138.68.1.106 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: unknown

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
138.68.191.85	attackproxy	Malicious IP / Malware	2024-04-26 12:55:20
138.68.100.102	attackbotsspam	Lines containing failures of 138.68.100.102 Oct 8 08:42:23 newdogma sshd[22234]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.100.102 user=r.r Oct 8 08:42:25 newdogma sshd[22234]: Failed password for r.r from 138.68.100.102 port 36538 ssh2 Oct 8 08:42:26 newdogma sshd[22234]: Received disconnect from 138.68.100.102 port 36538:11: Bye Bye [preauth] Oct 8 08:42:26 newdogma sshd[22234]: Disconnected from authenticating user r.r 138.68.100.102 port 36538 [preauth] Oct 8 08:58:51 newdogma sshd[22800]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.100.102 user=r.r Oct 8 08:58:53 newdogma sshd[22800]: Failed password for r.r from 138.68.100.102 port 37066 ssh2 Oct 8 08:58:55 newdogma sshd[22800]: Received disconnect from 138.68.100.102 port 37066:11: Bye Bye [preauth] Oct 8 08:58:55 newdogma sshd[22800]: Disconnected from authenticating user r.r 138.68.100.102 port 37066........ ------------------------------	2020-10-10 02:09:51
138.68.100.102	attackbotsspam	Lines containing failures of 138.68.100.102 Oct 8 08:42:23 newdogma sshd[22234]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.100.102 user=r.r Oct 8 08:42:25 newdogma sshd[22234]: Failed password for r.r from 138.68.100.102 port 36538 ssh2 Oct 8 08:42:26 newdogma sshd[22234]: Received disconnect from 138.68.100.102 port 36538:11: Bye Bye [preauth] Oct 8 08:42:26 newdogma sshd[22234]: Disconnected from authenticating user r.r 138.68.100.102 port 36538 [preauth] Oct 8 08:58:51 newdogma sshd[22800]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.100.102 user=r.r Oct 8 08:58:53 newdogma sshd[22800]: Failed password for r.r from 138.68.100.102 port 37066 ssh2 Oct 8 08:58:55 newdogma sshd[22800]: Received disconnect from 138.68.100.102 port 37066:11: Bye Bye [preauth] Oct 8 08:58:55 newdogma sshd[22800]: Disconnected from authenticating user r.r 138.68.100.102 port 37066........ ------------------------------	2020-10-09 17:54:43
138.68.178.64	attack	Invalid user dev from 138.68.178.64 port 36768	2020-10-05 06:30:12
138.68.178.64	attack	Brute%20Force%20SSH	2020-10-04 22:31:37
138.68.148.177	attack	DATE:2020-10-03 20:05:08, IP:138.68.148.177, PORT:ssh SSH brute force auth (docker-dc)	2020-10-04 04:04:27
138.68.148.177	attackbotsspam	Invalid user web from 138.68.148.177 port 50132	2020-10-03 20:06:41
138.68.150.93	attackspam	138.68.150.93 - - [01/Oct/2020:12:48:02 +0100] "POST /wp-login.php HTTP/1.1" 200 2252 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.150.93 - - [01/Oct/2020:12:48:03 +0100] "POST /wp-login.php HTTP/1.1" 200 2255 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.150.93 - - [01/Oct/2020:12:48:04 +0100] "POST /wp-login.php HTTP/1.1" 200 2204 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-02 05:01:01
138.68.176.38	attackbotsspam	2020-10-01T13:52:46.3242641495-001 sshd[6947]: Invalid user techuser from 138.68.176.38 port 43908 2020-10-01T13:52:47.9374071495-001 sshd[6947]: Failed password for invalid user techuser from 138.68.176.38 port 43908 ssh2 2020-10-01T13:55:43.7073231495-001 sshd[7097]: Invalid user socks from 138.68.176.38 port 56220 2020-10-01T13:55:43.7108621495-001 sshd[7097]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.176.38 2020-10-01T13:55:43.7073231495-001 sshd[7097]: Invalid user socks from 138.68.176.38 port 56220 2020-10-01T13:55:45.6148271495-001 sshd[7097]: Failed password for invalid user socks from 138.68.176.38 port 56220 ssh2 ...	2020-10-02 02:31:30
138.68.150.93	attackbotsspam	138.68.150.93 - - [01/Oct/2020:12:48:02 +0100] "POST /wp-login.php HTTP/1.1" 200 2252 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.150.93 - - [01/Oct/2020:12:48:03 +0100] "POST /wp-login.php HTTP/1.1" 200 2255 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.150.93 - - [01/Oct/2020:12:48:04 +0100] "POST /wp-login.php HTTP/1.1" 200 2204 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-01 21:19:24
138.68.150.93	attackbotsspam	138.68.150.93 - - [01/Oct/2020:05:40:26 +0100] "POST /wp-login.php HTTP/1.1" 200 2596 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.150.93 - - [01/Oct/2020:05:40:27 +0100] "POST /wp-login.php HTTP/1.1" 200 2580 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.150.93 - - [01/Oct/2020:05:40:28 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-01 13:34:15
138.68.106.62	attack	[ssh] SSH attack	2020-10-01 02:37:08
138.68.106.62	attackspam	Brute force attempt	2020-09-30 18:46:41
138.68.14.219	attackbots	Invalid user admin from 138.68.14.219 port 50376	2020-09-30 05:38:13
138.68.148.177	attackspambots	2020-09-29T10:39:26.1576871495-001 sshd[4600]: Failed password for invalid user internet from 138.68.148.177 port 58416 ssh2 2020-09-29T10:43:32.3590071495-001 sshd[4775]: Invalid user seco from 138.68.148.177 port 40074 2020-09-29T10:43:32.3619891495-001 sshd[4775]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.148.177 2020-09-29T10:43:32.3590071495-001 sshd[4775]: Invalid user seco from 138.68.148.177 port 40074 2020-09-29T10:43:34.4990511495-001 sshd[4775]: Failed password for invalid user seco from 138.68.148.177 port 40074 ssh2 2020-09-29T10:47:48.2306251495-001 sshd[4918]: Invalid user angel from 138.68.148.177 port 49974 ...	2020-09-30 05:07:07

