116.54.42.231 - IPInfo

Basic Info

City: Kunming

Region: Yunnan

Country: China

Internet Service Provider: ChinaNet Yunnan Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	The IP has triggered Cloudflare WAF. CF-Ray: 5412f4529cb2eb71 \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: blog.skk.moe \| User-Agent: Mozilla/5.077692140 Mozilla/5.0 (Windows NT 6.1; Trident/7.0; rv:11.0) like Gecko \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 03:16:29

Type

Details

Datetime

attackspambots

The IP has triggered Cloudflare WAF. CF-Ray: 5412f4529cb2eb71 | WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 | WAF_Kind: firewall | CF_Action: challenge | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: blog.skk.moe | User-Agent: Mozilla/5.077692140 Mozilla/5.0 (Windows NT 6.1; Trident/7.0; rv:11.0) like Gecko | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-08 03:16:29

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.54.42.231
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 49359
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;116.54.42.231.			IN	A

;; AUTHORITY SECTION:
.			247	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019120700 1800 900 604800 86400

;; Query time: 66 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Dec 08 03:16:26 CST 2019
;; MSG SIZE  rcvd: 117

Host info

231.42.54.116.in-addr.arpa domain name pointer 231.42.54.116.broad.km.yn.dynamic.163data.com.cn.

Nslookup info:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

Non-authoritative answer:
231.42.54.116.in-addr.arpa	name = 231.42.54.116.broad.km.yn.dynamic.163data.com.cn.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
187.49.83.194	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 03-10-2019 13:20:28.	2019-10-04 04:40:29
182.74.231.122	attack	Unauthorized IMAP connection attempt	2019-10-04 04:10:47
103.247.88.14	attack	Oct 3 16:18:21 h2177944 kernel: \[2988466.584945\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=103.247.88.14 DST=85.214.117.9 LEN=40 TOS=0x08 PREC=0x20 TTL=64 ID=57119 DF PROTO=TCP SPT=64684 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0 Oct 3 16:20:05 h2177944 kernel: \[2988570.647811\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=103.247.88.14 DST=85.214.117.9 LEN=40 TOS=0x08 PREC=0x20 TTL=79 ID=49724 DF PROTO=TCP SPT=54974 DPT=80 WINDOW=29200 RES=0x00 SYN URGP=0 Oct 3 16:22:09 h2177944 kernel: \[2988695.329046\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=103.247.88.14 DST=85.214.117.9 LEN=40 TOS=0x08 PREC=0x20 TTL=61 ID=26451 DF PROTO=TCP SPT=58585 DPT=22 WINDOW=29200 RES=0x00 SYN URGP=0 Oct 3 16:22:10 h2177944 kernel: \[2988696.037396\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=103.247.88.14 DST=85.214.117.9 LEN=40 TOS=0x08 PREC=0x20 TTL=81 ID=23780 DF PROTO=TCP SPT=57764 DPT=80 WINDOW=29200 RES=0x00 SYN URGP=0 Oct 3 16:22:10 h2177944 kernel: \[2988696.073508\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=103.247.88.14 DST=85.214.	2019-10-04 04:09:46
218.92.0.191	attackspambots	Oct 4 01:45:26 lcl-usvr-02 sshd[5665]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.191 user=root Oct 4 01:45:28 lcl-usvr-02 sshd[5665]: Failed password for root from 218.92.0.191 port 28242 ssh2 ...	2019-10-04 04:25:21
185.175.93.105	attackspambots	10/03/2019-22:24:46.934819 185.175.93.105 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-10-04 04:48:36
115.209.192.137	attackspambots	Automated reporting of SSH Vulnerability scanning	2019-10-04 04:24:48
191.238.222.17	attack	...	2019-10-04 04:12:57
152.136.225.47	attackspambots	Oct 3 17:40:10 tux-35-217 sshd\[27767\]: Invalid user ftpuser from 152.136.225.47 port 50794 Oct 3 17:40:10 tux-35-217 sshd\[27767\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.225.47 Oct 3 17:40:12 tux-35-217 sshd\[27767\]: Failed password for invalid user ftpuser from 152.136.225.47 port 50794 ssh2 Oct 3 17:46:50 tux-35-217 sshd\[27810\]: Invalid user ubnt from 152.136.225.47 port 34490 Oct 3 17:46:50 tux-35-217 sshd\[27810\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.225.47 ...	2019-10-04 04:29:29
49.207.87.254	attackspambots	Attempt to attack host OS, exploiting network vulnerabilities, on 03-10-2019 13:20:31.	2019-10-04 04:36:43
180.126.226.168	attackbotsspam	Automated reporting of SSH Vulnerability scanning	2019-10-04 04:18:30
184.22.79.235	attackbots	Attempt to attack host OS, exploiting network vulnerabilities, on 03-10-2019 13:20:26.	2019-10-04 04:41:58
182.70.242.179	attackspam	Attempt to attack host OS, exploiting network vulnerabilities, on 03-10-2019 13:20:26.	2019-10-04 04:43:18
118.25.3.220	attackbots	Brute force attempt	2019-10-04 04:21:29
92.118.161.1	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-10-04 04:10:05
78.188.58.174	attackbots	Attempt to attack host OS, exploiting network vulnerabilities, on 03-10-2019 13:20:32.	2019-10-04 04:35:04

Recently Reported IPs

206.139.162.231	63.27.70.5	112.66.96.146	80.179.190.72
32.198.5.157	165.228.179.91	111.224.218.83	110.80.155.247
67.204.232.17	88.88.125.162	202.219.173.204	106.39.189.88
149.170.184.183	106.11.154.83	98.190.215.139	73.145.186.211
60.230.123.16	103.192.227.199	77.226.178.0	86.107.29.12