JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 138.68.26.195

138.68.26.195 was found in our database!

This IP was reported 401 times. Confidence of Abuse is 100%: ?

100%

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇺🇸 United States of America
City	Santa Clara, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 138.68.26.195

Whois 138.68.26.195

IP Abuse Reports for 138.68.26.195:

This IP address has been reported a total of 401 times from 183 distinct sources. 138.68.26.195 was first reported on May 23rd 2026, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇷🇴 andreighitan	2026-06-01 00:00:00 (3 days ago)	Coordinated attack against 84.46.253.134. Webshell scanning + credential harvesting. Active May-Jun ... show more Coordinated attack against 84.46.253.134. Webshell scanning + credential harvesting. Active May-Jun 2026. ZAC Bayern ref BY0257-500359-26/8. show less	Brute-Force
🇷🇺 Agrohim	2026-05-30 01:03:45 (5 days ago)	Gate Inet blocked for categories:	DDoS Attack Ping of Death Port Scan Hacking Brute-Force
🇸🇬 drewf.ink	2026-05-29 14:55:48 (5 days ago)	[14:55] Port scanning. Port(s) scanned: TCP/8888	Port Scan
🇨🇦 polycoda	2026-05-29 11:29:51 (5 days ago)	AutoBlock: 📡 Port Scan (Non Decay-Based)	Port Scan
🇺🇸 cwytech	2026-05-29 10:53:24 (5 days ago)	Fleet-wide ban from the Ghostfleet 👻. Triggered by scenario: cwy/tpot-http-sensitive-files.	Bad Web Bot Web App Attack
🇺🇸 jcbriar	2026-05-29 10:22:11 (5 days ago)	Searching for vulnerable scripts	Hacking Web App Attack
🇺🇸 drewf.ink	2026-05-29 10:16:42 (5 days ago)	[10:16] Port scanning. Port(s) scanned: TCP/8080	Port Scan
🇫🇷 zulzeen	2026-05-29 08:36:11 (5 days ago)	[incypit-web] Blocked by SysWarden Firewall [BLOCK] (Infra/DevOps Attack)	Hacking Web App Attack
🇨🇦 martenmark	2026-05-29 08:27:44 (5 days ago)	138.68.26.195 - - [29/May/2026:08:27:43 +0000] "GET /.env HTTP/1.1" 301 682 "-" "curl/8.0" ...	Web App Attack
🇺🇸 Starburst SysOp Team	2026-05-29 08:12:22 (5 days ago)	Host header is a numeric IP address. Pattern match "(?:^( (920350-stl2-14)	Hacking Bad Web Bot
🇺🇸 jfz-abuse	2026-05-29 08:02:14 (5 days ago)	fail2ban: apache-filepath-recon ...	Web App Attack
🇬🇧 martenmark	2026-05-29 07:55:38 (5 days ago)	138.68.26.195 - - [29/May/2026:07:55:37 +0000] "GET /.env HTTP/1.1" 301 622 "-" "curl/8.0" ...	Web App Attack
Anonymous	2026-05-29 07:54:03 (5 days ago)	Web App Attack	Brute-Force Exploited Host Web App Attack
🇩🇪 ManagedStack	2026-05-29 07:15:01 (5 days ago)	Probing access to unauthorized locations	Hacking Exploited Host Web App Attack
🇬🇧 thetomtaylor.co.uk	2026-05-29 07:08:01 (5 days ago)	Fail2Ban - [WEB]Custom exploit pattern detected on customexploits ... [ice01,ice02,wa01,wa02]	Hacking Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 401 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 2a02:4780:8:580:0:2196:e91d:1

🇳🇱 195.178.110.159

🇺🇸 174.35.25.181

🇺🇸 172.253.9.154

🇩🇪 167.94.145.21

🇲🇽 131.196.254.47

🇳🇿 121.73.163.185

🇳🇬 102.88.137.80

🇨🇦 99.234.183.252

🇨🇦 85.217.149.55

🇧🇷 45.205.1.71

🇳🇱 45.148.10.151

🇵🇭 2001:fd8:cabd:7300:55b5:c8d0:46ea:c921

🇨🇳 220.167.232.161

🇹🇷 212.87.199.64

🇧🇷 205.210.31.212

🇬🇧 193.163.125.102

🇮🇳 183.82.111.224

🇺🇸 181.214.48.175

🇨🇳 180.76.146.235