138.68.247.195

Basic Info

City: unknown

Region: unknown

Country: unknown

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
138.68.247.104	attack	138.68.247.104 - - - [03/Oct/2020:21:29:36 +0200] "GET / HTTP/1.0" 404 162 "-" "masscan/1.0 (https://github.com/robertdavidgraham/masscan)" "-" "-"	2020-10-04 06:55:34
138.68.247.104	attackspam	Unauthorized connection attempt detected, IP banned.	2020-10-03 23:06:40
138.68.247.104	attackspam	Unauthorized connection attempt detected, IP banned.	2020-10-03 14:49:41
138.68.247.248	attack	Invalid user renewed from 138.68.247.248 port 42904	2020-09-08 01:35:24
138.68.247.248	attack	Invalid user renewed from 138.68.247.248 port 42904	2020-09-07 16:59:35
138.68.247.104	attack	Unauthorized connection attempt, Score = 100 , Ban for 1 month	2020-08-02 00:37:35
138.68.247.87	attackbots	May 30 15:14:17 vpn01 sshd[28289]: Failed password for root from 138.68.247.87 port 60094 ssh2 ...	2020-05-30 22:53:30
138.68.247.87	attackbotsspam	Invalid user krr from 138.68.247.87 port 34504	2020-05-22 06:15:11
138.68.247.87	attackspam	Invalid user support from 138.68.247.87 port 43580	2020-05-15 02:22:48
138.68.247.87	attack	(sshd) Failed SSH login from 138.68.247.87 (US/United States/-): 3 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: May 11 09:44:48 andromeda sshd[19196]: Invalid user tom from 138.68.247.87 port 36950 May 11 09:44:51 andromeda sshd[19196]: Failed password for invalid user tom from 138.68.247.87 port 36950 ssh2 May 11 09:56:41 andromeda sshd[19802]: Invalid user apache from 138.68.247.87 port 56230	2020-05-11 18:26:40
138.68.247.104	attack	port scan and connect, tcp 80 (http)	2019-11-24 15:31:00
138.68.247.104	attackspambots	[Tue Nov 19 05:52:32.892620 2019] [:error] [pid 64127] [client 138.68.247.104:61000] [client 138.68.247.104] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "91"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 8)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "ws24vmsma01.ufn.edu.br"] [uri "/"] [unique_id "XdOtUJkLc2ov4Xuep0hqgAAAAAY"] ...	2019-11-19 16:57:19
138.68.247.1	attackspambots	Sep 14 21:29:52 localhost sshd\[20719\]: Invalid user ubnt from 138.68.247.1 port 36984 Sep 14 21:29:52 localhost sshd\[20719\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.247.1 Sep 14 21:29:54 localhost sshd\[20719\]: Failed password for invalid user ubnt from 138.68.247.1 port 36984 ssh2 Sep 14 21:34:06 localhost sshd\[20831\]: Invalid user send from 138.68.247.1 port 53120 Sep 14 21:34:06 localhost sshd\[20831\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.247.1 ...	2019-09-15 05:35:40
138.68.247.1	attackspambots	Sep 13 01:33:03 aiointranet sshd\[19128\]: Invalid user cron from 138.68.247.1 Sep 13 01:33:03 aiointranet sshd\[19128\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.247.1 Sep 13 01:33:05 aiointranet sshd\[19128\]: Failed password for invalid user cron from 138.68.247.1 port 34684 ssh2 Sep 13 01:37:32 aiointranet sshd\[19499\]: Invalid user kuaisuweb from 138.68.247.1 Sep 13 01:37:32 aiointranet sshd\[19499\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.247.1	2019-09-13 20:45:37
138.68.247.1	attackbotsspam	'Fail2Ban'	2019-09-05 15:31:39

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.68.247.195
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7838
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;138.68.247.195.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022030803 1800 900 604800 86400

;; Query time: 67 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Mar 09 07:52:51 CST 2022
;; MSG SIZE  rcvd: 107

