111.68.104.130

Basic Info

City: unknown

Region: unknown

Country: Pakistan

Internet Service Provider: Pern IP Allocation

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Dec 4 13:38:55 zeus sshd[25996]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.68.104.130 Dec 4 13:38:57 zeus sshd[25996]: Failed password for invalid user guest from 111.68.104.130 port 24925 ssh2 Dec 4 13:45:34 zeus sshd[26268]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.68.104.130 Dec 4 13:45:36 zeus sshd[26268]: Failed password for invalid user bss from 111.68.104.130 port 64199 ssh2	2019-12-04 21:56:40
attackspambots	Nov 14 11:24:34 eventyay sshd[13496]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.68.104.130 Nov 14 11:24:35 eventyay sshd[13496]: Failed password for invalid user ts3user from 111.68.104.130 port 60248 ssh2 Nov 14 11:30:21 eventyay sshd[13546]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.68.104.130 ...	2019-11-14 20:16:36
attack	Nov 13 23:52:08 TORMINT sshd\[29547\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.68.104.130 user=root Nov 13 23:52:10 TORMINT sshd\[29547\]: Failed password for root from 111.68.104.130 port 51701 ssh2 Nov 13 23:56:49 TORMINT sshd\[29851\]: Invalid user masae from 111.68.104.130 Nov 13 23:56:49 TORMINT sshd\[29851\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.68.104.130 ...	2019-11-14 13:19:12
attackbots	2019-11-07T08:37:24.325616abusebot-4.cloudsearch.cf sshd\[4851\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.68.104.130 user=root	2019-11-07 16:43:39
attackbots	Oct 21 06:09:54 lnxweb62 sshd[7920]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.68.104.130 Oct 21 06:09:54 lnxweb62 sshd[7920]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.68.104.130	2019-10-21 17:48:57
attack	Oct 19 20:34:44 kapalua sshd\[24380\]: Invalid user yangyb from 111.68.104.130 Oct 19 20:34:44 kapalua sshd\[24380\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.68.104.130 Oct 19 20:34:46 kapalua sshd\[24380\]: Failed password for invalid user yangyb from 111.68.104.130 port 49517 ssh2 Oct 19 20:39:25 kapalua sshd\[24883\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.68.104.130 user=root Oct 19 20:39:27 kapalua sshd\[24883\]: Failed password for root from 111.68.104.130 port 5948 ssh2	2019-10-20 18:21:52
attackspambots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/111.68.104.130/ PK - 1H : (15) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : PK NAME ASN : ASN45773 IP : 111.68.104.130 CIDR : 111.68.104.0/24 PREFIX COUNT : 39 UNIQUE IP COUNT : 10240 WYKRYTE ATAKI Z ASN45773 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 DateTime : 2019-10-18 13:44:22 INFO : Port SSH 22 Scan Detected and Blocked by ADMIN - data recovery	2019-10-18 20:33:42
attackbotsspam	Sep 30 21:17:11 nandi sshd[22349]: reveeclipse mapping checking getaddrinfo for noc-ip-phone.uog.edu.pk [111.68.104.130] failed - POSSIBLE BREAK-IN ATTEMPT! Sep 30 21:17:11 nandi sshd[22349]: Invalid user ftpadmin from 111.68.104.130 Sep 30 21:17:11 nandi sshd[22349]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.68.104.130 Sep 30 21:17:13 nandi sshd[22349]: Failed password for invalid user ftpadmin from 111.68.104.130 port 27452 ssh2 Sep 30 21:17:13 nandi sshd[22349]: Received disconnect from 111.68.104.130: 11: Bye Bye [preauth] Sep 30 21:22:47 nandi sshd[26402]: reveeclipse mapping checking getaddrinfo for noc-ip-phone.uog.edu.pk [111.68.104.130] failed - POSSIBLE BREAK-IN ATTEMPT! Sep 30 21:22:47 nandi sshd[26402]: Invalid user n from 111.68.104.130 Sep 30 21:22:47 nandi sshd[26402]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.68.104.130 Sep 30 21:22:50 nandi sshd[26402]:........ -------------------------------	2019-10-01 17:59:37

