138.68.245.53 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
138.68.245.152	attackbots	Invalid user digiacomo from 138.68.245.152 port 46472	2020-08-22 14:07:40
138.68.245.152	attackspambots	Aug 21 01:49:25 george sshd[13051]: Failed password for root from 138.68.245.152 port 35384 ssh2 Aug 21 01:51:59 george sshd[13081]: Invalid user install from 138.68.245.152 port 50052 Aug 21 01:51:59 george sshd[13081]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.245.152 Aug 21 01:52:01 george sshd[13081]: Failed password for invalid user install from 138.68.245.152 port 50052 ssh2 Aug 21 01:54:38 george sshd[13103]: Invalid user kasutaja from 138.68.245.152 port 36482 ...	2020-08-21 14:24:08
138.68.245.152	attackbots	Automatic report - Banned IP Access	2020-08-19 08:32:45
138.68.245.152	attackbotsspam	$f2bV_matches	2020-08-15 08:25:28
138.68.245.152	attack	Aug 9 12:27:06 game-panel sshd[22652]: Failed password for root from 138.68.245.152 port 39360 ssh2 Aug 9 12:31:01 game-panel sshd[22810]: Failed password for root from 138.68.245.152 port 49706 ssh2	2020-08-09 20:35:44
138.68.245.152	attackbotsspam	Aug 7 22:52:14 sshgateway sshd\[7796\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.245.152 user=root Aug 7 22:52:16 sshgateway sshd\[7796\]: Failed password for root from 138.68.245.152 port 54592 ssh2 Aug 7 22:54:17 sshgateway sshd\[7807\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.245.152 user=root	2020-08-08 06:12:28
138.68.245.152	attack	Aug 8 01:03:19 webhost01 sshd[1644]: Failed password for root from 138.68.245.152 port 34402 ssh2 ...	2020-08-08 02:23:17
138.68.245.137	attackbotsspam	138.68.245.137 - - \[25/Mar/2020:06:04:23 +0100\] "POST /wp-login.php HTTP/1.0" 200 6699 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 138.68.245.137 - - \[25/Mar/2020:06:04:26 +0100\] "POST /wp-login.php HTTP/1.0" 200 11606 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 138.68.245.137 - - \[25/Mar/2020:06:04:29 +0100\] "POST /wp-login.php HTTP/1.0" 200 6515 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-03-25 14:11:37
138.68.245.137	attackbots	C1,WP GET /nelson/wp-login.php	2020-02-25 03:01:15
138.68.245.137	attackspam	WordPress wp-login brute force :: 138.68.245.137 0.124 - [03/Feb/2020:08:12:07 0000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 1806 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "HTTP/1.1"	2020-02-03 17:06:47
138.68.245.137	attackbots	WordPress wp-login brute force :: 138.68.245.137 0.148 - [08/Jan/2020:13:05:25 0000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 1806 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "HTTP/1.1"	2020-01-08 22:21:01
138.68.245.137	attackspam	WordPress login Brute force / Web App Attack on client site.	2019-12-21 17:26:25
138.68.245.137	attackbotsspam	138.68.245.137 - - \[09/Dec/2019:13:29:50 +0100\] "POST /wp-login.php HTTP/1.0" 200 7538 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 138.68.245.137 - - \[09/Dec/2019:13:29:52 +0100\] "POST /wp-login.php HTTP/1.0" 200 7363 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 138.68.245.137 - - \[09/Dec/2019:13:29:55 +0100\] "POST /wp-login.php HTTP/1.0" 200 7358 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-12-09 21:59:57
138.68.245.137	attackspam	xmlrpc attack	2019-12-03 03:58:36
138.68.245.137	attackbotsspam	138.68.245.137 - - \[22/Nov/2019:13:15:04 +0100\] "POST /wp-login.php HTTP/1.0" 200 5269 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 138.68.245.137 - - \[22/Nov/2019:13:15:07 +0100\] "POST /wp-login.php HTTP/1.0" 200 5099 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 138.68.245.137 - - \[22/Nov/2019:13:15:10 +0100\] "POST /wp-login.php HTTP/1.0" 200 5093 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-11-22 21:49:36

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.68.245.53
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 37561
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;138.68.245.53.			IN	A

;; AUTHORITY SECTION:
.			508	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022700 1800 900 604800 86400

;; Query time: 15 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 27 17:33:18 CST 2022
;; MSG SIZE  rcvd: 106

