City: unknown
Region: unknown
Country: United States
Internet Service Provider: DigitalOcean LLC
Hostname: unknown
Organization: unknown
Usage Type: Data Center/Web Hosting/Transit
| Type | Details | Datetime |
|---|---|---|
| attackbots | Lines containing failures of 138.68.208.48 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=138.68.208.48 |
2019-09-09 04:16:38 |
| attackbotsspam | Unauthorised access (Sep 7) SRC=138.68.208.48 LEN=40 PREC=0x20 TTL=239 ID=54321 TCP DPT=5432 WINDOW=65535 SYN |
2019-09-07 11:58:12 |
| IP | Type | Details | Datetime |
|---|---|---|---|
| 138.68.208.8 | proxy | aggressive VPN |
2023-03-02 13:44:21 |
| 138.68.208.39 | attackspambots | port scan and connect, tcp 27019 (mongodb-cluster-alt) |
2019-09-12 10:38:27 |
| 138.68.208.196 | attackspam | port scan and connect, tcp 465 (smtps) |
2019-09-10 14:05:23 |
| 138.68.208.175 | attack | Hits on port : 4786 |
2019-09-10 14:01:28 |
| 138.68.208.157 | attack | 09/09/2019-21:20:20.000896 138.68.208.157 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433 |
2019-09-10 12:42:27 |
| 138.68.208.97 | attackspam | firewall-block, port(s): 50000/tcp |
2019-09-10 02:50:47 |
| 138.68.208.190 | attackbotsspam | Portscan or hack attempt detected by psad/fwsnort |
2019-09-09 18:11:54 |
| 138.68.208.157 | attackbots | 135/tcp 5672/tcp 5632/udp... [2019-09-06/08]5pkt,4pt.(tcp),1pt.(udp) |
2019-09-09 12:12:58 |
| 138.68.208.175 | attackspam | 587/tcp 2362/udp 808/tcp [2019-09-06/08]3pkt |
2019-09-09 12:10:41 |
| 138.68.208.152 | attackspambots | port scan and connect, tcp 5432 (postgresql) |
2019-09-09 12:05:11 |
| 138.68.208.25 | attackspam | 8080/tcp 995/tcp 8123/tcp... [2019-09-06/08]4pkt,4pt.(tcp) |
2019-09-09 12:01:28 |
| 138.68.208.69 | attackbotsspam | port scan and connect, tcp 2638 (sql-anywhere) |
2019-09-09 11:37:28 |
| 138.68.208.159 | attack | SASL Brute Force |
2019-09-09 11:31:02 |
| 138.68.208.45 | attackbotsspam | SASL Brute Force |
2019-09-09 06:13:41 |
| 138.68.208.149 | attackbots | 992/tcp 465/tcp 9042/tcp... [2019-09-06/07]5pkt,5pt.(tcp) |
2019-09-08 20:47:03 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.68.208.48
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 47369
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.68.208.48. IN A
;; AUTHORITY SECTION:
. 3600 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019090601 1800 900 604800 86400
;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Sep 07 11:58:04 CST 2019
;; MSG SIZE rcvd: 11748.208.68.138.in-addr.arpa domain name pointer zg-0905a-122.stretchoid.com.Server: 67.207.67.2
Address: 67.207.67.2#53
Non-authoritative answer:
48.208.68.138.in-addr.arpa name = zg-0905a-122.stretchoid.com.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 109.86.244.225 | attackbotsspam | Autoban 109.86.244.225 AUTH/CONNECT |
2019-11-18 16:27:10 |
| 218.150.220.198 | attackspambots | Nov 18 03:14:16 TORMINT sshd\[7973\]: Invalid user sophia from 218.150.220.198 Nov 18 03:14:16 TORMINT sshd\[7973\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.150.220.198 Nov 18 03:14:17 TORMINT sshd\[7973\]: Failed password for invalid user sophia from 218.150.220.198 port 43048 ssh2 ... |
2019-11-18 17:01:30 |
| 49.88.112.77 | attackspambots | Nov 18 04:30:36 firewall sshd[9575]: Failed password for root from 49.88.112.77 port 30868 ssh2 Nov 18 04:30:38 firewall sshd[9575]: Failed password for root from 49.88.112.77 port 30868 ssh2 Nov 18 04:30:40 firewall sshd[9575]: Failed password for root from 49.88.112.77 port 30868 ssh2 ... |
