138.68.29.52 - IPInfo

基本信息:

城市(city): Santa Clara

省份(region): California

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): DigitalOcean, LLC

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Oct 1 02:23:11 hpm sshd\[14787\]: Invalid user alexander from 138.68.29.52 Oct 1 02:23:11 hpm sshd\[14787\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.29.52 Oct 1 02:23:14 hpm sshd\[14787\]: Failed password for invalid user alexander from 138.68.29.52 port 55570 ssh2 Oct 1 02:27:07 hpm sshd\[15092\]: Invalid user bianka from 138.68.29.52 Oct 1 02:27:07 hpm sshd\[15092\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.29.52	2019-10-02 03:50:16
attackspambots	[ssh] SSH attack	2019-09-30 06:56:04
attackbots	Sep 23 15:11:59 game-panel sshd[24868]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.29.52 Sep 23 15:12:02 game-panel sshd[24868]: Failed password for invalid user quagga from 138.68.29.52 port 38782 ssh2 Sep 23 15:15:53 game-panel sshd[24986]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.29.52	2019-09-23 23:19:26
attackspambots	Sep 23 06:58:07 hcbbdb sshd\[19576\]: Invalid user yoko from 138.68.29.52 Sep 23 06:58:07 hcbbdb sshd\[19576\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.29.52 Sep 23 06:58:09 hcbbdb sshd\[19576\]: Failed password for invalid user yoko from 138.68.29.52 port 39198 ssh2 Sep 23 07:01:54 hcbbdb sshd\[20024\]: Invalid user ci from 138.68.29.52 Sep 23 07:01:54 hcbbdb sshd\[20024\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.29.52	2019-09-23 15:09:24
attackspambots	Automatic report - Banned IP Access	2019-09-17 07:01:42
attackbots	Sep 11 23:31:42 vps691689 sshd[4760]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.29.52 Sep 11 23:31:44 vps691689 sshd[4760]: Failed password for invalid user 123456 from 138.68.29.52 port 32898 ssh2 ...	2019-09-12 05:49:34
attackbotsspam	Sep 7 05:00:30 site2 sshd\[6854\]: Invalid user usuario from 138.68.29.52Sep 7 05:00:32 site2 sshd\[6854\]: Failed password for invalid user usuario from 138.68.29.52 port 36966 ssh2Sep 7 05:04:14 site2 sshd\[7084\]: Invalid user ubuntu from 138.68.29.52Sep 7 05:04:15 site2 sshd\[7084\]: Failed password for invalid user ubuntu from 138.68.29.52 port 51432 ssh2Sep 7 05:08:09 site2 sshd\[7412\]: Invalid user esbuser from 138.68.29.52Sep 7 05:08:10 site2 sshd\[7412\]: Failed password for invalid user esbuser from 138.68.29.52 port 37690 ssh2 ...	2019-09-07 10:20:22
attack	Sep 3 19:13:13 tdfoods sshd\[5242\]: Invalid user chu from 138.68.29.52 Sep 3 19:13:13 tdfoods sshd\[5242\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.29.52 Sep 3 19:13:15 tdfoods sshd\[5242\]: Failed password for invalid user chu from 138.68.29.52 port 34500 ssh2 Sep 3 19:17:17 tdfoods sshd\[5658\]: Invalid user zq from 138.68.29.52 Sep 3 19:17:17 tdfoods sshd\[5658\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.29.52	2019-09-04 13:47:24
attackbotsspam	Aug 30 02:19:58 localhost sshd\[5924\]: Invalid user gerrit2 from 138.68.29.52 port 57218 Aug 30 02:19:58 localhost sshd\[5924\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.29.52 Aug 30 02:20:00 localhost sshd\[5924\]: Failed password for invalid user gerrit2 from 138.68.29.52 port 57218 ssh2	2019-08-30 08:56:40
attack	Aug 26 06:25:11 MK-Soft-Root2 sshd\[24665\]: Invalid user wangtao from 138.68.29.52 port 49090 Aug 26 06:25:11 MK-Soft-Root2 sshd\[24665\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.29.52 Aug 26 06:25:13 MK-Soft-Root2 sshd\[24665\]: Failed password for invalid user wangtao from 138.68.29.52 port 49090 ssh2 ...	2019-08-26 18:23:20
