138.68.45.120 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
138.68.45.164	attack	Attempt to hack Wordpress Login, XMLRPC or other login	2020-10-07 05:15:44
138.68.45.164	attackspambots	138.68.45.164 - - [06/Oct/2020:12:16:54 +0100] "POST /wp-login.php HTTP/1.1" 200 2426 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.45.164 - - [06/Oct/2020:12:17:01 +0100] "POST /wp-login.php HTTP/1.1" 200 2407 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.45.164 - - [06/Oct/2020:12:17:03 +0100] "POST /wp-login.php HTTP/1.1" 200 2405 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-06 21:24:16
138.68.45.164	attackbotsspam	138.68.45.164 - - [06/Oct/2020:06:45:09 +0200] "GET /wp-login.php HTTP/1.1" 200 9061 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.45.164 - - [06/Oct/2020:06:45:13 +0200] "POST /wp-login.php HTTP/1.1" 200 9312 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.45.164 - - [06/Oct/2020:06:45:14 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-10-06 13:06:21
138.68.45.170	attack	Jul 28 23:16:57 mout sshd[30832]: Invalid user abcde12345^&* from 138.68.45.170 port 37182	2019-07-29 14:03:58
138.68.45.170	attack	Jul 28 14:33:57 bouncer sshd\[27553\]: Invalid user caonima123456g from 138.68.45.170 port 56902 Jul 28 14:33:57 bouncer sshd\[27553\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.45.170 Jul 28 14:33:59 bouncer sshd\[27553\]: Failed password for invalid user caonima123456g from 138.68.45.170 port 56902 ssh2 ...	2019-07-28 20:45:17

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.68.45.120
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 28859
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;138.68.45.120.			IN	A

;; AUTHORITY SECTION:
.			409	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021702 1800 900 604800 86400

;; Query time: 23 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 11:58:37 CST 2022
;; MSG SIZE  rcvd: 106

