117.68.194.142

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
117.68.194.93	attackbotsspam	Brute force blocker - service: proftpd1 - aantal: 155 - Fri Apr 13 21:55:14 2018	2020-03-09 04:13:50
117.68.194.123	spamattack	[2020/02/26 08:52:54] [117.68.194.123:2100-0] User joseph@luxnetcorp.com.tw AUTH fails. [2020/02/26 08:52:55] [117.68.194.123:2099-0] User joseph@luxnetcorp.com.tw AUTH fails. [2020/02/26 08:52:55] [117.68.194.123:2102-0] User joseph@luxnetcorp.com.tw AUTH fails. [2020/02/26 08:52:56] [117.68.194.123:2099-0] User joseph@luxnetcorp.com.tw AUTH fails. [2020/02/26 08:52:56] [117.68.194.123:2102-0] User joseph@luxnetcorp.com.tw AUTH fails.	2020-02-26 09:20:39
117.68.194.224	attack	MAIL: User Login Brute Force Attempt	2020-01-25 04:16:53

Type

Details

Datetime

117.68.194.93

attackbotsspam

Brute force blocker - service: proftpd1 - aantal: 155 - Fri Apr 13 21:55:14 2018

2020-03-09 04:13:50

117.68.194.123

spamattack

[2020/02/26 08:52:54] [117.68.194.123:2100-0] User joseph@luxnetcorp.com.tw AUTH fails.
[2020/02/26 08:52:55] [117.68.194.123:2099-0] User joseph@luxnetcorp.com.tw AUTH fails.
[2020/02/26 08:52:55] [117.68.194.123:2102-0] User joseph@luxnetcorp.com.tw AUTH fails.
[2020/02/26 08:52:56] [117.68.194.123:2099-0] User joseph@luxnetcorp.com.tw AUTH fails.
[2020/02/26 08:52:56] [117.68.194.123:2102-0] User joseph@luxnetcorp.com.tw AUTH fails.

2020-02-26 09:20:39

117.68.194.224

attack

MAIL: User Login Brute Force Attempt

2020-01-25 04:16:53

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 117.68.194.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44637
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;117.68.194.142.			IN	A

;; AUTHORITY SECTION:
.			515	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022030400 1800 900 604800 86400

;; Query time: 15 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Mar 04 22:21:55 CST 2022
;; MSG SIZE  rcvd: 107

