138.68.128.103

Basic Info

City: Slough

Region: England

Country: United Kingdom

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
138.68.128.185	attackbotsspam	Automatic report generated by Wazuh	2020-09-19 20:38:31
138.68.128.185	attack	138.68.128.185 - - [19/Sep/2020:04:55:55 +0100] "POST /wp-login.php HTTP/1.1" 200 2265 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.128.185 - - [19/Sep/2020:04:56:06 +0100] "POST /wp-login.php HTTP/1.1" 200 2183 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.128.185 - - [19/Sep/2020:04:56:11 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-19 12:35:07
138.68.128.185	attack	SSH 2020-09-19 00:41:12 138.68.128.185 139.99.53.101 > GET www.materialhandling.web.id /wp-login.php HTTP/1.1 - - 2020-09-19 00:41:18 138.68.128.185 139.99.53.101 > POST www.materialhandling.web.id /wp-login.php HTTP/1.1 - - 2020-09-19 02:33:05 138.68.128.185 139.99.53.101 > POST karsagroup.co.id /wp-login.php HTTP/1.1 - -	2020-09-19 04:12:14
138.68.128.164	attackbots	Wordpress malicious attack:[octablocked]	2020-04-20 12:18:59
138.68.128.80	attackspambots	2019-09-23T17:02:39.893960abusebot-7.cloudsearch.cf sshd\[31323\]: Invalid user 123456 from 138.68.128.80 port 49924	2019-09-24 01:03:07
138.68.128.80	attack	Sep 22 04:52:22 hpm sshd\[2647\]: Invalid user nt from 138.68.128.80 Sep 22 04:52:22 hpm sshd\[2647\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.128.80 Sep 22 04:52:24 hpm sshd\[2647\]: Failed password for invalid user nt from 138.68.128.80 port 48258 ssh2 Sep 22 04:56:33 hpm sshd\[2975\]: Invalid user test from 138.68.128.80 Sep 22 04:56:33 hpm sshd\[2975\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.128.80	2019-09-23 01:03:56
138.68.128.80	attack	Sep 17 13:52:08 webhost01 sshd[22153]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.128.80 Sep 17 13:52:10 webhost01 sshd[22153]: Failed password for invalid user anon from 138.68.128.80 port 52078 ssh2 ...	2019-09-17 15:08:48
138.68.128.80	attack	Sep 12 23:13:03 eventyay sshd[14993]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.128.80 Sep 12 23:13:05 eventyay sshd[14993]: Failed password for invalid user 123321 from 138.68.128.80 port 56800 ssh2 Sep 12 23:18:30 eventyay sshd[15139]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.128.80 ...	2019-09-13 05:22:46
138.68.128.80	attack	" "	2019-09-04 01:56:50
138.68.128.80	attackbots	Aug 31 15:16:59 plex sshd[16973]: Invalid user dattesh from 138.68.128.80 port 34686	2019-08-31 21:20:11
138.68.128.80	attackbots	Aug 31 13:40:58 plex sshd[14114]: Invalid user ankesh from 138.68.128.80 port 58948	2019-08-31 19:41:08

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.68.128.103
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 41303
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;138.68.128.103.			IN	A

;; AUTHORITY SECTION:
.			501	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2023102500 1800 900 604800 86400

;; Query time: 30 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Oct 25 22:53:03 CST 2023
;; MSG SIZE  rcvd: 107

Host info

Host 103.128.68.138.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 103.128.68.138.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
59.173.12.106	attackspambots	failed_logins	2020-04-16 07:10:41
178.154.200.38	attack	[Thu Apr 16 05:48:36.995671 2020] [:error] [pid 6201:tid 140689482336000] [client 178.154.200.38:47080] [client 178.154.200.38] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "XpePRFKNto9J2Xe@W6Bm8gAAAtA"] ...	2020-04-16 07:04:14
111.229.28.34	attackbotsspam	2020-04-15T22:25:05.661314Z d99d4c674be8 New connection: 111.229.28.34:45022 (172.17.0.5:2222) [session: d99d4c674be8] 2020-04-15T22:35:55.910200Z 142bb40cdacc New connection: 111.229.28.34:43974 (172.17.0.5:2222) [session: 142bb40cdacc]	2020-04-16 07:41:46
106.13.137.67	attackbots	SSH Invalid Login	2020-04-16 07:08:38
49.234.16.16	attackspam	04/15/2020-16:56:02.342541 49.234.16.16 Protocol: 6 ET SCAN Potential SSH Scan	2020-04-16 07:20:19
106.12.86.193	attack	Invalid user seller from 106.12.86.193 port 35400	2020-04-16 07:36:32
222.180.162.8	attackbotsspam	Invalid user admin from 222.180.162.8 port 43940	2020-04-16 07:05:22
194.61.27.249	attackspam	04/15/2020-19:09:53.803260 194.61.27.249 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-04-16 07:16:37
65.97.0.208	attack	Invalid user serge from 65.97.0.208 port 33494	2020-04-16 07:22:28
14.169.213.194	attackspambots	2020-04-15T13:23:30.494286-07:00 suse-nuc sshd[8260]: Invalid user admin from 14.169.213.194 port 40720 ...	2020-04-16 07:16:25
111.229.199.67	attack	Apr 16 00:39:25 santamaria sshd\[31613\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.199.67 user=root Apr 16 00:39:27 santamaria sshd\[31613\]: Failed password for root from 111.229.199.67 port 38646 ssh2 Apr 16 00:44:22 santamaria sshd\[31684\]: Invalid user user from 111.229.199.67 Apr 16 00:44:22 santamaria sshd\[31684\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.199.67 ...	2020-04-16 07:41:30
177.23.184.99	attackspam	SSH Invalid Login	2020-04-16 07:33:25
106.12.92.65	attackbotsspam	Apr 16 00:29:09 vpn01 sshd[10618]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.92.65 Apr 16 00:29:11 vpn01 sshd[10618]: Failed password for invalid user tena from 106.12.92.65 port 57546 ssh2 ...	2020-04-16 07:06:36
162.243.132.5	attack	Port Scan: Events[2] countPorts[2]: 8081 21 ..	2020-04-16 07:39:29
139.99.236.133	attackspam	Apr 15 23:34:13 ArkNodeAT sshd\[6903\]: Invalid user deploy from 139.99.236.133 Apr 15 23:34:13 ArkNodeAT sshd\[6903\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.236.133 Apr 15 23:34:15 ArkNodeAT sshd\[6903\]: Failed password for invalid user deploy from 139.99.236.133 port 39700 ssh2	2020-04-16 07:13:29

Recently Reported IPs

206.189.88.98	103.245.237.65	36.164.102.20	16.51.164.246
2.232.210.34	2.130.98.51	88.190.105.115	38.12.86.234
70.151.246.23	174.115.165.86	55.237.140.52	87.58.198.78
243.13.199.39	93.39.118.199	120.5.106.2	114.119.0.0
218.79.16.73	9.21.18.219	219.98.34.240	13.240.45.34