138.68.247.82 - IPInfo

Basic Info

City: Santa Clara

Region: California

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
138.68.247.104	attack	138.68.247.104 - - - [03/Oct/2020:21:29:36 +0200] "GET / HTTP/1.0" 404 162 "-" "masscan/1.0 (https://github.com/robertdavidgraham/masscan)" "-" "-"	2020-10-04 06:55:34
138.68.247.104	attackspam	Unauthorized connection attempt detected, IP banned.	2020-10-03 23:06:40
138.68.247.104	attackspam	Unauthorized connection attempt detected, IP banned.	2020-10-03 14:49:41
138.68.247.248	attack	Invalid user renewed from 138.68.247.248 port 42904	2020-09-08 01:35:24
138.68.247.248	attack	Invalid user renewed from 138.68.247.248 port 42904	2020-09-07 16:59:35
138.68.247.104	attack	Unauthorized connection attempt, Score = 100 , Ban for 1 month	2020-08-02 00:37:35
138.68.247.87	attackbots	May 30 15:14:17 vpn01 sshd[28289]: Failed password for root from 138.68.247.87 port 60094 ssh2 ...	2020-05-30 22:53:30
138.68.247.87	attackbotsspam	Invalid user krr from 138.68.247.87 port 34504	2020-05-22 06:15:11
138.68.247.87	attackspam	Invalid user support from 138.68.247.87 port 43580	2020-05-15 02:22:48
138.68.247.87	attack	(sshd) Failed SSH login from 138.68.247.87 (US/United States/-): 3 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: May 11 09:44:48 andromeda sshd[19196]: Invalid user tom from 138.68.247.87 port 36950 May 11 09:44:51 andromeda sshd[19196]: Failed password for invalid user tom from 138.68.247.87 port 36950 ssh2 May 11 09:56:41 andromeda sshd[19802]: Invalid user apache from 138.68.247.87 port 56230	2020-05-11 18:26:40
138.68.247.104	attack	port scan and connect, tcp 80 (http)	2019-11-24 15:31:00
138.68.247.104	attackspambots	[Tue Nov 19 05:52:32.892620 2019] [:error] [pid 64127] [client 138.68.247.104:61000] [client 138.68.247.104] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "91"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 8)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "ws24vmsma01.ufn.edu.br"] [uri "/"] [unique_id "XdOtUJkLc2ov4Xuep0hqgAAAAAY"] ...	2019-11-19 16:57:19
138.68.247.1	attackspambots	Sep 14 21:29:52 localhost sshd\[20719\]: Invalid user ubnt from 138.68.247.1 port 36984 Sep 14 21:29:52 localhost sshd\[20719\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.247.1 Sep 14 21:29:54 localhost sshd\[20719\]: Failed password for invalid user ubnt from 138.68.247.1 port 36984 ssh2 Sep 14 21:34:06 localhost sshd\[20831\]: Invalid user send from 138.68.247.1 port 53120 Sep 14 21:34:06 localhost sshd\[20831\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.247.1 ...	2019-09-15 05:35:40
138.68.247.1	attackspambots	Sep 13 01:33:03 aiointranet sshd\[19128\]: Invalid user cron from 138.68.247.1 Sep 13 01:33:03 aiointranet sshd\[19128\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.247.1 Sep 13 01:33:05 aiointranet sshd\[19128\]: Failed password for invalid user cron from 138.68.247.1 port 34684 ssh2 Sep 13 01:37:32 aiointranet sshd\[19499\]: Invalid user kuaisuweb from 138.68.247.1 Sep 13 01:37:32 aiointranet sshd\[19499\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.247.1	2019-09-13 20:45:37
138.68.247.1	attackbotsspam	'Fail2Ban'	2019-09-05 15:31:39

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.68.247.82
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 36271
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;138.68.247.82.			IN	A

;; AUTHORITY SECTION:
.			236	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022100201 1800 900 604800 86400

;; Query time: 27 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Oct 03 10:59:30 CST 2022
;; MSG SIZE  rcvd: 106

Host info

Host 82.247.68.138.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 82.247.68.138.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
103.20.33.185	attack	"Account brute force using dictionary attack against Exchange Online"	2019-08-06 08:50:57
103.109.3.10	attack	"Account brute force using dictionary attack against Exchange Online"	2019-08-06 09:08:42
103.109.0.242	attack	Mail sent to address harvested from public web site	2019-08-06 09:09:33
103.130.196.50	attack	"Account brute force using dictionary attack against Exchange Online"	2019-08-06 08:54:37
103.211.232.114	attackbots	"Account brute force using dictionary attack against Exchange Online"	2019-08-06 08:34:40
103.103.33.98	attack	"Account brute force using dictionary attack against Exchange Online"	2019-08-06 09:12:38
103.23.32.226	attack	"Account brute force using dictionary attack against Exchange Online"	2019-08-06 08:47:46
103.133.62.2	attackspambots	"Account brute force using dictionary attack against Exchange Online"	2019-08-06 08:53:58
103.19.139.126	attack	"Account brute force using dictionary attack against Exchange Online"	2019-08-06 08:51:33
103.22.173.250	attack	"Account brute force using dictionary attack against Exchange Online"	2019-08-06 08:48:05
103.216.82.199	attackspam	"Account brute force using dictionary attack against Exchange Online"	2019-08-06 08:26:33
103.19.57.134	attackspam	"Account brute force using dictionary attack against Exchange Online"	2019-08-06 08:52:04
103.109.2.136	attackbotsspam	"Account brute force using dictionary attack against Exchange Online"	2019-08-06 09:09:07
103.109.57.201	attackbotsspam	"Account brute force using dictionary attack against Exchange Online"	2019-08-06 09:08:00
103.130.197.158	attack	"Account brute force using dictionary attack against Exchange Online"	2019-08-06 08:54:13

Recently Reported IPs

104.189.13.203	163.205.138.77	248.15.110.125	48.42.234.128
84.138.43.179	102.97.169.16	178.35.224.186	253.70.13.7
66.23.233.179	157.100.128.62	253.41.218.179	26.75.81.85
11.227.59.105	6.135.75.250	240.153.116.197	158.76.250.251
158.76.250.222	158.76.250.113	158.76.250.98	242.71.16.194