Comments on same subnet:

IP	Type	Details	Datetime
111.68.104.156	attack	May 4 07:01:55 piServer sshd[1734]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.68.104.156 May 4 07:01:57 piServer sshd[1734]: Failed password for invalid user materna from 111.68.104.156 port 21477 ssh2 May 4 07:06:08 piServer sshd[2242]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.68.104.156 ...	2020-05-04 13:12:35
111.68.104.156	attack	Invalid user ji from 111.68.104.156 port 3455	2020-04-24 07:33:07
111.68.104.156	attack	Apr 11 13:14:30 vps647732 sshd[9903]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.68.104.156 Apr 11 13:14:32 vps647732 sshd[9903]: Failed password for invalid user dylan from 111.68.104.156 port 62244 ssh2 ...	2020-04-11 19:38:05
111.68.104.156	attack	Apr 10 12:08:31 host01 sshd[6274]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.68.104.156 Apr 10 12:08:33 host01 sshd[6274]: Failed password for invalid user student from 111.68.104.156 port 13794 ssh2 Apr 10 12:12:44 host01 sshd[7300]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.68.104.156 ...	2020-04-10 18:21:10
111.68.104.156	attackbotsspam	Apr 9 21:50:15 vps647732 sshd[32365]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.68.104.156 Apr 9 21:50:17 vps647732 sshd[32365]: Failed password for invalid user avis from 111.68.104.156 port 52361 ssh2 ...	2020-04-10 04:57:46
111.68.104.156	attackspambots	Fail2Ban - SSH Bruteforce Attempt	2020-04-03 01:12:09
111.68.104.156	attackspambots	Invalid user dcl from 111.68.104.156 port 47571	2020-03-30 15:13:18
111.68.104.156	attackbots	Invalid user wink from 111.68.104.156 port 31495	2020-03-27 19:14:43
111.68.104.156	attackspam	Dec 18 20:26:42 woltan sshd[28711]: Failed password for invalid user kamilatos from 111.68.104.156 port 31967 ssh2	2020-03-10 06:34:54
111.68.104.152	attackbotsspam	Feb 17 13:38:08 *** sshd[19664]: Did not receive identification string from 111.68.104.152	2020-02-17 23:42:50
111.68.104.156	attackspam	2020-02-08T22:40:19.206190-07:00 suse-nuc sshd[9972]: Invalid user akn from 111.68.104.156 port 61915 ...	2020-02-09 19:50:09
111.68.104.156	attackbots	Invalid user yong from 111.68.104.156 port 13761	2020-02-02 08:17:24
111.68.104.156	attackspambots	Too many connections or unauthorized access detected from Arctic banned ip	2020-01-04 20:37:00
111.68.104.156	attackbotsspam	Dec 31 15:47:36 MK-Soft-Root1 sshd[31928]: Failed password for lp from 111.68.104.156 port 27031 ssh2 Dec 31 15:51:20 MK-Soft-Root1 sshd[32734]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.68.104.156 ...	2020-01-01 00:52:43
111.68.104.156	attackbotsspam	Invalid user weiskotten from 111.68.104.156 port 45097	2019-12-27 22:47:18

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 111.68.104.130
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55674
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;111.68.104.130.			IN	A

;; AUTHORITY SECTION:
.			452	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019100101 1800 900 604800 86400

;; Query time: 55 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Oct 01 17:59:34 CST 2019
;; MSG SIZE  rcvd: 118

