138.68.50.18 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Exploited Host.	2020-07-26 02:43:14
attackbots	Jun 19 15:38:55 vps687878 sshd\[20915\]: Failed password for invalid user testftp from 138.68.50.18 port 52366 ssh2 Jun 19 15:40:42 vps687878 sshd\[21173\]: Invalid user developer from 138.68.50.18 port 43972 Jun 19 15:40:42 vps687878 sshd\[21173\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.50.18 Jun 19 15:40:44 vps687878 sshd\[21173\]: Failed password for invalid user developer from 138.68.50.18 port 43972 ssh2 Jun 19 15:42:32 vps687878 sshd\[21506\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.50.18 user=root ...	2020-06-19 22:05:17
attackbots	Jun 15 03:52:34 ws26vmsma01 sshd[91294]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.50.18 Jun 15 03:52:36 ws26vmsma01 sshd[91294]: Failed password for invalid user gateway from 138.68.50.18 port 39384 ssh2 ...	2020-06-15 15:54:57
attackbots	Jun 13 23:03:10 vps sshd[899884]: Failed password for invalid user mmadmin from 138.68.50.18 port 39616 ssh2 Jun 13 23:04:09 vps sshd[903541]: Invalid user Welkome$#1234 from 138.68.50.18 port 49994 Jun 13 23:04:09 vps sshd[903541]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.50.18 Jun 13 23:04:11 vps sshd[903541]: Failed password for invalid user Welkome$#1234 from 138.68.50.18 port 49994 ssh2 Jun 13 23:05:09 vps sshd[911289]: Invalid user meres from 138.68.50.18 port 60372 ...	2020-06-14 09:19:01
attack	May 24 12:12:24 ns3033917 sshd[29082]: Failed password for root from 138.68.50.18 port 38006 ssh2 May 24 12:13:44 ns3033917 sshd[29088]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.50.18 user=root May 24 12:13:46 ns3033917 sshd[29088]: Failed password for root from 138.68.50.18 port 53416 ssh2 ...	2020-05-24 22:48:00
attackbotsspam	Invalid user training from 138.68.50.18 port 44196	2020-05-16 13:18:10
attackbots	This client attempted to login to an administrator account on a Website, or abused from another resource.	2020-04-16 14:21:51
attackspambots	$f2bV_matches	2020-04-13 12:43:28
attack	2020-03-09 UTC: (2x) - miyazawa,nproc	2020-03-10 21:31:21
attackbots	Mar 9 18:40:18 areeb-Workstation sshd[26509]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.50.18 Mar 9 18:40:19 areeb-Workstation sshd[26509]: Failed password for invalid user miyazawa from 138.68.50.18 port 42038 ssh2 ...	2020-03-09 22:27:55
attackspam	Feb 14 19:43:39 plusreed sshd[9310]: Invalid user close from 138.68.50.18 ...	2020-02-15 09:07:11
attackbots	Dec 13 04:42:30 firewall sshd[5913]: Invalid user helyn from 138.68.50.18 Dec 13 04:42:32 firewall sshd[5913]: Failed password for invalid user helyn from 138.68.50.18 port 57118 ssh2 Dec 13 04:47:54 firewall sshd[6128]: Invalid user mrtg1 from 138.68.50.18 ...	2019-12-13 15:48:41
attackbotsspam	Dec 8 14:07:32 kapalua sshd\[5921\]: Invalid user ricchiardi from 138.68.50.18 Dec 8 14:07:32 kapalua sshd\[5921\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.50.18 Dec 8 14:07:34 kapalua sshd\[5921\]: Failed password for invalid user ricchiardi from 138.68.50.18 port 45692 ssh2 Dec 8 14:12:56 kapalua sshd\[6691\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.50.18 user=root Dec 8 14:12:58 kapalua sshd\[6691\]: Failed password for root from 138.68.50.18 port 54692 ssh2	2019-12-09 08:15:53
attackspam	Nov 28 23:45:55 master sshd[3968]: Failed password for root from 138.68.50.18 port 33004 ssh2 Nov 28 23:55:48 master sshd[3998]: Failed password for invalid user lakota from 138.68.50.18 port 53244 ssh2 Nov 29 00:01:39 master sshd[4746]: Failed password for invalid user bulent from 138.68.50.18 port 33478 ssh2 Nov 29 00:04:51 master sshd[4748]: Failed password for invalid user test from 138.68.50.18 port 41920 ssh2 Nov 29 00:08:03 master sshd[4750]: Failed password for root from 138.68.50.18 port 50350 ssh2 Nov 29 00:11:11 master sshd[4754]: Failed password for invalid user kumakuma from 138.68.50.18 port 58778 ssh2 Nov 29 00:14:25 master sshd[4756]: Failed password for invalid user winthrop from 138.68.50.18 port 38986 ssh2 Nov 29 00:17:34 master sshd[4770]: Failed password for root from 138.68.50.18 port 47414 ssh2 Nov 29 00:20:42 master sshd[4772]: Failed password for invalid user seamark from 138.68.50.18 port 55842 ssh2 Nov 29 00:23:43 master sshd[4774]: Failed password for invalid user rpm from 138.68.5	2019-11-29 06:55:19
attackbots	2019-11-26T23:09:08.360618shield sshd\[16102\]: Invalid user imperial from 138.68.50.18 port 49416 2019-11-26T23:09:08.365309shield sshd\[16102\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.50.18 2019-11-26T23:09:10.488667shield sshd\[16102\]: Failed password for invalid user imperial from 138.68.50.18 port 49416 ssh2 2019-11-26T23:15:25.190701shield sshd\[16843\]: Invalid user s-omori from 138.68.50.18 port 58768 2019-11-26T23:15:25.195528shield sshd\[16843\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.50.18	2019-11-27 07:31:02
attackspam	Nov 13 00:50:59 : SSH login attempts with invalid user	2019-11-13 21:33:28
