138.68.208.21 - IPInfo

Basic Info

City: San Francisco

Region: California

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
138.68.208.8	proxy	aggressive VPN	2023-03-02 13:44:21
138.68.208.39	attackspambots	port scan and connect, tcp 27019 (mongodb-cluster-alt)	2019-09-12 10:38:27
138.68.208.196	attackspam	port scan and connect, tcp 465 (smtps)	2019-09-10 14:05:23
138.68.208.175	attack	Hits on port : 4786	2019-09-10 14:01:28
138.68.208.157	attack	09/09/2019-21:20:20.000896 138.68.208.157 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2019-09-10 12:42:27
138.68.208.97	attackspam	firewall-block, port(s): 50000/tcp	2019-09-10 02:50:47
138.68.208.190	attackbotsspam	Portscan or hack attempt detected by psad/fwsnort	2019-09-09 18:11:54
138.68.208.157	attackbots	135/tcp 5672/tcp 5632/udp... [2019-09-06/08]5pkt,4pt.(tcp),1pt.(udp)	2019-09-09 12:12:58
138.68.208.175	attackspam	587/tcp 2362/udp 808/tcp [2019-09-06/08]3pkt	2019-09-09 12:10:41
138.68.208.152	attackspambots	port scan and connect, tcp 5432 (postgresql)	2019-09-09 12:05:11
138.68.208.25	attackspam	8080/tcp 995/tcp 8123/tcp... [2019-09-06/08]4pkt,4pt.(tcp)	2019-09-09 12:01:28
138.68.208.69	attackbotsspam	port scan and connect, tcp 2638 (sql-anywhere)	2019-09-09 11:37:28
138.68.208.159	attack	SASL Brute Force	2019-09-09 11:31:02
138.68.208.45	attackbotsspam	SASL Brute Force	2019-09-09 06:13:41
138.68.208.48	attackbots	Lines containing failures of 138.68.208.48 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=138.68.208.48	2019-09-09 04:16:38

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.68.208.21
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22700
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;138.68.208.21.			IN	A

;; AUTHORITY SECTION:
.			380	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2023020700 1800 900 604800 86400

;; Query time: 64 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 07 16:34:30 CST 2023
;; MSG SIZE  rcvd: 106

Host info

21.208.68.138.in-addr.arpa domain name pointer zg-1220g-177.stretchoid.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
21.208.68.138.in-addr.arpa	name = zg-1220g-177.stretchoid.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
185.143.75.153	attackbots	Jun 24 20:49:22 relay postfix/smtpd\[6933\]: warning: unknown\[185.143.75.153\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 24 20:49:55 relay postfix/smtpd\[24426\]: warning: unknown\[185.143.75.153\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 24 20:50:12 relay postfix/smtpd\[4997\]: warning: unknown\[185.143.75.153\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 24 20:50:45 relay postfix/smtpd\[25075\]: warning: unknown\[185.143.75.153\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 24 20:51:03 relay postfix/smtpd\[3226\]: warning: unknown\[185.143.75.153\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-06-25 02:58:03
178.63.214.100	attack	Jun 24 12:46:15 powerpi2 sshd[31455]: Invalid user bitcoin from 178.63.214.100 port 49346 Jun 24 12:46:18 powerpi2 sshd[31455]: Failed password for invalid user bitcoin from 178.63.214.100 port 49346 ssh2 Jun 24 12:54:02 powerpi2 sshd[31818]: Invalid user temporary from 178.63.214.100 port 40378 ...	2020-06-25 02:34:14
41.230.105.23	attackspambots	Unauthorized connection attempt detected from IP address 41.230.105.23 to port 23	2020-06-25 02:53:10
159.224.199.208	attackspam	Unauthorized connection attempt from IP address 159.224.199.208 on Port 445(SMB)	2020-06-25 03:02:31
49.88.112.71	attack	Jun 24 12:03:08 localhost sshd\[19301\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.71 user=root Jun 24 12:03:10 localhost sshd\[19301\]: Failed password for root from 49.88.112.71 port 23372 ssh2 Jun 24 12:03:12 localhost sshd\[19301\]: Failed password for root from 49.88.112.71 port 23372 ssh2 ...	2020-06-25 02:43:54
175.6.35.202	attackbots	(sshd) Failed SSH login from 175.6.35.202 (CN/China/-): 5 in the last 3600 secs	2020-06-25 02:54:53
45.141.84.44	attackbotsspam	Port scan on 11 port(s): 6889 7242 7446 7481 7757 7895 8247 9126 9151 9381 9531	2020-06-25 02:21:16
185.220.101.19	attackbotsspam	"Restricted File Access Attempt - Matched Data: wp-config.php found within REQUEST_FILENAME: /wp-config.phporiginal"	2020-06-25 02:59:11
46.38.145.248	attackbots	Jun 24 19:36:10 blackbee postfix/smtpd\[20844\]: warning: unknown\[46.38.145.248\]: SASL LOGIN authentication failed: authentication failure Jun 24 19:36:56 blackbee postfix/smtpd\[20844\]: warning: unknown\[46.38.145.248\]: SASL LOGIN authentication failed: authentication failure Jun 24 19:37:41 blackbee postfix/smtpd\[20857\]: warning: unknown\[46.38.145.248\]: SASL LOGIN authentication failed: authentication failure Jun 24 19:38:26 blackbee postfix/smtpd\[20844\]: warning: unknown\[46.38.145.248\]: SASL LOGIN authentication failed: authentication failure Jun 24 19:39:10 blackbee postfix/smtpd\[20857\]: warning: unknown\[46.38.145.248\]: SASL LOGIN authentication failed: authentication failure ...	2020-06-25 02:42:42
193.27.228.13	attackbots	TCP port : 2999	2020-06-25 02:30:27
213.166.148.94	attackspam	Unauthorized connection attempt from IP address 213.166.148.94 on Port 445(SMB)	2020-06-25 02:49:02
85.146.208.186	attackbotsspam	Jun 24 20:05:11 pve1 sshd[3600]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.146.208.186 Jun 24 20:05:13 pve1 sshd[3600]: Failed password for invalid user gangadhar from 85.146.208.186 port 44680 ssh2 ...	2020-06-25 02:59:59
178.134.99.134	attackbots	(imapd) Failed IMAP login from 178.134.99.134 (GE/Georgia/178-134-99-134.dsl.utg.ge): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Jun 24 16:33:25 ir1 dovecot[2885757]: imap-login: Disconnected (auth failed, 1 attempts in 16 secs): user=, method=PLAIN, rip=178.134.99.134, lip=5.63.12.44, TLS: Connection closed, session=	2020-06-25 02:31:11
3.34.127.126	attackbotsspam	SSH Brute-Forcing (server2)	2020-06-25 02:33:55
151.255.247.145	attackspambots	Unauthorized connection attempt from IP address 151.255.247.145 on Port 445(SMB)	2020-06-25 03:04:39

Recently Reported IPs

46.143.8.87	138.68.208.20	41.113.211.179	121.43.62.248
50.16.66.195	235.36.210.138	185.8.181.35	80.94.95.102
106.75.74.160	184.179.174.122	129.205.113.66	210.195.239.5
170.125.57.146	154.206.14.175	198.54.124.41	12.81.21.80
228.7.225.3	182.23.46.4	232.66.94.219	156.217.228.237