138.68.208.159

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	SASL Brute Force	2019-09-09 11:31:02

Comments on same subnet:

IP	Type	Details	Datetime
138.68.208.8	proxy	aggressive VPN	2023-03-02 13:44:21
138.68.208.39	attackspambots	port scan and connect, tcp 27019 (mongodb-cluster-alt)	2019-09-12 10:38:27
138.68.208.196	attackspam	port scan and connect, tcp 465 (smtps)	2019-09-10 14:05:23
138.68.208.175	attack	Hits on port : 4786	2019-09-10 14:01:28
138.68.208.157	attack	09/09/2019-21:20:20.000896 138.68.208.157 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2019-09-10 12:42:27
138.68.208.97	attackspam	firewall-block, port(s): 50000/tcp	2019-09-10 02:50:47
138.68.208.190	attackbotsspam	Portscan or hack attempt detected by psad/fwsnort	2019-09-09 18:11:54
138.68.208.157	attackbots	135/tcp 5672/tcp 5632/udp... [2019-09-06/08]5pkt,4pt.(tcp),1pt.(udp)	2019-09-09 12:12:58
138.68.208.175	attackspam	587/tcp 2362/udp 808/tcp [2019-09-06/08]3pkt	2019-09-09 12:10:41
138.68.208.152	attackspambots	port scan and connect, tcp 5432 (postgresql)	2019-09-09 12:05:11
138.68.208.25	attackspam	8080/tcp 995/tcp 8123/tcp... [2019-09-06/08]4pkt,4pt.(tcp)	2019-09-09 12:01:28
138.68.208.69	attackbotsspam	port scan and connect, tcp 2638 (sql-anywhere)	2019-09-09 11:37:28
138.68.208.45	attackbotsspam	SASL Brute Force	2019-09-09 06:13:41
138.68.208.48	attackbots	Lines containing failures of 138.68.208.48 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=138.68.208.48	2019-09-09 04:16:38
138.68.208.149	attackbots	992/tcp 465/tcp 9042/tcp... [2019-09-06/07]5pkt,5pt.(tcp)	2019-09-08 20:47:03

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.68.208.159
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 45741
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.68.208.159.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019090801 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Sep 09 11:30:56 CST 2019
;; MSG SIZE  rcvd: 118

Host info

159.208.68.138.in-addr.arpa domain name pointer zg-0905a-38.stretchoid.com.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
159.208.68.138.in-addr.arpa	name = zg-0905a-38.stretchoid.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
134.175.39.246	attack	Oct 31 04:58:00 php1 sshd\[1624\]: Invalid user friend from 134.175.39.246 Oct 31 04:58:00 php1 sshd\[1624\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.39.246 Oct 31 04:58:02 php1 sshd\[1624\]: Failed password for invalid user friend from 134.175.39.246 port 57180 ssh2 Oct 31 05:04:37 php1 sshd\[2361\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.39.246 user=root Oct 31 05:04:40 php1 sshd\[2361\]: Failed password for root from 134.175.39.246 port 39324 ssh2	2019-10-31 23:26:50
122.227.183.126	attackspam	Portscan or hack attempt detected by psad/fwsnort	2019-10-31 23:48:24
103.48.182.103	attack	Unauthorized connection attempt from IP address 103.48.182.103 on Port 445(SMB)	2019-10-31 23:51:55
123.207.5.190	attack	F2B jail: sshd. Time: 2019-10-31 16:14:23, Reported by: VKReport	2019-10-31 23:22:10
41.230.114.90	attack	Fail2Ban Ban Triggered	2019-10-31 23:56:21
103.115.207.52	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/103.115.207.52/ IN - 1H : (40) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : IN NAME ASN : ASN136946 IP : 103.115.207.52 CIDR : 103.115.207.0/24 PREFIX COUNT : 6 UNIQUE IP COUNT : 1536 ATTACKS DETECTED ASN136946 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 DateTime : 2019-10-31 13:03:51 INFO : Port SSH 22 Scan Detected and Blocked by ADMIN - data recovery	2019-10-31 23:39:41
211.143.246.38	attackbots	Oct 31 14:23:27 vps691689 sshd[1440]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.143.246.38 Oct 31 14:23:30 vps691689 sshd[1440]: Failed password for invalid user userftp from 211.143.246.38 port 44728 ssh2 Oct 31 14:29:07 vps691689 sshd[1539]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.143.246.38 ...	2019-10-31 23:40:54
103.106.241.23	attackbotsspam	Unauthorized connection attempt from IP address 103.106.241.23 on Port 445(SMB)	2019-10-31 23:49:53
86.120.165.42	attackspambots	BURG,WP GET /wp-login.php	2019-10-31 23:32:28
49.88.112.76	attackspam	2019-10-31T15:19:39.441451abusebot-3.cloudsearch.cf sshd\[5288\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.76 user=root	2019-10-31 23:52:24
113.185.42.220	attack	Unauthorized connection attempt from IP address 113.185.42.220 on Port 445(SMB)	2019-10-31 23:57:18
14.234.153.85	attack	Automatic report - Banned IP Access	2019-10-31 23:34:31
103.245.181.2	attackspambots	SSH bruteforce (Triggered fail2ban)	2019-10-31 23:38:57
94.191.50.165	attack	SSH Bruteforce attempt	2019-11-01 00:01:41
81.22.45.65	attackspam	Oct 31 16:26:22 mc1 kernel: \[3821901.619023\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.65 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=16253 PROTO=TCP SPT=46347 DPT=39696 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 31 16:30:26 mc1 kernel: \[3822145.719685\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.65 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=24472 PROTO=TCP SPT=46347 DPT=40436 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 31 16:31:29 mc1 kernel: \[3822208.359560\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.65 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=52469 PROTO=TCP SPT=46347 DPT=40466 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-10-31 23:47:23

Recently Reported IPs

95.8.253.114	42.232.233.254	159.203.199.5	70.36.114.124
23.254.247.147	176.53.85.88	194.67.87.4	188.27.166.233
44.214.128.45	190.1.165.248	83.221.51.6	118.89.37.14
188.162.235.207	188.151.75.204	177.10.240.98	6.181.130.213
118.186.9.86	183.101.201.196	75.16.63.240	191.254.185.223