116.204.180.21

Basic Info

City: unknown

Region: unknown

Country: Thailand

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
116.204.180.202	attackspam	Sql/code injection probe	2019-08-09 10:42:39

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.204.180.21
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 54537
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;116.204.180.21.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020702 1800 900 604800 86400

;; Query time: 17 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 08 08:00:31 CST 2022
;; MSG SIZE  rcvd: 107

Host info

21.180.204.116.in-addr.arpa domain name pointer box.s-eng.co.th.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
21.180.204.116.in-addr.arpa	name = box.s-eng.co.th.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
138.68.182.179	attackbots	Sep 14 07:05:36 hcbb sshd\[4595\]: Invalid user tk from 138.68.182.179 Sep 14 07:05:36 hcbb sshd\[4595\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.182.179 Sep 14 07:05:37 hcbb sshd\[4595\]: Failed password for invalid user tk from 138.68.182.179 port 36034 ssh2 Sep 14 07:09:54 hcbb sshd\[5064\]: Invalid user userftp from 138.68.182.179 Sep 14 07:09:54 hcbb sshd\[5064\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.182.179	2019-09-15 01:56:17
42.225.142.220	attackspam	Telnetd brute force attack detected by fail2ban	2019-09-15 01:44:03
39.88.164.217	attackspam	port 23 attempt blocked	2019-09-15 01:59:17
187.190.236.88	attack	Automatic report - Banned IP Access	2019-09-15 02:02:19
60.210.216.38	attackbotsspam	" "	2019-09-15 01:21:43
149.202.52.221	attackbotsspam	Invalid user uucp from 149.202.52.221 port 48137	2019-09-15 02:07:09
222.92.189.76	attack	Sep 14 14:54:36 nextcloud sshd\[10264\]: Invalid user growl from 222.92.189.76 Sep 14 14:54:36 nextcloud sshd\[10264\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.92.189.76 Sep 14 14:54:38 nextcloud sshd\[10264\]: Failed password for invalid user growl from 222.92.189.76 port 1027 ssh2 ...	2019-09-15 02:03:05
142.93.179.95	attackbotsspam	Sep 14 13:18:19 sshgateway sshd\[4168\]: Invalid user 123 from 142.93.179.95 Sep 14 13:18:19 sshgateway sshd\[4168\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.179.95 Sep 14 13:18:21 sshgateway sshd\[4168\]: Failed password for invalid user 123 from 142.93.179.95 port 49568 ssh2	2019-09-15 01:50:23
141.255.117.205	attackbots	[Sat Sep 14 03:42:26.390279 2019] [:error] [pid 198711] [client 141.255.117.205:49892] [client 141.255.117.205] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "91"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 18)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "127.0.0.1"] [uri "/cgi-bin/ViewLog.asp"] [unique_id "XXyL0r47YKdoaUVprJ-oJQAAAAE"] ...	2019-09-15 02:14:26
183.192.243.127	attackbotsspam	Honeypot attack, port: 23, PTR: .	2019-09-15 01:19:21
141.98.80.80	attackspam	Sep 14 18:32:50 mail postfix/smtpd\[6688\]: warning: unknown\[141.98.80.80\]: SASL PLAIN authentication failed: \ Sep 14 19:04:08 mail postfix/smtpd\[7435\]: warning: unknown\[141.98.80.80\]: SASL PLAIN authentication failed: \ Sep 14 19:04:15 mail postfix/smtpd\[7435\]: warning: unknown\[141.98.80.80\]: SASL PLAIN authentication failed: \ Sep 14 19:23:03 mail postfix/smtpd\[7899\]: warning: unknown\[141.98.80.80\]: SASL PLAIN authentication failed: \	2019-09-15 01:58:37
36.227.35.40	attack	port 23 attempt blocked	2019-09-15 02:05:29
66.177.76.92	attack	port scan and connect, tcp 23 (telnet)	2019-09-15 01:47:59
36.226.70.5	attackspam	Honeypot attack, port: 23, PTR: 36-226-70-5.dynamic-ip.hinet.net.	2019-09-15 02:01:41
157.230.144.158	attackbots	Sep 14 07:29:48 web9 sshd\[25456\]: Invalid user agnieszka from 157.230.144.158 Sep 14 07:29:48 web9 sshd\[25456\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.144.158 Sep 14 07:29:50 web9 sshd\[25456\]: Failed password for invalid user agnieszka from 157.230.144.158 port 35210 ssh2 Sep 14 07:33:55 web9 sshd\[26286\]: Invalid user jetix from 157.230.144.158 Sep 14 07:33:55 web9 sshd\[26286\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.144.158	2019-09-15 01:48:52

Recently Reported IPs

124.121.115.253	222.121.212.73	40.65.181.69	183.188.247.207
103.147.92.254	120.57.214.52	106.124.154.131	102.219.208.34
45.115.209.64	103.58.145.106	189.179.24.176	180.250.153.130
69.202.209.7	217.116.58.152	52.149.135.39	187.106.83.146
122.51.15.197	212.93.112.56	195.123.228.242	77.54.241.128