116.68.160.18 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Indonesia

Internet Service Provider: PT Sumber Data Indonesia

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Request: "GET / HTTP/1.1"	2019-06-22 09:06:39

Comments on same subnet:

IP	Type	Details	Datetime
116.68.160.114	attackbotsspam	$f2bV_matches	2020-10-04 03:46:16
116.68.160.114	attackbots	Invalid user spark from 116.68.160.114 port 42784	2020-10-03 19:45:46
116.68.160.114	attackspambots	Oct 1 20:20:06 vps208890 sshd[143938]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.68.160.114	2020-10-02 02:24:44
116.68.160.114	attack	Oct 1 11:07:43 ajax sshd[5515]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.68.160.114 Oct 1 11:07:46 ajax sshd[5515]: Failed password for invalid user f from 116.68.160.114 port 48590 ssh2	2020-10-01 18:34:05
116.68.160.114	attackbotsspam	Sep 25 22:24:43 scw-focused-cartwright sshd[4669]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.68.160.114 Sep 25 22:24:45 scw-focused-cartwright sshd[4669]: Failed password for invalid user Test from 116.68.160.114 port 46802 ssh2	2020-09-26 06:32:44
116.68.160.114	attackbotsspam	SSH Honeypot -> SSH Bruteforce / Login	2020-09-25 23:35:30
116.68.160.114	attack	Sep 25 07:03:03 gitlab sshd[1050860]: Failed password for root from 116.68.160.114 port 40474 ssh2 Sep 25 07:05:37 gitlab sshd[1051241]: Invalid user yang from 116.68.160.114 port 51104 Sep 25 07:05:37 gitlab sshd[1051241]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.68.160.114 Sep 25 07:05:37 gitlab sshd[1051241]: Invalid user yang from 116.68.160.114 port 51104 Sep 25 07:05:39 gitlab sshd[1051241]: Failed password for invalid user yang from 116.68.160.114 port 51104 ssh2 ...	2020-09-25 15:14:13
116.68.160.114	attackspambots	Invalid user plex from 116.68.160.114 port 35256	2020-09-17 20:11:27
116.68.160.114	attack	Sep 17 04:03:27 web8 sshd\[21908\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.68.160.114 user=root Sep 17 04:03:29 web8 sshd\[21908\]: Failed password for root from 116.68.160.114 port 55228 ssh2 Sep 17 04:07:46 web8 sshd\[23936\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.68.160.114 user=root Sep 17 04:07:48 web8 sshd\[23936\]: Failed password for root from 116.68.160.114 port 36528 ssh2 Sep 17 04:12:11 web8 sshd\[26190\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.68.160.114 user=root	2020-09-17 12:21:50
116.68.160.114	attack	Sep 13 20:14:09 srv-ubuntu-dev3 sshd[36919]: Invalid user admin from 116.68.160.114 Sep 13 20:14:09 srv-ubuntu-dev3 sshd[36919]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.68.160.114 Sep 13 20:14:09 srv-ubuntu-dev3 sshd[36919]: Invalid user admin from 116.68.160.114 Sep 13 20:14:12 srv-ubuntu-dev3 sshd[36919]: Failed password for invalid user admin from 116.68.160.114 port 53668 ssh2 Sep 13 20:15:32 srv-ubuntu-dev3 sshd[37138]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.68.160.114 user=root Sep 13 20:15:34 srv-ubuntu-dev3 sshd[37138]: Failed password for root from 116.68.160.114 port 44248 ssh2 Sep 13 20:16:58 srv-ubuntu-dev3 sshd[37311]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.68.160.114 user=root Sep 13 20:17:01 srv-ubuntu-dev3 sshd[37311]: Failed password for root from 116.68.160.114 port 34828 ssh2 Sep 13 20:18:24 srv-ubuntu-dev3 ss ...	2020-09-14 02:19:18
116.68.160.114	attack	SSH/22 MH Probe, BF, Hack -	2020-09-13 18:16:41
116.68.160.214	attack	Aug 29 13:27:26 mockhub sshd[21962]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.68.160.214 Aug 29 13:27:28 mockhub sshd[21962]: Failed password for invalid user hzh from 116.68.160.214 port 42292 ssh2 ...	2020-08-30 05:27:45
116.68.160.114	attack	Port Scan detected from 116.68.160.114 (ID/Indonesia/Jakarta/Pancoran/-). 4 hits in the last 195 seconds	2020-08-29 04:17:15
116.68.160.214	attack	Aug 25 05:12:48 serwer sshd\[25803\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.68.160.214 user=root Aug 25 05:12:50 serwer sshd\[25803\]: Failed password for root from 116.68.160.214 port 53534 ssh2 Aug 25 05:19:19 serwer sshd\[31698\]: Invalid user mj from 116.68.160.214 port 58576 Aug 25 05:19:19 serwer sshd\[31698\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.68.160.214 ...	2020-08-26 01:44:45
116.68.160.214	attackspambots	SSH auth scanning - multiple failed logins	2020-08-17 00:49:40