attackspambots	Aug 23 05:32:31 vps200512 sshd\[21938\]: Invalid user navneet from 138.68.29.52 Aug 23 05:32:31 vps200512 sshd\[21938\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.29.52 Aug 23 05:32:33 vps200512 sshd\[21938\]: Failed password for invalid user navneet from 138.68.29.52 port 33992 ssh2 Aug 23 05:36:40 vps200512 sshd\[22137\]: Invalid user veronica from 138.68.29.52 Aug 23 05:36:40 vps200512 sshd\[22137\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.29.52	2019-08-23 18:12:19
attackbots	Aug 19 19:54:03 MK-Soft-VM3 sshd\[9720\]: Invalid user mihai from 138.68.29.52 port 44354 Aug 19 19:54:03 MK-Soft-VM3 sshd\[9720\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.29.52 Aug 19 19:54:05 MK-Soft-VM3 sshd\[9720\]: Failed password for invalid user mihai from 138.68.29.52 port 44354 ssh2 ...	2019-08-20 10:52:40
attack	Aug 16 12:16:58 hpm sshd\[30356\]: Invalid user test from 138.68.29.52 Aug 16 12:16:58 hpm sshd\[30356\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.29.52 Aug 16 12:17:00 hpm sshd\[30356\]: Failed password for invalid user test from 138.68.29.52 port 60172 ssh2 Aug 16 12:21:16 hpm sshd\[30737\]: Invalid user yellow from 138.68.29.52 Aug 16 12:21:16 hpm sshd\[30737\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.29.52	2019-08-17 07:39:16
attack	Aug 8 03:51:34 dedicated sshd[24541]: Invalid user nagios from 138.68.29.52 port 35556	2019-08-08 09:56:24
attackspam	Aug 7 03:37:35 sshgateway sshd\[32301\]: Invalid user samba from 138.68.29.52 Aug 7 03:37:35 sshgateway sshd\[32301\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.29.52 Aug 7 03:37:37 sshgateway sshd\[32301\]: Failed password for invalid user samba from 138.68.29.52 port 45318 ssh2	2019-08-07 14:55:57
attackspambots	SSH Brute-Force reported by Fail2Ban	2019-08-06 22:28:03
attackbotsspam	Jul 31 04:41:12 TORMINT sshd\[21395\]: Invalid user pentagon from 138.68.29.52 Jul 31 04:41:12 TORMINT sshd\[21395\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.29.52 Jul 31 04:41:14 TORMINT sshd\[21395\]: Failed password for invalid user pentagon from 138.68.29.52 port 55158 ssh2 ...	2019-07-31 16:49:17
attackbots	Jul 15 10:22:04 v22018076622670303 sshd\[28715\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.29.52 user=root Jul 15 10:22:06 v22018076622670303 sshd\[28715\]: Failed password for root from 138.68.29.52 port 36562 ssh2 Jul 15 10:26:55 v22018076622670303 sshd\[28740\]: Invalid user cs from 138.68.29.52 port 35056 Jul 15 10:26:55 v22018076622670303 sshd\[28740\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.29.52 ...	2019-07-15 20:11:55
attackspam	Jul 13 21:21:54 vps691689 sshd[22416]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.29.52 Jul 13 21:21:56 vps691689 sshd[22416]: Failed password for invalid user sonata from 138.68.29.52 port 53614 ssh2 Jul 13 21:27:02 vps691689 sshd[22617]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.29.52 ...	2019-07-14 03:33:08
attack	Jun 30 14:12:31 mail sshd\[1012\]: Failed password for invalid user sqlbase from 138.68.29.52 port 36636 ssh2 Jun 30 14:28:59 mail sshd\[1096\]: Invalid user ftpadmin from 138.68.29.52 port 54422 Jun 30 14:28:59 mail sshd\[1096\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.29.52 ...	2019-06-30 22:00:46
attack	Jun 22 06:09:51 mail sshd\[18997\]: Invalid user presta from 138.68.29.52 port 60280 Jun 22 06:09:51 mail sshd\[18997\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.29.52 Jun 22 06:09:53 mail sshd\[18997\]: Failed password for invalid user presta from 138.68.29.52 port 60280 ssh2 Jun 22 06:11:09 mail sshd\[19169\]: Invalid user zhua from 138.68.29.52 port 46282 Jun 22 06:11:09 mail sshd\[19169\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.29.52	2019-06-22 21:44:31

