138.68.4.131 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Aug 26 22:51:40 mellenthin sshd[8736]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.4.131 user=root Aug 26 22:51:42 mellenthin sshd[8736]: Failed password for invalid user root from 138.68.4.131 port 47438 ssh2	2020-08-27 07:18:51
attackbots	Aug 25 00:52:46 vps647732 sshd[19935]: Failed password for root from 138.68.4.131 port 34270 ssh2 Aug 25 00:59:53 vps647732 sshd[20175]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.4.131 ...	2020-08-25 07:00:14
attackspam	2020-08-24T13:45:13.702070+02:00 sshd[22551]: Failed password for invalid user sinus from 138.68.4.131 port 39732 ssh2	2020-08-25 02:33:33
attackspam	Jul 24 23:08:05 localhost sshd[23930]: Invalid user postgres from 138.68.4.131 port 39346 Jul 24 23:08:05 localhost sshd[23930]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.4.131 Jul 24 23:08:05 localhost sshd[23930]: Invalid user postgres from 138.68.4.131 port 39346 Jul 24 23:08:07 localhost sshd[23930]: Failed password for invalid user postgres from 138.68.4.131 port 39346 ssh2 Jul 24 23:14:19 localhost sshd[24622]: Invalid user admin from 138.68.4.131 port 35906 ...	2020-07-25 07:28:19
attackspambots	2020-07-22T13:49:03.410125mail.thespaminator.com sshd[25249]: Invalid user project from 138.68.4.131 port 50774 2020-07-22T13:49:05.477241mail.thespaminator.com sshd[25249]: Failed password for invalid user project from 138.68.4.131 port 50774 ssh2 ...	2020-07-23 03:11:27
attackspambots	Invalid user meeting from 138.68.4.131 port 49996	2020-07-19 02:56:54

Comments on same subnet:

IP	Type	Details	Datetime
138.68.4.8	attack	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-10-09T19:07:51Z and 2020-10-09T19:14:32Z	2020-10-10 06:33:05
138.68.4.8	attackspam	Oct 9 12:39:22 vps-51d81928 sshd[681499]: Failed password for root from 138.68.4.8 port 44060 ssh2 Oct 9 12:40:25 vps-51d81928 sshd[681523]: Invalid user test from 138.68.4.8 port 33238 Oct 9 12:40:25 vps-51d81928 sshd[681523]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.4.8 Oct 9 12:40:25 vps-51d81928 sshd[681523]: Invalid user test from 138.68.4.8 port 33238 Oct 9 12:40:27 vps-51d81928 sshd[681523]: Failed password for invalid user test from 138.68.4.8 port 33238 ssh2 ...	2020-10-09 22:44:39
138.68.4.8	attack	Oct 9 08:19:22 pornomens sshd\[22347\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.4.8 user=root Oct 9 08:19:24 pornomens sshd\[22347\]: Failed password for root from 138.68.4.8 port 42976 ssh2 Oct 9 08:22:54 pornomens sshd\[22392\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.4.8 user=root ...	2020-10-09 14:35:52
138.68.44.55	attackspam	2020-10-08T02:17:38.530793hostname sshd[32013]: Failed password for root from 138.68.44.55 port 50230 ssh2 2020-10-08T02:20:50.966324hostname sshd[821]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.44.55 user=root 2020-10-08T02:20:53.269048hostname sshd[821]: Failed password for root from 138.68.44.55 port 47628 ssh2 ...	2020-10-08 05:19:31
138.68.44.55	attack	$f2bV_matches	2020-10-07 21:43:18
138.68.44.55	attackspambots	Oct 7 03:19:27 ns382633 sshd\[23310\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.44.55 user=root Oct 7 03:19:29 ns382633 sshd\[23310\]: Failed password for root from 138.68.44.55 port 34600 ssh2 Oct 7 03:32:01 ns382633 sshd\[25022\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.44.55 user=root Oct 7 03:32:03 ns382633 sshd\[25022\]: Failed password for root from 138.68.44.55 port 47152 ssh2 Oct 7 03:36:05 ns382633 sshd\[25759\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.44.55 user=root	2020-10-07 13:30:05
138.68.45.164	attack	Attempt to hack Wordpress Login, XMLRPC or other login	2020-10-07 05:15:44
138.68.45.164	attackspambots	138.68.45.164 - - [06/Oct/2020:12:16:54 +0100] "POST /wp-login.php HTTP/1.1" 200 2426 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.45.164 - - [06/Oct/2020:12:17:01 +0100] "POST /wp-login.php HTTP/1.1" 200 2407 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.45.164 - - [06/Oct/2020:12:17:03 +0100] "POST /wp-login.php HTTP/1.1" 200 2405 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-06 21:24:16
138.68.45.164	attackbotsspam	138.68.45.164 - - [06/Oct/2020:06:45:09 +0200] "GET /wp-login.php HTTP/1.1" 200 9061 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.45.164 - - [06/Oct/2020:06:45:13 +0200] "POST /wp-login.php HTTP/1.1" 200 9312 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.45.164 - - [06/Oct/2020:06:45:14 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-10-06 13:06:21
138.68.4.8	attackspam	Sep 29 01:28:03 ip106 sshd[9808]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.4.8 Sep 29 01:28:05 ip106 sshd[9808]: Failed password for invalid user mdpi from 138.68.4.8 port 47404 ssh2 ...	2020-09-30 09:08:49
138.68.4.8	attack	Sep 29 01:28:03 ip106 sshd[9808]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.4.8 Sep 29 01:28:05 ip106 sshd[9808]: Failed password for invalid user mdpi from 138.68.4.8 port 47404 ssh2 ...	2020-09-30 02:00:16
138.68.4.8	attack	Sep 29 01:28:03 ip106 sshd[9808]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.4.8 Sep 29 01:28:05 ip106 sshd[9808]: Failed password for invalid user mdpi from 138.68.4.8 port 47404 ssh2 ...	2020-09-29 18:01:49
138.68.44.55	attackspam	2020-09-24T14:54:46.390798devel sshd[27891]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.44.55 2020-09-24T14:54:46.385075devel sshd[27891]: Invalid user arief from 138.68.44.55 port 52716 2020-09-24T14:54:48.629319devel sshd[27891]: Failed password for invalid user arief from 138.68.44.55 port 52716 ssh2	2020-09-25 03:49:45
138.68.44.55	attackbots	Sep 24 05:23:45 firewall sshd[25140]: Invalid user Administrator from 138.68.44.55 Sep 24 05:23:48 firewall sshd[25140]: Failed password for invalid user Administrator from 138.68.44.55 port 60244 ssh2 Sep 24 05:28:19 firewall sshd[25293]: Invalid user user from 138.68.44.55 ...	2020-09-24 19:36:58
138.68.40.92	attackbots	firewall-block, port(s): 9976/tcp	2020-09-20 02:41:01

