138.68.165.102

Basic Info

City: London

Region: England

Country: United Kingdom

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: DigitalOcean, LLC

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	$f2bV_matches	2020-01-28 04:23:19
attack	Unauthorized connection attempt detected from IP address 138.68.165.102 to port 2220 [J]	2020-01-22 00:34:37
attackspambots	Unauthorized connection attempt detected from IP address 138.68.165.102 to port 2220 [J]	2020-01-12 00:34:22
attackspambots	Unauthorized connection attempt detected from IP address 138.68.165.102 to port 2220 [J]	2020-01-07 13:05:09
attack	<6 unauthorized SSH connections	2019-12-26 16:08:05
attackbots	Dec 23 23:26:50 gw1 sshd[584]: Failed password for root from 138.68.165.102 port 46986 ssh2 ...	2019-12-24 02:59:20
attack	20 attempts against mh-ssh on cloud.magehost.pro	2019-12-23 02:49:05
attackspambots	Dec 21 10:38:33 microserver sshd[64973]: Invalid user qs from 138.68.165.102 port 46036 Dec 21 10:38:33 microserver sshd[64973]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.165.102 Dec 21 10:38:35 microserver sshd[64973]: Failed password for invalid user qs from 138.68.165.102 port 46036 ssh2 Dec 21 10:44:15 microserver sshd[570]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.165.102 user=root Dec 21 10:44:17 microserver sshd[570]: Failed password for root from 138.68.165.102 port 53004 ssh2 Dec 21 10:55:28 microserver sshd[2584]: Invalid user duckworth from 138.68.165.102 port 38698 Dec 21 10:55:28 microserver sshd[2584]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.165.102 Dec 21 10:55:31 microserver sshd[2584]: Failed password for invalid user duckworth from 138.68.165.102 port 38698 ssh2 Dec 21 11:01:26 microserver sshd[3403]: pam_unix(sshd:auth): authentic	2019-12-21 17:15:39
attack	SSH bruteforce (Triggered fail2ban)	2019-12-17 02:48:25
attackspam	Dec 9 05:56:13 vpn01 sshd[27513]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.165.102 Dec 9 05:56:15 vpn01 sshd[27513]: Failed password for invalid user 123456 from 138.68.165.102 port 48194 ssh2 ...	2019-12-09 13:51:36
attackspambots	Dec 4 14:21:36 TORMINT sshd\[22420\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.165.102 user=root Dec 4 14:21:37 TORMINT sshd\[22420\]: Failed password for root from 138.68.165.102 port 55164 ssh2 Dec 4 14:27:01 TORMINT sshd\[22886\]: Invalid user admin from 138.68.165.102 Dec 4 14:27:01 TORMINT sshd\[22886\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.165.102 ...	2019-12-05 04:19:15
attackbots	ssh failed login	2019-12-01 22:22:54
attackbotsspam	Nov 27 09:10:41 hpm sshd\[13882\]: Invalid user ftpuser from 138.68.165.102 Nov 27 09:10:41 hpm sshd\[13882\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.165.102 Nov 27 09:10:43 hpm sshd\[13882\]: Failed password for invalid user ftpuser from 138.68.165.102 port 48806 ssh2 Nov 27 09:16:47 hpm sshd\[14390\]: Invalid user wwwrun from 138.68.165.102 Nov 27 09:16:47 hpm sshd\[14390\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.165.102	2019-11-28 03:22:31
attack	Nov 19 09:16:13 linuxvps sshd\[50929\]: Invalid user lafay from 138.68.165.102 Nov 19 09:16:13 linuxvps sshd\[50929\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.165.102 Nov 19 09:16:15 linuxvps sshd\[50929\]: Failed password for invalid user lafay from 138.68.165.102 port 34760 ssh2 Nov 19 09:20:19 linuxvps sshd\[53495\]: Invalid user server from 138.68.165.102 Nov 19 09:20:19 linuxvps sshd\[53495\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.165.102	2019-11-19 23:32:11
attackbots	Nov 17 18:09:14 lnxweb61 sshd[9323]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.165.102 Nov 17 18:09:17 lnxweb61 sshd[9323]: Failed password for invalid user ristl from 138.68.165.102 port 41884 ssh2 Nov 17 18:12:31 lnxweb61 sshd[12225]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.165.102	2019-11-18 01:17:46
attackspambots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/138.68.165.102/ NL - 1H : (31) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : NL NAME ASN : ASN14061 IP : 138.68.165.102 CIDR : 138.68.160.0/20 PREFIX COUNT : 490 UNIQUE IP COUNT : 1963008 ATTACKS DETECTED ASN14061 : 1H - 2 3H - 2 6H - 2 12H - 3 24H - 9 DateTime : 2019-11-13 07:18:22 INFO : Port SSH 22 Scan Detected and Blocked by ADMIN - data recovery	2019-11-13 22:06:58
attackbotsspam	Repeated brute force against a port	2019-11-12 16:24:30
attack	Nov 9 23:21:09 sauna sshd[92733]: Failed password for root from 138.68.165.102 port 33614 ssh2 Nov 9 23:26:28 sauna sshd[92827]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.165.102 ...	2019-11-10 05:28:30
attackspambots	Oct 6 16:10:15 core sshd[4660]: Invalid user P4$$w0rd@2018 from 138.68.165.102 port 49156 Oct 6 16:10:17 core sshd[4660]: Failed password for invalid user P4$$w0rd@2018 from 138.68.165.102 port 49156 ssh2 ...	2019-10-06 22:29:26
