138.68.150.228

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
138.68.150.93	attackspam	138.68.150.93 - - [01/Oct/2020:12:48:02 +0100] "POST /wp-login.php HTTP/1.1" 200 2252 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.150.93 - - [01/Oct/2020:12:48:03 +0100] "POST /wp-login.php HTTP/1.1" 200 2255 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.150.93 - - [01/Oct/2020:12:48:04 +0100] "POST /wp-login.php HTTP/1.1" 200 2204 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-02 05:01:01
138.68.150.93	attackbotsspam	138.68.150.93 - - [01/Oct/2020:12:48:02 +0100] "POST /wp-login.php HTTP/1.1" 200 2252 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.150.93 - - [01/Oct/2020:12:48:03 +0100] "POST /wp-login.php HTTP/1.1" 200 2255 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.150.93 - - [01/Oct/2020:12:48:04 +0100] "POST /wp-login.php HTTP/1.1" 200 2204 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-01 21:19:24
138.68.150.93	attackbotsspam	138.68.150.93 - - [01/Oct/2020:05:40:26 +0100] "POST /wp-login.php HTTP/1.1" 200 2596 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.150.93 - - [01/Oct/2020:05:40:27 +0100] "POST /wp-login.php HTTP/1.1" 200 2580 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.150.93 - - [01/Oct/2020:05:40:28 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-01 13:34:15
138.68.150.93	attackspambots	WordPress wp-login brute force :: 138.68.150.93 0.228 - [13/Sep/2020:07:49:37 0000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 2414 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "HTTP/1.1"	2020-09-13 21:16:25
138.68.150.93	attackbotsspam	138.68.150.93 - - [12/Sep/2020:10:59:08 -0600] "GET /wp-login.php HTTP/1.1" 301 478 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-13 13:09:53
138.68.150.93	attackbotsspam	138.68.150.93 - - [12/Sep/2020:10:59:08 -0600] "GET /wp-login.php HTTP/1.1" 301 478 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-13 04:56:37
138.68.150.93	attackbotsspam	138.68.150.93 - - [01/Sep/2020:09:56:59 +0100] "POST /wp-login.php HTTP/1.1" 200 1801 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.150.93 - - [01/Sep/2020:09:56:59 +0100] "POST /wp-login.php HTTP/1.1" 200 1779 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.150.93 - - [01/Sep/2020:09:57:00 +0100] "POST /wp-login.php HTTP/1.1" 200 1781 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-01 18:04:51
138.68.150.93	attackspambots	138.68.150.93 - - [16/Aug/2020:08:22:33 +0200] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.150.93 - - [16/Aug/2020:08:22:33 +0200] "POST /wp-login.php HTTP/1.1" 200 2031 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.150.93 - - [16/Aug/2020:08:22:33 +0200] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.150.93 - - [16/Aug/2020:08:22:33 +0200] "POST /wp-login.php HTTP/1.1" 200 2007 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.150.93 - - [16/Aug/2020:08:22:33 +0200] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.150.93 - - [16/Aug/2020:08:22:33 +0200] "POST /wp-login.php HTTP/1.1" 200 2008 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Fir ...	2020-08-16 15:16:56
138.68.150.93	attack	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-08-07 21:20:56

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.68.150.228
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31550
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;138.68.150.228.			IN	A

;; AUTHORITY SECTION:
.			587	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020702 1800 900 604800 86400

;; Query time: 18 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 08 12:17:43 CST 2022
;; MSG SIZE  rcvd: 107

