138.68.94.142 - IPInfo

Basic Info

City: Frankfurt am Main

Region: Hesse

Country: Germany

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Sep 15 14:51:57 router sshd[6506]: Failed password for root from 138.68.94.142 port 51963 ssh2 Sep 15 15:02:08 router sshd[6558]: Failed password for root from 138.68.94.142 port 58331 ssh2 ...	2020-09-16 00:55:41
attack	Port scan denied	2020-09-15 16:47:08
attack	Port scan: Attack repeated for 24 hours	2020-09-12 02:27:28
attackbotsspam	Automatic report - Banned IP Access	2020-09-11 18:21:17
attack	TCP port : 2280	2020-09-09 19:51:34
attackbots	Port scan: Attack repeated for 24 hours	2020-09-09 13:50:00
attackbots	TCP (SYN) 138.68.94.142:55075 -> port 2280, len 44	2020-09-09 06:01:29
attackbotsspam	firewall-block, port(s): 28171/tcp	2020-08-30 14:03:14
attack	TCP port : 15460	2020-08-24 18:49:37
attackspam	Port scan: Attack repeated for 24 hours	2020-08-10 15:07:31
attackspam	TCP (SYN) 138.68.94.142:48510 -> port 13357, len 44	2020-08-06 17:59:02
attackspambots	scans 2 times in preceeding hours on the ports (in chronological order) 22933 26188	2020-07-29 22:08:04
attackspam	Jul 23 22:23:53 vps639187 sshd\[8838\]: Invalid user lazare from 138.68.94.142 port 47458 Jul 23 22:23:53 vps639187 sshd\[8838\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.94.142 Jul 23 22:23:55 vps639187 sshd\[8838\]: Failed password for invalid user lazare from 138.68.94.142 port 47458 ssh2 ...	2020-07-24 04:58:42
attackspam	Jul 22 21:36:02 ns382633 sshd\[20639\]: Invalid user hg from 138.68.94.142 port 40958 Jul 22 21:36:02 ns382633 sshd\[20639\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.94.142 Jul 22 21:36:04 ns382633 sshd\[20639\]: Failed password for invalid user hg from 138.68.94.142 port 40958 ssh2 Jul 22 21:54:07 ns382633 sshd\[23882\]: Invalid user coi from 138.68.94.142 port 49014 Jul 22 21:54:07 ns382633 sshd\[23882\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.94.142	2020-07-23 04:15:58
attack	Multiport scan 32 ports : 2720 3282 4445 4836 4969 8299 8769 9207 10227 11609 14585 15385 16082 16142 16936 17633 17930 18243 18554 20440 22852 23740 24495 26075 26210 27033 29231 29900 30040 31131 31176 31864	2020-07-21 07:31:03
attackspambots	Jul 14 15:45:59 game-panel sshd[20016]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.94.142 Jul 14 15:46:01 game-panel sshd[20016]: Failed password for invalid user ftptest from 138.68.94.142 port 60918 ssh2 Jul 14 15:53:28 game-panel sshd[20379]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.94.142	2020-07-15 02:26:37
attackspambots	detected by Fail2Ban	2020-07-14 01:33:57
attackspam	Jul 12 21:02:25 scw-6657dc sshd[7538]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.94.142 Jul 12 21:02:25 scw-6657dc sshd[7538]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.94.142 Jul 12 21:02:27 scw-6657dc sshd[7538]: Failed password for invalid user tom from 138.68.94.142 port 58768 ssh2 ...	2020-07-13 05:41:55
