138.68.236.50 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Brute-force attempt banned	2020-10-01 03:58:18
attackspam	2020-09-29T22:37:42.505113vps773228.ovh.net sshd[5871]: Invalid user it from 138.68.236.50 port 44976 2020-09-29T22:37:42.524820vps773228.ovh.net sshd[5871]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.236.50 2020-09-29T22:37:42.505113vps773228.ovh.net sshd[5871]: Invalid user it from 138.68.236.50 port 44976 2020-09-29T22:37:44.247685vps773228.ovh.net sshd[5871]: Failed password for invalid user it from 138.68.236.50 port 44976 ssh2 2020-09-29T22:41:23.669086vps773228.ovh.net sshd[5891]: Invalid user matt from 138.68.236.50 port 51910 ...	2020-09-30 12:33:49
attackbotsspam	$f2bV_matches	2020-09-10 00:17:01
attack	Sep 9 11:38:51 fhem-rasp sshd[8413]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.236.50 user=root Sep 9 11:38:53 fhem-rasp sshd[8413]: Failed password for root from 138.68.236.50 port 55734 ssh2 ...	2020-09-09 17:46:57
attackspam	SSH Brute-Forcing (server1)	2020-08-21 05:02:36
attackbotsspam	Aug 18 17:14:17 XXX sshd[4323]: Invalid user md from 138.68.236.50 port 43612	2020-08-19 02:28:11
attackspambots	Aug 17 00:02:58 NPSTNNYC01T sshd[3447]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.236.50 Aug 17 00:03:00 NPSTNNYC01T sshd[3447]: Failed password for invalid user jsk from 138.68.236.50 port 38028 ssh2 Aug 17 00:06:00 NPSTNNYC01T sshd[3636]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.236.50 ...	2020-08-17 15:01:36
attackbots	Aug 11 23:13:02 lnxded64 sshd[31436]: Failed password for root from 138.68.236.50 port 37220 ssh2 Aug 11 23:13:02 lnxded64 sshd[31436]: Failed password for root from 138.68.236.50 port 37220 ssh2	2020-08-12 06:19:59
attackbotsspam	Aug 6 18:58:49 localhost sshd[2096861]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.236.50 user=root Aug 6 18:58:51 localhost sshd[2096861]: Failed password for root from 138.68.236.50 port 33500 ssh2 ...	2020-08-06 17:05:03
attack	Jul 23 17:46:45 pve1 sshd[12092]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.236.50 Jul 23 17:46:48 pve1 sshd[12092]: Failed password for invalid user backuppc from 138.68.236.50 port 57564 ssh2 ...	2020-07-23 23:59:35
attackbotsspam	ssh brute force	2020-07-16 13:15:06
attackbots	Brute force attempt	2020-07-14 12:49:21
attackbotsspam	Invalid user julie from 138.68.236.50 port 58284	2020-07-11 05:13:10
attackspambots	Jul 4 03:14:10 Ubuntu-1404-trusty-64-minimal sshd\[15932\]: Invalid user steam from 138.68.236.50 Jul 4 03:14:10 Ubuntu-1404-trusty-64-minimal sshd\[15932\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.236.50 Jul 4 03:14:12 Ubuntu-1404-trusty-64-minimal sshd\[15932\]: Failed password for invalid user steam from 138.68.236.50 port 42326 ssh2 Jul 4 03:27:13 Ubuntu-1404-trusty-64-minimal sshd\[21050\]: Invalid user ips from 138.68.236.50 Jul 4 03:27:13 Ubuntu-1404-trusty-64-minimal sshd\[21050\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.236.50	2020-07-04 10:04:23
attackbots	Unauthorized connection attempt SSH Traffic	2020-06-24 21:50:46
