138.68.85.5 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
138.68.85.208	attackspambots	Sep 20 18:31:32 localhost sshd\[25615\]: Invalid user postgres from 138.68.85.208 Sep 20 18:31:32 localhost sshd\[25615\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.85.208 Sep 20 18:31:33 localhost sshd\[25615\]: Failed password for invalid user postgres from 138.68.85.208 port 43364 ssh2 Sep 20 18:37:14 localhost sshd\[25845\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.85.208 user=root Sep 20 18:37:15 localhost sshd\[25845\]: Failed password for root from 138.68.85.208 port 55630 ssh2 ...	2020-09-21 01:43:19
138.68.85.208	attack	fail2ban	2020-09-20 17:42:46
138.68.85.208	attack	2020-09-19T08:08:58.9179131495-001 sshd[10541]: Invalid user ts from 138.68.85.208 port 59530 2020-09-19T08:08:58.9210561495-001 sshd[10541]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.85.208 2020-09-19T08:08:58.9179131495-001 sshd[10541]: Invalid user ts from 138.68.85.208 port 59530 2020-09-19T08:09:01.0799141495-001 sshd[10541]: Failed password for invalid user ts from 138.68.85.208 port 59530 ssh2 2020-09-19T08:15:13.6276231495-001 sshd[10840]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.85.208 user=root 2020-09-19T08:15:15.9323111495-001 sshd[10840]: Failed password for root from 138.68.85.208 port 43974 ssh2 ...	2020-09-19 21:01:17
138.68.85.208	attack	Sep 19 00:21:18 ny01 sshd[11981]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.85.208 Sep 19 00:21:20 ny01 sshd[11981]: Failed password for invalid user system from 138.68.85.208 port 45364 ssh2 Sep 19 00:27:37 ny01 sshd[13055]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.85.208	2020-09-19 12:56:21
138.68.85.35	attackbotsspam	May 15 08:34:40 sigma sshd\[16841\]: Invalid user ops from 138.68.85.35May 15 08:34:42 sigma sshd\[16841\]: Failed password for invalid user ops from 138.68.85.35 port 34482 ssh2 ...	2020-05-15 18:41:44
138.68.85.35	attackbots	2020-04-24T22:10:18.154784shield sshd\[20315\]: Invalid user etfile from 138.68.85.35 port 45200 2020-04-24T22:10:18.158482shield sshd\[20315\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.85.35 2020-04-24T22:10:19.953525shield sshd\[20315\]: Failed password for invalid user etfile from 138.68.85.35 port 45200 ssh2 2020-04-24T22:16:57.815410shield sshd\[21898\]: Invalid user informix from 138.68.85.35 port 48464 2020-04-24T22:16:57.819620shield sshd\[21898\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.85.35	2020-04-25 06:22:18
138.68.85.35	attack	Port probing on unauthorized port 22520	2020-04-22 18:22:22
138.68.85.35	attackbotsspam	DATE:2020-04-21 05:55:24, IP:138.68.85.35, PORT:ssh SSH brute force auth (docker-dc)	2020-04-21 14:07:07
138.68.85.35	attack	SSH Brute-Force Attack	2020-04-19 15:18:16

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.68.85.5
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6989
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;138.68.85.5.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020702 1800 900 604800 86400

;; Query time: 44 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 08 07:53:22 CST 2022
;; MSG SIZE  rcvd: 104

