116.249.34.96 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
116.249.34.205	attackspam	Unauthorized connection attempt detected from IP address 116.249.34.205 to port 2053	2019-12-31 06:29:46
116.249.34.71	attackbots	The IP has triggered Cloudflare WAF. CF-Ray: 5415f7a8de7ee801 \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: disqus.skk.moe \| User-Agent: Mozilla/5.067805899 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 02:18:33

Type

Details

Datetime

116.249.34.205

attackspam

Unauthorized connection attempt detected from IP address 116.249.34.205 to port 2053

2019-12-31 06:29:46

116.249.34.71

attackbots

The IP has triggered Cloudflare WAF. CF-Ray: 5415f7a8de7ee801 | WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 | WAF_Kind: firewall | CF_Action: challenge | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: disqus.skk.moe | User-Agent: Mozilla/5.067805899 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36 | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-08 02:18:33

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.249.34.96
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 48715
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;116.249.34.96.			IN	A

;; AUTHORITY SECTION:
.			350	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021702 1800 900 604800 86400

;; Query time: 66 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 06:15:09 CST 2022
;; MSG SIZE  rcvd: 106

Host info

b';; connection timed out; no servers could be reached
'

Nslookup info:

server can't find 116.249.34.96.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
150.95.148.208	attack	2020-05-03T17:47:45.426949shield sshd\[28498\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=v150-95-148-208.a08d.g.tyo1.static.cnode.io user=root 2020-05-03T17:47:47.215646shield sshd\[28498\]: Failed password for root from 150.95.148.208 port 50132 ssh2 2020-05-03T17:52:11.237104shield sshd\[29749\]: Invalid user giovannetti from 150.95.148.208 port 35370 2020-05-03T17:52:11.240640shield sshd\[29749\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=v150-95-148-208.a08d.g.tyo1.static.cnode.io 2020-05-03T17:52:12.884428shield sshd\[29749\]: Failed password for invalid user giovannetti from 150.95.148.208 port 35370 ssh2	2020-05-04 02:08:20
45.172.108.75	attack	May 3 14:03:38 inter-technics sshd[2592]: Invalid user ykim from 45.172.108.75 port 34738 May 3 14:03:38 inter-technics sshd[2592]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.172.108.75 May 3 14:03:38 inter-technics sshd[2592]: Invalid user ykim from 45.172.108.75 port 34738 May 3 14:03:40 inter-technics sshd[2592]: Failed password for invalid user ykim from 45.172.108.75 port 34738 ssh2 May 3 14:08:49 inter-technics sshd[3868]: Invalid user chris from 45.172.108.75 port 49298 ...	2020-05-04 01:58:48
164.132.38.153	attack	Port scan on 1 port(s): 445	2020-05-04 02:08:37
91.231.165.95	attack	Unauthorized connection attempt detected from IP address 91.231.165.95 to port 22	2020-05-04 01:50:35
42.117.22.118	attack	1588507687 - 05/03/2020 14:08:07 Host: 42.117.22.118/42.117.22.118 Port: 445 TCP Blocked	2020-05-04 01:57:39
128.199.168.248	attackbotsspam	$f2bV_matches	2020-05-04 01:53:20
176.122.137.150	attackbots	May 3 18:25:47 pornomens sshd\[9117\]: Invalid user erpnext from 176.122.137.150 port 49574 May 3 18:25:47 pornomens sshd\[9117\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.122.137.150 May 3 18:25:49 pornomens sshd\[9117\]: Failed password for invalid user erpnext from 176.122.137.150 port 49574 ssh2 ...	2020-05-04 01:52:22
116.52.9.220	attack	SSH brute-force attempt	2020-05-04 02:19:40
112.26.92.129	attackbots	Sun May 3 15:08:05 2020 \[pid 40616\] \[user\] FAIL LOGIN: Client "112.26.92.129"Sun May 3 15:08:09 2020 \[pid 40697\] \[user\] FAIL LOGIN: Client "112.26.92.129"Sun May 3 15:08:13 2020 \[pid 40702\] \[user\] FAIL LOGIN: Client "112.26.92.129"Sun May 3 15:08:23 2020 \[pid 40710\] \[user\] FAIL LOGIN: Client "112.26.92.129"Sun May 3 15:08:26 2020 \[pid 40706\] \[user\] FAIL LOGIN: Client "112.26.92.129" ...	2020-05-04 02:17:04
94.199.198.137	attackbots	May 3 15:27:31 vps sshd[166065]: Failed password for invalid user ocm from 94.199.198.137 port 37800 ssh2 May 3 15:31:38 vps sshd[186257]: Invalid user tmp from 94.199.198.137 port 4842 May 3 15:31:38 vps sshd[186257]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip-94-199-198-137.acvyskov.cz May 3 15:31:39 vps sshd[186257]: Failed password for invalid user tmp from 94.199.198.137 port 4842 ssh2 May 3 15:35:49 vps sshd[206643]: Invalid user guest from 94.199.198.137 port 33770 ...	2020-05-04 01:55:51
45.151.254.218	attackbotsspam	Trying ports that it shouldn't be.	2020-05-04 02:04:58
167.172.249.58	attackspam	May 3 08:20:50 NPSTNNYC01T sshd[1433]: Failed password for root from 167.172.249.58 port 48340 ssh2 May 3 08:23:27 NPSTNNYC01T sshd[1772]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.172.249.58 May 3 08:23:29 NPSTNNYC01T sshd[1772]: Failed password for invalid user adil from 167.172.249.58 port 36176 ssh2 ...	2020-05-04 02:23:25
34.80.223.251	attack	May 3 18:18:50 vps sshd[17677]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=34.80.223.251 May 3 18:18:52 vps sshd[17677]: Failed password for invalid user cyclone from 34.80.223.251 port 18092 ssh2 May 3 18:26:40 vps sshd[18066]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=34.80.223.251 ...	2020-05-04 02:21:32
181.169.155.174	attackbots	May 3 14:32:24 eventyay sshd[8334]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.169.155.174 May 3 14:32:26 eventyay sshd[8334]: Failed password for invalid user wuwei from 181.169.155.174 port 51222 ssh2 May 3 14:35:06 eventyay sshd[8404]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.169.155.174 ...	2020-05-04 02:15:52
45.119.212.125	attackspam	May 3 12:21:20 Tower sshd[9368]: Connection from 45.119.212.125 port 55116 on 192.168.10.220 port 22 rdomain "" May 3 12:21:27 Tower sshd[9368]: Invalid user admin9 from 45.119.212.125 port 55116 May 3 12:21:27 Tower sshd[9368]: error: Could not get shadow information for NOUSER May 3 12:21:27 Tower sshd[9368]: Failed password for invalid user admin9 from 45.119.212.125 port 55116 ssh2 May 3 12:21:27 Tower sshd[9368]: Received disconnect from 45.119.212.125 port 55116:11: Bye Bye [preauth] May 3 12:21:27 Tower sshd[9368]: Disconnected from invalid user admin9 45.119.212.125 port 55116 [preauth]	2020-05-04 01:59:38

Recently Reported IPs

116.25.134.77	116.25.36.88	116.25.39.152	116.25.43.195
116.249.77.103	116.25.241.39	116.249.91.119	116.249.91.46
116.25.45.233	116.249.66.86	116.25.44.18	116.251.204.43
116.251.204.35	116.251.205.142	116.251.205.24	116.252.204.219
116.251.207.92	116.254.116.178	116.255.110.4	116.252.11.200