attackspam	Jun 24 12:40:39 master sshd[16353]: Failed password for invalid user testsftp from 138.68.236.50 port 52078 ssh2 Jun 24 12:56:12 master sshd[16513]: Failed password for invalid user yoshiaki from 138.68.236.50 port 60494 ssh2 Jun 24 13:00:35 master sshd[17640]: Failed password for invalid user vuser from 138.68.236.50 port 59602 ssh2	2020-06-24 19:25:07
attackspambots	<6 unauthorized SSH connections	2020-06-20 16:59:15
attackspam	Jun 18 14:09:26 tuxlinux sshd[27938]: Invalid user test from 138.68.236.50 port 42248 Jun 18 14:09:26 tuxlinux sshd[27938]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.236.50 Jun 18 14:09:26 tuxlinux sshd[27938]: Invalid user test from 138.68.236.50 port 42248 Jun 18 14:09:26 tuxlinux sshd[27938]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.236.50 Jun 18 14:09:26 tuxlinux sshd[27938]: Invalid user test from 138.68.236.50 port 42248 Jun 18 14:09:26 tuxlinux sshd[27938]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.236.50 Jun 18 14:09:28 tuxlinux sshd[27938]: Failed password for invalid user test from 138.68.236.50 port 42248 ssh2 ...	2020-06-18 20:54:12
attackspambots	Jun 12 14:09:07 vmd26974 sshd[29086]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.236.50 Jun 12 14:09:09 vmd26974 sshd[29086]: Failed password for invalid user monitor from 138.68.236.50 port 46496 ssh2 ...	2020-06-12 20:44:28
attack	SSH Bruteforce attack	2020-05-20 07:47:23
attackspam	2020-05-14T05:35:12.757116abusebot-4.cloudsearch.cf sshd[10413]: Invalid user test from 138.68.236.50 port 59168 2020-05-14T05:35:12.763738abusebot-4.cloudsearch.cf sshd[10413]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.236.50 2020-05-14T05:35:12.757116abusebot-4.cloudsearch.cf sshd[10413]: Invalid user test from 138.68.236.50 port 59168 2020-05-14T05:35:14.936398abusebot-4.cloudsearch.cf sshd[10413]: Failed password for invalid user test from 138.68.236.50 port 59168 ssh2 2020-05-14T05:40:14.292028abusebot-4.cloudsearch.cf sshd[10659]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.236.50 user=root 2020-05-14T05:40:16.258806abusebot-4.cloudsearch.cf sshd[10659]: Failed password for root from 138.68.236.50 port 37394 ssh2 2020-05-14T05:42:49.243695abusebot-4.cloudsearch.cf sshd[10935]: Invalid user postgres from 138.68.236.50 port 42318 ...	2020-05-14 14:38:19
attack	May 11 17:19:33 buvik sshd[1231]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.236.50 May 11 17:19:35 buvik sshd[1231]: Failed password for invalid user history from 138.68.236.50 port 48226 ssh2 May 11 17:23:03 buvik sshd[1702]: Invalid user dev from 138.68.236.50 ...	2020-05-11 23:36:48
attackbotsspam	May 8 14:07:11 dev0-dcde-rnet sshd[25779]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.236.50 May 8 14:07:13 dev0-dcde-rnet sshd[25779]: Failed password for invalid user pik from 138.68.236.50 port 57860 ssh2 May 8 14:12:01 dev0-dcde-rnet sshd[25848]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.236.50	2020-05-09 00:45:34
attackspam	SSH Bruteforce attack	2020-05-05 14:44:57
attackbots	sshd	2020-04-28 03:47:07

