138.68.71.92 - IPInfo

Basic Info

City: Frankfurt am Main

Region: Hesse

Country: Germany

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
138.68.71.18	attackspambots	Sep 28 01:37:21 pl2server sshd[26678]: Invalid user alex from 138.68.71.18 port 38504 Sep 28 01:37:21 pl2server sshd[26678]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.71.18 Sep 28 01:37:22 pl2server sshd[26678]: Failed password for invalid user alex from 138.68.71.18 port 38504 ssh2 Sep 28 01:37:22 pl2server sshd[26678]: Received disconnect from 138.68.71.18 port 38504:11: Bye Bye [preauth] Sep 28 01:37:22 pl2server sshd[26678]: Disconnected from 138.68.71.18 port 38504 [preauth] Sep 28 01:51:34 pl2server sshd[30416]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.71.18 user=www-data Sep 28 01:51:36 pl2server sshd[30416]: Failed password for www-data from 138.68.71.18 port 44968 ssh2 Sep 28 01:51:36 pl2server sshd[30416]: Received disconnect from 138.68.71.18 port 44968:11: Bye Bye [preauth] Sep 28 01:51:36 pl2server sshd[30416]: Disconnected from 138.68.71.18 port 4496........ -------------------------------	2020-09-30 09:26:07
138.68.71.18	attackbots	Sep 28 01:37:21 pl2server sshd[26678]: Invalid user alex from 138.68.71.18 port 38504 Sep 28 01:37:21 pl2server sshd[26678]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.71.18 Sep 28 01:37:22 pl2server sshd[26678]: Failed password for invalid user alex from 138.68.71.18 port 38504 ssh2 Sep 28 01:37:22 pl2server sshd[26678]: Received disconnect from 138.68.71.18 port 38504:11: Bye Bye [preauth] Sep 28 01:37:22 pl2server sshd[26678]: Disconnected from 138.68.71.18 port 38504 [preauth] Sep 28 01:51:34 pl2server sshd[30416]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.71.18 user=www-data Sep 28 01:51:36 pl2server sshd[30416]: Failed password for www-data from 138.68.71.18 port 44968 ssh2 Sep 28 01:51:36 pl2server sshd[30416]: Received disconnect from 138.68.71.18 port 44968:11: Bye Bye [preauth] Sep 28 01:51:36 pl2server sshd[30416]: Disconnected from 138.68.71.18 port 4496........ -------------------------------	2020-09-30 02:17:00
138.68.71.18	attack	Sep 29 11:15:01 l03 sshd[19472]: Invalid user dave from 138.68.71.18 port 37666 ...	2020-09-29 18:19:16
138.68.71.18	attackbots	5x Failed Password	2020-09-26 03:09:10
138.68.71.18	attackspambots	Unauthorised connection attempt detected at AUO MAIN. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-09-25 18:57:01
138.68.71.188	attackspambots	Exploited Host.	2020-07-26 02:40:16
138.68.71.174	attack	[Thu Jun 04 08:31:15.929570 2020] [php7:error] [pid 12674] [client 138.68.71.174:49980] script /Library/Server/Web/Data/Sites/omfocused.com/wp-login.php not found or unable to stat	2020-06-05 01:02:28
138.68.71.174	attackspambots	CMS (WordPress or Joomla) login attempt.	2020-06-02 00:17:57
138.68.71.188	attack	May 7 07:09:10 h2829583 sshd[15812]: Failed password for root from 138.68.71.188 port 46358 ssh2	2020-05-07 13:09:36
138.68.71.174	attackspam	2020-04-29T10:25:46.993070+00:00 [f2b-wordpress-hard-ddos] : Authentication attempt user [munged] from 138.68.71.174 2020-04-29T10:25:45.652329+00:00 [f2b-wordpress-hard-ddos] : Authentication attempt user [munged] from 138.68.71.174 2020-04-29T10:25:45.650309+00:00 [f2b-wordpress-hard-ddos] : Authentication attempt user [munged] from 138.68.71.174	2020-04-29 18:30:04
138.68.71.174	attack	138.68.71.174 - - [24/Apr/2020:14:03:32 +0200] "GET /wp-login.php HTTP/1.1" 200 5982 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.71.174 - - [24/Apr/2020:14:03:35 +0200] "POST /wp-login.php HTTP/1.1" 200 6174 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.71.174 - - [24/Apr/2020:14:03:35 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-04-25 01:23:52
138.68.71.174	attackspam	Automatic report - XMLRPC Attack	2020-03-12 14:42:12

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.68.71.92
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 16624
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;138.68.71.92.			IN	A

;; AUTHORITY SECTION:
.			345	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020601 1800 900 604800 86400

;; Query time: 39 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 07 12:15:54 CST 2022
;; MSG SIZE  rcvd: 105

