138.68.247.109

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
138.68.247.104	attack	138.68.247.104 - - - [03/Oct/2020:21:29:36 +0200] "GET / HTTP/1.0" 404 162 "-" "masscan/1.0 (https://github.com/robertdavidgraham/masscan)" "-" "-"	2020-10-04 06:55:34
138.68.247.104	attackspam	Unauthorized connection attempt detected, IP banned.	2020-10-03 23:06:40
138.68.247.104	attackspam	Unauthorized connection attempt detected, IP banned.	2020-10-03 14:49:41
138.68.247.248	attack	Invalid user renewed from 138.68.247.248 port 42904	2020-09-08 01:35:24
138.68.247.248	attack	Invalid user renewed from 138.68.247.248 port 42904	2020-09-07 16:59:35
138.68.247.104	attack	Unauthorized connection attempt, Score = 100 , Ban for 1 month	2020-08-02 00:37:35
138.68.247.87	attackbots	May 30 15:14:17 vpn01 sshd[28289]: Failed password for root from 138.68.247.87 port 60094 ssh2 ...	2020-05-30 22:53:30
138.68.247.87	attackbotsspam	Invalid user krr from 138.68.247.87 port 34504	2020-05-22 06:15:11
138.68.247.87	attackspam	Invalid user support from 138.68.247.87 port 43580	2020-05-15 02:22:48
138.68.247.87	attack	(sshd) Failed SSH login from 138.68.247.87 (US/United States/-): 3 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: May 11 09:44:48 andromeda sshd[19196]: Invalid user tom from 138.68.247.87 port 36950 May 11 09:44:51 andromeda sshd[19196]: Failed password for invalid user tom from 138.68.247.87 port 36950 ssh2 May 11 09:56:41 andromeda sshd[19802]: Invalid user apache from 138.68.247.87 port 56230	2020-05-11 18:26:40
138.68.247.104	attack	port scan and connect, tcp 80 (http)	2019-11-24 15:31:00
138.68.247.104	attackspambots	[Tue Nov 19 05:52:32.892620 2019] [:error] [pid 64127] [client 138.68.247.104:61000] [client 138.68.247.104] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "91"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 8)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "ws24vmsma01.ufn.edu.br"] [uri "/"] [unique_id "XdOtUJkLc2ov4Xuep0hqgAAAAAY"] ...	2019-11-19 16:57:19
138.68.247.1	attackspambots	Sep 14 21:29:52 localhost sshd\[20719\]: Invalid user ubnt from 138.68.247.1 port 36984 Sep 14 21:29:52 localhost sshd\[20719\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.247.1 Sep 14 21:29:54 localhost sshd\[20719\]: Failed password for invalid user ubnt from 138.68.247.1 port 36984 ssh2 Sep 14 21:34:06 localhost sshd\[20831\]: Invalid user send from 138.68.247.1 port 53120 Sep 14 21:34:06 localhost sshd\[20831\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.247.1 ...	2019-09-15 05:35:40
138.68.247.1	attackspambots	Sep 13 01:33:03 aiointranet sshd\[19128\]: Invalid user cron from 138.68.247.1 Sep 13 01:33:03 aiointranet sshd\[19128\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.247.1 Sep 13 01:33:05 aiointranet sshd\[19128\]: Failed password for invalid user cron from 138.68.247.1 port 34684 ssh2 Sep 13 01:37:32 aiointranet sshd\[19499\]: Invalid user kuaisuweb from 138.68.247.1 Sep 13 01:37:32 aiointranet sshd\[19499\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.247.1	2019-09-13 20:45:37
138.68.247.1	attackbotsspam	'Fail2Ban'	2019-09-05 15:31:39

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.68.247.109
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 16689
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;138.68.247.109.			IN	A

;; AUTHORITY SECTION:
.			598	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021801 1800 900 604800 86400

;; Query time: 28 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Feb 19 03:37:36 CST 2022
;; MSG SIZE  rcvd: 107

Host info

Host 109.247.68.138.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 109.247.68.138.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
222.237.104.20	attackbotsspam	Sep 22 20:56:40 dignus sshd[4125]: Invalid user sa from 222.237.104.20 port 57436 Sep 22 20:56:40 dignus sshd[4125]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.237.104.20 Sep 22 20:56:42 dignus sshd[4125]: Failed password for invalid user sa from 222.237.104.20 port 57436 ssh2 Sep 22 21:00:47 dignus sshd[4458]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.237.104.20 user=root Sep 22 21:00:49 dignus sshd[4458]: Failed password for root from 222.237.104.20 port 40694 ssh2 ...	2020-09-23 12:08:50
195.54.160.183	attackbotsspam	SSH-BruteForce	2020-09-23 09:02:51
36.68.236.74	attackbotsspam	Unauthorized connection attempt from IP address 36.68.236.74 on Port 445(SMB)	2020-09-23 08:59:24
133.106.210.217	attackbotsspam	2020-09-22T19:02:26+0200 Failed SSH Authentication/Brute Force Attack.(Server 2)	2020-09-23 08:51:53
189.27.112.240	attackspambots	Unauthorized connection attempt from IP address 189.27.112.240 on Port 445(SMB)	2020-09-23 08:36:24
140.206.223.56	attackspambots	2020-09-22T21:38:38+0200 Failed SSH Authentication/Brute Force Attack. (Server 9)	2020-09-23 08:55:57
128.106.164.38	attackbotsspam	Unauthorized connection attempt from IP address 128.106.164.38 on Port 445(SMB)	2020-09-23 08:37:59
154.236.168.41	attack	Unauthorized connection attempt from IP address 154.236.168.41 on Port 445(SMB)	2020-09-23 08:42:49
141.98.10.55	attackbots	SIPVicious Scanner Detection	2020-09-23 12:08:12
34.94.247.253	attack	Automatic report - XMLRPC Attack	2020-09-23 08:48:36
104.244.76.245	attack	Unauthorized connection attempt from IP address 104.244.76.245 on port 587	2020-09-23 08:54:04
87.236.213.205	attackbotsspam	87.236.213.205 (IR/Iran/205.213.236.87.mail.iranianwebman.ir), 10 distributed imapd attacks on account [hr@fondationcrevier.ca] in the last 3600 secs	2020-09-23 08:46:35
83.248.158.22	attackspam	Sep 22 21:01:47 ssh2 sshd[23106]: Invalid user osmc from 83.248.158.22 port 34326 Sep 22 21:01:47 ssh2 sshd[23106]: Failed password for invalid user osmc from 83.248.158.22 port 34326 ssh2 Sep 22 21:01:47 ssh2 sshd[23106]: Connection closed by invalid user osmc 83.248.158.22 port 34326 [preauth] ...	2020-09-23 08:55:20
96.242.5.35	attackbots	SSH Invalid Login	2020-09-23 08:41:41
51.77.148.7	attackspam	ssh brute force	2020-09-23 12:07:04

Recently Reported IPs

138.68.190.116	138.68.187.209	138.68.148.252	138.68.56.88
138.59.140.65	138.204.171.134	138.68.115.28	138.68.73.206
138.68.197.153	138.68.37.40	138.68.96.250	138.68.76.87
138.91.60.163	139.150.79.182	139.162.11.88	139.135.229.27
139.135.229.24	139.162.146.185	139.162.146.101	139.162.141.129