116.68.157.112

Basic Info

City: unknown

Region: unknown

Country: Thailand

Internet Service Provider: NTT (Thailand) Limited

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	2020-05-10T20:47:48.902565shield sshd\[4830\]: Invalid user admin from 116.68.157.112 port 33968 2020-05-10T20:47:48.907084shield sshd\[4830\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.68.157.112 2020-05-10T20:47:51.265670shield sshd\[4830\]: Failed password for invalid user admin from 116.68.157.112 port 33968 ssh2 2020-05-10T20:50:38.474292shield sshd\[5692\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.68.157.112 user=root 2020-05-10T20:50:39.834629shield sshd\[5692\]: Failed password for root from 116.68.157.112 port 45448 ssh2	2020-05-11 05:01:17

Type

Details

Datetime

attack

2020-05-10T20:47:48.902565shield sshd\[4830\]: Invalid user admin from 116.68.157.112 port 33968
2020-05-10T20:47:48.907084shield sshd\[4830\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.68.157.112
2020-05-10T20:47:51.265670shield sshd\[4830\]: Failed password for invalid user admin from 116.68.157.112 port 33968 ssh2
2020-05-10T20:50:38.474292shield sshd\[5692\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.68.157.112  user=root
2020-05-10T20:50:39.834629shield sshd\[5692\]: Failed password for root from 116.68.157.112 port 45448 ssh2

2020-05-11 05:01:17

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.68.157.112
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6569
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;116.68.157.112.			IN	A

;; AUTHORITY SECTION:
.			398	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020051001 1800 900 604800 86400

;; Query time: 134 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon May 11 05:01:14 CST 2020
;; MSG SIZE  rcvd: 118

Host info

112.157.68.116.in-addr.arpa domain name pointer ppp-116.68.157.112.revip.NTT.CO.TH.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
112.157.68.116.in-addr.arpa	name = ppp-116.68.157.112.revip.NTT.CO.TH.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
104.128.90.118	attackbotsspam	Jul 16 14:29:50 ns3164893 sshd[14470]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.128.90.118 Jul 16 14:29:51 ns3164893 sshd[14470]: Failed password for invalid user web from 104.128.90.118 port 55810 ssh2 ...	2020-07-16 21:24:10
219.136.249.151	attackspambots	SSH Brute-Force. Ports scanning.	2020-07-16 21:36:52
150.95.31.150	attack	Jul 16 15:16:11 piServer sshd[25992]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.95.31.150 Jul 16 15:16:14 piServer sshd[25992]: Failed password for invalid user swt from 150.95.31.150 port 48086 ssh2 Jul 16 15:21:00 piServer sshd[26545]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.95.31.150 ...	2020-07-16 22:24:06
45.171.237.37	attackspam	1591815071 - 06/10/2020 20:51:11 Host: 45.171.237.37/45.171.237.37 Port: 445 TCP Blocked	2020-07-16 22:15:33
20.50.53.234	attack	Jul 16 13:18:30 IngegnereFirenze sshd[22537]: User root from 20.50.53.234 not allowed because not listed in AllowUsers ...	2020-07-16 21:29:00
164.132.47.139	attack	Jul 16 15:37:19 piServer sshd[28188]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.132.47.139 Jul 16 15:37:21 piServer sshd[28188]: Failed password for invalid user yang from 164.132.47.139 port 44160 ssh2 Jul 16 15:41:28 piServer sshd[28744]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.132.47.139 ...	2020-07-16 22:25:48
222.186.175.215	attack	Jul 16 15:23:56 abendstille sshd\[20056\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.215 user=root Jul 16 15:23:56 abendstille sshd\[20045\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.215 user=root Jul 16 15:23:57 abendstille sshd\[20056\]: Failed password for root from 222.186.175.215 port 10018 ssh2 Jul 16 15:23:58 abendstille sshd\[20045\]: Failed password for root from 222.186.175.215 port 24484 ssh2 Jul 16 15:24:01 abendstille sshd\[20056\]: Failed password for root from 222.186.175.215 port 10018 ssh2 ...	2020-07-16 21:27:48
183.88.243.127	attack	Unauthorized SMTP/IMAP/POP3 connection attempt	2020-07-16 22:22:41
208.5.129.6	attackbotsspam	Unauthorized connection attempt detected from IP address 208.5.129.6 to port 445	2020-07-16 22:18:34
65.50.209.87	attackbotsspam	Jul 16 14:42:25 pve1 sshd[24131]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=65.50.209.87 Jul 16 14:42:27 pve1 sshd[24131]: Failed password for invalid user sin from 65.50.209.87 port 41326 ssh2 ...	2020-07-16 21:24:50
61.216.131.31	attackbots	Jul 16 13:45:20 vps sshd[13310]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.216.131.31 Jul 16 13:45:22 vps sshd[13310]: Failed password for invalid user jomar from 61.216.131.31 port 36838 ssh2 Jul 16 13:53:32 vps sshd[13696]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.216.131.31 ...	2020-07-16 21:34:21
123.55.73.209	attack	Jul 16 03:31:28 Tower sshd[16382]: Connection from 123.55.73.209 port 39282 on 192.168.10.220 port 22 rdomain "" Jul 16 03:31:30 Tower sshd[16382]: Invalid user vds from 123.55.73.209 port 39282 Jul 16 03:31:30 Tower sshd[16382]: error: Could not get shadow information for NOUSER Jul 16 03:31:30 Tower sshd[16382]: Failed password for invalid user vds from 123.55.73.209 port 39282 ssh2 Jul 16 03:31:33 Tower sshd[16382]: Received disconnect from 123.55.73.209 port 39282:11: Bye Bye [preauth] Jul 16 03:31:33 Tower sshd[16382]: Disconnected from invalid user vds 123.55.73.209 port 39282 [preauth]	2020-07-16 22:28:17
190.145.81.37	attack	Invalid user abcd from 190.145.81.37 port 35341	2020-07-16 22:21:24
51.11.140.37	attackspambots	$f2bV_matches	2020-07-16 21:26:53
51.159.59.19	attackbotsspam	Jul 16 15:12:43 rancher-0 sshd[375654]: Invalid user mailadmin from 51.159.59.19 port 42400 Jul 16 15:12:45 rancher-0 sshd[375654]: Failed password for invalid user mailadmin from 51.159.59.19 port 42400 ssh2 ...	2020-07-16 22:25:14

Recently Reported IPs

14.161.4.53	94.249.80.147	113.22.148.35	118.166.40.152
42.84.165.99	125.79.9.161	161.35.129.42	49.36.14.231
2.94.202.75	85.105.179.90	157.245.67.249	190.219.229.255
119.189.97.39	167.86.120.118	89.32.165.111	76.38.21.66
2.87.209.136	1.169.146.205	178.234.77.145	171.15.4.163