138.68.44.204 - IPInfo

Basic Info

City: Santa Clara

Region: California

Country: United States

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	xmlrpc attack	2020-08-08 08:28:06

Comments on same subnet:

IP	Type	Details	Datetime
138.68.44.55	attackspam	2020-10-08T02:17:38.530793hostname sshd[32013]: Failed password for root from 138.68.44.55 port 50230 ssh2 2020-10-08T02:20:50.966324hostname sshd[821]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.44.55 user=root 2020-10-08T02:20:53.269048hostname sshd[821]: Failed password for root from 138.68.44.55 port 47628 ssh2 ...	2020-10-08 05:19:31
138.68.44.55	attack	$f2bV_matches	2020-10-07 21:43:18
138.68.44.55	attackspambots	Oct 7 03:19:27 ns382633 sshd\[23310\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.44.55 user=root Oct 7 03:19:29 ns382633 sshd\[23310\]: Failed password for root from 138.68.44.55 port 34600 ssh2 Oct 7 03:32:01 ns382633 sshd\[25022\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.44.55 user=root Oct 7 03:32:03 ns382633 sshd\[25022\]: Failed password for root from 138.68.44.55 port 47152 ssh2 Oct 7 03:36:05 ns382633 sshd\[25759\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.44.55 user=root	2020-10-07 13:30:05
138.68.44.55	attackspam	2020-09-24T14:54:46.390798devel sshd[27891]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.44.55 2020-09-24T14:54:46.385075devel sshd[27891]: Invalid user arief from 138.68.44.55 port 52716 2020-09-24T14:54:48.629319devel sshd[27891]: Failed password for invalid user arief from 138.68.44.55 port 52716 ssh2	2020-09-25 03:49:45
138.68.44.55	attackbots	Sep 24 05:23:45 firewall sshd[25140]: Invalid user Administrator from 138.68.44.55 Sep 24 05:23:48 firewall sshd[25140]: Failed password for invalid user Administrator from 138.68.44.55 port 60244 ssh2 Sep 24 05:28:19 firewall sshd[25293]: Invalid user user from 138.68.44.55 ...	2020-09-24 19:36:58
138.68.44.55	attack	(sshd) Failed SSH login from 138.68.44.55 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 15 06:53:46 optimus sshd[19869]: Invalid user mcserver from 138.68.44.55 Sep 15 06:53:46 optimus sshd[19869]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.44.55 Sep 15 06:53:48 optimus sshd[19869]: Failed password for invalid user mcserver from 138.68.44.55 port 58078 ssh2 Sep 15 06:57:43 optimus sshd[21202]: Invalid user alfred from 138.68.44.55 Sep 15 06:57:43 optimus sshd[21202]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.44.55	2020-09-15 20:27:52
138.68.44.55	attack	Banned for a week because repeated abuses, for example SSH, but not only	2020-09-15 12:29:30
138.68.44.55	attack	$f2bV_matches	2020-09-15 04:38:59
138.68.44.55	attack	Sep 9 03:41:43 web9 sshd\[8545\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.44.55 user=root Sep 9 03:41:46 web9 sshd\[8545\]: Failed password for root from 138.68.44.55 port 33664 ssh2 Sep 9 03:45:32 web9 sshd\[8965\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.44.55 user=root Sep 9 03:45:33 web9 sshd\[8965\]: Failed password for root from 138.68.44.55 port 39214 ssh2 Sep 9 03:49:22 web9 sshd\[9395\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.44.55 user=root	2020-09-09 21:52:14
138.68.44.55	attack	2020-09-09T11:17:06.575198paragon sshd[259184]: Failed password for invalid user conter from 138.68.44.55 port 36638 ssh2 2020-09-09T11:20:48.403075paragon sshd[259393]: Invalid user admin from 138.68.44.55 port 42688 2020-09-09T11:20:48.407403paragon sshd[259393]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.44.55 2020-09-09T11:20:48.403075paragon sshd[259393]: Invalid user admin from 138.68.44.55 port 42688 2020-09-09T11:20:50.465369paragon sshd[259393]: Failed password for invalid user admin from 138.68.44.55 port 42688 ssh2 ...	2020-09-09 15:40:20
138.68.44.55	attackbotsspam	Lines containing failures of 138.68.44.55 (max 1000) Sep 7 02:33:56 archiv sshd[5814]: Invalid user sogo from 138.68.44.55 port 60232 Sep 7 02:33:56 archiv sshd[5814]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.44.55 Sep 7 02:33:58 archiv sshd[5814]: Failed password for invalid user sogo from 138.68.44.55 port 60232 ssh2 Sep 7 02:33:58 archiv sshd[5814]: Received disconnect from 138.68.44.55 port 60232:11: Bye Bye [preauth] Sep 7 02:33:58 archiv sshd[5814]: Disconnected from 138.68.44.55 port 60232 [preauth] Sep 7 02:39:20 archiv sshd[5842]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.44.55 user=r.r Sep 7 02:39:21 archiv sshd[5842]: Failed password for r.r from 138.68.44.55 port 46094 ssh2 Sep 7 02:39:21 archiv sshd[5842]: Received disconnect from 138.68.44.55 port 46094:11: Bye Bye [preauth] Sep 7 02:39:21 archiv sshd[5842]: Disconnected from 138.68.44.55 por........ ------------------------------	2020-09-09 07:49:33
138.68.44.236	attackbots	Invalid user chenyu from 138.68.44.236 port 54320	2020-07-27 07:21:00
138.68.44.236	attackspambots	$f2bV_matches	2020-07-24 21:23:32
138.68.44.236	attackspambots	Invalid user carla from 138.68.44.236 port 46422	2020-07-18 23:13:46
138.68.44.236	attackbotsspam	2020-07-17T14:16:36.620444ks3355764 sshd[17228]: Invalid user yq from 138.68.44.236 port 45076 2020-07-17T14:16:38.226807ks3355764 sshd[17228]: Failed password for invalid user yq from 138.68.44.236 port 45076 ssh2 ...	2020-07-17 21:33:57