Host info

Host 92.71.68.138.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 92.71.68.138.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
94.243.230.45	attack	Unauthorised access (Oct 2) SRC=94.243.230.45 LEN=52 TTL=120 ID=31882 DF TCP DPT=445 WINDOW=8192 SYN	2019-10-02 18:52:34
128.199.142.0	attack	Oct 2 13:22:26 vps01 sshd[12231]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.142.0 Oct 2 13:22:28 vps01 sshd[12231]: Failed password for invalid user postgres from 128.199.142.0 port 40980 ssh2	2019-10-02 19:26:51
45.236.244.130	attack	$f2bV_matches	2019-10-02 19:18:29
94.102.53.52	attackspambots	$f2bV_matches	2019-10-02 19:28:52
106.75.10.4	attackspambots	Oct 2 12:55:43 vps01 sshd[11928]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.10.4 Oct 2 12:55:46 vps01 sshd[11928]: Failed password for invalid user mapr from 106.75.10.4 port 49035 ssh2	2019-10-02 19:07:58
140.114.85.215	attackspambots	Oct 2 04:19:36 hcbbdb sshd\[8785\]: Invalid user oracle from 140.114.85.215 Oct 2 04:19:36 hcbbdb sshd\[8785\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=tifa.cs.nthu.edu.tw Oct 2 04:19:37 hcbbdb sshd\[8785\]: Failed password for invalid user oracle from 140.114.85.215 port 42206 ssh2 Oct 2 04:24:33 hcbbdb sshd\[9304\]: Invalid user cao from 140.114.85.215 Oct 2 04:24:33 hcbbdb sshd\[9304\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=tifa.cs.nthu.edu.tw	2019-10-02 19:24:13
54.38.218.188	attack	Oct 2 07:23:21 www2 sshd\[35058\]: Invalid user creative from 54.38.218.188Oct 2 07:23:23 www2 sshd\[35058\]: Failed password for invalid user creative from 54.38.218.188 port 36998 ssh2Oct 2 07:27:34 www2 sshd\[35574\]: Invalid user gou from 54.38.218.188 ...	2019-10-02 18:47:28
112.197.0.125	attack	2019-10-02T05:23:34.569130abusebot-8.cloudsearch.cf sshd\[11781\]: Invalid user sentry from 112.197.0.125 port 19417	2019-10-02 19:31:04
77.247.110.202	attack	\[2019-10-02 07:00:39\] NOTICE\[1948\] chan_sip.c: Registration from '\' failed for '77.247.110.202:55479' - Wrong password \[2019-10-02 07:00:39\] SECURITY\[2006\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-10-02T07:00:39.018-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="2284",SessionID="0x7f1e1c2bed58",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.247.110.202/55479",Challenge="018abff3",ReceivedChallenge="018abff3",ReceivedHash="b8336a69dfda1256a59a1deb50db214c" \[2019-10-02 07:00:39\] NOTICE\[1948\] chan_sip.c: Registration from '\' failed for '77.247.110.202:55481' - Wrong password \[2019-10-02 07:00:39\] SECURITY\[2006\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-10-02T07:00:39.019-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="2284",SessionID="0x7f1e1c3735b8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.247.110.202/55481",	2019-10-02 19:13:59
159.65.109.148	attackbotsspam	Oct 1 18:29:15 kapalua sshd\[6494\]: Invalid user testdb from 159.65.109.148 Oct 1 18:29:15 kapalua sshd\[6494\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.109.148 Oct 1 18:29:17 kapalua sshd\[6494\]: Failed password for invalid user testdb from 159.65.109.148 port 36896 ssh2 Oct 1 18:33:26 kapalua sshd\[6917\]: Invalid user user from 159.65.109.148 Oct 1 18:33:26 kapalua sshd\[6917\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.109.148	2019-10-02 19:18:57
183.111.227.5	attackbots	Oct 2 00:10:29 web9 sshd\[5321\]: Invalid user testftp from 183.111.227.5 Oct 2 00:10:29 web9 sshd\[5321\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.111.227.5 Oct 2 00:10:31 web9 sshd\[5321\]: Failed password for invalid user testftp from 183.111.227.5 port 57440 ssh2 Oct 2 00:16:35 web9 sshd\[6208\]: Invalid user jia from 183.111.227.5 Oct 2 00:16:35 web9 sshd\[6208\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.111.227.5	2019-10-02 19:23:12
77.247.181.162	attackspambots	SSH Bruteforce attack	2019-10-02 19:08:34
117.50.25.196	attackbots	Oct 2 11:18:40 markkoudstaal sshd[19749]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.25.196 Oct 2 11:18:42 markkoudstaal sshd[19749]: Failed password for invalid user mardi from 117.50.25.196 port 39576 ssh2 Oct 2 11:23:15 markkoudstaal sshd[20185]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.25.196	2019-10-02 19:27:11
77.247.109.31	attack	10/02/2019-13:02:53.013859 77.247.109.31 Protocol: 17 ET CINS Active Threat Intelligence Poor Reputation IP group 74	2019-10-02 19:30:19
141.98.252.252	attackspam	191002 13:51:13 \[Warning\] Access denied for user 'fakeuser'@'141.98.252.252' $using password: YES$ 191002 13:51:13 \[Warning\] Access denied for user 'root'@'141.98.252.252' $using password: NO$ 191002 13:51:13 \[Warning\] Access denied for user 'root'@'141.98.252.252' $using password: YES$ 191002 13:51:14 \[Warning\] Access denied for user 'root'@'141.98.252.252' $using password: YES$ ...	2019-10-02 19:26:15

Recently Reported IPs

128.199.239.134	112.12.204.26	185.162.192.32	14.240.196.65
167.172.148.145	180.215.192.131	83.48.68.3	58.27.233.82
218.29.167.122	124.217.248.153	114.67.111.123	112.193.216.150
79.110.17.43	37.205.122.242	206.189.51.160	106.53.239.180
180.76.247.65	178.176.78.227	162.142.125.162	64.62.197.180