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.68.1.106
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55758
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;138.68.1.106.			IN	A

;; AUTHORITY SECTION:
.			539	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022030803 1800 900 604800 86400

;; Query time: 40 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Mar 09 07:50:44 CST 2022
;; MSG SIZE  rcvd: 105

Host info

Host 106.1.68.138.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 106.1.68.138.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
121.229.42.66	attackbotsspam	Jun 2 05:46:52 vmd46520 sshd[14635]: Failed password for r.r from 121.229.42.66 port 45510 ssh2 Jun 2 05:50:22 vmd46520 sshd[14916]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.42.66 user=r.r Jun 2 05:50:24 vmd46520 sshd[14916]: Failed password for r.r from 121.229.42.66 port 45792 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=121.229.42.66	2020-06-02 18:33:27
103.145.12.125	attackspam	[2020-06-02 05:50:59] NOTICE[1156] chan_sip.c: Registration from '"799" ' failed for '103.145.12.125:6860' - Wrong password [2020-06-02 05:50:59] SECURITY[1173] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-06-02T05:50:59.260-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="799",SessionID="0x7fc44413fd58",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/103.145.12.125/6860",Challenge="062299a5",ReceivedChallenge="062299a5",ReceivedHash="ede4da5aa4576acba032ddecefa30b18" [2020-06-02 05:50:59] NOTICE[1156] chan_sip.c: Registration from '"799" ' failed for '103.145.12.125:6860' - Wrong password [2020-06-02 05:50:59] SECURITY[1173] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-06-02T05:50:59.396-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="799",SessionID="0x7fc44413d428",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/103.1 ...	2020-06-02 17:57:34
167.172.153.137	attack	$f2bV_matches	2020-06-02 17:55:46
223.255.28.203	attackbotsspam	Jun 2 15:01:36 gw1 sshd[24185]: Failed password for root from 223.255.28.203 port 54129 ssh2 ...	2020-06-02 18:28:47
218.92.0.201	attackspambots	Jun 2 11:47:28 legacy sshd[22482]: Failed password for root from 218.92.0.201 port 39802 ssh2 Jun 2 11:47:30 legacy sshd[22482]: Failed password for root from 218.92.0.201 port 39802 ssh2 Jun 2 11:47:32 legacy sshd[22482]: Failed password for root from 218.92.0.201 port 39802 ssh2 ...	2020-06-02 18:05:22
85.18.98.208	attackbots	5x Failed Password	2020-06-02 18:19:04
178.57.13.23	attack	Brute force attack to crack Website Login password	2020-06-02 18:05:41
180.76.104.167	attackbotsspam	2020-06-02T08:22:15.246151abusebot.cloudsearch.cf sshd[28037]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.104.167 user=root 2020-06-02T08:22:16.824949abusebot.cloudsearch.cf sshd[28037]: Failed password for root from 180.76.104.167 port 51512 ssh2 2020-06-02T08:25:54.583263abusebot.cloudsearch.cf sshd[28299]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.104.167 user=root 2020-06-02T08:25:56.894490abusebot.cloudsearch.cf sshd[28299]: Failed password for root from 180.76.104.167 port 35270 ssh2 2020-06-02T08:28:53.545436abusebot.cloudsearch.cf sshd[28469]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.104.167 user=root 2020-06-02T08:28:55.760076abusebot.cloudsearch.cf sshd[28469]: Failed password for root from 180.76.104.167 port 47244 ssh2 2020-06-02T08:31:51.589086abusebot.cloudsearch.cf sshd[28711]: pam_unix(sshd:auth): authenticatio ...	2020-06-02 17:53:09