attack	TCP (SYN) 138.68.94.142:49726 -> port 30040, len 44	2020-07-12 21:21:21
attack	Jun 30 16:14:59 scw-tender-jepsen sshd[16406]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.94.142 Jun 30 16:15:01 scw-tender-jepsen sshd[16406]: Failed password for invalid user admin from 138.68.94.142 port 38711 ssh2	2020-07-01 01:15:29
attackspam	Scanned 313 unique addresses for 2 unique TCP ports in 24 hours (ports 20440,31176)	2020-06-27 00:52:31
attackbotsspam	Jun 25 14:30:36 gw1 sshd[21166]: Failed password for root from 138.68.94.142 port 39960 ssh2 ...	2020-06-25 17:36:44
attackbots	Fail2Ban Ban Triggered	2020-06-25 08:18:18
attackbotsspam	Jun 20 06:20:38 vps687878 sshd\[11914\]: Invalid user mtk from 138.68.94.142 port 56529 Jun 20 06:20:38 vps687878 sshd\[11914\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.94.142 Jun 20 06:20:40 vps687878 sshd\[11914\]: Failed password for invalid user mtk from 138.68.94.142 port 56529 ssh2 Jun 20 06:27:11 vps687878 sshd\[13100\]: Invalid user finance from 138.68.94.142 port 56140 Jun 20 06:27:11 vps687878 sshd\[13100\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.94.142 ...	2020-06-20 12:43:22
attackspam	Jun 18 16:41:55 localhost sshd[1403888]: Invalid user lyj from 138.68.94.142 port 48894 ...	2020-06-18 15:57:27
attackspambots	Jun 15 08:14:58 ArkNodeAT sshd\[4757\]: Invalid user aap from 138.68.94.142 Jun 15 08:14:58 ArkNodeAT sshd\[4757\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.94.142 Jun 15 08:14:59 ArkNodeAT sshd\[4757\]: Failed password for invalid user aap from 138.68.94.142 port 43336 ssh2	2020-06-15 15:19:39
attack	Jun 11 19:50:04 vlre-nyc-1 sshd\[19693\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.94.142 user=root Jun 11 19:50:06 vlre-nyc-1 sshd\[19693\]: Failed password for root from 138.68.94.142 port 47542 ssh2 Jun 11 19:56:40 vlre-nyc-1 sshd\[19817\]: Invalid user soyinka from 138.68.94.142 Jun 11 19:56:40 vlre-nyc-1 sshd\[19817\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.94.142 Jun 11 19:56:42 vlre-nyc-1 sshd\[19817\]: Failed password for invalid user soyinka from 138.68.94.142 port 45520 ssh2 ...	2020-06-12 04:38:21
attack	Jun 8 21:39:22 ns37 sshd[26178]: Failed password for root from 138.68.94.142 port 41011 ssh2 Jun 8 21:39:22 ns37 sshd[26178]: Failed password for root from 138.68.94.142 port 41011 ssh2	2020-06-09 03:53:55
attackspam	Automatic report BANNED IP	2020-05-24 05:33:55
attackspam	May 15 22:50:10 NPSTNNYC01T sshd[13183]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.94.142 May 15 22:50:12 NPSTNNYC01T sshd[13183]: Failed password for invalid user ovidiu from 138.68.94.142 port 45922 ssh2 May 15 22:57:49 NPSTNNYC01T sshd[13729]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.94.142 ...	2020-05-16 20:40:28

