138.68.8.161 - IPInfo

Basic Info

City: Santa Clara

Region: California

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
138.68.81.162	attack	2020-10-13T08:05:05.291545mail.thespaminator.com sshd[31503]: Failed password for root from 138.68.81.162 port 41028 ssh2 2020-10-13T08:09:40.391450mail.thespaminator.com sshd[32109]: Invalid user qwerty from 138.68.81.162 port 37522 ...	2020-10-13 20:53:02
138.68.81.162	attackbotsspam	Oct 13 02:03:02 web-main sshd[3402804]: Failed password for invalid user victor from 138.68.81.162 port 48810 ssh2 Oct 13 02:17:56 web-main sshd[3404657]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.81.162 user=root Oct 13 02:17:59 web-main sshd[3404657]: Failed password for root from 138.68.81.162 port 54682 ssh2	2020-10-13 12:22:30
138.68.81.162	attack	Oct 12 21:10:20 ws26vmsma01 sshd[193768]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.81.162 Oct 12 21:10:22 ws26vmsma01 sshd[193768]: Failed password for invalid user nishida from 138.68.81.162 port 49444 ssh2 ...	2020-10-13 05:12:06
138.68.80.235	attackbots	138.68.80.235 - - [05/Oct/2020:07:51:33 -0700] "GET /wp-login.php HTTP/1.1" 301 561 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-06 06:43:36
138.68.80.235	attack	138.68.80.235 - - [05/Oct/2020:07:51:33 -0700] "GET /wp-login.php HTTP/1.1" 301 561 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-05 22:52:10
138.68.80.235	attack	hacking	2020-10-05 14:46:56
138.68.80.235	attack	138.68.80.235 - - [29/Sep/2020:17:56:59 +0100] "POST /wp-login.php HTTP/1.1" 200 2243 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.80.235 - - [29/Sep/2020:17:57:00 +0100] "POST /wp-login.php HTTP/1.1" 200 2287 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.80.235 - - [29/Sep/2020:17:57:00 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-30 04:31:31
138.68.80.235	attackbots	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-09-29 20:39:51
138.68.80.235	attackspam	138.68.80.235 - - [29/Sep/2020:03:56:38 +0100] "POST /wp-login.php HTTP/1.1" 401 3568 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.80.235 - - [29/Sep/2020:03:56:40 +0100] "POST /wp-login.php HTTP/1.1" 401 3568 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.80.235 - - [29/Sep/2020:03:56:41 +0100] "POST /wp-login.php HTTP/1.1" 401 3568 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-29 12:48:53
138.68.80.235	attackbotsspam	C1,WP GET /suche/wp-login.php	2020-09-29 06:51:54
138.68.81.162	attack	Sep 28 15:48:49 lanister sshd[18241]: Failed password for invalid user tom from 138.68.81.162 port 49648 ssh2 Sep 28 15:53:58 lanister sshd[18288]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.81.162 user=root Sep 28 15:53:59 lanister sshd[18288]: Failed password for root from 138.68.81.162 port 58818 ssh2 Sep 28 15:58:48 lanister sshd[18336]: Invalid user corinna from 138.68.81.162	2020-09-29 04:16:32
138.68.80.235	attack	xmlrpc attack	2020-09-28 23:19:46
138.68.81.162	attackspam	Invalid user richard from 138.68.81.162 port 35616	2020-09-28 20:30:29
138.68.80.235	attack	xmlrpc attack	2020-09-28 15:23:17
138.68.85.208	attackspambots	Sep 20 18:31:32 localhost sshd\[25615\]: Invalid user postgres from 138.68.85.208 Sep 20 18:31:32 localhost sshd\[25615\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.85.208 Sep 20 18:31:33 localhost sshd\[25615\]: Failed password for invalid user postgres from 138.68.85.208 port 43364 ssh2 Sep 20 18:37:14 localhost sshd\[25845\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.85.208 user=root Sep 20 18:37:15 localhost sshd\[25845\]: Failed password for root from 138.68.85.208 port 55630 ssh2 ...	2020-09-21 01:43:19

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.68.8.161
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 59607
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;138.68.8.161.			IN	A

;; AUTHORITY SECTION:
.			240	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021802 1800 900 604800 86400

;; Query time: 59 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Feb 19 12:46:00 CST 2022
;; MSG SIZE  rcvd: 105

