138.68.45.72 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
138.68.45.164	attack	Attempt to hack Wordpress Login, XMLRPC or other login	2020-10-07 05:15:44
138.68.45.164	attackspambots	138.68.45.164 - - [06/Oct/2020:12:16:54 +0100] "POST /wp-login.php HTTP/1.1" 200 2426 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.45.164 - - [06/Oct/2020:12:17:01 +0100] "POST /wp-login.php HTTP/1.1" 200 2407 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.45.164 - - [06/Oct/2020:12:17:03 +0100] "POST /wp-login.php HTTP/1.1" 200 2405 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-06 21:24:16
138.68.45.164	attackbotsspam	138.68.45.164 - - [06/Oct/2020:06:45:09 +0200] "GET /wp-login.php HTTP/1.1" 200 9061 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.45.164 - - [06/Oct/2020:06:45:13 +0200] "POST /wp-login.php HTTP/1.1" 200 9312 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.45.164 - - [06/Oct/2020:06:45:14 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-10-06 13:06:21
138.68.45.170	attack	Jul 28 23:16:57 mout sshd[30832]: Invalid user abcde12345^&* from 138.68.45.170 port 37182	2019-07-29 14:03:58
138.68.45.170	attack	Jul 28 14:33:57 bouncer sshd\[27553\]: Invalid user caonima123456g from 138.68.45.170 port 56902 Jul 28 14:33:57 bouncer sshd\[27553\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.45.170 Jul 28 14:33:59 bouncer sshd\[27553\]: Failed password for invalid user caonima123456g from 138.68.45.170 port 56902 ssh2 ...	2019-07-28 20:45:17

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.68.45.72
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2896
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;138.68.45.72.			IN	A

;; AUTHORITY SECTION:
.			595	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022091400 1800 900 604800 86400

;; Query time: 145 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Sep 14 18:59:56 CST 2022
;; MSG SIZE  rcvd: 105