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.68.44.204
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7226
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.68.44.204.			IN	A

;; AUTHORITY SECTION:
.			489	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020080701 1800 900 604800 86400

;; Query time: 45 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Aug 08 08:28:03 CST 2020
;; MSG SIZE  rcvd: 117

Host info

204.44.68.138.in-addr.arpa domain name pointer hosting.lsem.xyz.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
204.44.68.138.in-addr.arpa	name = hosting.lsem.xyz.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
103.216.112.204	attackspambots	detected by Fail2Ban	2020-04-06 17:27:47
182.253.68.122	attackspam	2020-04-06T07:52:20.140412ionos.janbro.de sshd[64412]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.253.68.122 user=root 2020-04-06T07:52:22.031866ionos.janbro.de sshd[64412]: Failed password for root from 182.253.68.122 port 39960 ssh2 2020-04-06T07:57:14.262006ionos.janbro.de sshd[64454]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.253.68.122 user=root 2020-04-06T07:57:15.850139ionos.janbro.de sshd[64454]: Failed password for root from 182.253.68.122 port 49814 ssh2 2020-04-06T08:02:20.041395ionos.janbro.de sshd[64475]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.253.68.122 user=root 2020-04-06T08:02:21.970480ionos.janbro.de sshd[64475]: Failed password for root from 182.253.68.122 port 59666 ssh2 2020-04-06T08:07:18.724647ionos.janbro.de sshd[64491]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=18 ...	2020-04-06 16:53:48
188.254.0.183	attackbotsspam	sshd jail - ssh hack attempt	2020-04-06 17:07:35
117.22.228.62	attack	Total attacks: 2	2020-04-06 17:07:02
142.93.101.148	attackspambots	[PY] (sshd) Failed SSH login from 142.93.101.148 (DE/Germany/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 6 04:00:33 svr sshd[3318119]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.101.148 user=root Apr 6 04:00:36 svr sshd[3318119]: Failed password for root from 142.93.101.148 port 44544 ssh2 Apr 6 04:10:29 svr sshd[3321786]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.101.148 user=root Apr 6 04:10:31 svr sshd[3321786]: Failed password for root from 142.93.101.148 port 45952 ssh2 Apr 6 04:14:01 svr sshd[3322972]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.101.148 user=root	2020-04-06 17:18:43
49.88.112.65	attack	Apr 6 11:46:11 pkdns2 sshd\[6521\]: Failed password for root from 49.88.112.65 port 64448 ssh2Apr 6 11:46:14 pkdns2 sshd\[6521\]: Failed password for root from 49.88.112.65 port 64448 ssh2Apr 6 11:46:15 pkdns2 sshd\[6521\]: Failed password for root from 49.88.112.65 port 64448 ssh2Apr 6 11:49:09 pkdns2 sshd\[6600\]: Failed password for root from 49.88.112.65 port 31741 ssh2Apr 6 11:50:36 pkdns2 sshd\[6688\]: Failed password for root from 49.88.112.65 port 48384 ssh2Apr 6 11:52:51 pkdns2 sshd\[6749\]: Failed password for root from 49.88.112.65 port 38888 ssh2 ...	2020-04-06 17:09:52
