JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 138.68.4.38

138.68.4.38 was found in our database!

This IP was reported 707 times. Confidence of Abuse is 63%: ?

63%

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇺🇸 United States of America
City	Santa Clara, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 138.68.4.38

Whois 138.68.4.38

IP Abuse Reports for 138.68.4.38:

This IP address has been reported a total of 707 times from 149 distinct sources. 138.68.4.38 was first reported on April 24th 2023, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇮 nNordic	2026-06-09 09:12:18 (1 week ago)	Connection attempt blocked by IDS/IPS from 138.68.4.38/32	Hacking
🇮🇳 evicky2002	2026-05-27 06:00:00 (3 weeks ago)	Confirmed malicious by STILWaters CTI platform (score=100, sources=1)	Hacking Brute-Force SSH
🇧🇷 ICS Labs	2026-05-21 15:33:20 (4 weeks ago)	ICS Labs identified 138.68.4.38 as a malicious indicator from threat intelligence.	DDoS Attack Hacking Exploited Host
🇺🇸 wasuma	2026-05-18 04:24:40 (1 month ago)	Honeypot: exploit. C2 URL: http://192.168.10.100/msmq/private$/queuejumperpoc<se:Envelope. Comman ... show more Honeypot: exploit. C2 URL: http://192.168.10.100/msmq/private$/queuejumperpoc<se:Envelope. Command: LIORL ��c��d `http://192.168.10.100/msmq/private$/queuejumperpoc<se:Envelope show less	Port Scan Web App Attack
🇺🇸 MPL	2026-05-15 15:37:12 (1 month ago)	tcp/2066 (2 or more attempts)	Port Scan
🇺🇸 MPL	2026-05-15 14:32:23 (1 month ago)	tcp/2062 (2 or more attempts)	Port Scan
🇺🇸 withfallback.com	2026-05-15 10:00:19 (1 month ago)	sends \r\n\r\n and waits; probably looking for telnet	Port Scan
🇺🇸 MPL	2026-05-15 03:23:33 (1 month ago)	tcp/2016 (4 or more attempts)	Port Scan
🇺🇸 MPL	2026-05-15 02:10:30 (1 month ago)	tcp/2012 (2 or more attempts)	Port Scan
🇸🇪 NordhTech	2026-05-14 20:15:16 (1 month ago)	More than 3 malicious connection attempts, trying port(s) 1995/tcp, then blocked from services ...	Port Scan Hacking
🇺🇸 MPL	2026-05-14 20:11:56 (1 month ago)	tcp/1995	Port Scan
🇺🇸 MPL	2026-05-14 16:51:07 (1 month ago)	tcp/1993	Port Scan
🇺🇸 MPL	2026-05-14 14:12:46 (1 month ago)	tcp/3389	Port Scan
🇺🇸 MPL	2026-05-14 13:56:25 (1 month ago)	tcp/1982	Port Scan
🇺🇸 MPL	2026-05-14 11:07:33 (1 month ago)	tcp/1977 (2 or more attempts)	Port Scan

Showing 1 to 15 of 707 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 195.184.76.18

🇩🇪 167.94.146.47

🇺🇸 165.154.172.253

🇱🇹 81.30.98.142

🇫🇷 51.68.34.131

🇺🇸 47.77.229.244

🇪🇬 41.128.181.199

🇨🇳 120.242.190.31

🇸🇬 114.119.136.24

🇸🇬 114.119.135.166

🇫🇷 91.231.89.116

🇳🇱 91.92.40.45

🇫🇷 51.68.226.87

🇸🇬 43.172.197.83

🇸🇬 43.133.60.191

🇺🇸 40.160.23.43

🇺🇸 20.163.6.253

🇦🇺 203.185.198.246

🇰🇷 118.37.214.187

🇸🇬 114.119.135.107