Host info

120.45.68.138.in-addr.arpa domain name pointer miguelgrinberg.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
120.45.68.138.in-addr.arpa	name = miguelgrinberg.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
149.129.251.229	attackbots	Aug 27 09:21:15 master sshd[26681]: Failed password for invalid user applmgr from 149.129.251.229 port 35366 ssh2 Aug 27 09:29:46 master sshd[26734]: Failed password for invalid user bsd1 from 149.129.251.229 port 54362 ssh2 Aug 27 09:34:41 master sshd[27071]: Failed password for invalid user psiege from 149.129.251.229 port 44084 ssh2 Aug 27 09:39:24 master sshd[27103]: Failed password for root from 149.129.251.229 port 33772 ssh2 Aug 27 09:44:08 master sshd[27133]: Failed password for invalid user stany from 149.129.251.229 port 51690 ssh2 Aug 27 09:49:03 master sshd[27176]: Failed password for invalid user kayla from 149.129.251.229 port 41376 ssh2 Aug 27 09:53:55 master sshd[27208]: Failed password for invalid user mysql from 149.129.251.229 port 59298 ssh2 Aug 27 09:58:34 master sshd[27242]: Failed password for invalid user corinna from 149.129.251.229 port 48984 ssh2 Aug 27 10:03:15 master sshd[27581]: Failed password for invalid user ifanw from 149.129.251.229 port 38670 ssh2 Aug 27 10:08:12 master ssh	2019-08-27 20:14:27
111.230.151.134	attack	Aug 27 14:08:09 vps691689 sshd[2178]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.230.151.134 Aug 27 14:08:11 vps691689 sshd[2178]: Failed password for invalid user drug from 111.230.151.134 port 46286 ssh2 ...	2019-08-27 20:23:34
103.105.42.26	attack	Automatic report - Port Scan Attack	2019-08-27 20:46:32
178.128.86.127	attackspam	Aug 27 02:03:13 aiointranet sshd\[11489\]: Invalid user cpotter from 178.128.86.127 Aug 27 02:03:13 aiointranet sshd\[11489\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.86.127 Aug 27 02:03:14 aiointranet sshd\[11489\]: Failed password for invalid user cpotter from 178.128.86.127 port 56388 ssh2 Aug 27 02:08:04 aiointranet sshd\[11913\]: Invalid user le from 178.128.86.127 Aug 27 02:08:04 aiointranet sshd\[11913\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.86.127	2019-08-27 20:26:35
80.211.0.78	attack	Aug 27 14:14:13 lnxweb62 sshd[12136]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.0.78	2019-08-27 20:30:28
191.7.8.180	attack	Aug 27 12:12:50 [host] sshd[22419]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.7.8.180 user=root Aug 27 12:12:52 [host] sshd[22419]: Failed password for root from 191.7.8.180 port 57335 ssh2 Aug 27 12:17:58 [host] sshd[22543]: Invalid user betrieb from 191.7.8.180 Aug 27 12:17:58 [host] sshd[22543]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.7.8.180	2019-08-27 20:32:57
104.248.72.243	attackspam	Aug 27 08:18:59 TORMINT sshd\[14340\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.72.243 user=root Aug 27 08:19:00 TORMINT sshd\[14340\]: Failed password for root from 104.248.72.243 port 38518 ssh2 Aug 27 08:26:39 TORMINT sshd\[14650\]: Invalid user comtech from 104.248.72.243 Aug 27 08:26:39 TORMINT sshd\[14650\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.72.243 ...	2019-08-27 20:28:15
5.14.75.125	attack	Automatic report - Port Scan Attack	2019-08-27 20:38:28
165.227.0.220	attack	Aug 27 02:26:55 aiointranet sshd\[13653\]: Invalid user adolf from 165.227.0.220 Aug 27 02:26:55 aiointranet sshd\[13653\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.0.220 Aug 27 02:26:56 aiointranet sshd\[13653\]: Failed password for invalid user adolf from 165.227.0.220 port 35214 ssh2 Aug 27 02:31:00 aiointranet sshd\[14018\]: Invalid user joshua from 165.227.0.220 Aug 27 02:31:00 aiointranet sshd\[14018\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.0.220	2019-08-27 20:41:05
125.76.225.11	attackspambots	[TueAug2711:05:28.0803052019][:error][pid13495:tid47849310029568][client125.76.225.11:62388][client125.76.225.11]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch"\(\?:\\\\\\\\\(chr\?\\\\\\\\\(\?[0-9]{1\,3}\?\\\\\\\\\)\\|\?=\?f\(\?:open\\|write\)\?\\\\\\\\\(\\|\\\\\\\\b\(\?:passthru\\|serialize\\|php_uname\\|phpinfo\\|shell_exec\\|preg_\\\\\\\\w \\|mysql_query\\|exec\\|eval\\|base64_decode\\|decode_base64\\|rot13\\|base64_url_decode\\|gz\(\?:inflate\\|decode\\|uncompress\)\\|strrev\\|zlib_\\\\\\\\w \)\\\\\\\\b\?\(\?..."atARGS:admin.[file"/usr/local/apache.ea3/conf/modsec_rules/10_asl_rules.conf"][line"767"][id"340095"][rev"53"][msg"Atomicorp.comWAFRules:AttackBlocked-PHPfunctioninArgument-thismaybeanattack."][data"die\(@md5\,ARGS:admin"][severity"CRITICAL"][hostname"81.17.25.235"][uri"/App.php"][unique_id"XWTyWGbH8KL3ZJzJxVqpgAAAABQ"][TueAug2711:05:57.9219612019][:error][pid13757:tid47849212626688][client125.76.225.11:6045][client125.76.225.11]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternma	2019-08-27 20:15:22
140.143.195.91	attackspam	Aug 27 14:25:53 dedicated sshd[3284]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.195.91 user=root Aug 27 14:25:54 dedicated sshd[3284]: Failed password for root from 140.143.195.91 port 41354 ssh2	2019-08-27 20:41:59
118.89.187.70	attackbots	Aug 27 09:09:47 raspberrypi sshd\[31478\]: Invalid user dummy from 118.89.187.70Aug 27 09:09:48 raspberrypi sshd\[31478\]: Failed password for invalid user dummy from 118.89.187.70 port 49262 ssh2Aug 27 09:34:24 raspberrypi sshd\[31887\]: Invalid user sonia from 118.89.187.70 ...	2019-08-27 20:12:22
185.222.58.170	attackspambots	joshuajohannes.de 185.222.58.170 \[27/Aug/2019:11:21:35 +0200\] "POST /wp-login.php HTTP/1.1" 200 5603 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" joshuajohannes.de 185.222.58.170 \[27/Aug/2019:11:21:35 +0200\] "POST /wp-login.php HTTP/1.1" 200 5610 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-08-27 20:40:32
155.64.38.122	attackbots	Caught in portsentry honeypot	2019-08-27 20:46:54
211.52.103.197	attack	Aug 27 12:37:18 meumeu sshd[19908]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.52.103.197 Aug 27 12:37:20 meumeu sshd[19908]: Failed password for invalid user test from 211.52.103.197 port 56430 ssh2 Aug 27 12:42:03 meumeu sshd[20371]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.52.103.197 ...	2019-08-27 20:07:41

Recently Reported IPs

138.68.47.16	138.68.44.164	138.68.40.123	138.68.49.108
138.68.5.118	138.68.4.189	138.68.5.187	138.68.51.125
138.68.5.228	138.68.50.15	138.68.51.67	138.68.52.143
138.68.55.125	138.68.59.23	138.68.6.130	138.68.56.0
138.68.60.208	138.68.61.230	138.68.60.118	138.68.63.97