138.68.146.187

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
138.68.146.111	attack	Automatically reported by fail2ban report script (mx1)	2020-03-27 04:57:20
138.68.146.111	attackbotsspam	xmlrpc.php attack	2020-03-03 19:11:35
138.68.146.186	attack	Aug 24 20:01:15 dallas01 sshd[2393]: Failed password for root from 138.68.146.186 port 49328 ssh2 Aug 24 20:06:04 dallas01 sshd[3196]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.146.186 Aug 24 20:06:07 dallas01 sshd[3196]: Failed password for invalid user jerry from 138.68.146.186 port 36388 ssh2	2020-01-28 04:57:41
138.68.146.186	attackspambots	2019-10-11T15:17:20.2945501240 sshd\[31008\]: Invalid user ftpuser from 138.68.146.186 port 54444 2019-10-11T15:17:20.2976791240 sshd\[31008\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.146.186 2019-10-11T15:17:21.8921771240 sshd\[31008\]: Failed password for invalid user ftpuser from 138.68.146.186 port 54444 ssh2 ...	2019-10-11 21:43:03
138.68.146.186	attack	Oct 10 19:37:27 mail sshd[1516]: Invalid user qhsupport from 138.68.146.186 ...	2019-10-11 02:22:59
138.68.146.186	attackspambots	Oct 8 13:55:21 vpn01 sshd[31086]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.146.186 Oct 8 13:55:23 vpn01 sshd[31086]: Failed password for invalid user ubuntu from 138.68.146.186 port 41830 ssh2 ...	2019-10-08 21:35:20
138.68.146.186	attack	SSH authentication failure x 6 reported by Fail2Ban ...	2019-10-03 17:18:21
138.68.146.186	attackspam	Aug 26 00:11:44 lnxweb61 sshd[16273]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.146.186 Aug 26 00:11:44 lnxweb61 sshd[16273]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.146.186 Aug 26 00:11:47 lnxweb61 sshd[16273]: Failed password for invalid user carlos from 138.68.146.186 port 49936 ssh2	2019-08-26 06:21:36
138.68.146.186	attackspambots	2019-08-24T22:22:35.641520lon01.zurich-datacenter.net sshd\[9695\]: Invalid user reseller from 138.68.146.186 port 54422 2019-08-24T22:22:35.649626lon01.zurich-datacenter.net sshd\[9695\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.146.186 2019-08-24T22:22:37.680423lon01.zurich-datacenter.net sshd\[9695\]: Failed password for invalid user reseller from 138.68.146.186 port 54422 ssh2 2019-08-24T22:27:43.108850lon01.zurich-datacenter.net sshd\[9855\]: Invalid user pornchai from 138.68.146.186 port 41492 2019-08-24T22:27:43.115766lon01.zurich-datacenter.net sshd\[9855\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.146.186 ...	2019-08-25 04:32:01
138.68.146.186	attack	Aug 24 08:05:04 shared-1 sshd\[5146\]: Invalid user www from 138.68.146.186Aug 24 08:10:02 shared-1 sshd\[5200\]: Invalid user test from 138.68.146.186 ...	2019-08-24 16:34:54
138.68.146.186	attack	Aug 23 17:29:53 vps647732 sshd[1650]: Failed password for root from 138.68.146.186 port 54450 ssh2 ...	2019-08-23 23:53:43
138.68.146.186	attackspam	Aug 22 05:58:28 itv-usvr-02 sshd[20156]: Invalid user user1 from 138.68.146.186 port 38844 Aug 22 05:58:28 itv-usvr-02 sshd[20156]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.146.186 Aug 22 05:58:28 itv-usvr-02 sshd[20156]: Invalid user user1 from 138.68.146.186 port 38844 Aug 22 05:58:30 itv-usvr-02 sshd[20156]: Failed password for invalid user user1 from 138.68.146.186 port 38844 ssh2 Aug 22 06:03:10 itv-usvr-02 sshd[20184]: Invalid user editta from 138.68.146.186 port 54144	2019-08-22 07:19:47
138.68.146.186	attackbotsspam	Aug 20 REMOVED sshd\[7280\]: Invalid user houx from 138.68.146.186 Aug 20 REMOVED sshd\[13744\]: Invalid user dcmadmin from 138.68.146.186 Aug 20 REMOVED sshd\[13750\]: Invalid user server from 138.68.146.186	2019-08-21 03:48:37
138.68.146.186	attackspam	Aug 16 22:20:44 MK-Soft-VM6 sshd\[6848\]: Invalid user ubuntu from 138.68.146.186 port 60982 Aug 16 22:20:44 MK-Soft-VM6 sshd\[6848\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.146.186 Aug 16 22:20:46 MK-Soft-VM6 sshd\[6848\]: Failed password for invalid user ubuntu from 138.68.146.186 port 60982 ssh2 ...	2019-08-17 06:57:26
138.68.146.186	attackbotsspam	Brute force SMTP login attempted. ...	2019-08-10 02:49:57

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.68.146.187
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 15631
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;138.68.146.187.			IN	A

;; AUTHORITY SECTION:
.			489	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021702 1800 900 604800 86400

;; Query time: 25 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 11:58:04 CST 2022
;; MSG SIZE  rcvd: 107

