138.68.94.114 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
138.68.94.142	attack	Sep 15 14:51:57 router sshd[6506]: Failed password for root from 138.68.94.142 port 51963 ssh2 Sep 15 15:02:08 router sshd[6558]: Failed password for root from 138.68.94.142 port 58331 ssh2 ...	2020-09-16 00:55:41
138.68.94.142	attack	Port scan denied	2020-09-15 16:47:08
138.68.94.142	attack	Port scan: Attack repeated for 24 hours	2020-09-12 02:27:28
138.68.94.142	attackbotsspam	Automatic report - Banned IP Access	2020-09-11 18:21:17
138.68.94.142	attack	TCP port : 2280	2020-09-09 19:51:34
138.68.94.142	attackbots	Port scan: Attack repeated for 24 hours	2020-09-09 13:50:00
138.68.94.142	attackbots	TCP (SYN) 138.68.94.142:55075 -> port 2280, len 44	2020-09-09 06:01:29
138.68.94.142	attackbotsspam	firewall-block, port(s): 28171/tcp	2020-08-30 14:03:14
138.68.94.142	attack	TCP port : 15460	2020-08-24 18:49:37
138.68.94.173	attackbots	Aug 20 07:03:08 rancher-0 sshd[1172212]: Invalid user redmine from 138.68.94.173 port 54758 ...	2020-08-20 13:25:48
138.68.94.173	attackbots	Port Scan detected from 138.68.94.173 (DE/Germany/Hesse/Frankfurt am Main/-). 4 hits in the last 161 seconds	2020-08-16 00:13:26
138.68.94.142	attackspam	Port scan: Attack repeated for 24 hours	2020-08-10 15:07:31
138.68.94.142	attackspam	TCP (SYN) 138.68.94.142:48510 -> port 13357, len 44	2020-08-06 17:59:02
138.68.94.173	attackspam	$f2bV_matches	2020-08-03 05:14:37
138.68.94.142	attackspambots	scans 2 times in preceeding hours on the ports (in chronological order) 22933 26188	2020-07-29 22:08:04

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.68.94.114
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38642
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;138.68.94.114.			IN	A

;; AUTHORITY SECTION:
.			377	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021702 1800 900 604800 86400

;; Query time: 21 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 11:58:51 CST 2022
;; MSG SIZE  rcvd: 106

Host info

114.94.68.138.in-addr.arpa domain name pointer rproxy.cosentino.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
114.94.68.138.in-addr.arpa	name = rproxy.cosentino.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
209.105.243.145	attackspam	May 1 23:25:35 vps sshd[140294]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=209.105.243.145 user=root May 1 23:25:37 vps sshd[140294]: Failed password for root from 209.105.243.145 port 54875 ssh2 May 1 23:29:35 vps sshd[156989]: Invalid user tmp from 209.105.243.145 port 32932 May 1 23:29:35 vps sshd[156989]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=209.105.243.145 May 1 23:29:37 vps sshd[156989]: Failed password for invalid user tmp from 209.105.243.145 port 32932 ssh2 ...	2020-05-02 05:31:13
144.64.3.101	attack	Lines containing failures of 144.64.3.101 (max 1000) May 1 21:06:15 localhost sshd[5530]: User r.r from 144.64.3.101 not allowed because listed in DenyUsers May 1 21:06:15 localhost sshd[5530]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.64.3.101 user=r.r May 1 21:06:17 localhost sshd[5530]: Failed password for invalid user r.r from 144.64.3.101 port 55636 ssh2 May 1 21:06:19 localhost sshd[5530]: Received disconnect from 144.64.3.101 port 55636:11: Bye Bye [preauth] May 1 21:06:19 localhost sshd[5530]: Disconnected from invalid user r.r 144.64.3.101 port 55636 [preauth] May 1 21:12:55 localhost sshd[7763]: User r.r from 144.64.3.101 not allowed because listed in DenyUsers May 1 21:12:55 localhost sshd[7763]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.64.3.101 user=r.r ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=144.64.3.101	2020-05-02 05:15:13
49.232.165.42	attack	Bruteforce detected by fail2ban	2020-05-02 05:03:51
185.143.74.108	attack	May 1 23:21:22 relay postfix/smtpd\[19331\]: warning: unknown\[185.143.74.108\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 1 23:22:14 relay postfix/smtpd\[24466\]: warning: unknown\[185.143.74.108\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 1 23:22:28 relay postfix/smtpd\[15483\]: warning: unknown\[185.143.74.108\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 1 23:23:20 relay postfix/smtpd\[21693\]: warning: unknown\[185.143.74.108\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 1 23:23:32 relay postfix/smtpd\[19331\]: warning: unknown\[185.143.74.108\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-05-02 05:25:38
106.13.147.89	attackbots	SSH invalid-user multiple login try	2020-05-02 05:21:14
81.93.193.200	attack	WordPress brute force	2020-05-02 05:17:48
162.243.144.89	attack	" "	2020-05-02 05:18:21
200.153.16.133	attackbots	Unauthorized connection attempt from IP address 200.153.16.133 on Port 445(SMB)	2020-05-02 05:20:39
40.114.250.11	attackspambots	Bad file extension: "GET /home.asp"	2020-05-02 05:19:48
151.80.70.176	attackspambots	WordPress brute force	2020-05-02 05:21:01
61.181.80.253	attackbotsspam	Bruteforce detected by fail2ban	2020-05-02 05:29:53
185.133.40.113	attack	185.133.40.113 - - [02/May/2020:01:19:04 +0400] "POST /GponForm/diag_Form?style/ HTTP/1.1" 502 157 "-" "curl/7.3.2" ...	2020-05-02 05:28:27
107.173.202.243	attackbotsspam	(From claudiauclement@yahoo.com) Hi, We are wondering if you would be interested in our service, where we can provide you with a dofollow link from Amazon (DA 96) back to streckerfamilychiropractic.com? The price is just $67 per link, via Paypal. To explain what DA is and the benefit for your website, along with a sample of an existing link, please read here: https://justpaste.it/amazonbacklink If you'd be interested in learning more, reply to this email but please make sure you include the word INTERESTED in the subject line field, so we can get to your reply sooner. Kind Regards, Claudia	2020-05-02 05:09:22
171.234.175.66	attackspambots	(smtpauth) Failed SMTP AUTH login from 171.234.175.66 (VN/Vietnam/dynamic-ip-adsl.viettel.vn): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-05-02 00:44:51 plain authenticator failed for ([127.0.0.1]) [171.234.175.66]: 535 Incorrect authentication data (set_id=marketing)	2020-05-02 05:23:47
128.199.227.246	attackbots	May 2 00:18:21 ift sshd\[56160\]: Invalid user sophie from 128.199.227.246May 2 00:18:23 ift sshd\[56160\]: Failed password for invalid user sophie from 128.199.227.246 port 50004 ssh2May 2 00:22:54 ift sshd\[56844\]: Invalid user vicky from 128.199.227.246May 2 00:22:56 ift sshd\[56844\]: Failed password for invalid user vicky from 128.199.227.246 port 55225 ssh2May 2 00:27:19 ift sshd\[57667\]: Invalid user gi from 128.199.227.246 ...	2020-05-02 05:27:26

Recently Reported IPs

138.68.93.157	138.68.95.130	138.68.96.184	138.68.98.62
138.68.94.80	138.69.200.145	138.68.95.46	138.68.97.56
138.74.1.70	138.75.92.244	138.80.162.69	138.86.97.144
138.75.236.123	138.88.143.246	138.75.39.112	138.87.50.5
138.91.125.111	138.91.125.27	138.91.148.108	138.91.0.30