Host info

Host 72.45.68.138.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 72.45.68.138.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
37.252.188.130	attackspambots	2020-07-21T03:55:20.246292shield sshd\[30821\]: Invalid user azureuser from 37.252.188.130 port 36206 2020-07-21T03:55:20.263171shield sshd\[30821\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.252.188.130 2020-07-21T03:55:22.474380shield sshd\[30821\]: Failed password for invalid user azureuser from 37.252.188.130 port 36206 ssh2 2020-07-21T03:58:55.883158shield sshd\[31099\]: Invalid user fuchs from 37.252.188.130 port 44074 2020-07-21T03:58:55.892049shield sshd\[31099\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.252.188.130	2020-07-21 12:05:21
106.12.198.232	attack	(sshd) Failed SSH login from 106.12.198.232 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jul 21 05:57:50 amsweb01 sshd[26803]: Invalid user 1 from 106.12.198.232 port 51574 Jul 21 05:57:52 amsweb01 sshd[26803]: Failed password for invalid user 1 from 106.12.198.232 port 51574 ssh2 Jul 21 06:07:22 amsweb01 sshd[28461]: Invalid user jt from 106.12.198.232 port 47886 Jul 21 06:07:25 amsweb01 sshd[28461]: Failed password for invalid user jt from 106.12.198.232 port 47886 ssh2 Jul 21 06:12:51 amsweb01 sshd[29171]: Invalid user loser from 106.12.198.232 port 59446	2020-07-21 12:17:12
46.35.19.18	attackbots	Jul 20 18:54:13 NPSTNNYC01T sshd[29011]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.35.19.18 Jul 20 18:54:16 NPSTNNYC01T sshd[29011]: Failed password for invalid user tunel from 46.35.19.18 port 52962 ssh2 Jul 20 19:00:01 NPSTNNYC01T sshd[29463]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.35.19.18 ...	2020-07-21 08:35:53
182.122.7.53	attack	Lines containing failures of 182.122.7.53 Jul 20 16:07:08 smtp-out sshd[25950]: Invalid user bocloud from 182.122.7.53 port 59840 Jul 20 16:07:08 smtp-out sshd[25950]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.122.7.53 Jul 20 16:07:10 smtp-out sshd[25950]: Failed password for invalid user bocloud from 182.122.7.53 port 59840 ssh2 Jul 20 16:07:11 smtp-out sshd[25950]: Received disconnect from 182.122.7.53 port 59840:11: Bye Bye [preauth] Jul 20 16:07:11 smtp-out sshd[25950]: Disconnected from invalid user bocloud 182.122.7.53 port 59840 [preauth] Jul 20 16:32:41 smtp-out sshd[27112]: Invalid user admin from 182.122.7.53 port 38740 Jul 20 16:32:41 smtp-out sshd[27112]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.122.7.53 Jul 20 16:32:42 smtp-out sshd[27112]: Failed password for invalid user admin from 182.122.7.53 port 38740 ssh2 Jul 20 16:32:44 smtp-out sshd[27112]: Receive........ ------------------------------	2020-07-21 08:34:50
112.218.76.163	attackspambots	IMAP	2020-07-21 08:30:01
213.141.148.196	attackspambots	Invalid user tutor from 213.141.148.196 port 34384	2020-07-21 08:25:29
200.68.138.45	attackbots	Fail2Ban - HTTP Auth Bruteforce Attempt	2020-07-21 08:26:18
182.30.160.168	attackspambots	C1,WP GET /wp-login.php	2020-07-21 12:14:56
140.249.213.243	attack	SSH invalid-user multiple login try	2020-07-21 12:12:22
213.32.111.52	attackbots	SSH brute force	2020-07-21 08:37:24
185.175.93.23	attack	SmallBizIT.US 5 packets to tcp(5903,5910,5912,5916,5917)	2020-07-21 12:10:48
103.23.224.89	attackspam	Jul 21 02:06:25 vpn01 sshd[17209]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.23.224.89 Jul 21 02:06:27 vpn01 sshd[17209]: Failed password for invalid user tester from 103.23.224.89 port 53804 ssh2 ...	2020-07-21 08:32:08
108.11.213.164	attackbotsspam	Jul 21 03:09:38 hosting sshd[7536]: Invalid user cho from 108.11.213.164 port 37140 Jul 21 03:09:38 hosting sshd[7536]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=pool-108-11-213-164.hrbgpa.fios.verizon.net Jul 21 03:09:38 hosting sshd[7536]: Invalid user cho from 108.11.213.164 port 37140 Jul 21 03:09:40 hosting sshd[7536]: Failed password for invalid user cho from 108.11.213.164 port 37140 ssh2 Jul 21 03:17:14 hosting sshd[8822]: Invalid user stan from 108.11.213.164 port 44974 ...	2020-07-21 08:27:12
222.186.42.155	attack	2020-07-20T20:36:22.793664vps2034 sshd[15329]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.155 user=root 2020-07-20T20:36:24.790404vps2034 sshd[15329]: Failed password for root from 222.186.42.155 port 24120 ssh2 2020-07-20T20:36:22.793664vps2034 sshd[15329]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.155 user=root 2020-07-20T20:36:24.790404vps2034 sshd[15329]: Failed password for root from 222.186.42.155 port 24120 ssh2 2020-07-20T20:36:27.269237vps2034 sshd[15329]: Failed password for root from 222.186.42.155 port 24120 ssh2 ...	2020-07-21 08:37:00
103.74.239.110	attack	Jul 20 17:14:09 NPSTNNYC01T sshd[19557]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.74.239.110 Jul 20 17:14:11 NPSTNNYC01T sshd[19557]: Failed password for invalid user yc from 103.74.239.110 port 43400 ssh2 Jul 20 17:19:05 NPSTNNYC01T sshd[19885]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.74.239.110 ...	2020-07-21 08:38:44

Recently Reported IPs

103.27.229.91	95.188.166.128	123.5.147.236	220.166.153.217
189.5.42.131	45.8.134.69	5.188.210.205	78.100.20.145
185.2.4.97	8.29.65.74	217.57.116.34	47.78.190.184
161.35.124.171	185.30.232.69	140.210.92.177	210.210.99.21
185.136.205.165	49.68.109.224	93.194.95.21	110.119.155.174