138.68.57.48 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: unknown

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
138.68.57.143	attackspambots	Exploited Host.	2020-07-26 02:41:26
138.68.57.194	attack	2020-05-28T00:37:16.710772hessvillage.com sshd\[15279\]: Invalid user 987456321 from 138.68.57.194 2020-05-28T00:39:41.488181hessvillage.com sshd\[15283\]: Invalid user 987456321 from 138.68.57.194 2020-05-28T00:42:09.221948hessvillage.com sshd\[15294\]: Invalid user 987456321 from 138.68.57.194 2020-05-28T00:44:29.266230hessvillage.com sshd\[15297\]: Invalid user sammy from 138.68.57.194 2020-05-28T00:47:08.525522hessvillage.com sshd\[15307\]: Invalid user sammy from 138.68.57.194 ...	2020-05-28 18:01:09
138.68.57.143	attack	Invalid user webstaff from 138.68.57.143 port 53974	2020-05-23 12:16:18
138.68.57.143	attack	Invalid user lqr from 138.68.57.143 port 39488	2020-05-22 02:00:33
138.68.57.207	attackbots	138.68.57.207 - - [26/Apr/2020:05:56:10 +0200] "GET /wp-login.php HTTP/1.1" 200 5686 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.57.207 - - [26/Apr/2020:05:56:13 +0200] "POST /wp-login.php HTTP/1.1" 200 5937 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.57.207 - - [26/Apr/2020:05:56:14 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-04-26 12:50:39
138.68.57.207	attackbotsspam	138.68.57.207 - - [17/Apr/2020:22:50:40 +0200] "GET /wp-login.php HTTP/1.1" 200 6463 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.57.207 - - [17/Apr/2020:22:50:42 +0200] "POST /wp-login.php HTTP/1.1" 200 7362 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.57.207 - - [17/Apr/2020:22:50:44 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-04-18 05:14:46
138.68.57.207	attackbots	CMS (WordPress or Joomla) login attempt.	2020-04-15 15:06:46
138.68.57.207	attackspam	Automatic report - XMLRPC Attack	2020-04-10 12:53:04
138.68.57.207	attackspam	xmlrpc attack	2020-04-03 00:50:30
138.68.57.207	attackspam	BURG,WP GET /wp-login.php	2020-03-13 22:35:18
138.68.57.207	attackspambots	138.68.57.207 - - [08/Jan/2020:09:48:40 +0000] "POST /wp-login.php HTTP/1.1" 200 6409 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.57.207 - - [08/Jan/2020:09:48:41 +0000] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-01-08 20:14:41
138.68.57.207	attack	xmlrpc attack	2019-12-14 16:23:09
138.68.57.207	attackbotsspam	138.68.57.207 - - \[20/Nov/2019:22:06:41 +0100\] "POST /wp-login.php HTTP/1.0" 200 4404 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 138.68.57.207 - - \[20/Nov/2019:22:06:44 +0100\] "POST /wp-login.php HTTP/1.0" 200 4236 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 138.68.57.207 - - \[20/Nov/2019:22:06:45 +0100\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-11-21 05:39:12
138.68.57.99	attackbots	Nov 18 21:15:04 venus sshd\[29451\]: Invalid user yellowst from 138.68.57.99 port 40374 Nov 18 21:15:04 venus sshd\[29451\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.57.99 Nov 18 21:15:06 venus sshd\[29451\]: Failed password for invalid user yellowst from 138.68.57.99 port 40374 ssh2 ...	2019-11-19 06:21:10
138.68.57.207	attack	138.68.57.207 - - \[17/Nov/2019:07:29:39 +0100\] "POST /wp-login.php HTTP/1.0" 200 4404 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 138.68.57.207 - - \[17/Nov/2019:07:29:42 +0100\] "POST /wp-login.php HTTP/1.0" 200 4236 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 138.68.57.207 - - \[17/Nov/2019:07:29:44 +0100\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-11-17 14:53:48

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.68.57.48
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4999
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;138.68.57.48.			IN	A

;; AUTHORITY SECTION:
.			254	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022030803 1800 900 604800 86400

;; Query time: 18 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Mar 09 07:53:21 CST 2022
;; MSG SIZE  rcvd: 105

Host info

Host 48.57.68.138.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 48.57.68.138.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
27.155.87.11	attack	Unauthorized connection attempt detected from IP address 27.155.87.11 to port 5900 [T]	2020-01-09 04:26:31
59.175.175.10	attackbotsspam	Unauthorized connection attempt detected from IP address 59.175.175.10 to port 1433 [T]	2020-01-09 04:22:34
95.174.102.38	attackbotsspam	Failed password for root from 95.174.102.38 port 13833 ssh2	2020-01-09 04:21:14
112.119.192.66	attack	Unauthorized connection attempt detected from IP address 112.119.192.66 to port 5555 [T]	2020-01-09 03:50:58
101.224.55.154	attackbots	Unauthorized connection attempt detected from IP address 101.224.55.154 to port 445 [T]	2020-01-09 03:53:12
223.221.240.54	attackspam	Unauthorized connection attempt detected from IP address 223.221.240.54 to port 445 [T]	2020-01-09 04:00:43
223.155.87.164	attackspam	Unauthorized connection attempt detected from IP address 223.155.87.164 to port 8080 [T]	2020-01-09 04:01:30
221.125.248.132	attack	Unauthorized connection attempt detected from IP address 221.125.248.132 to port 23 [T]	2020-01-09 04:29:13
60.190.202.44	attackbotsspam	Unauthorized connection attempt detected from IP address 60.190.202.44 to port 445 [T]	2020-01-09 04:22:21
223.71.167.163	attack	Unauthorized connection attempt detected from IP address 223.71.167.163 to port 8010 [T]	2020-01-09 04:01:46
61.36.119.181	attackbots	port scan and connect, tcp 22 (ssh)	2020-01-09 04:22:03
111.42.66.4	attack	Unauthorized connection attempt detected from IP address 111.42.66.4 to port 2323 [T]	2020-01-09 04:19:51
59.80.31.23	attackspam	Unauthorized connection attempt detected from IP address 59.80.31.23 to port 200 [T]	2020-01-09 04:22:54
35.228.88.29	attackspam	Unauthorized connection attempt detected from IP address 35.228.88.29 to port 80 [T]	2020-01-09 04:25:54
101.37.27.155	attackspambots	Unauthorized connection attempt detected from IP address 101.37.27.155 to port 23 [T]	2020-01-09 04:21:00

Recently Reported IPs

138.68.58.169	138.68.58.138	138.68.57.87	118.183.76.182
138.68.58.205	138.68.58.46	138.68.6.212	138.68.58.62
138.68.60.153	138.68.60.210	138.68.6.61	118.183.79.11
138.68.61.186	138.68.6.253	138.68.61.139	138.68.61.240
138.68.61.169	138.68.61.252	138.68.61.255	138.68.63.125