Host info

Host 195.247.68.138.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 195.247.68.138.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
181.177.251.3	attack	Port Scan 1433	2019-12-01 07:47:21
122.228.19.80	attackspam	Connection by 122.228.19.80 on port: 15000 got caught by honeypot at 11/30/2019 10:31:53 PM	2019-12-01 07:48:03
139.59.248.5	attackbotsspam	Nov 30 23:16:03 www_kotimaassa_fi sshd[18104]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.248.5 Nov 30 23:16:05 www_kotimaassa_fi sshd[18104]: Failed password for invalid user test9999 from 139.59.248.5 port 34108 ssh2 ...	2019-12-01 07:52:01
49.249.248.34	attackspambots	Jun 19 03:55:21 meumeu sshd[16387]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.249.248.34 Jun 19 03:55:23 meumeu sshd[16387]: Failed password for invalid user ftpuser from 49.249.248.34 port 55625 ssh2 Jun 19 03:58:08 meumeu sshd[16691]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.249.248.34 ...	2019-12-01 08:08:44
109.92.186.51	attackbotsspam	Nov 28 17:25:05 server6 sshd[17857]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=109-92-186-51.dynamic.isp.telekom.rs user=r.r Nov 28 17:25:06 server6 sshd[17857]: Failed password for r.r from 109.92.186.51 port 47706 ssh2 Nov 28 17:25:06 server6 sshd[17857]: Received disconnect from 109.92.186.51: 11: Bye Bye [preauth] Nov 30 05:28:50 server6 sshd[10583]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=109-92-186-51.dynamic.isp.telekom.rs Nov 30 05:28:52 server6 sshd[10583]: Failed password for invalid user eastjohn from 109.92.186.51 port 49618 ssh2 Nov 30 05:28:52 server6 sshd[10583]: Received disconnect from 109.92.186.51: 11: Bye Bye [preauth] Nov 30 05:43:58 server6 sshd[24302]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=109-92-186-51.dynamic.isp.telekom.rs user=r.r Nov 30 05:44:00 server6 sshd[24302]: Failed password for r.r from 109......... -------------------------------	2019-12-01 08:07:41
218.92.0.176	attackbots	Dec 1 01:13:45 MK-Soft-Root2 sshd[8693]: Failed password for root from 218.92.0.176 port 58891 ssh2 Dec 1 01:13:50 MK-Soft-Root2 sshd[8693]: Failed password for root from 218.92.0.176 port 58891 ssh2 ...	2019-12-01 08:16:49
49.69.126.18	attack	Jul 24 08:42:10 meumeu sshd[16105]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.69.126.18 Jul 24 08:42:12 meumeu sshd[16105]: Failed password for invalid user openhabian from 49.69.126.18 port 54322 ssh2 Jul 24 08:42:16 meumeu sshd[20857]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.69.126.18 ...	2019-12-01 07:46:41
103.231.70.170	attackbots	2019-12-01T00:17:26.732724abusebot-2.cloudsearch.cf sshd\[14968\]: Invalid user 1qaz@WSX from 103.231.70.170 port 51472	2019-12-01 08:19:48
218.92.0.178	attack	Dec 1 00:55:52 mail sshd[23560]: Failed password for root from 218.92.0.178 port 37030 ssh2 Dec 1 00:55:56 mail sshd[23560]: Failed password for root from 218.92.0.178 port 37030 ssh2 Dec 1 00:55:59 mail sshd[23560]: Failed password for root from 218.92.0.178 port 37030 ssh2 Dec 1 00:56:03 mail sshd[23560]: Failed password for root from 218.92.0.178 port 37030 ssh2	2019-12-01 08:16:38
82.217.67.240	attack	Nov 27 04:51:48 sip sshd[9963]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.217.67.240 Nov 27 04:51:49 sip sshd[9963]: Failed password for invalid user web from 82.217.67.240 port 43942 ssh2 Nov 27 05:02:08 sip sshd[11804]: Failed password for sync from 82.217.67.240 port 33124 ssh2	2019-12-01 08:20:28
188.166.119.234	attackspam	2019-11-30T23:28:59.718794hz01.yumiweb.com sshd\[26028\]: Invalid user teamspeak from 188.166.119.234 port 47255 2019-11-30T23:34:27.075656hz01.yumiweb.com sshd\[26044\]: Invalid user teamspeak from 188.166.119.234 port 34579 2019-11-30T23:40:28.661414hz01.yumiweb.com sshd\[26068\]: Invalid user teamspeak from 188.166.119.234 port 50136 ...	2019-12-01 07:54:32
105.73.80.184	attackspambots	Nov 30 13:38:29 php1 sshd\[11887\]: Invalid user hanem from 105.73.80.184 Nov 30 13:38:29 php1 sshd\[11887\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=105.73.80.184 Nov 30 13:38:31 php1 sshd\[11887\]: Failed password for invalid user hanem from 105.73.80.184 port 21351 ssh2 Nov 30 13:41:36 php1 sshd\[12245\]: Invalid user marui from 105.73.80.184 Nov 30 13:41:36 php1 sshd\[12245\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=105.73.80.184	2019-12-01 07:42:45
49.66.183.220	attackbotsspam	Apr 16 11:06:45 meumeu sshd[15606]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.66.183.220 Apr 16 11:06:47 meumeu sshd[15606]: Failed password for invalid user yw from 49.66.183.220 port 60225 ssh2 Apr 16 11:14:02 meumeu sshd[16575]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.66.183.220 ...	2019-12-01 07:49:20
46.38.144.17	attackspambots	Dec 1 00:50:09 relay postfix/smtpd\[1230\]: warning: unknown\[46.38.144.17\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 1 00:50:36 relay postfix/smtpd\[31316\]: warning: unknown\[46.38.144.17\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 1 00:50:45 relay postfix/smtpd\[31014\]: warning: unknown\[46.38.144.17\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 1 00:51:12 relay postfix/smtpd\[23713\]: warning: unknown\[46.38.144.17\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 1 00:51:19 relay postfix/smtpd\[31014\]: warning: unknown\[46.38.144.17\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-12-01 07:57:58
49.5.3.5	attackbots	May 22 03:50:04 meumeu sshd[25734]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.5.3.5 May 22 03:50:07 meumeu sshd[25734]: Failed password for invalid user lun from 49.5.3.5 port 38358 ssh2 May 22 03:58:25 meumeu sshd[30210]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.5.3.5 ...	2019-12-01 08:01:15

Recently Reported IPs

138.68.247.211	138.68.248.3	138.68.247.41	138.68.249.22
138.68.248.29	138.68.249.128	138.68.249.58	138.68.25.225
138.68.25.35	118.183.110.250	138.68.250.141	138.68.250.115
197.245.47.236	138.68.250.25	138.68.251.129	138.68.251.217
138.68.251.226	138.68.251.89	138.68.251.59	138.68.251.65