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.68.4.131
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 336
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.68.4.131.			IN	A

;; AUTHORITY SECTION:
.			297	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020071801 1800 900 604800 86400

;; Query time: 64 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jul 19 02:56:49 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 131.4.68.138.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 131.4.68.138.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
106.122.191.207	attackbots	" "	2019-09-15 10:19:44
110.134.225.5	attackspam	port scan and connect, tcp 23 (telnet)	2019-09-15 10:10:37
122.53.62.83	attackspambots	Sep 15 02:00:59 rpi sshd[5564]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.53.62.83 Sep 15 02:01:01 rpi sshd[5564]: Failed password for invalid user informix from 122.53.62.83 port 15041 ssh2	2019-09-15 10:27:40
14.192.10.52	attackspambots	SMB Server BruteForce Attack	2019-09-15 10:17:21
49.83.49.76	attackspambots	Sep 14 19:55:25 polaris sshd[20763]: Failed password for r.r from 49.83.49.76 port 47447 ssh2 Sep 14 19:55:27 polaris sshd[20763]: Failed password for r.r from 49.83.49.76 port 47447 ssh2 Sep 14 19:55:31 polaris sshd[20763]: Failed password for r.r from 49.83.49.76 port 47447 ssh2 Sep 14 19:55:35 polaris sshd[20763]: Failed password for r.r from 49.83.49.76 port 47447 ssh2 Sep 14 19:55:37 polaris sshd[20763]: Failed password for r.r from 49.83.49.76 port 47447 ssh2 Sep 14 19:55:39 polaris sshd[20763]: Failed password for r.r from 49.83.49.76 port 47447 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=49.83.49.76	2019-09-15 10:22:05
115.236.190.75	attackbotsspam	2019-09-15T03:14:09.989430beta postfix/smtpd[29346]: warning: unknown[115.236.190.75]: SASL LOGIN authentication failed: authentication failure 2019-09-15T03:14:15.380676beta postfix/smtpd[29346]: warning: unknown[115.236.190.75]: SASL LOGIN authentication failed: authentication failure 2019-09-15T03:14:20.783805beta postfix/smtpd[29346]: warning: unknown[115.236.190.75]: SASL LOGIN authentication failed: authentication failure ...	2019-09-15 10:16:54
138.117.108.88	attack	Sep 14 16:40:28 auw2 sshd\[28030\]: Invalid user 123321 from 138.117.108.88 Sep 14 16:40:28 auw2 sshd\[28030\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.117.108.88 Sep 14 16:40:30 auw2 sshd\[28030\]: Failed password for invalid user 123321 from 138.117.108.88 port 60594 ssh2 Sep 14 16:47:37 auw2 sshd\[28756\]: Invalid user 123456 from 138.117.108.88 Sep 14 16:47:37 auw2 sshd\[28756\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.117.108.88	2019-09-15 10:52:23
200.116.195.122	attackspam	Sep 14 11:46:12 home sshd[17296]: Invalid user subzero from 200.116.195.122 port 56854 Sep 14 11:46:12 home sshd[17296]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.116.195.122 Sep 14 11:46:12 home sshd[17296]: Invalid user subzero from 200.116.195.122 port 56854 Sep 14 11:46:14 home sshd[17296]: Failed password for invalid user subzero from 200.116.195.122 port 56854 ssh2 Sep 14 11:59:07 home sshd[17343]: Invalid user wy from 200.116.195.122 port 42752 Sep 14 11:59:07 home sshd[17343]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.116.195.122 Sep 14 11:59:07 home sshd[17343]: Invalid user wy from 200.116.195.122 port 42752 Sep 14 11:59:09 home sshd[17343]: Failed password for invalid user wy from 200.116.195.122 port 42752 ssh2 Sep 14 12:03:18 home sshd[17369]: Invalid user jk from 200.116.195.122 port 56304 Sep 14 12:03:18 home sshd[17369]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh	2019-09-15 10:40:35