Comments on same subnet:

IP	Type	Details	Datetime
138.68.94.173	attackbots	Aug 20 07:03:08 rancher-0 sshd[1172212]: Invalid user redmine from 138.68.94.173 port 54758 ...	2020-08-20 13:25:48
138.68.94.173	attackbots	Port Scan detected from 138.68.94.173 (DE/Germany/Hesse/Frankfurt am Main/-). 4 hits in the last 161 seconds	2020-08-16 00:13:26
138.68.94.173	attackspam	$f2bV_matches	2020-08-03 05:14:37
138.68.94.173	attackspam	Connection to SSH Honeypot - Detected by HoneypotDB	2020-07-27 16:40:58
138.68.94.173	attackspambots	Jul 12 13:00:04 localhost sshd[46230]: Invalid user fating from 138.68.94.173 port 43596 Jul 12 13:00:04 localhost sshd[46230]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.94.173 Jul 12 13:00:04 localhost sshd[46230]: Invalid user fating from 138.68.94.173 port 43596 Jul 12 13:00:06 localhost sshd[46230]: Failed password for invalid user fating from 138.68.94.173 port 43596 ssh2 Jul 12 13:06:23 localhost sshd[46873]: Invalid user gena from 138.68.94.173 port 34574 ...	2020-07-12 21:20:56
138.68.94.173	attackspambots	Jun 24 10:15:12 gw1 sshd[10611]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.94.173 Jun 24 10:15:14 gw1 sshd[10611]: Failed password for invalid user dmitry from 138.68.94.173 port 36224 ssh2 ...	2020-06-24 16:08:39
138.68.94.173	attack	(sshd) Failed SSH login from 138.68.94.173 (DE/Germany/-): 12 in the last 3600 secs	2020-06-20 16:45:55
138.68.94.173	attackbotsspam	May 29 22:50:17 vps639187 sshd\[10409\]: Invalid user 111111 from 138.68.94.173 port 54672 May 29 22:50:17 vps639187 sshd\[10409\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.94.173 May 29 22:50:19 vps639187 sshd\[10409\]: Failed password for invalid user 111111 from 138.68.94.173 port 54672 ssh2 ...	2020-05-30 05:39:28
138.68.94.173	attack	2020-05-23T18:05:51.062450morrigan.ad5gb.com sshd[11987]: Invalid user kyn from 138.68.94.173 port 42690 2020-05-23T18:05:52.667755morrigan.ad5gb.com sshd[11987]: Failed password for invalid user kyn from 138.68.94.173 port 42690 ssh2 2020-05-23T18:05:53.571711morrigan.ad5gb.com sshd[11987]: Disconnected from invalid user kyn 138.68.94.173 port 42690 [preauth]	2020-05-24 08:06:04
138.68.94.173	attack	May 21 06:37:02 eventyay sshd[13562]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.94.173 May 21 06:37:04 eventyay sshd[13562]: Failed password for invalid user jiaxin from 138.68.94.173 port 58952 ssh2 May 21 06:44:52 eventyay sshd[13863]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.94.173 ...	2020-05-21 13:03:04
138.68.94.173	attackbots	Invalid user eas from 138.68.94.173 port 50486	2020-05-16 06:45:56
138.68.94.173	attack	May 13 03:30:13 XXXXXX sshd[5595]: Invalid user user from 138.68.94.173 port 33904	2020-05-13 12:04:38
138.68.94.173	attackbots	$f2bV_matches	2020-05-11 19:09:37
138.68.94.173	attackbotsspam	Brute-force attempt banned	2020-05-10 07:39:07
138.68.94.173	attack	May 7 10:37:57 plex sshd[30495]: Invalid user ragnarok from 138.68.94.173 port 46768	2020-05-07 16:46:37

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.68.94.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57397
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.68.94.142.			IN	A

;; AUTHORITY SECTION:
.			566	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020050403 1800 900 604800 86400