attack	Nov 10 18:19:04 vtv3 sshd\[20255\]: Invalid user 123 from 138.68.50.18 port 43546 Nov 10 18:19:04 vtv3 sshd\[20255\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.50.18 Nov 10 18:19:06 vtv3 sshd\[20255\]: Failed password for invalid user 123 from 138.68.50.18 port 43546 ssh2 Nov 10 18:22:44 vtv3 sshd\[22807\]: Invalid user tanker from 138.68.50.18 port 53022 Nov 10 18:22:44 vtv3 sshd\[22807\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.50.18 Nov 10 18:33:44 vtv3 sshd\[29682\]: Invalid user sonalig from 138.68.50.18 port 53220 Nov 10 18:33:44 vtv3 sshd\[29682\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.50.18 Nov 10 18:33:47 vtv3 sshd\[29682\]: Failed password for invalid user sonalig from 138.68.50.18 port 53220 ssh2 Nov 10 18:37:28 vtv3 sshd\[32121\]: Invalid user divya@123 from 138.68.50.18 port 34462 Nov 10 18:37:28 vtv3 sshd\[32121\]: pam_unix\	2019-11-11 03:26:56
attack	Nov 9 13:48:23 nextcloud sshd\[19215\]: Invalid user csx from 138.68.50.18 Nov 9 13:48:23 nextcloud sshd\[19215\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.50.18 Nov 9 13:48:25 nextcloud sshd\[19215\]: Failed password for invalid user csx from 138.68.50.18 port 41384 ssh2 ...	2019-11-09 21:19:47
attack	Nov 9 05:55:58 lnxmysql61 sshd[12753]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.50.18	2019-11-09 13:04:56
attackbotsspam	Nov 8 05:40:53 auw2 sshd\[8609\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.50.18 user=root Nov 8 05:40:55 auw2 sshd\[8609\]: Failed password for root from 138.68.50.18 port 37636 ssh2 Nov 8 05:45:16 auw2 sshd\[9002\]: Invalid user trouble from 138.68.50.18 Nov 8 05:45:16 auw2 sshd\[9002\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.50.18 Nov 8 05:45:18 auw2 sshd\[9002\]: Failed password for invalid user trouble from 138.68.50.18 port 47814 ssh2	2019-11-08 23:53:48
attackbots	Nov 1 01:10:16 plusreed sshd[7123]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.50.18 user=root Nov 1 01:10:18 plusreed sshd[7123]: Failed password for root from 138.68.50.18 port 57680 ssh2 ...	2019-11-01 14:34:17
attackspambots	Automatic report - Banned IP Access	2019-10-27 01:03:37
attack	$f2bV_matches	2019-10-22 17:07:49
attack	Lines containing failures of 138.68.50.18 Oct 8 10:54:58 shared10 sshd[25902]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.50.18 user=r.r Oct 8 10:55:00 shared10 sshd[25902]: Failed password for r.r from 138.68.50.18 port 39356 ssh2 Oct 8 10:55:00 shared10 sshd[25902]: Received disconnect from 138.68.50.18 port 39356:11: Bye Bye [preauth] Oct 8 10:55:00 shared10 sshd[25902]: Disconnected from authenticating user r.r 138.68.50.18 port 39356 [preauth] Oct 8 11:15:17 shared10 sshd[2113]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.50.18 user=r.r Oct 8 11:15:19 shared10 sshd[2113]: Failed password for r.r from 138.68.50.18 port 54370 ssh2 Oct 8 11:15:20 shared10 sshd[2113]: Received disconnect from 138.68.50.18 port 54370:11: Bye Bye [preauth] Oct 8 11:15:20 shared10 sshd[2113]: Disconnected from authenticating user r.r 138.68.50.18 port 54370 [preauth] Oct 8 11:1........ ------------------------------	2019-10-13 02:31:24
attackbotsspam	Lines containing failures of 138.68.50.18 Oct 8 10:54:58 shared10 sshd[25902]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.50.18 user=r.r Oct 8 10:55:00 shared10 sshd[25902]: Failed password for r.r from 138.68.50.18 port 39356 ssh2 Oct 8 10:55:00 shared10 sshd[25902]: Received disconnect from 138.68.50.18 port 39356:11: Bye Bye [preauth] Oct 8 10:55:00 shared10 sshd[25902]: Disconnected from authenticating user r.r 138.68.50.18 port 39356 [preauth] Oct 8 11:15:17 shared10 sshd[2113]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.50.18 user=r.r Oct 8 11:15:19 shared10 sshd[2113]: Failed password for r.r from 138.68.50.18 port 54370 ssh2 Oct 8 11:15:20 shared10 sshd[2113]: Received disconnect from 138.68.50.18 port 54370:11: Bye Bye [preauth] Oct 8 11:15:20 shared10 sshd[2113]: Disconnected from authenticating user r.r 138.68.50.18 port 54370 [preauth] Oct 8 11:1........ ------------------------------	2019-10-11 17:44:03
attackspam	Lines containing failures of 138.68.50.18 Oct 8 10:54:58 shared10 sshd[25902]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.50.18 user=r.r Oct 8 10:55:00 shared10 sshd[25902]: Failed password for r.r from 138.68.50.18 port 39356 ssh2 Oct 8 10:55:00 shared10 sshd[25902]: Received disconnect from 138.68.50.18 port 39356:11: Bye Bye [preauth] Oct 8 10:55:00 shared10 sshd[25902]: Disconnected from authenticating user r.r 138.68.50.18 port 39356 [preauth] Oct 8 11:15:17 shared10 sshd[2113]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.50.18 user=r.r Oct 8 11:15:19 shared10 sshd[2113]: Failed password for r.r from 138.68.50.18 port 54370 ssh2 Oct 8 11:15:20 shared10 sshd[2113]: Received disconnect from 138.68.50.18 port 54370:11: Bye Bye [preauth] Oct 8 11:15:20 shared10 sshd[2113]: Disconnected from authenticating user r.r 138.68.50.18 port 54370 [preauth] Oct 8 11:1........ ------------------------------	2019-10-10 05:25:23

