City: unknown
Region: unknown
Country: United States
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
| IP | Type | Details | Datetime |
|---|---|---|---|
| 138.68.45.164 | attack | Attempt to hack Wordpress Login, XMLRPC or other login |
2020-10-07 05:15:44 |
| 138.68.45.164 | attackspambots | 138.68.45.164 - - [06/Oct/2020:12:16:54 +0100] "POST /wp-login.php HTTP/1.1" 200 2426 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.45.164 - - [06/Oct/2020:12:17:01 +0100] "POST /wp-login.php HTTP/1.1" 200 2407 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.45.164 - - [06/Oct/2020:12:17:03 +0100] "POST /wp-login.php HTTP/1.1" 200 2405 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ... |
2020-10-06 21:24:16 |
| 138.68.45.164 | attackbotsspam | 138.68.45.164 - - [06/Oct/2020:06:45:09 +0200] "GET /wp-login.php HTTP/1.1" 200 9061 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.45.164 - - [06/Oct/2020:06:45:13 +0200] "POST /wp-login.php HTTP/1.1" 200 9312 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.45.164 - - [06/Oct/2020:06:45:14 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" |
2020-10-06 13:06:21 |
| 138.68.45.170 | attack | Jul 28 23:16:57 mout sshd[30832]: Invalid user abcde12345^&* from 138.68.45.170 port 37182 |
2019-07-29 14:03:58 |
| 138.68.45.170 | attack | Jul 28 14:33:57 bouncer sshd\[27553\]: Invalid user caonima123456g from 138.68.45.170 port 56902 Jul 28 14:33:57 bouncer sshd\[27553\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.45.170 Jul 28 14:33:59 bouncer sshd\[27553\]: Failed password for invalid user caonima123456g from 138.68.45.170 port 56902 ssh2 ... |
2019-07-28 20:45:17 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.68.45.72
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2896
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;138.68.45.72. IN A
;; AUTHORITY SECTION:
. 595 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022091400 1800 900 604800 86400
;; Query time: 145 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Sep 14 18:59:56 CST 2022
;; MSG SIZE rcvd: 105Host 72.45.68.138.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 72.45.68.138.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 77.28.100.91 | attackspambots | Unauthorized connection attempt from IP address 77.28.100.91 on Port 445(SMB) |
2020-02-22 06:10:02 |
| 90.73.7.138 | attackspambots | Feb 21 16:47:47 plusreed sshd[5761]: Invalid user xsbk from 90.73.7.138 ... |
2020-02-22 06:00:57 |
| 222.186.42.7 | attackspambots | Feb 21 22:46:36 localhost sshd\[24467\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.7 user=root Feb 21 22:46:38 localhost sshd\[24467\]: Failed password for root from 222.186.42.7 port 43906 ssh2 Feb 21 22:46:40 localhost sshd\[24467\]: Failed password for root from 222.186.42.7 port 43906 ssh2 |
2020-02-22 05:55:46 |
| 36.110.175.28 | attack | Feb 21 22:54:05 markkoudstaal sshd[19566]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.110.175.28 Feb 21 22:54:07 markkoudstaal sshd[19566]: Failed password for invalid user openproject from 36.110.175.28 port 39078 ssh2 Feb 21 22:56:09 markkoudstaal sshd[19886]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.110.175.28 |
2020-02-22 05:56:38 |
| 158.69.197.113 | attack | Multiple SSH login attempts. |
2020-02-22 05:56:52 |
| 218.92.0.212 | attackspambots | SSH Brute-Force attacks |
2020-02-22 06:11:42 |
| 85.214.148.193 | attackbotsspam | Fake_BingBot |
2020-02-22 05:47:11 |
| 182.245.78.104 | attackspam | CN_APNIC-HM_<177>1582320720 [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 182.245.78.104:40931 |
2020-02-22 05:47:53 |
| 103.147.184.52 | attackspambots | Feb 21 22:32:16 debian-2gb-nbg1-2 kernel: \[4579943.867787\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=103.147.184.52 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=238 ID=28975 PROTO=TCP SPT=44258 DPT=3313 WINDOW=1024 RES=0x00 SYN URGP=0 |
2020-02-22 05:37:59 |
| 51.77.230.179 | attackbots | Feb 21 22:20:33 server sshd[3109391]: Failed password for invalid user ed from 51.77.230.179 port 49774 ssh2 Feb 21 22:31:37 server sshd[3115804]: Failed password for invalid user couchdb from 51.77.230.179 port 34854 ssh2 Feb 21 22:34:17 server sshd[3117257]: Failed password for invalid user harry from 51.77.230.179 port 36002 ssh2 |
2020-02-22 05:38:27 |
| 41.39.167.214 | attackspam | Unauthorized connection attempt from IP address 41.39.167.214 on Port 445(SMB) |
2020-02-22 05:52:59 |
| 168.195.98.250 | attackbots | Unauthorized connection attempt from IP address 168.195.98.250 on Port 445(SMB) |
2020-02-22 05:53:15 |
| 46.101.214.122 | attack | Hacking |
2020-02-22 05:46:45 |
| 121.123.189.233 | attackspambots | Unauthorized connection attempt from IP address 121.123.189.233 on Port 445(SMB) |
2020-02-22 06:06:28 |
| 106.13.140.138 | attackbotsspam | Feb 21 21:32:05 localhost sshd\[28066\]: Invalid user oracle from 106.13.140.138 port 42014 Feb 21 21:32:05 localhost sshd\[28066\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.140.138 Feb 21 21:32:07 localhost sshd\[28066\]: Failed password for invalid user oracle from 106.13.140.138 port 42014 ssh2 ... |
2020-02-22 05:44:36 |