsblog[20427]: addr 116.21.175.240 listed by domain cbl.abuseat.org as 127.0.0.2 Sep 17 17:09:43 mxgate1 postfix/dnsblog[20430]: addr 116.21.175.240 listed by domain zen.spamhaus.org as 127.0.0.11 Sep 17 17:09:43 mxgate1 postfix/dnsblog[20430]: addr 116.21.175.240 listed by domain zen.spamhaus.org as 127.0.0.4 Sep 17 17:09:43 mxgate1 postfix/dnsblog[20428]: addr 116.21.175.240 listed by domain bl.spamcop.net as 127.0.0.2 Sep 17 17:09:49 mxgate1 postfix/postscreen[20426]: DNSBL rank 4 for [116.21.175.240]:43322 Sep x@x Sep 17 17:09:50 mxgate1 postfix/postscreen[20426]: DISCONNECT [116.21.175.240]:43322 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=116.21.175.240	2019-09-17 23:25:48
116.21.127.96	attackbotsspam	port 23 attempt blocked	2019-09-14 23:07:41
116.21.132.6	attackbots	Sep 2 12:01:22 wp sshd[26875]: Invalid user gpq from 116.21.132.6 Sep 2 12:01:22 wp sshd[26875]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.21.132.6 Sep 2 12:01:25 wp sshd[26875]: Failed password for invalid user gpq from 116.21.132.6 port 11204 ssh2 Sep 2 12:01:25 wp sshd[26875]: Received disconnect from 116.21.132.6: 11: Bye Bye [preauth] Sep 2 12:03:20 wp sshd[26891]: Invalid user stas from 116.21.132.6 Sep 2 12:03:20 wp sshd[26891]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.21.132.6 Sep 2 12:03:22 wp sshd[26891]: Failed password for invalid user stas from 116.21.132.6 port 10720 ssh2 Sep 2 12:03:22 wp sshd[26891]: Received disconnect from 116.21.132.6: 11: Bye Bye [preauth] Sep 2 12:05:17 wp sshd[26914]: Invalid user admin from 116.21.132.6 Sep 2 12:05:17 wp sshd[26914]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost........ -------------------------------	2019-09-03 15:30:19
116.21.133.180	attackbots	Aug 31 14:46:17 plex sshd[16050]: Invalid user nbsuser from 116.21.133.180 port 32038	2019-08-31 21:07:43
116.21.133.180	attackspambots	Aug 30 17:54:21 fv15 sshd[30006]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.21.133.180 user=r.r Aug 30 17:54:23 fv15 sshd[30006]: Failed password for r.r from 116.21.133.180 port 33154 ssh2 Aug 30 17:54:23 fv15 sshd[30006]: Received disconnect from 116.21.133.180: 11: Bye Bye [preauth] Aug 30 18:18:06 fv15 sshd[26471]: Failed password for invalid user ftpuser from 116.21.133.180 port 32916 ssh2 Aug 30 18:18:06 fv15 sshd[26471]: Received disconnect from 116.21.133.180: 11: Bye Bye [preauth] Aug 30 18:24:32 fv15 sshd[9809]: Failed password for invalid user dekahostname from 116.21.133.180 port 30796 ssh2 Aug 30 18:24:32 fv15 sshd[9809]: Received disconnect from 116.21.133.180: 11: Bye Bye [preauth] Aug 30 18:30:58 fv15 sshd[24495]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.21.133.180 user=r.r Aug 30 18:31:00 fv15 sshd[24495]: Failed password for r.r from 116.21.133.180 po........ -------------------------------	2019-08-31 06:24:53
116.21.127.110	attackspam	Telnet Server BruteForce Attack	2019-07-31 22:57:00

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.21.1.53
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 53847
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;116.21.1.53.			IN	A

;; AUTHORITY SECTION:
.			554	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022011000 1800 900 604800 86400

;; Query time: 48 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jan 10 22:41:58 CST 2022
;; MSG SIZE  rcvd: 104

Host info

Host 53.1.21.116.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 53.1.21.116.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
198.12.80.229	attack	Spam	2019-08-14 10:15:22
46.23.203.150	attack	Aug 14 02:44:48 XXX sshd[28100]: Invalid user backup from 46.23.203.150 port 58400	2019-08-14 10:07:18
170.84.48.230	attackbots	proto=tcp . spt=53107 . dpt=25 . (listed on Blocklist de Aug 13) (723)	2019-08-14 09:49:16
165.22.16.90	attackspam	Aug 14 02:51:11 XXX sshd[28605]: Invalid user ksrkm from 165.22.16.90 port 47858	2019-08-14 09:45:22
209.141.51.150	attackspam	Aug 14 02:50:00 localhost sshd\[22825\]: Invalid user user from 209.141.51.150 port 46201 Aug 14 02:50:01 localhost sshd\[22825\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=209.141.51.150 Aug 14 02:50:03 localhost sshd\[22825\]: Failed password for invalid user user from 209.141.51.150 port 46201 ssh2	2019-08-14 09:58:17
88.153.128.51	attackspam	Aug 14 03:48:48 XXX sshd[39117]: Invalid user uuuuu from 88.153.128.51 port 48699	2019-08-14 10:25:07
1.22.91.179	attackbots	Aug 14 03:00:00 fr01 sshd[19169]: Invalid user www from 1.22.91.179 Aug 14 03:00:00 fr01 sshd[19169]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.22.91.179 Aug 14 03:00:00 fr01 sshd[19169]: Invalid user www from 1.22.91.179 Aug 14 03:00:02 fr01 sshd[19169]: Failed password for invalid user www from 1.22.91.179 port 51217 ssh2 Aug 14 03:15:58 fr01 sshd[21876]: Invalid user viktor from 1.22.91.179 ...	2019-08-14 09:48:47
183.130.18.63	attackbots	Unauthorised access (Aug 13) SRC=183.130.18.63 LEN=40 TTL=49 ID=36106 TCP DPT=8080 WINDOW=141 SYN Unauthorised access (Aug 13) SRC=183.130.18.63 LEN=40 TTL=49 ID=64413 TCP DPT=8080 WINDOW=141 SYN	2019-08-14 10:05:51
165.22.243.86	attackspambots	Aug 14 02:51:30 XXX sshd[28639]: Invalid user testuser from 165.22.243.86 port 33880	2019-08-14 09:56:01
177.36.35.0	attack	proto=tcp . spt=59137 . dpt=25 . (listed on Blocklist de Aug 13) (722)	2019-08-14 09:49:52
125.129.83.208	attack	$f2bV_matches	2019-08-14 09:51:24
167.71.35.63	attackspam	Invalid user webplace from 167.71.35.63 port 48650	2019-08-14 10:29:36
61.219.11.153	attackbots	firewall-block, port(s): 443/tcp	2019-08-14 10:03:57
185.164.72.111	attack	SSH bruteforce	2019-08-14 10:13:14
91.200.126.174	attackbotsspam	proto=tcp . spt=50341 . dpt=25 . (listed on Blocklist de Aug 13) (708)	2019-08-14 10:20:51

Recently Reported IPs

113.68.141.227	254.23.167.41	24.166.2.189	193.46.47.4
103.197.165.77	170.196.56.163	173.45.10.128	24.35.176.192
124.214.18.61	103.18.26.226	116.5.102.80	213.201.17.98
244.38.68.76	170.33.33.232	211.186.78.243	254.5.87.42
112.41.13.60	182.60.132.96	204.170.190.34	118.203.91.107