Host info

Host 187.146.68.138.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 187.146.68.138.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
185.220.101.76	attackbots	Oct 24 07:24:44 rama sshd[189695]: Invalid user admins from 185.220.101.76 Oct 24 07:24:44 rama sshd[189695]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.220.101.76 Oct 24 07:24:46 rama sshd[189695]: Failed password for invalid user admins from 185.220.101.76 port 51651 ssh2 Oct 24 07:24:49 rama sshd[189695]: Failed password for invalid user admins from 185.220.101.76 port 51651 ssh2 Oct 24 07:24:49 rama sshd[189695]: Connection closed by 185.220.101.76 [preauth] Oct 24 07:24:49 rama sshd[189695]: PAM 1 more authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.220.101.76 Oct 24 07:24:52 rama sshd[189743]: Invalid user admin from 185.220.101.76 Oct 24 07:24:52 rama sshd[189743]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.220.101.76 Oct 24 07:24:54 rama sshd[189743]: Failed password for invalid user admin from 185.220.101.76 port 46547 ssh2 Oct 24 07:24:57........ -------------------------------	2019-10-27 17:13:50
103.206.100.214	attack	(imapd) Failed IMAP login from 103.206.100.214 (IN/India/axntech-dynamic-214.100.206.103.axntechnologies.in): 1 in the last 3600 secs	2019-10-27 17:50:14
49.88.112.71	attackbotsspam	2019-10-27T04:21:01.181859abusebot-6.cloudsearch.cf sshd\[19181\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.71 user=root	2019-10-27 17:27:52
114.102.13.238	attackspambots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/114.102.13.238/ CN - 1H : (293) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : CN NAME ASN : ASN4134 IP : 114.102.13.238 CIDR : 114.96.0.0/13 PREFIX COUNT : 5430 UNIQUE IP COUNT : 106919680 ATTACKS DETECTED ASN4134 : 1H - 45 3H - 90 6H - 90 12H - 93 24H - 93 DateTime : 2019-10-27 04:49:00 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-10-27 17:32:28
218.92.0.190	attack	Oct 27 10:23:06 legacy sshd[10400]: Failed password for root from 218.92.0.190 port 25296 ssh2 Oct 27 10:23:09 legacy sshd[10400]: Failed password for root from 218.92.0.190 port 25296 ssh2 Oct 27 10:23:12 legacy sshd[10400]: Failed password for root from 218.92.0.190 port 25296 ssh2 ...	2019-10-27 17:46:44
47.106.168.200	attack	" "	2019-10-27 17:30:38
203.190.55.203	attack	Oct 27 09:50:20 mail1 sshd\[17163\]: Invalid user kral from 203.190.55.203 port 37783 Oct 27 09:50:20 mail1 sshd\[17163\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.190.55.203 Oct 27 09:50:22 mail1 sshd\[17163\]: Failed password for invalid user kral from 203.190.55.203 port 37783 ssh2 Oct 27 10:03:07 mail1 sshd\[17565\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.190.55.203 user=root Oct 27 10:03:10 mail1 sshd\[17565\]: Failed password for root from 203.190.55.203 port 59644 ssh2 ...	2019-10-27 17:42:49
118.24.57.240	attack	Oct 27 07:10:43 serwer sshd\[24545\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.57.240 user=root Oct 27 07:10:45 serwer sshd\[24545\]: Failed password for root from 118.24.57.240 port 32916 ssh2 Oct 27 07:16:48 serwer sshd\[25156\]: Invalid user oracle from 118.24.57.240 port 13054 Oct 27 07:16:48 serwer sshd\[25156\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.57.240 ...	2019-10-27 17:20:29
51.75.22.154	attackspambots	Oct 27 10:33:11 cvbnet sshd[29592]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.22.154 Oct 27 10:33:13 cvbnet sshd[29592]: Failed password for invalid user ng123 from 51.75.22.154 port 55296 ssh2 ...	2019-10-27 17:42:23
123.103.10.66	attackbots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/123.103.10.66/ CN - 1H : (294) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : CN NAME ASN : ASN4808 IP : 123.103.10.66 CIDR : 123.103.10.0/23 PREFIX COUNT : 1972 UNIQUE IP COUNT : 6728192 ATTACKS DETECTED ASN4808 : 1H - 6 3H - 14 6H - 19 12H - 28 24H - 28 DateTime : 2019-10-27 04:49:19 INFO : Port MAX SCAN Scan Detected and Blocked by ADMIN - data recovery	2019-10-27 17:20:12
84.232.253.81	attackbotsspam	Hacking activity	2019-10-27 17:39:29
67.85.105.1	attackspambots	$f2bV_matches	2019-10-27 17:53:17
128.199.133.201	attack	Automatic report - Banned IP Access	2019-10-27 17:41:22
206.189.30.229	attack	Automatic report - Banned IP Access	2019-10-27 17:48:26
112.85.86.72	attackspambots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/112.85.86.72/ CN - 1H : (295) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : CN NAME ASN : ASN4837 IP : 112.85.86.72 CIDR : 112.80.0.0/13 PREFIX COUNT : 1262 UNIQUE IP COUNT : 56665856 ATTACKS DETECTED ASN4837 : 1H - 15 3H - 53 6H - 84 12H - 118 24H - 118 DateTime : 2019-10-27 04:49:32 INFO : Port SSH 22 Scan Detected and Blocked by ADMIN - data recovery	2019-10-27 17:14:27

Recently Reported IPs

138.68.145.202	138.68.14.32	138.68.147.13	138.68.148.104
138.68.148.15	138.68.133.150	138.68.157.127	138.68.152.190
138.68.154.224	138.68.154.180	138.68.154.174	138.68.149.139
138.68.149.198	138.68.162.4	138.68.151.232	138.68.158.2
138.68.163.237	138.68.164.175	138.68.163.71	138.68.168.227