138.68.94.173 - IPInfo

Basic Info

City: Frankfurt am Main

Region: Hesse

Country: Germany

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: DigitalOcean, LLC

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Aug 20 07:03:08 rancher-0 sshd[1172212]: Invalid user redmine from 138.68.94.173 port 54758 ...	2020-08-20 13:25:48
attackbots	Port Scan detected from 138.68.94.173 (DE/Germany/Hesse/Frankfurt am Main/-). 4 hits in the last 161 seconds	2020-08-16 00:13:26
attackspam	$f2bV_matches	2020-08-03 05:14:37
attackspam	Connection to SSH Honeypot - Detected by HoneypotDB	2020-07-27 16:40:58
attackspambots	Jul 12 13:00:04 localhost sshd[46230]: Invalid user fating from 138.68.94.173 port 43596 Jul 12 13:00:04 localhost sshd[46230]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.94.173 Jul 12 13:00:04 localhost sshd[46230]: Invalid user fating from 138.68.94.173 port 43596 Jul 12 13:00:06 localhost sshd[46230]: Failed password for invalid user fating from 138.68.94.173 port 43596 ssh2 Jul 12 13:06:23 localhost sshd[46873]: Invalid user gena from 138.68.94.173 port 34574 ...	2020-07-12 21:20:56
attackspambots	Jun 24 10:15:12 gw1 sshd[10611]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.94.173 Jun 24 10:15:14 gw1 sshd[10611]: Failed password for invalid user dmitry from 138.68.94.173 port 36224 ssh2 ...	2020-06-24 16:08:39
attack	(sshd) Failed SSH login from 138.68.94.173 (DE/Germany/-): 12 in the last 3600 secs	2020-06-20 16:45:55
attackbotsspam	May 29 22:50:17 vps639187 sshd\[10409\]: Invalid user 111111 from 138.68.94.173 port 54672 May 29 22:50:17 vps639187 sshd\[10409\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.94.173 May 29 22:50:19 vps639187 sshd\[10409\]: Failed password for invalid user 111111 from 138.68.94.173 port 54672 ssh2 ...	2020-05-30 05:39:28
attack	2020-05-23T18:05:51.062450morrigan.ad5gb.com sshd[11987]: Invalid user kyn from 138.68.94.173 port 42690 2020-05-23T18:05:52.667755morrigan.ad5gb.com sshd[11987]: Failed password for invalid user kyn from 138.68.94.173 port 42690 ssh2 2020-05-23T18:05:53.571711morrigan.ad5gb.com sshd[11987]: Disconnected from invalid user kyn 138.68.94.173 port 42690 [preauth]	2020-05-24 08:06:04
attack	May 21 06:37:02 eventyay sshd[13562]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.94.173 May 21 06:37:04 eventyay sshd[13562]: Failed password for invalid user jiaxin from 138.68.94.173 port 58952 ssh2 May 21 06:44:52 eventyay sshd[13863]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.94.173 ...	2020-05-21 13:03:04
attackbots	Invalid user eas from 138.68.94.173 port 50486	2020-05-16 06:45:56
attack	May 13 03:30:13 XXXXXX sshd[5595]: Invalid user user from 138.68.94.173 port 33904	2020-05-13 12:04:38
attackbots	$f2bV_matches	2020-05-11 19:09:37
attackbotsspam	Brute-force attempt banned	2020-05-10 07:39:07
attack	May 7 10:37:57 plex sshd[30495]: Invalid user ragnarok from 138.68.94.173 port 46768	2020-05-07 16:46:37
attackbotsspam	2020-05-04T20:42:24.619339abusebot-7.cloudsearch.cf sshd[28618]: Invalid user hadoopuser from 138.68.94.173 port 48510 2020-05-04T20:42:24.626006abusebot-7.cloudsearch.cf sshd[28618]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.94.173 2020-05-04T20:42:24.619339abusebot-7.cloudsearch.cf sshd[28618]: Invalid user hadoopuser from 138.68.94.173 port 48510 2020-05-04T20:42:27.213818abusebot-7.cloudsearch.cf sshd[28618]: Failed password for invalid user hadoopuser from 138.68.94.173 port 48510 ssh2 2020-05-04T20:50:24.529361abusebot-7.cloudsearch.cf sshd[29112]: Invalid user info from 138.68.94.173 port 58300 2020-05-04T20:50:24.537641abusebot-7.cloudsearch.cf sshd[29112]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.94.173 2020-05-04T20:50:24.529361abusebot-7.cloudsearch.cf sshd[29112]: Invalid user info from 138.68.94.173 port 58300 2020-05-04T20:50:27.020123abusebot-7.cloudsearch.cf sshd[2 ...	2020-05-05 06:04:28
