116.54.42.71 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
116.54.42.231	attackspambots	The IP has triggered Cloudflare WAF. CF-Ray: 5412f4529cb2eb71 \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: blog.skk.moe \| User-Agent: Mozilla/5.077692140 Mozilla/5.0 (Windows NT 6.1; Trident/7.0; rv:11.0) like Gecko \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 03:16:29

Type

Details

Datetime

116.54.42.231

attackspambots

The IP has triggered Cloudflare WAF. CF-Ray: 5412f4529cb2eb71 | WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 | WAF_Kind: firewall | CF_Action: challenge | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: blog.skk.moe | User-Agent: Mozilla/5.077692140 Mozilla/5.0 (Windows NT 6.1; Trident/7.0; rv:11.0) like Gecko | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-08 03:16:29

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.54.42.71
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 27667
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;116.54.42.71.			IN	A

;; AUTHORITY SECTION:
.			431	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022700 1800 900 604800 86400

;; Query time: 25 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 27 16:22:53 CST 2022
;; MSG SIZE  rcvd: 105

Host info

Host 71.42.54.116.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

server can't find 116.54.42.71.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
106.13.50.145	attack	Invalid user prova from 106.13.50.145 port 49036	2020-06-20 04:18:04
195.38.126.113	attackspam	Tried sshing with brute force.	2020-06-20 04:15:57
140.143.136.89	attackspambots	2020-06-19 14:07:13.944596-0500 localhost sshd[23542]: Failed password for invalid user mvx from 140.143.136.89 port 38122 ssh2	2020-06-20 04:23:21
128.14.209.178	attackbotsspam	Unauthorized connection attempt detected from IP address 128.14.209.178 to port 9001 [T]	2020-06-20 04:21:17
49.88.112.75	attack	Failed password for root from 49.88.112.75 port 18825 ssh2 Failed password for root from 49.88.112.75 port 18825 ssh2 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.75 user=root Failed password for root from 49.88.112.75 port 29937 ssh2 Failed password for root from 49.88.112.75 port 29937 ssh2	2020-06-20 04:02:42
79.143.191.99	attack	Spam	2020-06-20 04:22:03
67.205.135.127	attack	Jun 19 11:11:52 vps46666688 sshd[5065]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=67.205.135.127 Jun 19 11:11:55 vps46666688 sshd[5065]: Failed password for invalid user xff from 67.205.135.127 port 46914 ssh2 ...	2020-06-20 04:36:22
94.102.51.95	attackbots	06/19/2020-15:41:50.247063 94.102.51.95 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-06-20 03:58:07
195.192.226.115	attackspambots	firewall-block, port(s): 23/tcp	2020-06-20 04:29:35
70.75.102.158	attackspam	2020-06-19T15:11:04.695778ollin.zadara.org sshd[106139]: Invalid user admin from 70.75.102.158 port 34275 2020-06-19T15:11:06.379889ollin.zadara.org sshd[106139]: Failed password for invalid user admin from 70.75.102.158 port 34275 ssh2 ...	2020-06-20 03:58:30
35.201.250.90	attackspam	35.201.250.90 - - \[19/Jun/2020:14:10:29 +0200\] "POST /wp-login.php HTTP/1.0" 200 5993 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 35.201.250.90 - - \[19/Jun/2020:14:10:33 +0200\] "POST /wp-login.php HTTP/1.0" 200 5995 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 35.201.250.90 - - \[19/Jun/2020:14:10:34 +0200\] "POST /xmlrpc.php HTTP/1.0" 200 904 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2020-06-20 04:15:09
119.45.112.28	attack	Invalid user hacluster from 119.45.112.28 port 52752	2020-06-20 04:08:53
103.151.124.95	attack	(pop3d) Failed POP3 login from 103.151.124.95 (-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Jun 19 16:40:21 ir1 dovecot[2885757]: pop3-login: Disconnected (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=103.151.124.95, lip=5.63.12.44, session=	2020-06-20 04:24:47
222.139.245.70	attackspam	Jun 19 21:09:25 vpn01 sshd[28903]: Failed password for root from 222.139.245.70 port 44578 ssh2 ...	2020-06-20 04:02:29
51.195.136.190	attack	srv02 SSH BruteForce Attacks 22 ..	2020-06-20 04:00:10

Recently Reported IPs

116.54.42.47	116.54.98.10	116.54.42.80	93.158.92.199
116.54.98.108	116.54.98.137	116.54.98.167	116.54.98.183
116.54.98.191	116.54.42.55	116.54.98.200	116.54.98.203
116.54.98.208	149.169.198.133	116.54.98.23	116.54.98.215
116.54.98.254	116.54.98.69	116.55.1.5	116.54.98.54