Comments on same subnet:

IP	Type	Details	Datetime
138.68.236.156	attack	138.68.236.156 - - [10/Aug/2020:08:44:58 +0100] "POST /wp-login.php HTTP/1.1" 200 1968 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.236.156 - - [10/Aug/2020:08:45:05 +0100] "POST /wp-login.php HTTP/1.1" 200 1972 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.236.156 - - [10/Aug/2020:08:45:06 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-10 17:23:44
138.68.236.156	attackspam	138.68.236.156 - - [23/Jul/2020:00:55:26 +0200] "GET /wp-login.php HTTP/1.1" 200 6310 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.236.156 - - [23/Jul/2020:00:55:34 +0200] "POST /wp-login.php HTTP/1.1" 200 6561 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.236.156 - - [23/Jul/2020:00:55:36 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-07-23 06:59:22
138.68.236.156	attackbotsspam	138.68.236.156 - - [03/Jul/2020:20:48:42 +0200] "GET /wp-login.php HTTP/1.1" 200 6060 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.236.156 - - [03/Jul/2020:20:48:49 +0200] "POST /wp-login.php HTTP/1.1" 200 6311 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.236.156 - - [03/Jul/2020:20:48:56 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-07-04 03:07:24
138.68.236.156	attack	138.68.236.156 - - [26/Jun/2020:05:47:19 +0200] "POST /xmlrpc.php HTTP/1.1" 403 461 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.236.156 - - [26/Jun/2020:06:11:42 +0200] "POST /xmlrpc.php HTTP/1.1" 403 613 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-06-26 13:52:53
138.68.236.225	attack	Automatic report - Banned IP Access	2019-08-07 09:38:28
138.68.236.225	attackspambots	WordPress wp-login brute force :: 138.68.236.225 0.052 BYPASS [01/Aug/2019:13:27:25 1000] [censored_4] "POST /wp-login.php HTTP/1.1" 200 3989 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-08-01 16:15:52
138.68.236.225	attackspam	[munged]::443 138.68.236.225 - - [23/Jun/2019:23:14:30 +0200] "POST /[munged]: HTTP/1.1" 200 6318 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 138.68.236.225 - - [23/Jun/2019:23:14:42 +0200] "POST /[munged]: HTTP/1.1" 200 6290 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 138.68.236.225 - - [23/Jun/2019:23:14:42 +0200] "POST /[munged]: HTTP/1.1" 200 6290 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-06-24 08:23:51

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.68.236.50
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58789
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.68.236.50.			IN	A

;; AUTHORITY SECTION:
.			548	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020042701 1800 900 604800 86400