Host info

Host 228.150.68.138.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 228.150.68.138.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
185.53.168.54	attackspam	May 13 17:36:38 NPSTNNYC01T sshd[20107]: Failed password for root from 185.53.168.54 port 44620 ssh2 May 13 17:40:38 NPSTNNYC01T sshd[21460]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.53.168.54 May 13 17:40:40 NPSTNNYC01T sshd[21460]: Failed password for invalid user postgres from 185.53.168.54 port 55332 ssh2 ...	2020-05-14 05:43:25
103.76.190.210	attack	Brute force attempt	2020-05-14 06:03:40
222.165.186.51	attack	May 13 18:02:03 firewall sshd[31757]: Invalid user alice from 222.165.186.51 May 13 18:02:04 firewall sshd[31757]: Failed password for invalid user alice from 222.165.186.51 port 49142 ssh2 May 13 18:09:04 firewall sshd[31929]: Invalid user hms from 222.165.186.51 ...	2020-05-14 05:30:59
222.186.175.151	attackbotsspam	May 13 23:34:02 legacy sshd[18444]: Failed password for root from 222.186.175.151 port 9272 ssh2 May 13 23:34:15 legacy sshd[18444]: error: maximum authentication attempts exceeded for root from 222.186.175.151 port 9272 ssh2 [preauth] May 13 23:34:21 legacy sshd[18448]: Failed password for root from 222.186.175.151 port 12476 ssh2 ...	2020-05-14 05:36:45
222.186.173.183	attackspam	May 13 23:30:21 host sshd[12309]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.183 user=root May 13 23:30:23 host sshd[12309]: Failed password for root from 222.186.173.183 port 23274 ssh2 ...	2020-05-14 05:37:22
51.77.201.5	attack	SSH Invalid Login	2020-05-14 05:56:45
218.78.36.85	attackbots	SSH Invalid Login	2020-05-14 06:05:07
165.227.101.226	attackspam	Invalid user homes from 165.227.101.226 port 32926	2020-05-14 06:12:08
156.96.58.106	attack	[2020-05-13 17:34:42] NOTICE[1157][C-00004577] chan_sip.c: Call from '' (156.96.58.106:58628) to extension '91407441519470725' rejected because extension not found in context 'public'. [2020-05-13 17:34:42] SECURITY[1173] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-05-13T17:34:42.341-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="91407441519470725",SessionID="0x7f5f1025af28",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/156.96.58.106/58628",ACLName="no_extension_match" [2020-05-13 17:36:44] NOTICE[1157][C-0000457a] chan_sip.c: Call from '' (156.96.58.106:63372) to extension '91408441519470725' rejected because extension not found in context 'public'. [2020-05-13 17:36:44] SECURITY[1173] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-05-13T17:36:44.344-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="91408441519470725",SessionID="0x7f5f1025af28",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="I ...	2020-05-14 05:50:14
177.92.33.41	attack	Invalid user ordcommon from 177.92.33.41 port 38600	2020-05-14 05:49:49
176.67.81.10	attack	[2020-05-13 17:50:29] NOTICE[1157] chan_sip.c: Registration from '' failed for '176.67.81.10:53410' - Wrong password [2020-05-13 17:50:29] SECURITY[1173] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-05-13T17:50:29.727-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="6291",SessionID="0x7f5f100266a8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/176.67.81.10/53410",Challenge="7ff57f9b",ReceivedChallenge="7ff57f9b",ReceivedHash="9d43a9ded01a782a6415f8cf56e559fa" [2020-05-13 17:50:48] NOTICE[1157] chan_sip.c: Registration from '' failed for '176.67.81.10:62906' - Wrong password [2020-05-13 17:50:48] SECURITY[1173] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-05-13T17:50:48.276-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="3821",SessionID="0x7f5f1025af28",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/176.67.81.10/629 ...	2020-05-14 05:58:22
198.211.101.147	attackbotsspam	Invalid user siteadmin from 198.211.101.147 port 55500	2020-05-14 06:08:06
106.54.74.109	attack	SSH Invalid Login	2020-05-14 06:11:16
192.144.225.182	attack	SSH Invalid Login	2020-05-14 06:10:53
180.167.126.126	attackspam	May 13 23:59:30 plex sshd[7324]: Invalid user ops from 180.167.126.126 port 51866 May 13 23:59:32 plex sshd[7324]: Failed password for invalid user ops from 180.167.126.126 port 51866 ssh2 May 13 23:59:30 plex sshd[7324]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.167.126.126 May 13 23:59:30 plex sshd[7324]: Invalid user ops from 180.167.126.126 port 51866 May 13 23:59:32 plex sshd[7324]: Failed password for invalid user ops from 180.167.126.126 port 51866 ssh2	2020-05-14 06:03:10

Recently Reported IPs

221.13.53.145	217.172.112.222	92.96.232.231	84.236.85.77
120.194.121.82	27.47.41.110	14.231.113.236	223.8.56.101
49.235.82.147	218.88.30.202	186.193.70.128	92.253.212.114
186.235.61.29	95.246.156.129	158.255.7.157	156.214.139.91
201.238.154.170	180.251.11.140	185.221.252.69	200.73.131.9