138.68.6.12 - IPInfo

Basic Info

City: Santa Clara

Region: California

Country: United States

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	port scan and connect, tcp 23 (telnet)	2020-04-14 07:36:15

Comments on same subnet:

IP	Type	Details	Datetime
138.68.68.204	attack	TCP (SYN) 138.68.68.204:49946 -> port 22, len 48	2020-10-11 03:50:21
138.68.68.204	attack	[INST1] Automatic report - Banned IP Access	2020-10-10 19:44:44
138.68.67.96	attackbotsspam	Invalid user git4 from 138.68.67.96 port 46454	2020-10-04 07:07:16
138.68.67.96	attackspambots	Invalid user test7 from 138.68.67.96 port 37454	2020-10-03 23:20:36
138.68.67.96	attack	Invalid user git4 from 138.68.67.96 port 46454	2020-10-03 15:04:12
138.68.67.96	attackbots	Brute-force attempt banned	2020-09-18 21:25:38
138.68.67.96	attackbotsspam	Sep 18 05:35:45 localhost sshd[2140]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.67.96 user=root Sep 18 05:35:48 localhost sshd[2140]: Failed password for root from 138.68.67.96 port 49328 ssh2 Sep 18 05:39:09 localhost sshd[2557]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.67.96 user=root Sep 18 05:39:11 localhost sshd[2557]: Failed password for root from 138.68.67.96 port 53124 ssh2 Sep 18 05:42:28 localhost sshd[2948]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.67.96 user=root Sep 18 05:42:31 localhost sshd[2948]: Failed password for root from 138.68.67.96 port 56920 ssh2 ...	2020-09-18 13:44:25
138.68.68.234	attackbots	Sep 13 17:43:52 vps647732 sshd[10898]: Failed password for root from 138.68.68.234 port 40276 ssh2 ...	2020-09-14 02:35:29
138.68.68.234	attackspambots	Sep 13 12:08:49 ns382633 sshd\[20008\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.68.234 user=root Sep 13 12:08:51 ns382633 sshd\[20008\]: Failed password for root from 138.68.68.234 port 50270 ssh2 Sep 13 12:21:53 ns382633 sshd\[22580\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.68.234 user=root Sep 13 12:21:55 ns382633 sshd\[22580\]: Failed password for root from 138.68.68.234 port 45654 ssh2 Sep 13 12:30:28 ns382633 sshd\[24406\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.68.234 user=root	2020-09-13 18:34:49
138.68.67.96	attack	Sep 10 10:37:39 PorscheCustomer sshd[6691]: Failed password for root from 138.68.67.96 port 40782 ssh2 Sep 10 10:40:15 PorscheCustomer sshd[6708]: Failed password for root from 138.68.67.96 port 56292 ssh2 ...	2020-09-11 00:12:12
138.68.67.96	attack	Sep 10 09:21:19 PorscheCustomer sshd[5577]: Failed password for root from 138.68.67.96 port 42574 ssh2 Sep 10 09:23:58 PorscheCustomer sshd[5605]: Failed password for root from 138.68.67.96 port 58084 ssh2 ...	2020-09-10 15:35:52
138.68.67.96	attack	Sep 9 20:53:01 sso sshd[18621]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.67.96 Sep 9 20:53:03 sso sshd[18621]: Failed password for invalid user vipvzlet from 138.68.67.96 port 46964 ssh2 ...	2020-09-10 06:14:14
138.68.67.96	attackbotsspam	Aug 30 17:48:42 rancher-0 sshd[1359205]: Invalid user edwin123 from 138.68.67.96 port 38304 ...	2020-08-31 01:47:43
138.68.67.96	attackbotsspam	Bruteforce detected by fail2ban	2020-08-26 01:07:12
138.68.67.96	attackbotsspam	SSH BruteForce Attack	2020-08-24 06:33:25

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.68.6.12
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 27463
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.68.6.12.			IN	A

;; AUTHORITY SECTION:
.			284	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020041302 1800 900 604800 86400

;; Query time: 79 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Apr 14 07:36:11 CST 2020
;; MSG SIZE  rcvd: 115