148.216.17.24	attackbots	Apr 6 10:49:41 [host] sshd[5435]: pam_unix(sshd:a Apr 6 10:49:43 [host] sshd[5435]: Failed password Apr 6 10:55:25 [host] sshd[5504]: pam_unix(sshd:a	2020-04-06 17:27:24
178.128.95.85	attackbots	Apr 6 10:08:51 ns382633 sshd\[19423\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.95.85 user=root Apr 6 10:08:54 ns382633 sshd\[19423\]: Failed password for root from 178.128.95.85 port 41300 ssh2 Apr 6 10:10:03 ns382633 sshd\[19681\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.95.85 user=root Apr 6 10:10:05 ns382633 sshd\[19681\]: Failed password for root from 178.128.95.85 port 55178 ssh2 Apr 6 10:10:43 ns382633 sshd\[20154\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.95.85 user=root	2020-04-06 16:45:55
35.186.145.141	attack	$f2bV_matches	2020-04-06 17:12:39
165.22.103.148	attackspam	SSH Brute-Forcing (server2)	2020-04-06 17:17:26
118.89.161.122	attack	Apr 6 09:30:58 meumeu sshd[12685]: Failed password for root from 118.89.161.122 port 33254 ssh2 Apr 6 09:35:27 meumeu sshd[13207]: Failed password for root from 118.89.161.122 port 48246 ssh2 ...	2020-04-06 17:11:42
106.12.137.1	attack	2020-04-06T04:18:19.496754shield sshd\[21493\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.137.1 user=root 2020-04-06T04:18:21.539837shield sshd\[21493\]: Failed password for root from 106.12.137.1 port 43448 ssh2 2020-04-06T04:20:30.338104shield sshd\[21927\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.137.1 user=root 2020-04-06T04:20:32.366529shield sshd\[21927\]: Failed password for root from 106.12.137.1 port 44942 ssh2 2020-04-06T04:22:40.834119shield sshd\[22445\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.137.1 user=root	2020-04-06 16:52:54
159.65.176.156	attackspambots	2020-04-06T05:42:01.425434shield sshd\[2406\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.176.156 user=root 2020-04-06T05:42:03.904811shield sshd\[2406\]: Failed password for root from 159.65.176.156 port 37624 ssh2 2020-04-06T05:45:15.549953shield sshd\[2981\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.176.156 user=root 2020-04-06T05:45:17.662736shield sshd\[2981\]: Failed password for root from 159.65.176.156 port 37034 ssh2 2020-04-06T05:48:26.967073shield sshd\[3618\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.176.156 user=root	2020-04-06 17:03:22
183.63.87.236	attack	Apr 06 02:07:54 askasleikir sshd[125341]: Failed password for root from 183.63.87.236 port 44440 ssh2 Apr 06 01:53:42 askasleikir sshd[125075]: Failed password for root from 183.63.87.236 port 60614 ssh2 Apr 06 02:09:55 askasleikir sshd[125449]: Failed password for root from 183.63.87.236 port 39484 ssh2	2020-04-06 17:27:03
218.111.21.86	attack	Bruteforce detected by fail2ban	2020-04-06 16:44:11

Recently Reported IPs

62.182.177.34	189.53.79.173	50.81.255.43	187.8.149.163
70.25.243.242	113.88.167.201	128.114.225.55	51.140.8.114
32.11.245.20	148.64.43.94	83.94.148.22	197.55.99.250
73.220.221.203	189.244.42.189	109.92.39.121	78.145.63.61
27.204.246.115	175.149.6.12	2.12.110.24	171.93.29.98