2019-11-18 16:23:16 |
| 109.86.213.222 | attack | Autoban 109.86.213.222 AUTH/CONNECT |
2019-11-18 16:27:46 |
| 109.75.38.86 | attackspambots | Autoban 109.75.38.86 AUTH/CONNECT |
2019-11-18 16:29:07 |
| 222.186.175.155 | attack | Nov 18 09:40:59 MK-Soft-VM5 sshd[7017]: Failed password for root from 222.186.175.155 port 65056 ssh2 Nov 18 09:41:03 MK-Soft-VM5 sshd[7017]: Failed password for root from 222.186.175.155 port 65056 ssh2 ... |
2019-11-18 16:41:13 |
| 218.92.0.191 | attack | Nov 18 09:43:10 dcd-gentoo sshd[17133]: User root from 218.92.0.191 not allowed because none of user's groups are listed in AllowGroups Nov 18 09:43:13 dcd-gentoo sshd[17133]: error: PAM: Authentication failure for illegal user root from 218.92.0.191 Nov 18 09:43:10 dcd-gentoo sshd[17133]: User root from 218.92.0.191 not allowed because none of user's groups are listed in AllowGroups Nov 18 09:43:13 dcd-gentoo sshd[17133]: error: PAM: Authentication failure for illegal user root from 218.92.0.191 Nov 18 09:43:10 dcd-gentoo sshd[17133]: User root from 218.92.0.191 not allowed because none of user's groups are listed in AllowGroups Nov 18 09:43:13 dcd-gentoo sshd[17133]: error: PAM: Authentication failure for illegal user root from 218.92.0.191 Nov 18 09:43:13 dcd-gentoo sshd[17133]: Failed keyboard-interactive/pam for invalid user root from 218.92.0.191 port 45704 ssh2 ... |
2019-11-18 16:51:34 |
| 103.138.109.68 | attackspam | Nov 18 09:28:46 server sshd\[9560\]: Invalid user stackato from 103.138.109.68 Nov 18 09:28:47 server sshd\[9560\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.138.109.68 Nov 18 09:28:49 server sshd\[9560\]: Failed password for invalid user stackato from 103.138.109.68 port 61359 ssh2 Nov 18 09:28:49 server sshd\[9561\]: Received disconnect from 103.138.109.68: 3: com.jcraft.jsch.JSchException: Auth fail Nov 18 09:29:15 server sshd\[9624\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.138.109.68 user=root ... |
2019-11-18 16:41:37 |
| 39.76.249.106 | attackbotsspam | Probing for vulnerable services |
2019-11-18 16:58:12 |
| 109.75.46.23 | attack | Autoban 109.75.46.23 AUTH/CONNECT |
2019-11-18 16:28:13 |
| 109.74.136.78 | attackbots | Autoban 109.74.136.78 AUTH/CONNECT |
2019-11-18 16:31:39 |
| 109.101.139.106 | attackbotsspam | Autoban 109.101.139.106 AUTH/CONNECT |
2019-11-18 16:59:47 |
| 125.209.67.131 | attackspam | IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/125.209.67.131/ PK - 1H : (22) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : PK NAME ASN : ASN9260 IP : 125.209.67.131 CIDR : 125.209.67.0/24 PREFIX COUNT : 139 UNIQUE IP COUNT : 36352 ATTACKS DETECTED ASN9260 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 DateTime : 2019-11-18 07:29:25 INFO : Port MAX SCAN Scan Detected and Blocked by ADMIN - data recovery |
2019-11-18 16:30:21 |
| 109.127.4.42 | attack | Autoban 109.127.4.42 AUTH/CONNECT |
2019-11-18 16:54:39 |
| 192.34.62.227 | attackbots | Nov 18 09:26:07 OPSO sshd\[24829\]: Invalid user elsearch from 192.34.62.227 port 46363 Nov 18 09:26:07 OPSO sshd\[24829\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.34.62.227 Nov 18 09:26:10 OPSO sshd\[24829\]: Failed password for invalid user elsearch from 192.34.62.227 port 46363 ssh2 Nov 18 09:29:07 OPSO sshd\[25037\]: Invalid user elsearch from 192.34.62.227 port 48823 Nov 18 09:29:07 OPSO sshd\[25037\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.34.62.227 |
2019-11-18 16:39:48 |