116.78.254.13 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.78.254.13
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 50570
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;116.78.254.13.			IN	A

;; AUTHORITY SECTION:
.			501	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022011002 1800 900 604800 86400

;; Query time: 62 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jan 11 10:34:42 CST 2022
;; MSG SIZE  rcvd: 106

Host info

b'Host 13.254.78.116.in-addr.arpa not found: 2(SERVFAIL)
'

Nslookup info:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 13.254.78.116.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
90.214.93.247	attack	php WP PHPmyadamin ABUSE blocked for 12h	2020-08-20 21:42:46
108.28.227.74	attack	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: pool-108-28-227-74.washdc.fios.verizon.net.	2020-08-20 21:42:19
179.43.143.147	attackspam	srvr1: (mod_security) mod_security (id:920350) triggered by 179.43.143.147 (CH/-/caspian.idfnv.net): 1 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/08/20 12:07:21 [error] 408245#0: 711375 [client 179.43.143.147] ModSecurity: Access denied with code 406 (phase 2). Matched "Operator `Rx' with parameter `^[\d.:]+$' against variable `REQUEST_HEADERS:Host' [redacted] [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "718"] [id "920350"] [rev ""] [msg "Host header is a numeric IP address"] [redacted] [severity "4"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [redacted] [uri "/"] [unique_id "159792524195.366448"] [ref "o0,13v21,13"], client: 179.43.143.147, [redacted] request: "GET / HTTP/1.1" [redacted]	2020-08-20 21:24:27
144.34.221.254	attackbots	Aug 20 09:29:11 george sshd[11288]: Invalid user wangqiang from 144.34.221.254 port 57308 Aug 20 09:29:11 george sshd[11288]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.34.221.254 Aug 20 09:29:13 george sshd[11288]: Failed password for invalid user wangqiang from 144.34.221.254 port 57308 ssh2 Aug 20 09:33:06 george sshd[11377]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.34.221.254 user=root Aug 20 09:33:07 george sshd[11377]: Failed password for root from 144.34.221.254 port 37370 ssh2 ...	2020-08-20 21:33:34
197.135.48.139	attack	Aug 19 15:30:58 nxxxxxxx0 sshd[15653]: Invalid user erick from 197.135.48.139 Aug 19 15:30:58 nxxxxxxx0 sshd[15653]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.135.48.139 Aug 19 15:31:00 nxxxxxxx0 sshd[15653]: Failed password for invalid user erick from 197.135.48.139 port 36301 ssh2 Aug 19 15:31:01 nxxxxxxx0 sshd[15653]: Received disconnect from 197.135.48.139: 11: Bye Bye [preauth] Aug 19 15:36:00 nxxxxxxx0 sshd[16138]: Invalid user ftpuser from 197.135.48.139 Aug 19 15:36:00 nxxxxxxx0 sshd[16138]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.135.48.139 Aug 19 15:36:02 nxxxxxxx0 sshd[16138]: Failed password for invalid user ftpuser from 197.135.48.139 port 58598 ssh2 Aug 19 15:36:03 nxxxxxxx0 sshd[16138]: Received disconnect from 197.135.48.139: 11: Bye Bye [preauth] Aug 19 15:42:24 nxxxxxxx0 sshd[16738]: Invalid user tia from 197.135.48.139 Aug 19 15:42:24 nxxxxxxx0 sshd........ -------------------------------	2020-08-20 21:29:22
142.93.195.157	attackspam	Aug 20 15:10:55 vps639187 sshd\[26695\]: Invalid user www from 142.93.195.157 port 38360 Aug 20 15:10:55 vps639187 sshd\[26695\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.195.157 Aug 20 15:10:57 vps639187 sshd\[26695\]: Failed password for invalid user www from 142.93.195.157 port 38360 ssh2 ...	2020-08-20 21:13:27