Host info

53.245.68.138.in-addr.arpa domain name pointer mx13.kind44160.tokyo.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
53.245.68.138.in-addr.arpa	name = mx13.kind44160.tokyo.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
191.195.101.91	attackbots	Fail2Ban Ban Triggered	2020-04-10 17:17:02
123.31.32.150	attack	Apr 10 08:20:43 ip-172-31-62-245 sshd\[31878\]: Invalid user netrouting from 123.31.32.150\ Apr 10 08:20:45 ip-172-31-62-245 sshd\[31878\]: Failed password for invalid user netrouting from 123.31.32.150 port 40808 ssh2\ Apr 10 08:25:07 ip-172-31-62-245 sshd\[32098\]: Invalid user postgres from 123.31.32.150\ Apr 10 08:25:09 ip-172-31-62-245 sshd\[32098\]: Failed password for invalid user postgres from 123.31.32.150 port 52612 ssh2\ Apr 10 08:29:14 ip-172-31-62-245 sshd\[32124\]: Invalid user deploy from 123.31.32.150\	2020-04-10 17:23:09
2.59.153.39	attack	2020-04-10T08:57:13.960452ns386461 sshd\[11199\]: Invalid user bkp from 2.59.153.39 port 49158 2020-04-10T08:57:13.965048ns386461 sshd\[11199\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.59.153.39 2020-04-10T08:57:16.386466ns386461 sshd\[11199\]: Failed password for invalid user bkp from 2.59.153.39 port 49158 ssh2 2020-04-10T09:17:14.861779ns386461 sshd\[30678\]: Invalid user test from 2.59.153.39 port 52844 2020-04-10T09:17:14.866493ns386461 sshd\[30678\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.59.153.39 ...	2020-04-10 17:22:19
106.52.80.21	attackbots	5x Failed Password	2020-04-10 17:04:02
75.162.72.202	attackspambots	20 attempts against mh-misbehave-ban on milky	2020-04-10 17:15:15
222.186.31.166	attackbots	Apr 10 08:43:19 scw-6657dc sshd[1473]: Failed password for root from 222.186.31.166 port 50628 ssh2 Apr 10 08:43:19 scw-6657dc sshd[1473]: Failed password for root from 222.186.31.166 port 50628 ssh2 Apr 10 08:43:22 scw-6657dc sshd[1473]: Failed password for root from 222.186.31.166 port 50628 ssh2 ...	2020-04-10 17:03:31
45.254.26.22	attack	Unauthorized connection attempt detected from IP address 45.254.26.22 to port 5900	2020-04-10 16:52:54
187.12.181.106	attackbots	(sshd) Failed SSH login from 187.12.181.106 (BR/Brazil/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 10 10:45:16 srv sshd[8228]: Invalid user admin from 187.12.181.106 port 52346 Apr 10 10:45:19 srv sshd[8228]: Failed password for invalid user admin from 187.12.181.106 port 52346 ssh2 Apr 10 10:54:36 srv sshd[8383]: Invalid user server from 187.12.181.106 port 38942 Apr 10 10:54:39 srv sshd[8383]: Failed password for invalid user server from 187.12.181.106 port 38942 ssh2 Apr 10 11:01:08 srv sshd[8567]: Invalid user ubuntu from 187.12.181.106 port 48878	2020-04-10 17:23:36
124.160.42.66	attack	detected by Fail2Ban	2020-04-10 17:16:32
99.132.140.63	attackspam	Apr 10 07:15:39 ift sshd\[2197\]: Failed password for root from 99.132.140.63 port 43138 ssh2Apr 10 07:22:06 ift sshd\[3010\]: Invalid user postgres from 99.132.140.63Apr 10 07:22:08 ift sshd\[3010\]: Failed password for invalid user postgres from 99.132.140.63 port 60104 ssh2Apr 10 07:25:30 ift sshd\[3741\]: Invalid user deploy from 99.132.140.63Apr 10 07:25:32 ift sshd\[3741\]: Failed password for invalid user deploy from 99.132.140.63 port 38206 ssh2 ...	2020-04-10 16:46:26
185.64.209.194	attackbots	Telnet/23 MH Probe, Scan, BF, Hack -	2020-04-10 16:48:09
5.196.225.45	attack	...	2020-04-10 17:02:34
114.34.58.183	attack	Apr 10 05:54:07 debian-2gb-nbg1-2 kernel: \[8749857.321764\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=114.34.58.183 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=53 ID=57849 PROTO=TCP SPT=13369 DPT=23 WINDOW=34252 RES=0x00 SYN URGP=0	2020-04-10 16:46:03
178.128.13.87	attackbots	Apr 10 10:41:39 pve sshd[13081]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.13.87 Apr 10 10:41:40 pve sshd[13081]: Failed password for invalid user tester from 178.128.13.87 port 57908 ssh2 Apr 10 10:45:18 pve sshd[13730]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.13.87	2020-04-10 16:55:30
134.122.16.152	attack	Apr 10 10:53:03 host sshd[2528]: Invalid user ts3user from 134.122.16.152 port 39074 ...	2020-04-10 16:55:48

Recently Reported IPs

138.68.244.190	138.68.245.230	138.68.246.91	138.68.243.236
138.68.248.190	138.68.248.217	138.68.248.212	138.68.31.204
138.68.253.41	138.68.57.17	138.68.248.21	138.68.85.126
138.68.59.83	138.94.254.66	138.94.53.238	138.97.162.18
138.97.118.50	138.97.105.250	138.94.85.213	138.97.148.106