attack	2020-05-01T05:22:25.537538mail.thespaminator.com sshd[22499]: Invalid user test from 138.68.94.173 port 51982 2020-05-01T05:22:27.837364mail.thespaminator.com sshd[22499]: Failed password for invalid user test from 138.68.94.173 port 51982 ssh2 ...	2020-05-01 18:56:38
attackspam	Apr 26 14:04:39 haigwepa sshd[32365]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.94.173 Apr 26 14:04:41 haigwepa sshd[32365]: Failed password for invalid user test from 138.68.94.173 port 55416 ssh2 ...	2020-04-27 02:03:41
attackbotsspam	Apr 21 04:55:36 mockhub sshd[31698]: Failed password for root from 138.68.94.173 port 40550 ssh2 ...	2020-04-21 20:43:12
attack	Apr 19 19:17:02 lukav-desktop sshd\[19372\]: Invalid user dm from 138.68.94.173 Apr 19 19:17:02 lukav-desktop sshd\[19372\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.94.173 Apr 19 19:17:03 lukav-desktop sshd\[19372\]: Failed password for invalid user dm from 138.68.94.173 port 38322 ssh2 Apr 19 19:26:37 lukav-desktop sshd\[19719\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.94.173 user=root Apr 19 19:26:38 lukav-desktop sshd\[19719\]: Failed password for root from 138.68.94.173 port 59662 ssh2	2020-04-20 00:29:58
attackspam	2020-04-09T03:54:47.859663abusebot-4.cloudsearch.cf sshd[5086]: Invalid user jboss from 138.68.94.173 port 55898 2020-04-09T03:54:47.867644abusebot-4.cloudsearch.cf sshd[5086]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.94.173 2020-04-09T03:54:47.859663abusebot-4.cloudsearch.cf sshd[5086]: Invalid user jboss from 138.68.94.173 port 55898 2020-04-09T03:54:50.048845abusebot-4.cloudsearch.cf sshd[5086]: Failed password for invalid user jboss from 138.68.94.173 port 55898 ssh2 2020-04-09T04:03:39.719508abusebot-4.cloudsearch.cf sshd[5718]: Invalid user prometheus from 138.68.94.173 port 38036 2020-04-09T04:03:39.738147abusebot-4.cloudsearch.cf sshd[5718]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.94.173 2020-04-09T04:03:39.719508abusebot-4.cloudsearch.cf sshd[5718]: Invalid user prometheus from 138.68.94.173 port 38036 2020-04-09T04:03:40.952001abusebot-4.cloudsearch.cf sshd[5718]: Fail ...	2020-04-09 15:22:01
attackbotsspam	SSH Brute-Force reported by Fail2Ban	2020-04-08 05:46:47
attackbotsspam	Apr 4 08:14:12 prox sshd[32501]: Failed password for root from 138.68.94.173 port 44148 ssh2	2020-04-04 14:51:47
attackspam	Mar 25 09:32:28 ny01 sshd[27651]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.94.173 Mar 25 09:32:30 ny01 sshd[27651]: Failed password for invalid user nexus from 138.68.94.173 port 59166 ssh2 Mar 25 09:40:55 ny01 sshd[31174]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.94.173	2020-03-25 21:53:20
attackbotsspam	Mar 4 19:08:16 server sshd[620149]: Failed password for invalid user cpanelphpmyadmin from 138.68.94.173 port 56204 ssh2 Mar 4 19:29:44 server sshd[654967]: Failed password for invalid user server from 138.68.94.173 port 38528 ssh2 Mar 4 19:50:56 server sshd[689501]: Failed password for invalid user svnuser from 138.68.94.173 port 49088 ssh2	2020-03-05 04:27:08
attackbots	Mar 1 20:36:38 vps647732 sshd[13667]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.94.173 Mar 1 20:36:40 vps647732 sshd[13667]: Failed password for invalid user jayheo from 138.68.94.173 port 51050 ssh2 ...	2020-03-02 04:12:11
attackbotsspam	$f2bV_matches_ltvn	2020-02-26 11:23:32
attackbotsspam	Invalid user autodoor from 138.68.94.173 port 52722	2020-01-10 23:08:22
attackbots	2019-12-31T15:42:10.838811shield sshd\[4100\]: Invalid user pass1235 from 138.68.94.173 port 51884 2019-12-31T15:42:10.843508shield sshd\[4100\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.94.173 2019-12-31T15:42:12.855318shield sshd\[4100\]: Failed password for invalid user pass1235 from 138.68.94.173 port 51884 ssh2 2019-12-31T15:44:33.603106shield sshd\[4612\]: Invalid user music from 138.68.94.173 port 40518 2019-12-31T15:44:33.606559shield sshd\[4612\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.94.173	2019-12-31 23:52:19
attack	Fail2Ban Ban Triggered	2019-12-26 02:20:50

Comments on same subnet:

IP	Type	Details	Datetime
138.68.94.142	attack	Sep 15 14:51:57 router sshd[6506]: Failed password for root from 138.68.94.142 port 51963 ssh2 Sep 15 15:02:08 router sshd[6558]: Failed password for root from 138.68.94.142 port 58331 ssh2 ...	2020-09-16 00:55:41
138.68.94.142	attack	Port scan denied	2020-09-15 16:47:08
138.68.94.142	attack	Port scan: Attack repeated for 24 hours	2020-09-12 02:27:28
138.68.94.142	attackbotsspam	Automatic report - Banned IP Access	2020-09-11 18:21:17
138.68.94.142	attack	TCP port : 2280	2020-09-09 19:51:34
138.68.94.142	attackbots	Port scan: Attack repeated for 24 hours	2020-09-09 13:50:00
138.68.94.142	attackbots	TCP (SYN) 138.68.94.142:55075 -> port 2280, len 44	2020-09-09 06:01:29
138.68.94.142	attackbotsspam	firewall-block, port(s): 28171/tcp	2020-08-30 14:03:14
138.68.94.142	attack	TCP port : 15460	2020-08-24 18:49:37
138.68.94.142	attackspam	Port scan: Attack repeated for 24 hours	2020-08-10 15:07:31
138.68.94.142	attackspam	TCP (SYN) 138.68.94.142:48510 -> port 13357, len 44	2020-08-06 17:59:02
138.68.94.142	attackspambots	scans 2 times in preceeding hours on the ports (in chronological order) 22933 26188	2020-07-29 22:08:04
138.68.94.142	attackspam	Jul 23 22:23:53 vps639187 sshd\[8838\]: Invalid user lazare from 138.68.94.142 port 47458 Jul 23 22:23:53 vps639187 sshd\[8838\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.94.142 Jul 23 22:23:55 vps639187 sshd\[8838\]: Failed password for invalid user lazare from 138.68.94.142 port 47458 ssh2 ...	2020-07-24 04:58:42
138.68.94.142	attackspam	Jul 22 21:36:02 ns382633 sshd\[20639\]: Invalid user hg from 138.68.94.142 port 40958 Jul 22 21:36:02 ns382633 sshd\[20639\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.94.142 Jul 22 21:36:04 ns382633 sshd\[20639\]: Failed password for invalid user hg from 138.68.94.142 port 40958 ssh2 Jul 22 21:54:07 ns382633 sshd\[23882\]: Invalid user coi from 138.68.94.142 port 49014 Jul 22 21:54:07 ns382633 sshd\[23882\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.94.142	2020-07-23 04:15:58
138.68.94.142	attack	Multiport scan 32 ports : 2720 3282 4445 4836 4969 8299 8769 9207 10227 11609 14585 15385 16082 16142 16936 17633 17930 18243 18554 20440 22852 23740 24495 26075 26210 27033 29231 29900 30040 31131 31176 31864	2020-07-21 07:31:03

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.68.94.173
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18181
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.68.94.173.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019041201 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sat Apr 13 10:21:03 +08 2019
;; MSG SIZE  rcvd: 117

