138.68.208.116

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	43521/tcp 587/tcp 44493/tcp... [2019-09-06/08]4pkt,4pt.(tcp)	2019-09-08 20:01:13

Comments on same subnet:

IP	Type	Details	Datetime
138.68.208.8	proxy	aggressive VPN	2023-03-02 13:44:21
138.68.208.39	attackspambots	port scan and connect, tcp 27019 (mongodb-cluster-alt)	2019-09-12 10:38:27
138.68.208.196	attackspam	port scan and connect, tcp 465 (smtps)	2019-09-10 14:05:23
138.68.208.175	attack	Hits on port : 4786	2019-09-10 14:01:28
138.68.208.157	attack	09/09/2019-21:20:20.000896 138.68.208.157 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2019-09-10 12:42:27
138.68.208.97	attackspam	firewall-block, port(s): 50000/tcp	2019-09-10 02:50:47
138.68.208.190	attackbotsspam	Portscan or hack attempt detected by psad/fwsnort	2019-09-09 18:11:54
138.68.208.157	attackbots	135/tcp 5672/tcp 5632/udp... [2019-09-06/08]5pkt,4pt.(tcp),1pt.(udp)	2019-09-09 12:12:58
138.68.208.175	attackspam	587/tcp 2362/udp 808/tcp [2019-09-06/08]3pkt	2019-09-09 12:10:41
138.68.208.152	attackspambots	port scan and connect, tcp 5432 (postgresql)	2019-09-09 12:05:11
138.68.208.25	attackspam	8080/tcp 995/tcp 8123/tcp... [2019-09-06/08]4pkt,4pt.(tcp)	2019-09-09 12:01:28
138.68.208.69	attackbotsspam	port scan and connect, tcp 2638 (sql-anywhere)	2019-09-09 11:37:28
138.68.208.159	attack	SASL Brute Force	2019-09-09 11:31:02
138.68.208.45	attackbotsspam	SASL Brute Force	2019-09-09 06:13:41
138.68.208.48	attackbots	Lines containing failures of 138.68.208.48 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=138.68.208.48	2019-09-09 04:16:38

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.68.208.116
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 8177
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.68.208.116.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019090800 1800 900 604800 86400

;; Query time: 12 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Sep 08 20:00:58 CST 2019
;; MSG SIZE  rcvd: 118