111.180.24.191	attackspam	Unauthorised access (Aug 20) SRC=111.180.24.191 LEN=40 TTL=49 ID=52122 TCP DPT=8080 WINDOW=60885 SYN Unauthorised access (Aug 20) SRC=111.180.24.191 LEN=40 TTL=49 ID=57751 TCP DPT=8080 WINDOW=60885 SYN Unauthorised access (Aug 19) SRC=111.180.24.191 LEN=40 TTL=49 ID=17463 TCP DPT=8080 WINDOW=26011 SYN Unauthorised access (Aug 18) SRC=111.180.24.191 LEN=40 TTL=49 ID=59605 TCP DPT=8080 WINDOW=60885 SYN	2020-08-20 21:31:52
134.209.57.3	attack	2020-08-20T13:06:19.393741shield sshd\[31145\]: Invalid user ziyang from 134.209.57.3 port 33806 2020-08-20T13:06:19.403447shield sshd\[31145\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.57.3 2020-08-20T13:06:21.493721shield sshd\[31145\]: Failed password for invalid user ziyang from 134.209.57.3 port 33806 ssh2 2020-08-20T13:10:09.312613shield sshd\[31416\]: Invalid user wangyan from 134.209.57.3 port 41532 2020-08-20T13:10:09.322594shield sshd\[31416\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.57.3	2020-08-20 21:10:14
112.85.42.89	attackspambots	Aug 20 15:36:43 PorscheCustomer sshd[21394]: Failed password for root from 112.85.42.89 port 63932 ssh2 Aug 20 15:36:45 PorscheCustomer sshd[21394]: Failed password for root from 112.85.42.89 port 63932 ssh2 Aug 20 15:36:47 PorscheCustomer sshd[21394]: Failed password for root from 112.85.42.89 port 63932 ssh2 ...	2020-08-20 21:45:59
14.235.227.234	attack	1597925263 - 08/20/2020 14:07:43 Host: 14.235.227.234/14.235.227.234 Port: 445 TCP Blocked	2020-08-20 21:09:38
104.236.115.5	attackbots	Fail2Ban Ban Triggered	2020-08-20 21:36:59
45.95.168.190	attackspam	Aug 20 14:55:50 tor-proxy-06 sshd\[31784\]: Invalid user ansible from 45.95.168.190 port 43362 Aug 20 14:55:54 tor-proxy-06 sshd\[31786\]: Invalid user ansible from 45.95.168.190 port 47444 Aug 20 14:56:12 tor-proxy-06 sshd\[31788\]: User root from 45.95.168.190 not allowed because not listed in AllowUsers ...	2020-08-20 21:12:39
106.12.156.236	attack	Aug 20 14:53:49 eventyay sshd[26562]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.156.236 Aug 20 14:53:51 eventyay sshd[26562]: Failed password for invalid user baum from 106.12.156.236 port 35686 ssh2 Aug 20 14:55:00 eventyay sshd[26596]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.156.236 ...	2020-08-20 21:06:07
94.176.205.124	attackspambots	(Aug 20) LEN=40 TTL=243 ID=40900 DF TCP DPT=23 WINDOW=14600 SYN (Aug 20) LEN=40 TTL=243 ID=46167 DF TCP DPT=23 WINDOW=14600 SYN (Aug 20) LEN=40 TTL=243 ID=12774 DF TCP DPT=23 WINDOW=14600 SYN (Aug 20) LEN=40 TTL=243 ID=14021 DF TCP DPT=23 WINDOW=14600 SYN (Aug 20) LEN=40 TTL=243 ID=27039 DF TCP DPT=23 WINDOW=14600 SYN (Aug 20) LEN=40 TTL=243 ID=11720 DF TCP DPT=23 WINDOW=14600 SYN (Aug 20) LEN=40 TTL=243 ID=20328 DF TCP DPT=23 WINDOW=14600 SYN (Aug 19) LEN=40 TTL=243 ID=21924 DF TCP DPT=23 WINDOW=14600 SYN (Aug 19) LEN=40 TTL=243 ID=144 DF TCP DPT=23 WINDOW=14600 SYN (Aug 19) LEN=40 TTL=243 ID=28398 DF TCP DPT=23 WINDOW=14600 SYN (Aug 19) LEN=40 TTL=243 ID=47514 DF TCP DPT=23 WINDOW=14600 SYN	2020-08-20 21:46:16
85.209.0.100	attackspambots	Port scan - 6 hits (greater than 5)	2020-08-20 21:48:52

Recently Reported IPs

180.186.27.171	132.95.246.178	30.74.18.53	145.26.231.97
25.247.170.138	39.202.9.43	66.17.54.191	136.240.68.21
57.197.18.59	59.72.22.158	81.71.138.192	24.122.238.135
150.150.62.52	189.150.225.204	11.24.4.183	243.150.185.208
1.124.20.163	18.204.50.172	113.20.128.11	210.108.46.212