138.68.220.196

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	firewall-block, port(s): 27017/tcp	2019-09-06 10:34:09

Comments on same subnet:

IP	Type	Details	Datetime
138.68.220.156	attack	Portscan or hack attempt detected by psad/fwsnort	2019-09-04 01:34:17
138.68.220.87	attackspambots	firewall-block, port(s): 587/tcp	2019-09-03 17:13:18
138.68.220.14	attackbotsspam	Scanning random ports - tries to find possible vulnerable services	2019-09-01 16:41:16
138.68.220.23	attackbots	Scanning random ports - tries to find possible vulnerable services	2019-09-01 16:40:44
138.68.220.92	attackbotsspam	Scanning random ports - tries to find possible vulnerable services	2019-09-01 16:40:22
138.68.220.161	attackspambots	Scanning random ports - tries to find possible vulnerable services	2019-09-01 16:39:39
138.68.220.78	attackbots	1567288375 - 08/31/2019 23:52:55 Host: 138.68.220.78/138.68.220.78 Port: 143 TCP Blocked	2019-09-01 06:46:35
138.68.220.166	attackbotsspam	firewall-block, port(s): 8140/tcp	2019-08-31 21:45:52

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.68.220.196
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 8927
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.68.220.196.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019090501 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Sep 06 10:34:04 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 196.220.68.138.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 196.220.68.138.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
80.249.161.171	spam	Spamer site Online Marketing Sources Kft, Hungary. Domain approx: zdray.com, rbaaq.com, vkbsi.com, pnpbe.com, remnl.com, skwed.com, hbroffers.com, globalsurtaxe.com, hatemsalah.com, evdenevemerkezi.com, gifttus.com, globalsurtaxe.com, fardinpouya.com ect...	2019-09-08 18:57:31
202.51.74.25	attackbots	Sep 7 23:47:23 wbs sshd\[9963\]: Invalid user frappe from 202.51.74.25 Sep 7 23:47:23 wbs sshd\[9963\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.51.74.25 Sep 7 23:47:25 wbs sshd\[9963\]: Failed password for invalid user frappe from 202.51.74.25 port 58942 ssh2 Sep 7 23:52:31 wbs sshd\[10367\]: Invalid user minecraft from 202.51.74.25 Sep 7 23:52:31 wbs sshd\[10367\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.51.74.25	2019-09-08 17:55:34
149.56.121.99	attackbots	$f2bV_matches_ltvn	2019-09-08 18:49:28
34.94.105.181	attackspambots	Sep 8 10:15:17 localhost sshd\[1491\]: Invalid user ubuntu from 34.94.105.181 port 34636 Sep 8 10:15:17 localhost sshd\[1491\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=34.94.105.181 Sep 8 10:15:19 localhost sshd\[1491\]: Failed password for invalid user ubuntu from 34.94.105.181 port 34636 ssh2	2019-09-08 19:07:50
86.104.220.20	attack	Sep 8 12:07:07 vps691689 sshd[26873]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=86.104.220.20 Sep 8 12:07:10 vps691689 sshd[26873]: Failed password for invalid user Password1! from 86.104.220.20 port 58856 ssh2 ...	2019-09-08 18:27:43
157.230.175.60	attack	2019-09-08T09:50:13.445300abusebot-3.cloudsearch.cf sshd\[5502\]: Invalid user scobb from 157.230.175.60 port 50256	2019-09-08 18:06:07
106.12.12.7	attack	Sep 8 11:16:14 server01 sshd\[8540\]: Invalid user hadoop from 106.12.12.7 Sep 8 11:16:14 server01 sshd\[8540\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.12.7 Sep 8 11:16:16 server01 sshd\[8540\]: Failed password for invalid user hadoop from 106.12.12.7 port 55106 ssh2 ...	2019-09-08 18:22:42
113.103.193.15	attack	Sep 8 12:18:41 s64-1 sshd[10749]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.103.193.15 Sep 8 12:18:43 s64-1 sshd[10749]: Failed password for invalid user hadoop from 113.103.193.15 port 1081 ssh2 Sep 8 12:28:37 s64-1 sshd[10841]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.103.193.15 ...	2019-09-08 18:54:31
142.93.141.35	attackspam	Sep 8 08:16:14 MK-Soft-VM6 sshd\[27038\]: Invalid user ftp_test from 142.93.141.35 port 38364 Sep 8 08:16:14 MK-Soft-VM6 sshd\[27038\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.141.35 Sep 8 08:16:16 MK-Soft-VM6 sshd\[27038\]: Failed password for invalid user ftp_test from 142.93.141.35 port 38364 ssh2 ...	2019-09-08 18:22:04
176.120.202.239	attackspambots	proto=tcp . spt=45541 . dpt=25 . (listed on Github Combined on 3 lists ) (821)	2019-09-08 18:02:40
45.136.109.38	attackbots	09/08/2019-05:38:12.116651 45.136.109.38 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-09-08 18:15:58
185.163.109.66	attackspam	185.163.109.66:36450 - - [08/Sep/2019:08:36:34 +0200] "GET /.well-known/security.txt HTTP/1.1" 404 309	2019-09-08 17:59:27
183.91.87.242	attackspam	445/tcp 445/tcp 445/tcp... [2019-07-18/09-08]6pkt,1pt.(tcp)	2019-09-08 17:56:03
42.115.76.156	attackspam	2323/tcp 23/tcp... [2019-07-09/09-08]4pkt,2pt.(tcp)	2019-09-08 18:45:36
218.92.0.206	attackbots	Sep 8 11:18:19 MK-Soft-Root1 sshd\[4039\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.206 user=root Sep 8 11:18:22 MK-Soft-Root1 sshd\[4039\]: Failed password for root from 218.92.0.206 port 29348 ssh2 Sep 8 11:18:24 MK-Soft-Root1 sshd\[4039\]: Failed password for root from 218.92.0.206 port 29348 ssh2 ...	2019-09-08 18:03:47

Recently Reported IPs

118.203.172.173	110.176.26.154	203.242.34.137	25.167.186.162
107.128.30.45	49.130.129.239	61.216.124.84	39.212.236.134
204.143.173.196	254.176.200.127	108.27.29.218	181.23.71.107
230.18.56.98	139.110.193.91	96.30.158.219	3.116.117.147
151.161.25.156	112.196.107.51	27.34.68.117	154.36.120.240