attack	Oct 5 22:16:51 vtv3 sshd\[11587\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.165.102 user=root Oct 5 22:16:53 vtv3 sshd\[11587\]: Failed password for root from 138.68.165.102 port 45136 ssh2 Oct 5 22:20:16 vtv3 sshd\[13385\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.165.102 user=root Oct 5 22:20:18 vtv3 sshd\[13385\]: Failed password for root from 138.68.165.102 port 57038 ssh2 Oct 5 22:23:47 vtv3 sshd\[14830\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.165.102 user=root Oct 5 22:34:23 vtv3 sshd\[20342\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.165.102 user=root Oct 5 22:34:25 vtv3 sshd\[20342\]: Failed password for root from 138.68.165.102 port 48212 ssh2 Oct 5 22:38:02 vtv3 sshd\[22283\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser=	2019-10-06 04:09:08
attackbots	Oct 1 00:58:26 venus sshd\[9538\]: Invalid user 1234 from 138.68.165.102 port 51162 Oct 1 00:58:26 venus sshd\[9538\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.165.102 Oct 1 00:58:29 venus sshd\[9538\]: Failed password for invalid user 1234 from 138.68.165.102 port 51162 ssh2 ...	2019-10-01 09:23:00
attackbotsspam	Sep 27 17:23:20 ny01 sshd[32075]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.165.102 Sep 27 17:23:22 ny01 sshd[32075]: Failed password for invalid user admin from 138.68.165.102 port 34844 ssh2 Sep 27 17:27:25 ny01 sshd[673]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.165.102	2019-09-28 05:38:03
attackbotsspam	2019-09-26T09:39:02.7400431495-001 sshd\[5961\]: Failed password for invalid user qomo from 138.68.165.102 port 53568 ssh2 2019-09-26T09:51:36.3381051495-001 sshd\[6924\]: Invalid user guide from 138.68.165.102 port 37186 2019-09-26T09:51:36.3410551495-001 sshd\[6924\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.165.102 2019-09-26T09:51:38.2944311495-001 sshd\[6924\]: Failed password for invalid user guide from 138.68.165.102 port 37186 ssh2 2019-09-26T09:55:52.5074081495-001 sshd\[7253\]: Invalid user oracle from 138.68.165.102 port 50546 2019-09-26T09:55:52.5104171495-001 sshd\[7253\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.165.102 ...	2019-09-26 22:09:51
attackspambots	2019-09-20T15:17:10.315957centos sshd\[17100\]: Invalid user celery from 138.68.165.102 port 57888 2019-09-20T15:17:10.320930centos sshd\[17100\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.165.102 2019-09-20T15:17:12.024425centos sshd\[17100\]: Failed password for invalid user celery from 138.68.165.102 port 57888 ssh2	2019-09-20 23:45:01
attackspam	'Fail2Ban'	2019-09-16 02:51:56
attack	Sep 14 09:51:11 php2 sshd\[7697\]: Invalid user lassi from 138.68.165.102 Sep 14 09:51:11 php2 sshd\[7697\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.165.102 Sep 14 09:51:13 php2 sshd\[7697\]: Failed password for invalid user lassi from 138.68.165.102 port 48540 ssh2 Sep 14 09:55:32 php2 sshd\[8067\]: Invalid user student9 from 138.68.165.102 Sep 14 09:55:32 php2 sshd\[8067\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.165.102	2019-09-15 10:58:49
attackbots	Sep 12 11:29:40 web8 sshd\[14335\]: Invalid user sinusbot from 138.68.165.102 Sep 12 11:29:40 web8 sshd\[14335\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.165.102 Sep 12 11:29:42 web8 sshd\[14335\]: Failed password for invalid user sinusbot from 138.68.165.102 port 46216 ssh2 Sep 12 11:36:00 web8 sshd\[17435\]: Invalid user server from 138.68.165.102 Sep 12 11:36:00 web8 sshd\[17435\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.165.102	2019-09-12 22:38:15
attackbots	Sep 5 21:53:20 web9 sshd\[12035\]: Invalid user steam from 138.68.165.102 Sep 5 21:53:20 web9 sshd\[12035\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.165.102 Sep 5 21:53:22 web9 sshd\[12035\]: Failed password for invalid user steam from 138.68.165.102 port 58690 ssh2 Sep 5 21:57:37 web9 sshd\[12765\]: Invalid user postgres from 138.68.165.102 Sep 5 21:57:37 web9 sshd\[12765\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.165.102	2019-09-06 16:29:21
attackbotsspam	Sep 3 17:37:22 php2 sshd\[1726\]: Invalid user admin from 138.68.165.102 Sep 3 17:37:22 php2 sshd\[1726\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.165.102 Sep 3 17:37:24 php2 sshd\[1726\]: Failed password for invalid user admin from 138.68.165.102 port 57604 ssh2 Sep 3 17:41:45 php2 sshd\[2276\]: Invalid user dummy from 138.68.165.102 Sep 3 17:41:45 php2 sshd\[2276\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.165.102	2019-09-04 17:26:30
attack	Sep 2 13:20:54 friendsofhawaii sshd\[21434\]: Invalid user git from 138.68.165.102 Sep 2 13:20:54 friendsofhawaii sshd\[21434\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.165.102 Sep 2 13:20:56 friendsofhawaii sshd\[21434\]: Failed password for invalid user git from 138.68.165.102 port 50452 ssh2 Sep 2 13:24:45 friendsofhawaii sshd\[21730\]: Invalid user tester from 138.68.165.102 Sep 2 13:24:45 friendsofhawaii sshd\[21730\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.165.102	2019-09-03 07:37:44