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.68.160.18
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 8147
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;116.68.160.18.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019062200 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Jun 22 09:06:34 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 18.160.68.116.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 67.207.67.2, trying next server
Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 18.160.68.116.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
212.70.149.19	attackspambots	Aug 3 18:10:58 relay postfix/smtpd\[21447\]: warning: unknown\[212.70.149.19\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 3 18:11:13 relay postfix/smtpd\[24647\]: warning: unknown\[212.70.149.19\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 3 18:11:20 relay postfix/smtpd\[30462\]: warning: unknown\[212.70.149.19\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 3 18:11:35 relay postfix/smtpd\[24647\]: warning: unknown\[212.70.149.19\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 3 18:11:43 relay postfix/smtpd\[30462\]: warning: unknown\[212.70.149.19\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-08-04 00:23:31
218.22.36.135	attack	Aug 3 15:24:39 root sshd[7307]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.22.36.135 user=root Aug 3 15:24:42 root sshd[7307]: Failed password for root from 218.22.36.135 port 19590 ssh2 ...	2020-08-03 23:57:26
187.189.241.135	attack	Aug 3 07:36:48 pixelmemory sshd[3307879]: Failed password for root from 187.189.241.135 port 52996 ssh2 Aug 3 07:40:01 pixelmemory sshd[3314951]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.189.241.135 user=root Aug 3 07:40:03 pixelmemory sshd[3314951]: Failed password for root from 187.189.241.135 port 52639 ssh2 Aug 3 07:43:14 pixelmemory sshd[3337730]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.189.241.135 user=root Aug 3 07:43:16 pixelmemory sshd[3337730]: Failed password for root from 187.189.241.135 port 55793 ssh2 ...	2020-08-03 23:54:13
190.78.45.159	attackbots	1596457492 - 08/03/2020 14:24:52 Host: 190.78.45.159/190.78.45.159 Port: 445 TCP Blocked	2020-08-03 23:50:35
120.24.249.10	attackspambots	Port probing on unauthorized port 8080	2020-08-03 23:49:47
119.47.90.197	attackspam	Aug 3 15:17:43 scw-tender-jepsen sshd[5153]: Failed password for root from 119.47.90.197 port 59992 ssh2	2020-08-04 00:14:33
2.187.78.36	attackbots	Tried our host z.	2020-08-04 00:02:26
167.172.186.32	attackspambots	167.172.186.32 - - [03/Aug/2020:15:27:01 +0100] "POST /wp-login.php HTTP/1.1" 200 1996 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 167.172.186.32 - - [03/Aug/2020:15:27:03 +0100] "POST /wp-login.php HTTP/1.1" 200 2000 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 167.172.186.32 - - [03/Aug/2020:15:27:04 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-03 23:45:45
34.91.145.211	attack	php WP PHPmyadamin ABUSE blocked for 12h	2020-08-04 00:19:50
124.109.55.225	attack	Icarus honeypot on github	2020-08-04 00:14:12
