138.68.223.69 - IPInfo

Basic Info

City: San Francisco

Region: California

Country: United States

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	20/tcp 27017/tcp 35025/tcp... [2019-09-08/11]4pkt,3pt.(tcp),1pt.(udp)	2019-09-13 04:08:09
attack	1434/udp [2019-09-08]1pkt	2019-09-09 00:23:25

Comments on same subnet:

IP	Type	Details	Datetime
138.68.223.84	attackspambots	firewall-block, port(s): 6379/tcp	2019-09-12 00:20:11
138.68.223.70	attackbotsspam	Honeypot hit: misc	2019-09-10 12:10:30
138.68.223.45	attackspambots	Autoban 138.68.223.45 AUTH/CONNECT	2019-09-10 09:41:52
138.68.223.85	attackspambots	firewall-block, port(s): 64526/tcp	2019-09-09 00:37:40
138.68.223.79	attackspam	port scan and connect, tcp 5432 (postgresql)	2019-09-07 12:08:32

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.68.223.69
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 691
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.68.223.69.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019090800 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Sep 09 00:23:14 CST 2019
;; MSG SIZE  rcvd: 117

Host info

69.223.68.138.in-addr.arpa domain name pointer zg-0905b-7.stretchoid.com.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
69.223.68.138.in-addr.arpa	name = zg-0905b-7.stretchoid.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
42.113.119.22	attack	20/5/20@23:59:42: FAIL: Alarm-Network address from=42.113.119.22 ...	2020-05-21 12:09:37
191.53.196.136	attackspam	(smtpauth) Failed SMTP AUTH login from 191.53.196.136 (BR/Brazil/191-53-196-136.dvl-wr.mastercabo.com.br): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-05-21 08:28:59 plain authenticator failed for ([191.53.196.136]) [191.53.196.136]: 535 Incorrect authentication data (set_id=m.kamran@safanicu.com)	2020-05-21 12:34:04
118.71.75.141	attackspambots	" "	2020-05-21 12:07:44
159.89.131.172	attackspam	2020-05-20T23:56:31.403998abusebot-8.cloudsearch.cf sshd[15885]: Invalid user cz from 159.89.131.172 port 42890 2020-05-20T23:56:31.412130abusebot-8.cloudsearch.cf sshd[15885]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=brokeredin.com 2020-05-20T23:56:31.403998abusebot-8.cloudsearch.cf sshd[15885]: Invalid user cz from 159.89.131.172 port 42890 2020-05-20T23:56:33.376244abusebot-8.cloudsearch.cf sshd[15885]: Failed password for invalid user cz from 159.89.131.172 port 42890 ssh2 2020-05-21T00:05:38.780976abusebot-8.cloudsearch.cf sshd[16436]: Invalid user qinghua from 159.89.131.172 port 33444 2020-05-21T00:05:38.787570abusebot-8.cloudsearch.cf sshd[16436]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=brokeredin.com 2020-05-21T00:05:38.780976abusebot-8.cloudsearch.cf sshd[16436]: Invalid user qinghua from 159.89.131.172 port 33444 2020-05-21T00:05:40.846597abusebot-8.cloudsearch.cf sshd[16436]: Fail ...	2020-05-21 08:27:01
222.186.175.202	attackspam	May 20 23:59:32 NPSTNNYC01T sshd[6321]: Failed password for root from 222.186.175.202 port 57374 ssh2 May 20 23:59:45 NPSTNNYC01T sshd[6321]: error: maximum authentication attempts exceeded for root from 222.186.175.202 port 57374 ssh2 [preauth] May 20 23:59:51 NPSTNNYC01T sshd[6397]: Failed password for root from 222.186.175.202 port 3068 ssh2 ...	2020-05-21 12:01:35
111.229.48.141	attackspambots	May 21 02:26:03 vps647732 sshd[27430]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.48.141 May 21 02:26:05 vps647732 sshd[27430]: Failed password for invalid user ycd from 111.229.48.141 port 40804 ssh2 ...	2020-05-21 08:29:49
79.188.68.89	attackspambots	May 21 02:03:48 [host] sshd[12182]: Invalid user d May 21 02:03:48 [host] sshd[12182]: pam_unix(sshd: May 21 02:03:50 [host] sshd[12182]: Failed passwor	2020-05-21 08:24:40
125.126.240.247	attackspambots	20/5/20@23:59:18: FAIL: IoT-Telnet address from=125.126.240.247 ...	2020-05-21 12:24:31
49.233.90.108	attack	May 21 05:59:10 vps639187 sshd\[1924\]: Invalid user rzc from 49.233.90.108 port 59530 May 21 05:59:10 vps639187 sshd\[1924\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.90.108 May 21 05:59:12 vps639187 sshd\[1924\]: Failed password for invalid user rzc from 49.233.90.108 port 59530 ssh2 ...	2020-05-21 12:27:16
123.206.69.81	attackspam	k+ssh-bruteforce	2020-05-21 12:17:59
156.96.46.114	attackbotsspam	SASL broute force	2020-05-21 12:26:46
116.106.7.150	attack	May 21 02:03:39 melroy-server sshd[14265]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.106.7.150 May 21 02:03:41 melroy-server sshd[14265]: Failed password for invalid user user from 116.106.7.150 port 63163 ssh2 ...	2020-05-21 08:29:20
207.154.218.16	attack	May 21 06:22:50 vps687878 sshd\[24504\]: Failed password for invalid user fse from 207.154.218.16 port 56212 ssh2 May 21 06:27:12 vps687878 sshd\[25656\]: Invalid user cgh from 207.154.218.16 port 34594 May 21 06:27:12 vps687878 sshd\[25656\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.154.218.16 May 21 06:27:15 vps687878 sshd\[25656\]: Failed password for invalid user cgh from 207.154.218.16 port 34594 ssh2 May 21 06:31:40 vps687878 sshd\[26328\]: Invalid user ico from 207.154.218.16 port 41212 May 21 06:31:40 vps687878 sshd\[26328\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.154.218.16 ...	2020-05-21 12:33:33
40.115.247.138	attack	May 21 02:01:39 minden010 sshd[3016]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.115.247.138 May 21 02:01:40 minden010 sshd[3016]: Failed password for invalid user add from 40.115.247.138 port 34172 ssh2 May 21 02:03:34 minden010 sshd[3260]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.115.247.138 ...	2020-05-21 08:31:35
139.59.17.33	attack	May 21 05:50:52 Ubuntu-1404-trusty-64-minimal sshd\[715\]: Invalid user spk from 139.59.17.33 May 21 05:50:52 Ubuntu-1404-trusty-64-minimal sshd\[715\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.17.33 May 21 05:50:54 Ubuntu-1404-trusty-64-minimal sshd\[715\]: Failed password for invalid user spk from 139.59.17.33 port 35066 ssh2 May 21 05:59:38 Ubuntu-1404-trusty-64-minimal sshd\[3668\]: Invalid user gmj from 139.59.17.33 May 21 05:59:38 Ubuntu-1404-trusty-64-minimal sshd\[3668\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.17.33	2020-05-21 12:10:43

Recently Reported IPs

94.31.193.162	73.166.146.222	172.15.84.166	31.153.203.238
64.72.51.194	222.246.159.18	218.197.60.225	139.14.119.204
145.128.247.212	35.50.17.83	222.253.252.26	157.35.28.4
107.94.238.191	87.190.64.185	117.222.150.90	173.51.88.95
66.125.100.200	32.152.97.194	176.46.32.72	37.197.91.175