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.68.165.102
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 35563
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.68.165.102.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019050900 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Thu May 09 19:07:37 +08 2019
;; MSG SIZE  rcvd: 118

Host info

Host 102.165.68.138.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 102.165.68.138.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
112.85.42.188	attackspambots	02/07/2020-19:25:39.795559 112.85.42.188 Protocol: 6 ET SCAN Potential SSH Scan	2020-02-08 08:26:56
40.77.191.247	attackspam	43 attempts against mh-misbehave-ban on float	2020-02-08 08:49:15
122.51.248.146	attackbots	SSH / Telnet Brute Force Attempts on Honeypot	2020-02-08 09:04:01
185.232.67.5	attack	Feb 8 01:47:50 dedicated sshd[7112]: Invalid user admin from 185.232.67.5 port 50092	2020-02-08 09:08:36
178.46.215.45	attackspam	23/tcp 23/tcp 23/tcp... [2020-02-06/07]11pkt,1pt.(tcp)	2020-02-08 09:00:18
218.92.0.212	attackspam	SSH-BruteForce	2020-02-08 08:48:18
120.70.101.30	attackbotsspam	SSH Bruteforce attack	2020-02-08 08:25:23
168.63.25.221	attack	3389/tcp 3389/tcp 3389/tcp... [2020-02-02/07]6pkt,1pt.(tcp)	2020-02-08 08:48:37
92.50.249.166	attackbotsspam	Feb 7 23:37:52 163-172-32-151 sshd[26547]: Invalid user cyk from 92.50.249.166 port 45698 ...	2020-02-08 08:36:45
117.5.215.153	attackspambots	23/tcp 8081/tcp [2020-02-05/07]2pkt	2020-02-08 08:46:43
162.243.59.16	attack	Feb 8 01:23:48 server sshd\[5892\]: Invalid user kdl from 162.243.59.16 Feb 8 01:23:48 server sshd\[5892\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.59.16 Feb 8 01:23:50 server sshd\[5892\]: Failed password for invalid user kdl from 162.243.59.16 port 53380 ssh2 Feb 8 01:37:21 server sshd\[8084\]: Invalid user fht from 162.243.59.16 Feb 8 01:37:21 server sshd\[8084\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.59.16 ...	2020-02-08 09:03:44
222.127.53.107	attackspambots	Feb 8 00:30:40 silence02 sshd[18797]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.127.53.107 Feb 8 00:30:42 silence02 sshd[18797]: Failed password for invalid user awl from 222.127.53.107 port 33891 ssh2 Feb 8 00:37:27 silence02 sshd[19289]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.127.53.107	2020-02-08 09:03:14
37.187.132.5	attackspambots	Attacks websites by trying to access known vulnerables of plugins, brute-force of backends or probing of administrative tools	2020-02-08 08:56:38
118.24.9.152	attackbots	Feb 8 01:49:42 [munged] sshd[4691]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.9.152	2020-02-08 09:06:24
182.254.244.238	attackbots	445/tcp 1433/tcp... [2019-12-19/2020-02-07]11pkt,2pt.(tcp)	2020-02-08 08:37:29

Recently Reported IPs

36.75.170.209	94.177.240.64	44.105.50.195	104.131.48.94
197.59.104.2	75.235.12.73	30.72.33.78	190.25.219.250
99.8.113.206	79.140.153.19	78.24.182.42	202.222.216.67
1.52.121.202	75.253.1.3	85.154.106.31	206.146.0.230
78.188.139.181	53.227.140.22	181.143.56.178	132.162.87.124