39.104.56.138	attack	Lines containing failures of 39.104.56.138 Aug 3 02:24:01 penfold sshd[4737]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=39.104.56.138 user=r.r Aug 3 02:24:03 penfold sshd[4737]: Failed password for r.r from 39.104.56.138 port 37288 ssh2 Aug 3 02:24:05 penfold sshd[4737]: Received disconnect from 39.104.56.138 port 37288:11: Bye Bye [preauth] Aug 3 02:24:05 penfold sshd[4737]: Disconnected from authenticating user r.r 39.104.56.138 port 37288 [preauth] Aug 3 02:38:27 penfold sshd[5759]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=39.104.56.138 user=r.r Aug 3 02:38:29 penfold sshd[5759]: Failed password for r.r from 39.104.56.138 port 59302 ssh2 Aug 3 02:38:32 penfold sshd[5759]: Received disconnect from 39.104.56.138 port 59302:11: Bye Bye [preauth] Aug 3 02:38:32 penfold sshd[5759]: Disconnected from authenticating user r.r 39.104.56.138 port 59302 [preauth] Aug 3 02:40:2........ ------------------------------	2020-08-04 00:03:20
189.39.120.2	attackspam	Aug 3 16:02:37 web sshd[122058]: Failed password for root from 189.39.120.2 port 32906 ssh2 Aug 3 16:07:18 web sshd[122063]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.39.120.2 user=root Aug 3 16:07:20 web sshd[122063]: Failed password for root from 189.39.120.2 port 43460 ssh2 ...	2020-08-03 23:43:42
160.16.127.211	attackbots	2020-08-03T15:07:26.921805shield sshd\[4418\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=tk2-239-29457.vs.sakura.ne.jp user=root 2020-08-03T15:07:28.326328shield sshd\[4418\]: Failed password for root from 160.16.127.211 port 45808 ssh2 2020-08-03T15:08:23.409570shield sshd\[4757\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=tk2-239-29457.vs.sakura.ne.jp user=root 2020-08-03T15:08:24.970134shield sshd\[4757\]: Failed password for root from 160.16.127.211 port 59338 ssh2 2020-08-03T15:09:20.851325shield sshd\[5073\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=tk2-239-29457.vs.sakura.ne.jp user=root	2020-08-03 23:46:23
64.225.64.215	attackbotsspam	Aug 3 15:15:58 OPSO sshd\[32448\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=64.225.64.215 user=root Aug 3 15:16:01 OPSO sshd\[32448\]: Failed password for root from 64.225.64.215 port 60226 ssh2 Aug 3 15:19:59 OPSO sshd\[342\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=64.225.64.215 user=root Aug 3 15:20:01 OPSO sshd\[342\]: Failed password for root from 64.225.64.215 port 44360 ssh2 Aug 3 15:24:06 OPSO sshd\[1152\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=64.225.64.215 user=root	2020-08-03 23:57:43
106.12.217.176	attackspam	Aug 3 15:14:32 lukav-desktop sshd\[31114\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.217.176 user=root Aug 3 15:14:34 lukav-desktop sshd\[31114\]: Failed password for root from 106.12.217.176 port 34816 ssh2 Aug 3 15:19:31 lukav-desktop sshd\[31176\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.217.176 user=root Aug 3 15:19:33 lukav-desktop sshd\[31176\]: Failed password for root from 106.12.217.176 port 38160 ssh2 Aug 3 15:24:24 lukav-desktop sshd\[31256\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.217.176 user=root	2020-08-04 00:15:10

Recently Reported IPs

14.29.208.72	75.119.200.127	136.243.0.93	73.219.146.218
150.95.104.187	58.177.174.150	242.212.12.10	119.81.84.152
188.94.248.181	80.21.154.26	179.183.180.170	191.100.8.134
235.93.193.98	58.3.251.178	63.143.52.86	218.43.242.171
41.75.112.113	151.51.104.29	80.44.119.68	177.11.188.52