City: Santa Clara
Region: California
Country: United States
Internet Service Provider: DigitalOcean LLC
Hostname: unknown
Organization: unknown
Usage Type: Data Center/Web Hosting/Transit
| Type | Details | Datetime |
|---|---|---|
| attackbotsspam | Port 22 Scan, PTR: None |
2020-04-05 05:16:55 |
| IP | Type | Details | Datetime |
|---|---|---|---|
| 138.68.191.85 | attackproxy | Malicious IP / Malware |
2024-04-26 12:55:20 |
| 138.68.191.198 | attackbots | 138.68.191.198 - - [07/Aug/2019:19:45:27 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.191.198 - - [07/Aug/2019:19:45:27 +0200] "POST /wp-login.php HTTP/1.1" 200 1503 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.191.198 - - [07/Aug/2019:19:45:32 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.191.198 - - [07/Aug/2019:19:45:37 +0200] "POST /wp-login.php HTTP/1.1" 200 1489 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.191.198 - - [07/Aug/2019:19:45:38 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.191.198 - - [07/Aug/2019:19:45:39 +0200] "POST /wp-login.php HTTP/1.1" 200 1491 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ... |
2019-08-08 02:44:11 |
| 138.68.191.198 | attack | xmlrpc attack |
2019-06-23 20:38:01 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.68.19.73
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7510
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.68.19.73. IN A
;; AUTHORITY SECTION:
. 451 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2020040402 1800 900 604800 86400
;; Query time: 48 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Apr 05 05:16:52 CST 2020
;; MSG SIZE rcvd: 116Host 73.19.68.138.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 73.19.68.138.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 1.159.18.236 | attackspam | Automatic report - Port Scan Attack |
2020-04-29 17:08:02 |
| 109.233.18.202 | attackbotsspam | 400 BAD REQUEST |
2020-04-29 17:07:05 |
| 222.186.52.131 | attackspam | Apr 29 03:53:15 124388 sshd[904]: Failed password for root from 222.186.52.131 port 11981 ssh2 Apr 29 03:53:52 124388 sshd[906]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.52.131 user=root Apr 29 03:53:54 124388 sshd[906]: Failed password for root from 222.186.52.131 port 34835 ssh2 Apr 29 03:55:08 124388 sshd[909]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.52.131 user=root Apr 29 03:55:10 124388 sshd[909]: Failed password for root from 222.186.52.131 port 16274 ssh2 |
2020-04-29 17:09:33 |
| 218.232.135.95 | attack | Invalid user media from 218.232.135.95 port 37086 |
2020-04-29 16:56:59 |
| 106.75.101.7 | attackbots | Apr 29 05:48:44 vps sshd[19738]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.101.7 Apr 29 05:48:46 vps sshd[19738]: Failed password for invalid user zoom from 106.75.101.7 port 58132 ssh2 Apr 29 05:55:33 vps sshd[20061]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.101.7 ... |
2020-04-29 16:48:10 |
| 157.7.85.245 | attack | prod3 ... |
2020-04-29 17:19:50 |
| 125.220.210.185 | attackspam | 2020-04-29T06:38:50.068939shield sshd\[24962\]: Invalid user ts3 from 125.220.210.185 port 51624 2020-04-29T06:38:50.072610shield sshd\[24962\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.220.210.185 2020-04-29T06:38:52.162607shield sshd\[24962\]: Failed password for invalid user ts3 from 125.220.210.185 port 51624 ssh2 2020-04-29T06:42:03.289031shield sshd\[25378\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.220.210.185 user=root 2020-04-29T06:42:05.539861shield sshd\[25378\]: Failed password for root from 125.220.210.185 port 54072 ssh2 |
2020-04-29 17:02:24 |
| 183.237.40.52 | attack | Helo |
2020-04-29 16:46:01 |
| 159.89.115.126 | attackspambots | Apr 29 10:40:18 vpn01 sshd[24870]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.115.126 Apr 29 10:40:20 vpn01 sshd[24870]: Failed password for invalid user web from 159.89.115.126 port 46636 ssh2 ... |
2020-04-29 16:46:38 |
| 51.38.65.175 | attackspam | Apr 29 07:48:58 IngegnereFirenze sshd[5414]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.65.175 user=root ... |
2020-04-29 17:03:03 |
| 190.96.119.14 | attackspam | Apr 29 09:05:08 lock-38 sshd[1688263]: Failed password for invalid user teresa from 190.96.119.14 port 59196 ssh2 Apr 29 09:05:08 lock-38 sshd[1688263]: Disconnected from invalid user teresa 190.96.119.14 port 59196 [preauth] Apr 29 09:12:50 lock-38 sshd[1688564]: Invalid user zul from 190.96.119.14 port 45368 Apr 29 09:12:50 lock-38 sshd[1688564]: Invalid user zul from 190.96.119.14 port 45368 Apr 29 09:12:50 lock-38 sshd[1688564]: Failed password for invalid user zul from 190.96.119.14 port 45368 ssh2 ... |
2020-04-29 16:41:07 |
| 203.147.73.192 | attackbots | (imapd) Failed IMAP login from 203.147.73.192 (NC/New Caledonia/host-203-147-73-192.h26.canl.nc): 1 in the last 3600 secs |
2020-04-29 16:59:46 |
| 222.186.52.39 | attackbotsspam | Apr 29 08:54:45 scw-6657dc sshd[4935]: Failed password for root from 222.186.52.39 port 10519 ssh2 Apr 29 08:54:45 scw-6657dc sshd[4935]: Failed password for root from 222.186.52.39 port 10519 ssh2 Apr 29 08:54:48 scw-6657dc sshd[4935]: Failed password for root from 222.186.52.39 port 10519 ssh2 ... |
2020-04-29 17:05:37 |
| 45.227.255.4 | attackbots | SSH Brute-Forcing (server1) |
2020-04-29 16:56:28 |
| 222.186.173.226 | attack | Apr 29 10:38:43 minden010 sshd[29795]: Failed password for root from 222.186.173.226 port 63296 ssh2 Apr 29 10:38:46 minden010 sshd[29795]: Failed password for root from 222.186.173.226 port 63296 ssh2 Apr 29 10:38:49 minden010 sshd[29795]: Failed password for root from 222.186.173.226 port 63296 ssh2 Apr 29 10:38:52 minden010 sshd[29795]: Failed password for root from 222.186.173.226 port 63296 ssh2 ... |
2020-04-29 16:45:00 |