Host info

Host 142.194.68.117.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 142.194.68.117.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
118.24.98.48	attackbotsspam	2019-08-10T04:47:32.977334abusebot-6.cloudsearch.cf sshd\[670\]: Invalid user elasticsearch from 118.24.98.48 port 54256	2019-08-10 12:58:08
41.214.139.226	attackbotsspam	Aug 10 06:18:13 dedicated sshd[15875]: Invalid user i-heart from 41.214.139.226 port 56056	2019-08-10 12:53:07
49.69.171.22	attackspam	$f2bV_matches	2019-08-10 13:01:13
68.183.217.198	attack	www.ft-1848-basketball.de 68.183.217.198 \[10/Aug/2019:04:43:47 +0200\] "POST /wp-login.php HTTP/1.1" 200 2172 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" www.ft-1848-basketball.de 68.183.217.198 \[10/Aug/2019:04:43:48 +0200\] "POST /wp-login.php HTTP/1.1" 200 2132 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-08-10 12:17:26
89.43.78.201	attackspambots	Aug 10 12:03:52 our-server-hostname postfix/smtpd[6234]: connect from unknown[89.43.78.201] Aug 10 12:03:54 our-server-hostname sqlgrey: grey: new: 89.43.78.201(89.43.78.201), x@x -> x@x Aug x@x Aug x@x Aug x@x Aug 10 12:03:55 our-server-hostname sqlgrey: grey: new: 89.43.78.201(89.43.78.201), x@x -> x@x Aug x@x Aug x@x Aug x@x Aug 10 12:03:56 our-server-hostname sqlgrey: grey: new: 89.43.78.201(89.43.78.201), x@x -> x@x Aug x@x Aug x@x Aug x@x Aug 10 12:03:57 our-server-hostname postfix/smtpd[6234]: disconnect from unknown[89.43.78.201] Aug 10 12:04:09 our-server-hostname postfix/smtpd[31780]: connect from unknown[89.43.78.201] Aug x@x Aug x@x Aug 10 12:04:10 our-server-hostname postfix/smtpd[31780]: EBC70A4007C: client=unknown[89.43.78.201] Aug 10 12:04:11 our-server-hostname postfix/smtpd[25188]: BDE35A40043: client=unknown[127.0.0.1], orig_client=unknown[89.43.78.201] Aug 10 12:04:11 our-server-hostname amavis[17356]: (17356-11) Passed CLEAN, [89.43.78.201] [89.43.7........ -------------------------------	2019-08-10 12:31:16
50.195.7.180	attackspam	2019-08-09 21:42:21 H=50-195-7-180-static.hfc.comcastbusiness.net [50.195.7.180]:45205 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.4, 127.0.0.3) (https://www.spamhaus.org/query/ip/50.195.7.180) 2019-08-09 21:42:21 H=50-195-7-180-static.hfc.comcastbusiness.net [50.195.7.180]:45205 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.4, 127.0.0.3) (https://www.spamhaus.org/query/ip/50.195.7.180) 2019-08-09 21:42:21 H=50-195-7-180-static.hfc.comcastbusiness.net [50.195.7.180]:45205 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.4, 127.0.0.3) (https://www.spamhaus.org/query/ip/50.195.7.180) ...	2019-08-10 12:54:10
41.218.224.234	attackbotsspam	Aug 10 05:42:42 srv-4 sshd\[23194\]: Invalid user admin from 41.218.224.234 Aug 10 05:42:42 srv-4 sshd\[23194\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.218.224.234 Aug 10 05:42:44 srv-4 sshd\[23194\]: Failed password for invalid user admin from 41.218.224.234 port 38049 ssh2 ...	2019-08-10 12:43:06
37.187.64.220	attackspambots	Harmful URL. Webapp attack	2019-08-10 12:38:18
162.243.58.222	attackbotsspam	ssh failed login	2019-08-10 13:01:37
207.189.0.187	attackspambots	VoIP Brute Force - 207.189.0.187 - Auto Report ...	2019-08-10 12:51:11
59.152.196.154	attackspambots	Aug 10 03:58:39 localhost sshd\[11750\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.152.196.154 user=root Aug 10 03:58:41 localhost sshd\[11750\]: Failed password for root from 59.152.196.154 port 56735 ssh2 Aug 10 04:06:32 localhost sshd\[11957\]: Invalid user onie from 59.152.196.154 port 54842 Aug 10 04:06:32 localhost sshd\[11957\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.152.196.154 Aug 10 04:06:34 localhost sshd\[11957\]: Failed password for invalid user onie from 59.152.196.154 port 54842 ssh2 ...	2019-08-10 12:32:07
118.25.36.3	attackspambots	scan z	2019-08-10 12:50:37
165.22.21.221	attackbots	Aug 10 06:14:59 dedicated sshd[15507]: Failed password for invalid user jenny from 165.22.21.221 port 37620 ssh2 Aug 10 06:14:58 dedicated sshd[15507]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.21.221 Aug 10 06:14:58 dedicated sshd[15507]: Invalid user jenny from 165.22.21.221 port 37620 Aug 10 06:14:59 dedicated sshd[15507]: Failed password for invalid user jenny from 165.22.21.221 port 37620 ssh2 Aug 10 06:18:52 dedicated sshd[15951]: Invalid user abc1 from 165.22.21.221 port 59994	2019-08-10 12:20:33
195.154.38.177	attackbots	Aug 10 05:42:50 server01 sshd\[28239\]: Invalid user abacus from 195.154.38.177 Aug 10 05:42:50 server01 sshd\[28239\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.154.38.177 Aug 10 05:42:52 server01 sshd\[28239\]: Failed password for invalid user abacus from 195.154.38.177 port 35252 ssh2 ...	2019-08-10 12:41:09
212.248.9.206	attackspam	C1,WP GET /nelson/wp-login.php	2019-08-10 12:23:36

Recently Reported IPs

117.68.194.141	117.68.194.15	117.68.194.157	117.68.194.144
117.68.194.127	117.68.194.150	114.230.217.213	117.68.194.16
117.68.194.158	117.68.194.165	117.68.194.172	117.68.194.161
117.68.194.175	117.68.194.170	117.68.194.177	117.68.194.178
117.68.194.181	117.68.194.185	117.68.194.204	117.68.194.196