Host info

116.208.68.138.in-addr.arpa domain name pointer zg-0905a-18.stretchoid.com.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
116.208.68.138.in-addr.arpa	name = zg-0905a-18.stretchoid.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
198.108.66.17	attackspam	82/tcp 587/tcp 9200/tcp... [2019-10-25/12-15]9pkt,9pt.(tcp)	2019-12-16 08:36:40
113.141.66.227	attackspam	445/tcp 1433/tcp... [2019-10-18/12-15]8pkt,2pt.(tcp)	2019-12-16 08:16:05
103.119.2.111	attackbotsspam	192.168.21.100 - - [15/Dec/2019:22:26:03 +0000] "GET /%73%65%65%79%6F%6E/%68%74%6D%6C%6F%66%66%69%63%65%73%65%72%76%6C%65%74 HTTP/1.1" 302 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36" "103.119.2.111" 192.168.21.100 - - [15/Dec/2019:22:26:04 +0000] "GET /secure/ContactAdministrators!default.jspa HTTP/1.1" 302 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36" "103.119.2.111" 192.168.21.100 - - [15/Dec/2019:22:26:04 +0000] "GET /weaver/bsh.servlet.BshServlet HTTP/1.1" 302 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36" "103.119.2.111" 192.168.21.100 - - [15/Dec/2019:22:26:04 +0000] "GET /solr/ HTTP/1.1" 302 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36" "103.119.2.111"	2019-12-16 08:28:35
193.70.81.201	attack	2019-12-15T23:42:20.772847shield sshd\[28125\]: Invalid user web from 193.70.81.201 port 59206 2019-12-15T23:42:20.777106shield sshd\[28125\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns3036126.ip-193-70-81.eu 2019-12-15T23:42:22.801231shield sshd\[28125\]: Failed password for invalid user web from 193.70.81.201 port 59206 ssh2 2019-12-15T23:47:14.781418shield sshd\[29643\]: Invalid user sindler from 193.70.81.201 port 37404 2019-12-15T23:47:14.786970shield sshd\[29643\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns3036126.ip-193-70-81.eu	2019-12-16 08:39:28
145.239.89.243	attack	Dec 16 01:11:05 mail sshd[20415]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.89.243 Dec 16 01:11:07 mail sshd[20415]: Failed password for invalid user maraszek from 145.239.89.243 port 43936 ssh2 Dec 16 01:16:10 mail sshd[22647]: Failed password for backup from 145.239.89.243 port 51346 ssh2	2019-12-16 08:18:31
193.56.28.244	attackspam	Dec 15 17:48:46 web1 postfix/smtpd[1292]: warning: unknown[193.56.28.244]: SASL LOGIN authentication failed: authentication failure Dec 15 17:48:47 web1 postfix/smtpd[1292]: warning: unknown[193.56.28.244]: SASL LOGIN authentication failed: authentication failure Dec 15 17:48:50 web1 postfix/smtpd[1292]: warning: unknown[193.56.28.244]: SASL LOGIN authentication failed: authentication failure Dec 15 17:48:51 web1 postfix/smtpd[1292]: warning: unknown[193.56.28.244]: SASL LOGIN authentication failed: authentication failure Dec 15 17:48:53 web1 postfix/smtpd[1292]: warning: unknown[193.56.28.244]: SASL LOGIN authentication failed: authentication failure ...	2019-12-16 08:09:51
5.132.115.161	attack	Dec 16 00:50:46 meumeu sshd[20006]: Failed password for root from 5.132.115.161 port 51718 ssh2 Dec 16 00:54:49 meumeu sshd[20649]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.132.115.161 Dec 16 00:54:51 meumeu sshd[20649]: Failed password for invalid user ubnt from 5.132.115.161 port 52678 ssh2 ...	2019-12-16 08:02:47
176.57.79.145	attackbots	Dec 15 23:48:45 debian-2gb-nbg1-2 kernel: \[102913.352565\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=176.57.79.145 DST=195.201.40.59 LEN=40 TOS=0x18 PREC=0x00 TTL=245 ID=41197 DF PROTO=TCP SPT=41825 DPT=23 WINDOW=14600 RES=0x00 SYN URGP=0	2019-12-16 08:21:47
213.128.67.212	attackbots	Dec 15 09:06:29 XXX sshd[59176]: Invalid user gituser from 213.128.67.212 port 48288	2019-12-16 08:30:13
139.59.18.215	attack	Unauthorized connection attempt detected from IP address 139.59.18.215 to port 22	2019-12-16 08:39:46
113.164.24.10	attack	445/tcp 1433/tcp [2019-12-06/15]2pkt	2019-12-16 08:07:21
106.12.114.26	attackspambots	Dec 15 23:30:18 localhost sshd\[125365\]: Invalid user elissa from 106.12.114.26 port 57586 Dec 15 23:30:18 localhost sshd\[125365\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.114.26 Dec 15 23:30:20 localhost sshd\[125365\]: Failed password for invalid user elissa from 106.12.114.26 port 57586 ssh2 Dec 15 23:35:04 localhost sshd\[125499\]: Invalid user test from 106.12.114.26 port 45206 Dec 15 23:35:04 localhost sshd\[125499\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.114.26 ...	2019-12-16 08:19:16
125.99.173.162	attackbots	Dec 16 00:38:12 v22018076622670303 sshd\[1683\]: Invalid user aamo from 125.99.173.162 port 22285 Dec 16 00:38:12 v22018076622670303 sshd\[1683\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.99.173.162 Dec 16 00:38:14 v22018076622670303 sshd\[1683\]: Failed password for invalid user aamo from 125.99.173.162 port 22285 ssh2 ...	2019-12-16 08:01:54
109.87.115.220	attackbotsspam	$f2bV_matches	2019-12-16 08:22:32
128.134.178.1	attackspam	SSH Brute-Force reported by Fail2Ban	2019-12-16 08:14:53

Recently Reported IPs

138.68.208.190	108.32.109.216	37.19.109.147	150.107.172.174
71.31.197.137	138.119.215.4	221.225.198.88	160.234.230.225
159.203.199.20	37.47.141.11	138.68.208.143	77.65.95.194
186.179.235.186	183.80.89.33	139.192.59.25	161.132.217.167
138.68.208.31	26.88.55.250	5.3.247.124	41.23.12.48