138.68.212.105

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Scanning random ports - tries to find possible vulnerable services	2019-09-01 16:46:49

Comments on same subnet:

IP	Type	Details	Datetime
138.68.212.139	attackbots	" "	2019-11-29 08:49:47
138.68.212.45	attackspam	Mozilla/5.0 zgrab/0.x	2019-11-22 22:48:08
138.68.212.139	attackbots	port scan and connect, tcp 443 (https)	2019-11-10 21:03:29
138.68.212.113	attackspambots	Honeypot hit.	2019-11-10 01:07:35
138.68.212.139	attackspam	138.68.212.139 was recorded 5 times by 5 hosts attempting to connect to the following ports: 1028. Incident counter (4h, 24h, all-time): 5, 16, 23	2019-11-09 22:03:05
138.68.212.45	attackspam	Connection by 138.68.212.45 on port: 10009 got caught by honeypot at 11/8/2019 10:05:03 AM	2019-11-08 21:20:49
138.68.212.113	attackbotsspam	179/tcp 1433/tcp 5060/udp... [2019-09-02/10-31]51pkt,43pt.(tcp),4pt.(udp)	2019-11-02 19:20:16
138.68.212.45	attackbotsspam	53169/tcp 49738/tcp 8118/tcp... [2019-08-31/10-30]49pkt,37pt.(tcp),3pt.(udp)	2019-10-31 01:38:00
138.68.212.139	attack	firewall-block, port(s): 990/tcp	2019-10-14 16:56:22
138.68.212.113	attack	firewall-block, port(s): 465/tcp	2019-10-03 02:45:27
138.68.212.45	attackspam	port scan and connect, tcp 22 (ssh)	2019-09-27 14:35:48
138.68.212.45	attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2019-09-13 12:22:35
138.68.212.185	attackbotsspam	" "	2019-09-06 04:29:10
138.68.212.207	attackbotsspam	2525/tcp 8443/tcp 5902/tcp... [2019-08-29/09-05]7pkt,7pt.(tcp)	2019-09-05 22:31:56
138.68.212.210	attackbotsspam	Honeypot hit, critical abuseConfidenceScore, incoming Traffic from this IP	2019-09-04 02:34:53

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.68.212.105
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 59315
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.68.212.105.			IN	A

;; AUTHORITY SECTION:
.			1597	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019090100 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Sep 01 16:46:43 CST 2019
;; MSG SIZE  rcvd: 118

Host info

105.212.68.138.in-addr.arpa domain name pointer zg-0829a-49.stretchoid.com.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
105.212.68.138.in-addr.arpa	name = zg-0829a-49.stretchoid.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
175.143.81.11	attackspam	Automatic report - Port Scan Attack	2020-02-28 07:52:52
113.9.197.6	attackspam	[portscan] Port scan	2020-02-28 07:29:38
187.178.174.149	attackbots	Invalid user zouliangfeng from 187.178.174.149 port 56750	2020-02-28 08:04:14
101.231.124.6	attackbots	Invalid user juan from 101.231.124.6 port 38300	2020-02-28 07:36:35
121.178.212.67	attackspam	(sshd) Failed SSH login from 121.178.212.67 (KR/South Korea/-): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Feb 28 00:17:06 ubnt-55d23 sshd[21104]: Invalid user admin from 121.178.212.67 port 40941 Feb 28 00:17:08 ubnt-55d23 sshd[21104]: Failed password for invalid user admin from 121.178.212.67 port 40941 ssh2	2020-02-28 07:29:18
27.105.152.201	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-28 07:40:23
220.133.2.27	attack	port scan and connect, tcp 23 (telnet)	2020-02-28 07:42:23
59.126.247.165	attackspam	Automatic report - Port Scan Attack	2020-02-28 07:24:47
94.131.243.73	attack	Lines containing failures of 94.131.243.73 Feb 27 23:08:58 kopano sshd[28983]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.131.243.73 user=r.r Feb 27 23:08:59 kopano sshd[28983]: Failed password for r.r from 94.131.243.73 port 41108 ssh2 Feb 27 23:09:00 kopano sshd[28983]: Received disconnect from 94.131.243.73 port 41108:11: Bye Bye [preauth] Feb 27 23:09:00 kopano sshd[28983]: Disconnected from authenticating user r.r 94.131.243.73 port 41108 [preauth] Feb 27 23:35:40 kopano sshd[30218]: Invalid user user1 from 94.131.243.73 port 57908 Feb 27 23:35:40 kopano sshd[30218]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.131.243.73 Feb 27 23:35:41 kopano sshd[30218]: Failed password for invalid user user1 from 94.131.243.73 port 57908 ssh2 Feb 27 23:35:41 kopano sshd[30218]: Received disconnect from 94.131.243.73 port 57908:11: Bye Bye [preauth] Feb 27 23:35:41 kopano sshd[30218]: D........ ------------------------------	2020-02-28 07:28:06
200.89.178.140	attackbots	Feb 28 00:49:01 localhost sshd\[24030\]: Invalid user zll from 200.89.178.140 port 53782 Feb 28 00:49:01 localhost sshd\[24030\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.89.178.140 Feb 28 00:49:03 localhost sshd\[24030\]: Failed password for invalid user zll from 200.89.178.140 port 53782 ssh2	2020-02-28 07:53:42
121.40.110.3	attack	too many failed pop/imap login attempts	2020-02-28 07:55:36
106.12.3.170	attack	Feb 28 00:25:25 ns381471 sshd[10270]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.3.170 Feb 28 00:25:27 ns381471 sshd[10270]: Failed password for invalid user seongmin from 106.12.3.170 port 32928 ssh2	2020-02-28 07:54:21
187.162.246.194	attack	Automatic report - Port Scan Attack	2020-02-28 08:05:08
222.186.173.180	attack	Feb 28 01:00:07 dedicated sshd[16780]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.180 user=root Feb 28 01:00:09 dedicated sshd[16780]: Failed password for root from 222.186.173.180 port 50910 ssh2	2020-02-28 08:01:50
202.137.20.58	attackspambots	Feb 27 23:09:49 raspberrypi sshd\[26204\]: Invalid user john from 202.137.20.58Feb 27 23:09:51 raspberrypi sshd\[26204\]: Failed password for invalid user john from 202.137.20.58 port 58543 ssh2Feb 27 23:13:58 raspberrypi sshd\[26352\]: Invalid user user10 from 202.137.20.58 ...	2020-02-28 08:03:31

Recently Reported IPs

124.251.131.10	124.172.184.149	124.156.50.111	124.83.111.252
36.201.138.114	124.74.150.114	124.40.94.242	123.231.251.202
190.200.192.250	150.195.170.130	39.13.32.51	123.231.241.14
92.247.64.77	96.24.81.190	213.48.15.133	68.107.161.18
54.191.2.119	123.121.229.7	75.70.129.184	114.148.34.171