Host info

Host 12.6.68.138.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 12.6.68.138.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
79.124.62.34	attackbotsspam	[MK-Root1] Blocked by UFW	2020-10-11 08:24:04
188.166.185.236	attack	2020-10-11T01:03:47.487777lavrinenko.info sshd[9025]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.185.236 2020-10-11T01:03:47.480361lavrinenko.info sshd[9025]: Invalid user jesse from 188.166.185.236 port 60483 2020-10-11T01:03:49.974767lavrinenko.info sshd[9025]: Failed password for invalid user jesse from 188.166.185.236 port 60483 ssh2 2020-10-11T01:07:11.573144lavrinenko.info sshd[9143]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.185.236 user=root 2020-10-11T01:07:14.066933lavrinenko.info sshd[9143]: Failed password for root from 188.166.185.236 port 51873 ssh2 ...	2020-10-11 08:28:54
121.121.100.143	attack	Automatic report - Port Scan Attack	2020-10-11 08:33:05
51.158.145.216	attackspam	Website login hacking attempts.	2020-10-11 08:14:45
194.190.143.48	attackbots	Oct 11 00:42:44 mout sshd[28270]: Disconnected from authenticating user root 194.190.143.48 port 45898 [preauth]	2020-10-11 08:28:22
132.148.121.32	attackbots	[Sat Oct 10 22:47:19.372195 2020] [access_compat:error] [pid 4636] [client 132.148.121.32:53272] AH01797: client denied by server configuration: /var/www/plzenskypruvodce.cz/www/xmlrpc.php [Sat Oct 10 22:47:19.377160 2020] [access_compat:error] [pid 4637] [client 132.148.121.32:53270] AH01797: client denied by server configuration: /var/www/plzenskypruvodce.cz/www/xmlrpc.php ...	2020-10-11 08:07:46
150.109.57.43	attackspambots	2020-10-09T18:08:49.222783morrigan.ad5gb.com sshd[3599706]: Failed password for invalid user httpd from 150.109.57.43 port 48726 ssh2	2020-10-11 08:23:19
138.197.152.148	attackspam	firewall-block, port(s): 31881/tcp	2020-10-11 08:38:04
141.98.9.32	attack	Oct 11 00:01:52 scw-tender-jepsen sshd[22781]: Failed password for root from 141.98.9.32 port 37533 ssh2	2020-10-11 08:14:14
129.208.199.139	attackspambots	20/10/10@16:46:53: FAIL: Alarm-Network address from=129.208.199.139 20/10/10@16:46:53: FAIL: Alarm-Network address from=129.208.199.139 ...	2020-10-11 08:32:43
141.98.9.33	attackbots	Oct 11 00:01:52 scw-tender-jepsen sshd[22786]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.98.9.33 Oct 11 00:01:55 scw-tender-jepsen sshd[22786]: Failed password for invalid user admin from 141.98.9.33 port 44511 ssh2	2020-10-11 08:10:42
58.222.11.82	attack	Icarus honeypot on github	2020-10-11 08:11:43
192.95.30.59	attackbotsspam	192.95.30.59 - - [11/Oct/2020:01:12:26 +0100] "POST /wp-login.php HTTP/1.1" 200 8345 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 192.95.30.59 - - [11/Oct/2020:01:12:46 +0100] "POST /wp-login.php HTTP/1.1" 200 8338 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 192.95.30.59 - - [11/Oct/2020:01:13:28 +0100] "POST /wp-login.php HTTP/1.1" 200 8359 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" ...	2020-10-11 08:25:04
171.244.36.124	attackspam	2020-10-10T20:47:32+0000 Failed SSH Authentication/Brute Force Attack. (Server 6)	2020-10-11 08:00:22
141.98.9.35	attackspam	Oct 10 04:29:44 XXX sshd[15109]: Invalid user admin from 141.98.9.35 port 37255	2020-10-11 08:01:50

Recently Reported IPs

147.0.14.34	122.51.189.69	65.41.114.212	14.9.125.110
222.217.240.244	183.89.215.26	190.78.106.75	176.109.175.193
178.162.209.85	116.109.139.66	80.213.252.213	131.212.134.163
112.7.132.214	58.218.209.84	218.2.0.65	49.234.31.158
125.62.197.177	181.44.131.146	8.9.11.94	152.168.245.31