183.99.77.161	attackbotsspam	Sep 15 00:56:47 meumeu sshd[13581]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.99.77.161 Sep 15 00:56:49 meumeu sshd[13581]: Failed password for invalid user node from 183.99.77.161 port 7777 ssh2 Sep 15 01:01:48 meumeu sshd[14202]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.99.77.161 ...	2019-09-15 10:26:55
114.32.153.15	attackspambots	Sep 15 00:00:01 core sshd[12975]: Invalid user pe from 114.32.153.15 port 39052 Sep 15 00:00:03 core sshd[12975]: Failed password for invalid user pe from 114.32.153.15 port 39052 ssh2 ...	2019-09-15 10:19:24
61.228.246.54	attackbotsspam	2019-09-14T22:48:55.985333 sshd[9244]: Invalid user admin from 61.228.246.54 port 34596 2019-09-14T22:48:55.998609 sshd[9244]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.228.246.54 2019-09-14T22:48:55.985333 sshd[9244]: Invalid user admin from 61.228.246.54 port 34596 2019-09-14T22:48:57.787542 sshd[9244]: Failed password for invalid user admin from 61.228.246.54 port 34596 ssh2 2019-09-14T22:48:55.998609 sshd[9244]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.228.246.54 2019-09-14T22:48:55.985333 sshd[9244]: Invalid user admin from 61.228.246.54 port 34596 2019-09-14T22:48:57.787542 sshd[9244]: Failed password for invalid user admin from 61.228.246.54 port 34596 ssh2 2019-09-14T22:49:01.587410 sshd[9244]: Failed password for invalid user admin from 61.228.246.54 port 34596 ssh2 ...	2019-09-15 10:32:33
23.95.222.181	attackspambots	[portscan] Port scan	2019-09-15 10:54:22
142.93.69.223	attack	Sep 15 02:03:43 microserver sshd[17152]: Invalid user test from 142.93.69.223 port 39408 Sep 15 02:03:43 microserver sshd[17152]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.69.223 Sep 15 02:03:46 microserver sshd[17152]: Failed password for invalid user test from 142.93.69.223 port 39408 ssh2 Sep 15 02:07:50 microserver sshd[17800]: Invalid user test from 142.93.69.223 port 55538 Sep 15 02:07:50 microserver sshd[17800]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.69.223 Sep 15 02:20:06 microserver sshd[19451]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.69.223 user=root Sep 15 02:20:08 microserver sshd[19451]: Failed password for root from 142.93.69.223 port 46994 ssh2 Sep 15 02:24:13 microserver sshd[20042]: Invalid user stefan from 142.93.69.223 port 34678 Sep 15 02:24:13 microserver sshd[20042]: pam_unix(sshd:auth): authentication failure; logname= uid=0	2019-09-15 10:47:44
171.238.41.51	attackbotsspam	Chat Spam	2019-09-15 10:37:05
129.28.97.252	attackspambots	Automatic report - Banned IP Access	2019-09-15 10:57:32

Recently Reported IPs

92.30.144.219	125.85.152.253	119.4.96.0	204.233.0.224
9.70.71.126	228.120.236.174	180.135.113.35	1.206.42.121
245.61.243.68	59.229.44.200	35.175.181.112	157.82.236.108
53.61.59.9	167.206.40.203	151.101.90.44	190.122.240.199
185.101.217.215	177.79.4.131	7.54.207.40	153.35.93.145