Host info

Host 161.8.68.138.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 161.8.68.138.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
110.77.202.206	attackspambots	Unauthorized connection attempt detected from IP address 110.77.202.206 to port 23 [J]	2020-02-29 20:42:43
37.59.45.166	attackspam	Brute-force attempt banned	2020-02-29 20:21:20
51.255.51.127	attackspambots	WordPress login Brute force / Web App Attack on client site.	2020-02-29 20:25:47
114.67.112.231	attackbotsspam	2020-02-29T12:35:00.371505shield sshd\[10720\]: Invalid user wangmeng from 114.67.112.231 port 33134 2020-02-29T12:35:00.375472shield sshd\[10720\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.112.231 2020-02-29T12:35:02.615987shield sshd\[10720\]: Failed password for invalid user wangmeng from 114.67.112.231 port 33134 ssh2 2020-02-29T12:42:48.151149shield sshd\[12606\]: Invalid user jayheo from 114.67.112.231 port 42586 2020-02-29T12:42:48.155662shield sshd\[12606\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.112.231	2020-02-29 20:56:40
104.236.224.69	attackspam	SSH bruteforce	2020-02-29 20:48:16
120.157.45.204	attack	2020-02-29T05:35:23.531490abusebot-7.cloudsearch.cf sshd[12567]: Invalid user cashier from 120.157.45.204 port 47586 2020-02-29T05:35:23.538096abusebot-7.cloudsearch.cf sshd[12567]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.157.45.204 2020-02-29T05:35:23.531490abusebot-7.cloudsearch.cf sshd[12567]: Invalid user cashier from 120.157.45.204 port 47586 2020-02-29T05:35:25.415657abusebot-7.cloudsearch.cf sshd[12567]: Failed password for invalid user cashier from 120.157.45.204 port 47586 ssh2 2020-02-29T05:37:16.927732abusebot-7.cloudsearch.cf sshd[12661]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.157.45.204 user=root 2020-02-29T05:37:18.650144abusebot-7.cloudsearch.cf sshd[12661]: Failed password for root from 120.157.45.204 port 50019 ssh2 2020-02-29T05:38:52.354848abusebot-7.cloudsearch.cf sshd[12749]: Invalid user ubuntu from 120.157.45.204 port 52453 ...	2020-02-29 20:37:39
45.64.1.57	attackbotsspam	Automatic report - XMLRPC Attack	2020-02-29 20:24:30
58.225.75.147	attackspambots	02/29/2020-06:16:43.746964 58.225.75.147 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-02-29 20:44:22
146.120.97.55	attackbots	Feb 29 14:25:56 gw1 sshd[6095]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.120.97.55 Feb 29 14:25:58 gw1 sshd[6095]: Failed password for invalid user yuchen from 146.120.97.55 port 47742 ssh2 ...	2020-02-29 20:53:10
103.91.181.25	attackbotsspam	Feb 29 12:59:21 ns381471 sshd[30942]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.91.181.25 Feb 29 12:59:23 ns381471 sshd[30942]: Failed password for invalid user info from 103.91.181.25 port 36082 ssh2	2020-02-29 20:33:48
43.226.144.104	attackbots	2020-02-29 05:18:27,857 fail2ban.actions [2870]: NOTICE [sshd] Ban 43.226.144.104 2020-02-29 05:58:02,929 fail2ban.actions [2870]: NOTICE [sshd] Ban 43.226.144.104 2020-02-29 06:38:25,995 fail2ban.actions [2870]: NOTICE [sshd] Ban 43.226.144.104 2020-02-29 07:20:23,937 fail2ban.actions [2870]: NOTICE [sshd] Ban 43.226.144.104 2020-02-29 08:02:32,708 fail2ban.actions [2870]: NOTICE [sshd] Ban 43.226.144.104 ...	2020-02-29 20:49:29
79.104.39.6	attack	Feb 29 08:03:44 ns382633 sshd\[2340\]: Invalid user bpadmin from 79.104.39.6 port 37770 Feb 29 08:03:44 ns382633 sshd\[2340\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.104.39.6 Feb 29 08:03:46 ns382633 sshd\[2340\]: Failed password for invalid user bpadmin from 79.104.39.6 port 37770 ssh2 Feb 29 08:36:32 ns382633 sshd\[7908\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.104.39.6 user=root Feb 29 08:36:33 ns382633 sshd\[7908\]: Failed password for root from 79.104.39.6 port 42950 ssh2	2020-02-29 20:34:59
111.229.20.220	attack	Unauthorized connection attempt detected from IP address 111.229.20.220 to port 23 [J]	2020-02-29 20:22:51
92.63.196.3	attack	Fail2Ban Ban Triggered	2020-02-29 20:40:31
5.135.165.55	attackspambots	Feb 29 17:42:45 gw1 sshd[14404]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.135.165.55 Feb 29 17:42:47 gw1 sshd[14404]: Failed password for invalid user tomcat from 5.135.165.55 port 51956 ssh2 ...	2020-02-29 20:54:38

Recently Reported IPs

82.46.160.81	174.68.211.8	138.81.131.132	28.111.186.173
138.97.200.207	139.135.229.25	139.162.12.150	139.162.146.175
139.198.105.252	139.198.172.167	215.252.76.140	28.1.8.194
139.59.111.15	139.59.120.142	139.59.133.126	139.59.227.157
139.59.23.133	139.59.31.18	139.59.40.95	139.59.44.119