;; Query time: 113 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Apr 28 03:47:02 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 50.236.68.138.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 50.236.68.138.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
179.228.253.229	attackspam	Unauthorized connection attempt from IP address 179.228.253.229 on Port 445(SMB)	2020-01-14 04:33:41
222.186.175.148	attackspam	SSH Brute-Force attacks	2020-01-14 04:25:10
177.11.46.171	attackspam	2020-01-13T13:50:12.262902server03.shostnamee24.hostname sshd[2145]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.11.46.171 user=r.r 2020-01-13T13:50:14.258835server03.shostnamee24.hostname sshd[2145]: Failed password for r.r from 177.11.46.171 port 60030 ssh2 2020-01-13T13:50:17.101372server03.shostnamee24.hostname sshd[2145]: Failed password for r.r from 177.11.46.171 port 60030 ssh2 2020-01-13T13:50:12.262902server03.shostnamee24.hostname sshd[2145]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.11.46.171 user=r.r 2020-01-13T13:50:14.258835server03.shostnamee24.hostname sshd[2145]: Failed password for r.r from 177.11.46.171 port 60030 ssh2 2020-01-13T13:50:17.101372server03.shostnamee24.hostname sshd[2145]: Failed password for r.r from 177.11.46.171 port 60030 ssh2 2020-01-13T13:50:12.262902server03.shostnamee24.hostname sshd[2145]: pam_unix(sshd:auth): authentication failur........ ------------------------------	2020-01-14 04:53:52
190.203.97.186	attackspambots	Jan 13 13:47:35 iago sshd[22284]: Invalid user admin from 190.203.97.186 Jan 13 13:47:35 iago sshd[22284]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190-203-97-186.dyn.dsl.cantv.net ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=190.203.97.186	2020-01-14 04:27:44
180.250.115.121	attackbotsspam	Unauthorized connection attempt detected from IP address 180.250.115.121 to port 2220 [J]	2020-01-14 04:51:27
74.213.82.158	attackspam	Jan 13 13:52:46 pegasus sshguard[1297]: Blocking 74.213.82.158:4 for >630secs: 10 danger in 1 attacks over 0 seconds (all: 10d in 1 abuses over 0s). Jan 13 13:52:48 pegasus sshd[19563]: Failed password for invalid user windows from 74.213.82.158 port 63296 ssh2 Jan 13 13:52:48 pegasus sshd[19563]: Connection closed by 74.213.82.158 port 63296 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=74.213.82.158	2020-01-14 04:57:14
178.183.14.250	attackspambots	Unauthorized connection attempt detected from IP address 178.183.14.250 to port 445	2020-01-14 05:02:07
106.12.22.23	attackspambots	Jan 13 14:02:39 serwer sshd\[3574\]: Invalid user ts3bot from 106.12.22.23 port 34598 Jan 13 14:02:39 serwer sshd\[3574\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.22.23 Jan 13 14:02:41 serwer sshd\[3574\]: Failed password for invalid user ts3bot from 106.12.22.23 port 34598 ssh2 ...	2020-01-14 04:42:10
189.250.225.239	attackspambots	Honeypot attack, port: 445, PTR: dsl-189-250-225-239-dyn.prod-infinitum.com.mx.	2020-01-14 04:59:51
183.82.120.188	attackspam	Honeypot attack, port: 445, PTR: broadband.actcorp.in.	2020-01-14 04:59:20
195.55.245.9	attackbotsspam	Unauthorized connection attempt detected from IP address 195.55.245.9 to port 2220 [J]	2020-01-14 04:41:09
63.83.73.160	attackspam	Jan 13 07:23:08 mailman postfix/smtpd[18259]: NOQUEUE: reject: RCPT from unknown[63.83.73.160]: 554 5.7.1 Service unavailable; Client host [63.83.73.160] blocked using sbl-xbl.spamhaus.org; https://www.spamhaus.org/sbl/query/SBLCSS; from= to=<[munged][at][munged]> proto=ESMTP helo=<06aee414.superengine.us> Jan 13 07:23:08 mailman postfix/smtpd[18261]: NOQUEUE: reject: RCPT from unknown[63.83.73.160]: 554 5.7.1 Service unavailable; Client host [63.83.73.160] blocked using sbl-xbl.spamhaus.org; https://www.spamhaus.org/sbl/query/SBLCSS; from= to= proto=ESMTP helo=<0580bd18.superengine.us>	2020-01-14 04:30:42
194.225.232.141	attackbots	Jan 13 14:02:48 herz-der-gamer sshd[11857]: Invalid user admin2 from 194.225.232.141 port 55102 Jan 13 14:02:48 herz-der-gamer sshd[11857]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.225.232.141 Jan 13 14:02:48 herz-der-gamer sshd[11857]: Invalid user admin2 from 194.225.232.141 port 55102 Jan 13 14:02:50 herz-der-gamer sshd[11857]: Failed password for invalid user admin2 from 194.225.232.141 port 55102 ssh2 ...	2020-01-14 04:33:11
187.87.126.53	attackspam	Unauthorized connection attempt from IP address 187.87.126.53 on Port 445(SMB)	2020-01-14 04:58:47
125.123.246.104	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-01-14 05:01:19

Recently Reported IPs

230.135.120.14	203.110.86.24	51.94.122.239	70.237.202.195
254.23.145.74	165.22.211.74	250.15.11.27	167.254.96.26
70.65.161.83	41.165.80.84	172.201.108.147	41.20.221.116
183.63.157.138	133.2.25.197	74.59.101.167	69.171.86.63
191.103.77.90	72.141.200.112	252.215.99.204	165.35.97.145