Comments on same subnet:

IP	Type	Details	Datetime
138.68.50.78	attackspambots	(sshd) Failed SSH login from 138.68.50.78 (US/United States/-): 5 in the last 3600 secs	2020-10-12 04:12:44
138.68.50.78	attack	Oct 11 12:26:48 server sshd[4930]: Failed password for invalid user new from 138.68.50.78 port 52160 ssh2 Oct 11 12:30:19 server sshd[6901]: Failed password for root from 138.68.50.78 port 58464 ssh2 Oct 11 12:33:58 server sshd[8755]: Failed password for invalid user apache from 138.68.50.78 port 36560 ssh2	2020-10-11 20:11:56
138.68.50.78	attack	Oct 11 06:13:19 root sshd[27400]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.50.78 user=root Oct 11 06:13:21 root sshd[27400]: Failed password for root from 138.68.50.78 port 33222 ssh2 ...	2020-10-11 12:10:50
138.68.50.78	attackbotsspam	SSH Brute Force	2020-10-11 05:34:25
138.68.50.1	attack	web Attack on Wordpress site at 2020-01-02.	2020-01-03 02:46:50
138.68.50.1	attack	SSH login attempts with user root.	2019-11-19 02:02:27

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.68.50.18
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 40192
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.68.50.18.			IN	A

;; AUTHORITY SECTION:
.			500	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019100901 1800 900 604800 86400

