116.248.172.68

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
116.248.172.135	attackspambots	port scan and connect, tcp 1433 (ms-sql-s)	2020-09-18 00:30:11
116.248.172.135	attack	port scan and connect, tcp 1433 (ms-sql-s)	2020-09-17 16:31:59
116.248.172.135	attackspam	port scan and connect, tcp 1433 (ms-sql-s)	2020-09-17 07:37:13
116.248.172.241	attackspambots	ET SCAN Suspicious inbound to MSSQL port 1433 - port: 1433 proto: tcp cat: Potentially Bad Trafficbytes: 60	2020-08-11 07:09:46
116.248.172.40	attackspam	port scan and connect, tcp 1433 (ms-sql-s)	2019-11-03 17:07:21

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.248.172.68
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55804
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;116.248.172.68.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021300 1800 900 604800 86400

;; Query time: 93 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 13 13:52:21 CST 2022
;; MSG SIZE  rcvd: 107

Host info

b';; connection timed out; no servers could be reached
'

Nslookup info:

server can't find 116.248.172.68.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
154.28.188.38	attack	Tried to log in to my qnap nas too. Blocked the whole ip range. He has been trying from another IP from the 154.28.188.--- range a few days ago.	2020-08-04 04:51:22
222.186.30.167	attack	Aug 3 20:47:41 rush sshd[25635]: Failed password for root from 222.186.30.167 port 56923 ssh2 Aug 3 20:47:43 rush sshd[25635]: Failed password for root from 222.186.30.167 port 56923 ssh2 Aug 3 20:47:45 rush sshd[25635]: Failed password for root from 222.186.30.167 port 56923 ssh2 ...	2020-08-04 04:47:56
222.186.180.142	attackbotsspam	Aug 3 23:22:10 minden010 sshd[16830]: Failed password for root from 222.186.180.142 port 37288 ssh2 Aug 3 23:22:19 minden010 sshd[16881]: Failed password for root from 222.186.180.142 port 18096 ssh2 ...	2020-08-04 05:22:47
45.187.192.1	attackspam	bruteforce detected	2020-08-04 04:56:41
82.65.27.68	attackspambots	Brute-force attempt banned	2020-08-04 05:09:26
212.70.149.82	attack	Brute force password guessing	2020-08-04 04:55:05
103.47.173.115	attackbotsspam	20/8/3@16:37:46: FAIL: IoT-Telnet address from=103.47.173.115 ...	2020-08-04 04:53:03
120.133.1.16	attack	2020-08-03T20:33:04.804864shield sshd\[21483\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.133.1.16 user=root 2020-08-03T20:33:06.429598shield sshd\[21483\]: Failed password for root from 120.133.1.16 port 39636 ssh2 2020-08-03T20:37:29.348740shield sshd\[21906\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.133.1.16 user=root 2020-08-03T20:37:31.018797shield sshd\[21906\]: Failed password for root from 120.133.1.16 port 35950 ssh2 2020-08-03T20:41:26.514117shield sshd\[22378\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.133.1.16 user=root	2020-08-04 04:50:23
91.222.59.14	attackbotsspam	(smtpauth) Failed SMTP AUTH login from 91.222.59.14 (PL/Poland/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-08-04 01:07:21 plain authenticator failed for ([91.222.59.14]) [91.222.59.14]: 535 Incorrect authentication data (set_id=rd)	2020-08-04 05:08:49
173.236.193.73	attack	173.236.193.73 - - [03/Aug/2020:22:37:37 +0200] "GET /wp-login.php HTTP/1.1" 200 6398 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 173.236.193.73 - - [03/Aug/2020:22:37:39 +0200] "POST /wp-login.php HTTP/1.1" 200 6649 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 173.236.193.73 - - [03/Aug/2020:22:37:40 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-04 04:57:29
222.139.245.70	attack	Aug 3 22:33:34 Ubuntu-1404-trusty-64-minimal sshd\[29104\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.139.245.70 user=root Aug 3 22:33:35 Ubuntu-1404-trusty-64-minimal sshd\[29104\]: Failed password for root from 222.139.245.70 port 41648 ssh2 Aug 3 22:43:32 Ubuntu-1404-trusty-64-minimal sshd\[2375\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.139.245.70 user=root Aug 3 22:43:34 Ubuntu-1404-trusty-64-minimal sshd\[2375\]: Failed password for root from 222.139.245.70 port 55426 ssh2 Aug 3 22:48:15 Ubuntu-1404-trusty-64-minimal sshd\[4694\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.139.245.70 user=root	2020-08-04 05:13:52
188.170.13.225	attackbots	Aug 3 21:49:26 rocket sshd[31466]: Failed password for root from 188.170.13.225 port 60194 ssh2 Aug 3 21:53:15 rocket sshd[32171]: Failed password for root from 188.170.13.225 port 42630 ssh2 ...	2020-08-04 04:55:38
158.69.35.227	attackspambots	Aug 4 01:37:37 gw1 sshd[22890]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=158.69.35.227 Aug 4 01:37:38 gw1 sshd[22890]: Failed password for invalid user admin from 158.69.35.227 port 44291 ssh2 ...	2020-08-04 04:59:57
58.210.180.180	attack	2020-08-03T20:37:43.919378shield sshd\[21954\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.210.180.180 user=root 2020-08-03T20:37:45.845293shield sshd\[21954\]: Failed password for root from 58.210.180.180 port 38148 ssh2 2020-08-03T20:37:47.610097shield sshd\[21956\]: Invalid user DUP from 58.210.180.180 port 38398 2020-08-03T20:37:47.619089shield sshd\[21956\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.210.180.180 2020-08-03T20:37:49.429207shield sshd\[21956\]: Failed password for invalid user DUP from 58.210.180.180 port 38398 ssh2	2020-08-04 04:51:42
198.46.214.3	attackspam	10,31-07/07 [bc04/m145] PostRequest-Spammer scoring: vaduz	2020-08-04 05:03:36

Recently Reported IPs

116.249.34.223	116.25.132.27	116.24.80.250	116.249.73.229
116.249.91.182	116.25.107.250	116.25.224.94	116.25.135.135
116.249.62.86	116.25.226.164	116.25.107.70	116.251.39.153
116.25.227.51	116.25.238.132	116.252.169.245	116.25.39.191
116.254.119.130	116.252.234.236	116.253.138.122	116.26.207.245