116.54.42.72 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
116.54.42.231	attackspambots	The IP has triggered Cloudflare WAF. CF-Ray: 5412f4529cb2eb71 \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: blog.skk.moe \| User-Agent: Mozilla/5.077692140 Mozilla/5.0 (Windows NT 6.1; Trident/7.0; rv:11.0) like Gecko \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 03:16:29

Type

Details

Datetime

116.54.42.231

attackspambots

The IP has triggered Cloudflare WAF. CF-Ray: 5412f4529cb2eb71 | WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 | WAF_Kind: firewall | CF_Action: challenge | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: blog.skk.moe | User-Agent: Mozilla/5.077692140 Mozilla/5.0 (Windows NT 6.1; Trident/7.0; rv:11.0) like Gecko | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-08 03:16:29

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.54.42.72
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10360
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;116.54.42.72.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021300 1800 900 604800 86400

;; Query time: 57 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 13 13:52:53 CST 2022
;; MSG SIZE  rcvd: 105

Host info

b';; connection timed out; no servers could be reached
'

Nslookup info:

server can't find 116.54.42.72.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
134.209.90.139	attackbots	Sep 7 03:47:47 web8 sshd\[13711\]: Invalid user developer from 134.209.90.139 Sep 7 03:47:48 web8 sshd\[13711\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.90.139 Sep 7 03:47:49 web8 sshd\[13711\]: Failed password for invalid user developer from 134.209.90.139 port 51888 ssh2 Sep 7 03:51:56 web8 sshd\[15716\]: Invalid user vbox from 134.209.90.139 Sep 7 03:51:56 web8 sshd\[15716\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.90.139	2019-09-07 12:00:09
89.100.106.42	attackbots	Sep 7 07:10:10 www sshd\[156121\]: Invalid user tom from 89.100.106.42 Sep 7 07:10:10 www sshd\[156121\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.100.106.42 Sep 7 07:10:12 www sshd\[156121\]: Failed password for invalid user tom from 89.100.106.42 port 37696 ssh2 ...	2019-09-07 12:17:11
105.224.160.160	attackspambots	Automatic report - Port Scan Attack	2019-09-07 12:18:40
134.209.40.67	attackbots	2019-09-07T04:21:22.224109abusebot-8.cloudsearch.cf sshd\[1015\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.40.67 user=ftp	2019-09-07 12:28:21
46.105.227.206	attackspambots	Sep 7 06:20:31 markkoudstaal sshd[11455]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.105.227.206 Sep 7 06:20:33 markkoudstaal sshd[11455]: Failed password for invalid user webadmin from 46.105.227.206 port 33852 ssh2 Sep 7 06:24:52 markkoudstaal sshd[11797]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.105.227.206	2019-09-07 12:30:59
213.136.73.194	attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2019-09-07 12:35:31
200.54.242.46	attackspam	Sep 7 03:07:31 microserver sshd[6167]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.54.242.46 user=root Sep 7 03:07:33 microserver sshd[6167]: Failed password for root from 200.54.242.46 port 56336 ssh2 Sep 7 03:13:26 microserver sshd[7078]: Invalid user webcam123 from 200.54.242.46 port 49110 Sep 7 03:13:26 microserver sshd[7078]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.54.242.46 Sep 7 03:13:27 microserver sshd[7078]: Failed password for invalid user webcam123 from 200.54.242.46 port 49110 ssh2 Sep 7 03:25:16 microserver sshd[9085]: Invalid user 1 from 200.54.242.46 port 34703 Sep 7 03:25:16 microserver sshd[9085]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.54.242.46 Sep 7 03:25:18 microserver sshd[9085]: Failed password for invalid user 1 from 200.54.242.46 port 34703 ssh2 Sep 7 03:31:09 microserver sshd[9877]: Invalid user 123456 from 200.54.242.46 po	2019-09-07 12:36:14
132.232.43.115	attack	SSH Brute-Force reported by Fail2Ban	2019-09-07 12:39:26
121.208.177.47	attackspam	Sep 7 02:41:16 v22018053744266470 sshd[13892]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.208.177.47 Sep 7 02:41:16 v22018053744266470 sshd[13894]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.208.177.47 Sep 7 02:41:18 v22018053744266470 sshd[13892]: Failed password for invalid user pi from 121.208.177.47 port 37558 ssh2 ...	2019-09-07 12:21:54
218.98.40.140	attack	Triggered by Fail2Ban at Vostok web server	2019-09-07 12:48:55
212.87.9.141	attackspambots	Sep 7 06:13:34 MK-Soft-Root1 sshd\[1775\]: Invalid user dspace from 212.87.9.141 port 47644 Sep 7 06:13:34 MK-Soft-Root1 sshd\[1775\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.87.9.141 Sep 7 06:13:36 MK-Soft-Root1 sshd\[1775\]: Failed password for invalid user dspace from 212.87.9.141 port 47644 ssh2 ...	2019-09-07 12:19:18
104.248.134.200	attackspam	Sep 7 06:17:02 vps691689 sshd[30809]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.134.200 Sep 7 06:17:05 vps691689 sshd[30809]: Failed password for invalid user test from 104.248.134.200 port 46124 ssh2 Sep 7 06:21:28 vps691689 sshd[30855]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.134.200 ...	2019-09-07 12:27:09
110.87.104.148	attack	Helo	2019-09-07 12:42:46
49.88.112.116	attack	Sep 6 17:59:28 php1 sshd\[14418\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.116 user=root Sep 6 17:59:30 php1 sshd\[14418\]: Failed password for root from 49.88.112.116 port 20356 ssh2 Sep 6 17:59:33 php1 sshd\[14418\]: Failed password for root from 49.88.112.116 port 20356 ssh2 Sep 6 17:59:36 php1 sshd\[14418\]: Failed password for root from 49.88.112.116 port 20356 ssh2 Sep 6 18:00:26 php1 sshd\[14509\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.116 user=root	2019-09-07 12:09:00
178.128.223.28	attack	Sep 7 06:17:25 vps01 sshd[3125]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.223.28 Sep 7 06:17:27 vps01 sshd[3125]: Failed password for invalid user jenkins from 178.128.223.28 port 55804 ssh2	2019-09-07 12:40:09

Recently Reported IPs

116.54.98.174	116.54.98.238	116.54.98.224	116.58.230.122
116.58.23.78	116.58.232.58	116.58.182.127	116.58.232.196
116.54.98.239	116.58.245.230	116.58.21.218	116.58.242.58
116.62.105.32	116.58.250.41	116.58.251.53	116.62.170.67
116.62.190.16	116.62.66.232	116.6.56.66	116.58.34.90