;; Query time: 266 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Oct 10 05:25:20 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 18.50.68.138.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 18.50.68.138.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
193.201.212.132	attack	TCP (SYN) 193.201.212.132:4111 -> port 23, len 44	2020-09-27 21:06:12
213.14.114.226	attackbots	445/tcp 445/tcp 445/tcp... [2020-07-28/09-26]5pkt,1pt.(tcp)	2020-09-27 21:01:11
123.31.27.102	attackbotsspam	Connection to SSH Honeypot - Detected by HoneypotDB	2020-09-27 21:19:08
91.237.239.108	attackbots	Sep 27 01:14:35 mail.srvfarm.net postfix/smtpd[831038]: warning: unknown[91.237.239.108]: SASL PLAIN authentication failed: Sep 27 01:14:35 mail.srvfarm.net postfix/smtpd[831038]: lost connection after AUTH from unknown[91.237.239.108] Sep 27 01:17:30 mail.srvfarm.net postfix/smtpd[831041]: warning: unknown[91.237.239.108]: SASL PLAIN authentication failed: Sep 27 01:17:30 mail.srvfarm.net postfix/smtpd[831041]: lost connection after AUTH from unknown[91.237.239.108] Sep 27 01:17:45 mail.srvfarm.net postfix/smtps/smtpd[817424]: warning: unknown[91.237.239.108]: SASL PLAIN authentication failed:	2020-09-27 21:19:50
106.12.87.83	attackspam	" "	2020-09-27 21:09:13
157.55.39.181	attackspambots	Automatic report - Banned IP Access	2020-09-27 20:55:25
122.116.7.34	attackspambots	Sep 27 12:02:37 onepixel sshd[2999329]: Invalid user svnuser from 122.116.7.34 port 48406 Sep 27 12:02:37 onepixel sshd[2999329]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.116.7.34 Sep 27 12:02:37 onepixel sshd[2999329]: Invalid user svnuser from 122.116.7.34 port 48406 Sep 27 12:02:40 onepixel sshd[2999329]: Failed password for invalid user svnuser from 122.116.7.34 port 48406 ssh2 Sep 27 12:06:05 onepixel sshd[2999837]: Invalid user esuser from 122.116.7.34 port 47006	2020-09-27 21:29:37
138.255.148.35	attack	Ssh brute force	2020-09-27 20:57:39
167.172.25.74	attack	Automated report - ssh fail2ban: Sep 27 14:52:50 Unable to negotiate with 167.172.25.74 port=47092: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth] Sep 27 14:52:51 Unable to negotiate with 167.172.25.74 port=48080: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth] Sep 27 14:52:51 Unable to negotiate with 167.172.25.74 port=48948: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth] Sep 27 14:52:52 Unable to negotiate with 167.172.25.74 port=49878: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth]	2020-09-27 20:54:52
192.35.169.24	attack	TCP (SYN) 192.35.169.24:37658 -> port 465, len 44	2020-09-27 21:09:50
51.104.16.192	attack	Invalid user admin from 51.104.16.192 port 10596	2020-09-27 21:04:17
162.243.192.108	attackbotsspam	Sep 27 10:25:28 ns382633 sshd\[12007\]: Invalid user ubuntu from 162.243.192.108 port 36197 Sep 27 10:25:28 ns382633 sshd\[12007\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.192.108 Sep 27 10:25:30 ns382633 sshd\[12007\]: Failed password for invalid user ubuntu from 162.243.192.108 port 36197 ssh2 Sep 27 10:35:37 ns382633 sshd\[13859\]: Invalid user factorio from 162.243.192.108 port 43314 Sep 27 10:35:37 ns382633 sshd\[13859\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.192.108	2020-09-27 21:31:56
61.177.172.168	attackspam	Sep 27 14:51:54 abendstille sshd\[6999\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.168 user=root Sep 27 14:51:56 abendstille sshd\[6999\]: Failed password for root from 61.177.172.168 port 21120 ssh2 Sep 27 14:52:07 abendstille sshd\[6999\]: Failed password for root from 61.177.172.168 port 21120 ssh2 Sep 27 14:52:10 abendstille sshd\[6999\]: Failed password for root from 61.177.172.168 port 21120 ssh2 Sep 27 14:52:16 abendstille sshd\[7363\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.168 user=root ...	2020-09-27 20:54:41
49.88.112.73	attackbotsspam	Sep 27 13:17:51 onepixel sshd[3010533]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.73 user=root Sep 27 13:17:54 onepixel sshd[3010533]: Failed password for root from 49.88.112.73 port 25615 ssh2 Sep 27 13:17:51 onepixel sshd[3010533]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.73 user=root Sep 27 13:17:54 onepixel sshd[3010533]: Failed password for root from 49.88.112.73 port 25615 ssh2 Sep 27 13:17:58 onepixel sshd[3010533]: Failed password for root from 49.88.112.73 port 25615 ssh2	2020-09-27 21:23:28
121.10.139.68	attackbots	firewall-block, port(s): 16218/tcp	2020-09-27 21:16:46

Recently Reported IPs

193.26.193.114	171.71.8.71	58.135.248.237	124.198.106.133
35.177.111.181	87.237.220.36	162.13.61.63	124.90.150.183
18.146.69.170	204.147.84.152	211.51.111.182	37.146.210.163
37.147.197.209	60.21.73.88	59.55.37.204	103.215.80.171
117.92.165.241	81.143.205.37	12.189.45.71	61.144.100.125