Host info

Host 173.94.68.138.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 173.94.68.138.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
45.227.255.4	attackbotsspam	Apr 27 22:28:48 vmd17057 sshd[15321]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.227.255.4 Apr 27 22:28:49 vmd17057 sshd[15321]: Failed password for invalid user admin from 45.227.255.4 port 9114 ssh2 ...	2020-04-28 04:38:36
177.93.65.26	attack	Brute force attempt	2020-04-28 04:48:52
140.238.153.125	attackbots	Apr 27 22:36:22 legacy sshd[28581]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.238.153.125 Apr 27 22:36:24 legacy sshd[28581]: Failed password for invalid user pepe from 140.238.153.125 port 27426 ssh2 Apr 27 22:38:14 legacy sshd[28613]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.238.153.125 ...	2020-04-28 04:51:07
222.186.173.238	attackspambots	Apr 27 21:42:50 combo sshd[22814]: Failed password for root from 222.186.173.238 port 30512 ssh2 Apr 27 21:42:53 combo sshd[22814]: Failed password for root from 222.186.173.238 port 30512 ssh2 Apr 27 21:42:56 combo sshd[22814]: Failed password for root from 222.186.173.238 port 30512 ssh2 ...	2020-04-28 04:44:54
103.15.140.126	attackbots	Port probing on unauthorized port 1433	2020-04-28 04:49:06
183.61.254.56	attackbotsspam	Apr 27 21:59:14 ns382633 sshd\[8942\]: Invalid user telekom from 183.61.254.56 port 60182 Apr 27 21:59:14 ns382633 sshd\[8942\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.61.254.56 Apr 27 21:59:16 ns382633 sshd\[8942\]: Failed password for invalid user telekom from 183.61.254.56 port 60182 ssh2 Apr 27 22:12:42 ns382633 sshd\[11785\]: Invalid user screeps from 183.61.254.56 port 49147 Apr 27 22:12:42 ns382633 sshd\[11785\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.61.254.56	2020-04-28 04:36:51
217.112.128.159	attackbots	Apr 27 22:06:27 mail.srvfarm.net postfix/smtpd[579250]: NOQUEUE: reject: RCPT from palliate.kranbery.com[217.112.128.159]: 554 5.7.1 Service unavailable; Client host [217.112.128.159] blocked using zen.spamhaus.org; https://www.spamhaus.org/sbl/query/SBL461503 / https://www.spamhaus.org/sbl/query/SBLCSS; from= to= proto=ESMTP helo= Apr 27 22:06:32 mail.srvfarm.net postfix/smtpd[578441]: NOQUEUE: reject: RCPT from palliate.kranbery.com[217.112.128.159]: 554 5.7.1 Service unavailable; Client host [217.112.128.159] blocked using zen.spamhaus.org; https://www.spamhaus.org/sbl/query/SBL461503 / https://www.spamhaus.org/sbl/query/SBLCSS; from= to= proto=ESMTP helo= Apr 27 22:07:00 mail.srvfarm.net postfix/smtpd[583779]: NOQUEUE: reject: RCPT from palliate.kranbery.com[217.112.128.159]: 554 5.7.1 Service unavailable; Client host [217.112.128.	2020-04-28 04:45:58
162.248.52.82	attack	(sshd) Failed SSH login from 162.248.52.82 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 27 23:04:34 srv sshd[12022]: Invalid user ops from 162.248.52.82 port 42768 Apr 27 23:04:35 srv sshd[12022]: Failed password for invalid user ops from 162.248.52.82 port 42768 ssh2 Apr 27 23:12:19 srv sshd[12311]: Invalid user sysadmin from 162.248.52.82 port 48822 Apr 27 23:12:21 srv sshd[12311]: Failed password for invalid user sysadmin from 162.248.52.82 port 48822 ssh2 Apr 27 23:14:58 srv sshd[12412]: Invalid user zn from 162.248.52.82 port 41964	2020-04-28 04:58:21
66.150.223.120	attackspambots	ICMP flood	2020-04-28 04:40:38
185.69.24.243	attackbotsspam	Apr 27 22:24:42 server sshd[19122]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.69.24.243 Apr 27 22:24:44 server sshd[19122]: Failed password for invalid user net from 185.69.24.243 port 36674 ssh2 Apr 27 22:28:44 server sshd[19515]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.69.24.243 ...	2020-04-28 04:29:18
49.88.112.115	attackbots	2020-04-27T22:12:22.785833 sshd[4712]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.115 user=root 2020-04-27T22:12:24.484685 sshd[4712]: Failed password for root from 49.88.112.115 port 31504 ssh2 2020-04-27T22:12:27.974388 sshd[4712]: Failed password for root from 49.88.112.115 port 31504 ssh2 2020-04-27T22:12:22.785833 sshd[4712]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.115 user=root 2020-04-27T22:12:24.484685 sshd[4712]: Failed password for root from 49.88.112.115 port 31504 ssh2 2020-04-27T22:12:27.974388 sshd[4712]: Failed password for root from 49.88.112.115 port 31504 ssh2 ...	2020-04-28 04:54:36
223.83.138.104	attackspam	Apr 27 17:01:34 ny01 sshd[12607]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.83.138.104 Apr 27 17:01:35 ny01 sshd[12607]: Failed password for invalid user aiken from 223.83.138.104 port 57610 ssh2 Apr 27 17:03:29 ny01 sshd[12794]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.83.138.104	2020-04-28 05:03:55
103.4.217.138	attackspambots	Apr 27 21:49:23 server sshd[17440]: Failed password for invalid user karunya from 103.4.217.138 port 58940 ssh2 Apr 27 22:06:22 server sshd[22883]: Failed password for invalid user manager from 103.4.217.138 port 43600 ssh2 Apr 27 22:12:15 server sshd[24882]: Failed password for invalid user sac from 103.4.217.138 port 49418 ssh2	2020-04-28 05:05:32
222.186.173.215	attackspambots	Unauthorised connection attempt detected at AUO MAIN. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-04-28 04:58:00
2400:6180:100:d0::19fc:a001	attack	Brute-force general attack.	2020-04-28 05:03:29

Recently Reported IPs

122.176.60.95	118.25.27.67	78.24.100.42	49.206.209.88
171.233.98.4	92.51.121.206	197.210.143.2	200.50.110.66
199.16.56.84	201.217.196.162	164.77.77.251	94.155.17.149
188.163.22.53	23.225.150.125	206.189.232.45	145.239.95.55
5.134.219.226	1.164.34.69	202.83.42.25	139.162.90.220