;; Query time: 125 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue May 05 10:37:37 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 142.94.68.138.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 142.94.68.138.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
80.36.121.93	attackspam	1587660051 - 04/23/2020 18:40:51 Host: 80.36.121.93/80.36.121.93 Port: 445 TCP Blocked	2020-04-24 05:54:21
167.71.72.70	attackbotsspam	firewall-block, port(s): 26032/tcp	2020-04-24 05:25:15
185.164.138.21	attackspam	Invalid user postgres from 185.164.138.21 port 49018	2020-04-24 05:38:16
51.91.212.81	attackspambots	srv02 Mass scanning activity detected Target: 9051 ..	2020-04-24 05:27:37
187.115.109.113	attackspambots	Netgear DGN Device Remote Command Execution Vulnerability, PTR: 187.115.109.113.static.host.gvt.net.br.	2020-04-24 05:33:37
14.249.134.208	attackspambots	Apr 23 18:20:19 *** sshd[20240]: User root from 14.249.134.208 not allowed because not listed in AllowUsers	2020-04-24 05:35:12
118.25.36.79	attackspambots	SSH Invalid Login	2020-04-24 05:53:51
52.138.116.222	attackspam	RDP Bruteforce	2020-04-24 05:19:41
52.143.191.126	attackspam	[ 📨 ] From root@sempreonline84.francecentral.cloudapp.azure.com Thu Apr 23 13:40:47 2020 Received: from [52.143.191.126] (port=52930 helo=sempreonline84.francecentral.cloudapp.azure.com)	2020-04-24 05:53:02
103.145.12.63	attackbotsspam	[2020-04-23 17:35:00] NOTICE[1170][C-0000449e] chan_sip.c: Call from '' (103.145.12.63:58907) to extension '0111513442037691065' rejected because extension not found in context 'public'. [2020-04-23 17:35:00] SECURITY[1184] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-04-23T17:35:00.902-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="0111513442037691065",SessionID="0x7f6c0802ca98",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/103.145.12.63/58907",ACLName="no_extension_match" [2020-04-23 17:36:12] NOTICE[1170][C-000044a1] chan_sip.c: Call from '' (103.145.12.63:64628) to extension '0111514442037691065' rejected because extension not found in context 'public'. [2020-04-23 17:36:12] SECURITY[1184] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-04-23T17:36:12.708-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="0111514442037691065",SessionID="0x7f6c083f2118",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAd ...	2020-04-24 05:47:26
43.245.185.71	attackbots	Total attacks: 6	2020-04-24 05:28:35
78.128.113.190	attackbots	1 attempts against mh-modsecurity-ban on comet	2020-04-24 05:31:54
120.70.100.215	attackbots	Apr 23 23:19:37 debian-2gb-nbg1-2 kernel: \[9935725.241085\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=120.70.100.215 DST=195.201.40.59 LEN=44 TOS=0x00 PREC=0x00 TTL=230 ID=16163 PROTO=TCP SPT=50100 DPT=31092 WINDOW=1024 RES=0x00 SYN URGP=0	2020-04-24 05:46:25
103.56.197.178	attack	Apr 23 23:10:18 minden010 sshd[27921]: Failed password for root from 103.56.197.178 port 4783 ssh2 Apr 23 23:13:52 minden010 sshd[29064]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.56.197.178 Apr 23 23:13:54 minden010 sshd[29064]: Failed password for invalid user cp from 103.56.197.178 port 59526 ssh2 ...	2020-04-24 05:20:24
222.255.115.237	attack	2020-04-23T16:36:52.405693abusebot-4.cloudsearch.cf sshd[12673]: Invalid user admin from 222.255.115.237 port 34622 2020-04-23T16:36:52.412157abusebot-4.cloudsearch.cf sshd[12673]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.255.115.237 2020-04-23T16:36:52.405693abusebot-4.cloudsearch.cf sshd[12673]: Invalid user admin from 222.255.115.237 port 34622 2020-04-23T16:36:54.184931abusebot-4.cloudsearch.cf sshd[12673]: Failed password for invalid user admin from 222.255.115.237 port 34622 ssh2 2020-04-23T16:40:58.158465abusebot-4.cloudsearch.cf sshd[13051]: Invalid user nq from 222.255.115.237 port 40210 2020-04-23T16:40:58.166280abusebot-4.cloudsearch.cf sshd[13051]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.255.115.237 2020-04-23T16:40:58.158465abusebot-4.cloudsearch.cf sshd[13051]: Invalid user nq from 222.255.115.237 port 40210 2020-04-23T16:41:00.044326abusebot-4.cloudsearch.cf sshd[13051] ...	2020-04-24 05:43:29

Recently Reported IPs

92.76.225.34	42.98.249.111	112.7.146.106	6.89.13.21
155.40.37.201	195.119.242.183	76.36.241.205	113.142.123.212
215.67.95.19	201.78.26.151	90.152.92.219	208.64.33.98
60.211.18.39	87.94.121.163	42.112.93.44	84.229.130.241
45.78.251.228	3.236.55.184	181.46.9.192	192.241.65.247