Host info

130.104.68.111.in-addr.arpa domain name pointer noc-ip-phone.uog.edu.pk.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
130.104.68.111.in-addr.arpa	name = noc-ip-phone.uog.edu.pk.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
68.183.221.157	attackspambots	Aug 18 21:15:07 dev0-dcde-rnet sshd[17478]: Failed password for root from 68.183.221.157 port 58840 ssh2 Aug 18 21:22:18 dev0-dcde-rnet sshd[17520]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.221.157 Aug 18 21:22:20 dev0-dcde-rnet sshd[17520]: Failed password for invalid user stefan from 68.183.221.157 port 51748 ssh2	2020-08-19 03:24:58
77.45.84.153	attackbotsspam	Unauthorized connection attempt IP: 77.45.84.153 Ports affected Message Submission (587) Abuse Confidence rating 45% Found in DNSBL('s) ASN Details AS35191 Asta-net S.A. Poland (PL) CIDR 77.45.0.0/17 Log Date: 18/08/2020 11:51:51 AM UTC	2020-08-19 03:05:13
195.54.160.21	attackspam	firewall-block, port(s): 8081/tcp	2020-08-19 03:07:14
188.166.21.197	attackspambots	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-08-18T18:44:03Z and 2020-08-18T18:51:26Z	2020-08-19 03:37:48
106.54.255.57	attackbots	Brute-force attempt banned	2020-08-19 03:21:44
103.16.69.250	attack	Unauthorized connection attempt from IP address 103.16.69.250 on Port 445(SMB)	2020-08-19 03:20:02
186.211.209.82	attackbots	Unauthorised access (Aug 18) SRC=186.211.209.82 LEN=52 PREC=0x20 TTL=117 ID=30223 DF TCP DPT=445 WINDOW=8192 SYN	2020-08-19 03:00:59
84.248.91.52	attackbotsspam	SSH login attempts.	2020-08-19 03:22:15
160.153.147.143	attack	Automatic report - Banned IP Access	2020-08-19 03:06:56
187.188.104.30	attackbotsspam	Aug 18 20:55:36 hidden sshd[14041]: Invalid user factorio from 187.188.104.30 port 38874 Aug 18 20:55:36 hidden sshd[14041]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.188.104.30 Aug 18 20:55:38 hidden sshd[14041]: Failed password for invalid user factorio from 187.188.104.30 port 38874 ssh2	2020-08-19 03:34:32
185.176.27.190	attackbotsspam	firewall-block, port(s): 58171/tcp	2020-08-19 03:11:40
178.62.0.215	attackspam	Aug 18 21:02:03 PorscheCustomer sshd[32118]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.0.215 Aug 18 21:02:05 PorscheCustomer sshd[32118]: Failed password for invalid user testuser from 178.62.0.215 port 33434 ssh2 Aug 18 21:05:22 PorscheCustomer sshd[32245]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.0.215 ...	2020-08-19 03:06:36
183.136.148.202	attackspam	Unauthorised access (Aug 18) SRC=183.136.148.202 LEN=40 TTL=241 ID=7320 TCP DPT=1433 WINDOW=1024 SYN	2020-08-19 03:20:38
106.54.17.235	attackbots	Bruteforce detected by fail2ban	2020-08-19 03:08:01
170.130.165.134	attack	IP: 170.130.165.134 Ports affected Simple Mail Transfer (25) Abuse Confidence rating 20% Found in DNSBL('s) ASN Details AS62904 EONIX-COMMUNICATIONS-ASBLOCK-62904 United States (US) CIDR 170.130.160.0/21 Log Date: 18/08/2020 11:55:02 AM UTC	2020-08-19 03:21:01

Recently Reported IPs

125.27.137.177	42.112.255.9	54.69.184.224	193.35.155.4
91.217.109.246	77.204.75.93	125.77.112.93	139.231.29.17
182.224.182.184	183.189.154.154	109.26.78.142	23.172.25.30
103.249.211.172	45.53.183.38	155.84.205.90	193.140.187.110
93.233.116.152	46.13.81.138	61.204.19.239	217.28.192.44