36.77.55.122	attack	Unauthorized connection attempt from IP address 36.77.55.122 on Port 445(SMB)	2020-06-02 18:25:04
51.77.109.98	attack	2020-06-02T04:37:42.785881abusebot-2.cloudsearch.cf sshd[11877]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.109.98 user=root 2020-06-02T04:37:44.757504abusebot-2.cloudsearch.cf sshd[11877]: Failed password for root from 51.77.109.98 port 33324 ssh2 2020-06-02T04:39:38.448082abusebot-2.cloudsearch.cf sshd[11887]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.109.98 user=root 2020-06-02T04:39:40.008628abusebot-2.cloudsearch.cf sshd[11887]: Failed password for root from 51.77.109.98 port 58194 ssh2 2020-06-02T04:41:33.474502abusebot-2.cloudsearch.cf sshd[11898]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.109.98 user=root 2020-06-02T04:41:35.491400abusebot-2.cloudsearch.cf sshd[11898]: Failed password for root from 51.77.109.98 port 54832 ssh2 2020-06-02T04:43:25.348694abusebot-2.cloudsearch.cf sshd[11908]: pam_unix(sshd:auth): authenticat ...	2020-06-02 17:54:01
41.71.121.98	attack	20/6/1@23:46:55: FAIL: Alarm-Network address from=41.71.121.98 20/6/1@23:46:55: FAIL: Alarm-Network address from=41.71.121.98 ...	2020-06-02 18:23:49
42.103.52.101	attack	Jun 02 03:12:28 askasleikir sshd[46348]: Failed password for root from 42.103.52.101 port 52214 ssh2 Jun 02 02:56:32 askasleikir sshd[46305]: Failed password for root from 42.103.52.101 port 54518 ssh2 Jun 02 03:04:11 askasleikir sshd[46327]: Failed password for root from 42.103.52.101 port 33320 ssh2	2020-06-02 18:03:43
117.218.220.56	attack	1591087040 - 06/02/2020 10:37:20 Host: 117.218.220.56/117.218.220.56 Port: 445 TCP Blocked	2020-06-02 18:28:33
180.76.186.109	attack	Jun 2 01:49:28 cumulus sshd[5374]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.186.109 user=r.r Jun 2 01:49:30 cumulus sshd[5374]: Failed password for r.r from 180.76.186.109 port 36252 ssh2 Jun 2 01:49:30 cumulus sshd[5374]: Received disconnect from 180.76.186.109 port 36252:11: Bye Bye [preauth] Jun 2 01:49:30 cumulus sshd[5374]: Disconnected from 180.76.186.109 port 36252 [preauth] Jun 2 02:07:36 cumulus sshd[6981]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.186.109 user=r.r Jun 2 02:07:38 cumulus sshd[6981]: Failed password for r.r from 180.76.186.109 port 37607 ssh2 Jun 2 02:07:38 cumulus sshd[6981]: Received disconnect from 180.76.186.109 port 37607:11: Bye Bye [preauth] Jun 2 02:07:38 cumulus sshd[6981]: Disconnected from 180.76.186.109 port 37607 [preauth] Jun 2 02:11:38 cumulus sshd[7549]: pam_unix(sshd:auth): authentication failure; logname= uid=0 ........ -------------------------------	2020-06-02 18:09:04
103.124.90.132	attackbotsspam	Automatic report - XMLRPC Attack	2020-06-02 18:10:24

Recently Reported IPs

138.68.0.17	118.179.28.110	138.68.1.221	138.68.1.200
138.68.1.172	138.66.64.70	138.66.64.84	138.68.1.104
138.68.1.229	138.68.1.223	138.68.10.183	138.68.1.56
138.68.1.233	138.68.10.223	138.68.10.76	138.68.100.13
138.68.100.137	118.179.28.198	138.68.100.159	138.68.100.184