Host info

Host 5.85.68.138.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 5.85.68.138.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
212.92.107.25	attackbots	TCP Port Scanning	2019-11-21 17:32:07
121.254.26.153	attackbots	Nov 21 07:26:48 tuxlinux sshd[2158]: Invalid user terriffic from 121.254.26.153 port 48558 Nov 21 07:26:48 tuxlinux sshd[2158]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.254.26.153 Nov 21 07:26:48 tuxlinux sshd[2158]: Invalid user terriffic from 121.254.26.153 port 48558 Nov 21 07:26:48 tuxlinux sshd[2158]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.254.26.153 Nov 21 07:26:48 tuxlinux sshd[2158]: Invalid user terriffic from 121.254.26.153 port 48558 Nov 21 07:26:48 tuxlinux sshd[2158]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.254.26.153 Nov 21 07:26:50 tuxlinux sshd[2158]: Failed password for invalid user terriffic from 121.254.26.153 port 48558 ssh2 ...	2019-11-21 17:20:30
45.136.109.9	attackbots	Microsoft-Windows-Security-Auditing	2019-11-21 17:07:13
223.71.167.154	attackbotsspam	83/tcp 9876/tcp 7170/tcp... [2019-11-19/21]42pkt,31pt.(tcp),5pt.(udp)	2019-11-21 17:15:33
89.248.160.178	attack	firewall-block, port(s): 6651/tcp, 6771/tcp, 6892/tcp, 6914/tcp, 7008/tcp, 7026/tcp, 60500/tcp, 61005/tcp	2019-11-21 17:27:04
182.61.32.8	attackspam	2019-11-21T06:26:52.756935abusebot.cloudsearch.cf sshd\[27498\]: Invalid user murry from 182.61.32.8 port 47770	2019-11-21 17:18:14
81.22.45.135	attackspambots	11/21/2019-07:26:58.028162 81.22.45.135 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-11-21 17:14:15
37.14.184.22	attack	Lines containing failures of 37.14.184.22 Nov 19 12:20:45 server01 postfix/smtpd[21966]: connect from 22.184.14.37.dynamic.jazztel.es[37.14.184.22] Nov x@x Nov x@x Nov 19 12:20:46 server01 postfix/policy-spf[21970]: : Policy action=550 Please see hxxp://www.openspf.org/Why?s=mfrom;id=938%40iberhardware.com;ip=37.14.184.22;r=server01.2800km.de Nov x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=37.14.184.22	2019-11-21 16:58:00
130.211.96.77	attackspam	Fail2Ban Ban Triggered	2019-11-21 16:54:59
37.201.7.48	attackbotsspam	Lines containing failures of 37.201.7.48 Nov 19 12:20:25 server01 postfix/smtpd[21854]: connect from ip-37-201-7-48.hsi13.unhostnameymediagroup.de[37.201.7.48] Nov x@x Nov x@x Nov 19 12:20:25 server01 postfix/policy-spf[21859]: : Policy action=550 Please see hxxp://www.openspf.org/Why?s=mfrom;id=911%40iberhardware.com;ip=37.201.7.48;r=server01.2800km.de Nov x@x Nov 19 12:20:26 server01 postfix/smtpd[21854]: lost connection after DATA from ip-37-201-7-48.hsi13.unhostnameymediagroup.de[37.201.7.48] Nov 19 12:20:26 server01 postfix/smtpd[21854]: disconnect from ip-37-201-7-48.hsi13.unhostnameymediagroup.de[37.201.7.48] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=37.201.7.48	2019-11-21 16:54:17
103.74.54.25	attackbotsspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/103.74.54.25/ IN - 1H : (24) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : IN NAME ASN : ASN135682 IP : 103.74.54.25 CIDR : 103.74.54.0/23 PREFIX COUNT : 2 UNIQUE IP COUNT : 768 ATTACKS DETECTED ASN135682 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 DateTime : 2019-11-21 07:26:31 INFO : Server 301 - Looking for resource vulnerabilities Detected and Blocked by ADMIN - data recovery	2019-11-21 17:33:19
190.9.129.169	attackspam	Honeypot attack, port: 445, PTR: PTR record not found	2019-11-21 16:56:09
141.237.73.155	attackspambots	Nov 19 12:38:45 mxgate1 postfix/postscreen[3945]: CONNECT from [141.237.73.155]:18527 to [176.31.12.44]:25 Nov 19 12:38:45 mxgate1 postfix/dnsblog[3946]: addr 141.237.73.155 listed by domain zen.spamhaus.org as 127.0.0.4 Nov 19 12:38:45 mxgate1 postfix/dnsblog[3946]: addr 141.237.73.155 listed by domain zen.spamhaus.org as 127.0.0.11 Nov 19 12:38:45 mxgate1 postfix/dnsblog[3949]: addr 141.237.73.155 listed by domain cbl.abuseat.org as 127.0.0.2 Nov 19 12:38:45 mxgate1 postfix/dnsblog[3948]: addr 141.237.73.155 listed by domain b.barracudacentral.org as 127.0.0.2 Nov 19 12:38:51 mxgate1 postfix/postscreen[3945]: DNSBL rank 4 for [141.237.73.155]:18527 Nov x@x Nov 19 12:38:52 mxgate1 postfix/postscreen[3945]: HANGUP after 0.89 from [141.237.73.155]:18527 in tests after SMTP handshake Nov 19 12:38:52 mxgate1 postfix/postscreen[3945]: DISCONNECT [141.237.73.155]:18527 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=141.237.73.155	2019-11-21 17:32:26
61.0.254.9	attack	Honeypot attack, port: 445, PTR: PTR record not found	2019-11-21 17:28:25
222.86.159.208	attackspam	Nov 21 15:18:23 lcl-usvr-02 sshd[7116]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.86.159.208 user=nobody Nov 21 15:18:25 lcl-usvr-02 sshd[7116]: Failed password for nobody from 222.86.159.208 port 21511 ssh2 Nov 21 15:23:19 lcl-usvr-02 sshd[8243]: Invalid user stal from 222.86.159.208 port 39123 Nov 21 15:23:19 lcl-usvr-02 sshd[8243]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.86.159.208 Nov 21 15:23:19 lcl-usvr-02 sshd[8243]: Invalid user stal from 222.86.159.208 port 39123 Nov 21 15:23:21 lcl-usvr-02 sshd[8243]: Failed password for invalid user stal from 222.86.159.208 port 39123 ssh2 ...	2019-11-21 17:30:12

Recently Reported IPs

174.130.107.129	196.201.78.140	183.90.253.19	160.238.241.69
188.166.123.129	186.192.99.1	218.26.119.92	110.53.89.170
187.178.167.82	201.150.180.169	178.237.217.76	156.214.193.197
43.224.169.28	58.209.234.81	61.3.147.96	210.89.58.45
125.45.149.246	49.234.134.104	197.49.196.32	182.135.122.42