相同子网IP讨论:

IP	类型	评论内容	时间
138.68.29.69	attackspambots	Apr 26 19:01:23 master sshd[32396]: Failed password for invalid user pmc2 from 138.68.29.69 port 53048 ssh2	2020-04-27 04:16:59

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.68.29.52
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 20251
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.68.29.52.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019041200 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sat Apr 13 00:05:44 +08 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 52.29.68.138.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 52.29.68.138.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
1.2.230.16	attack	Unauthorized connection attempt from IP address 1.2.230.16 on Port 445(SMB)	2020-06-04 19:58:39
123.207.235.247	attack	Jun 4 14:09:56 host sshd[15419]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.235.247 user=root Jun 4 14:09:58 host sshd[15419]: Failed password for root from 123.207.235.247 port 55472 ssh2 ...	2020-06-04 20:22:38
71.6.147.254	attackbots	firewall-block, port(s): 2083/tcp	2020-06-04 20:14:44
123.21.25.143	attackbotsspam	Unauthorized connection attempt from IP address 123.21.25.143 on Port 445(SMB)	2020-06-04 20:00:51
175.19.30.66	attackspam	Triggered: repeated knocking on closed ports.	2020-06-04 19:51:07
51.68.226.159	attackspambots	Jun 4 17:03:51 localhost sshd[1604038]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.226.159 user=root Jun 4 17:03:53 localhost sshd[1604038]: Failed password for root from 51.68.226.159 port 55738 ssh2 ...	2020-06-04 20:00:23
200.7.126.189	attack	Unauthorized connection attempt from IP address 200.7.126.189 on Port 445(SMB)	2020-06-04 19:56:22
14.229.184.44	attackspambots	SpamScore above: 10.0	2020-06-04 20:21:59
64.227.105.48	attack	TCP (SYN) 64.227.105.48:60569 -> port 22, len 44	2020-06-04 19:44:36
163.172.187.114	attackspambots	Jun 1 14:36:09 pl3server sshd[31009]: Did not receive identification string from 163.172.187.114 port 56604 Jun 1 14:37:19 pl3server sshd[31189]: Did not receive identification string from 163.172.187.114 port 40816 Jun 1 14:37:41 pl3server sshd[31316]: Did not receive identification string from 163.172.187.114 port 40858 Jun 1 14:37:49 pl3server sshd[31382]: Did not receive identification string from 163.172.187.114 port 55976 Jun 1 14:38:18 pl3server sshd[31571]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.172.187.114 user=r.r Jun 1 14:38:19 pl3server sshd[31571]: Failed password for r.r from 163.172.187.114 port 38292 ssh2 Jun 1 14:38:19 pl3server sshd[31571]: Received disconnect from 163.172.187.114 port 38292:11: Normal Shutdown, Thank you for playing [preauth] Jun 1 14:38:19 pl3server sshd[31571]: Disconnected from 163.172.187.114 port 38292 [preauth] Jun 1 14:38:39 pl3server sshd[31694]: pam_unix(sshd:auth........ -------------------------------	2020-06-04 20:23:25
113.23.101.9	attack	Unauthorized connection attempt from IP address 113.23.101.9 on Port 445(SMB)	2020-06-04 20:01:16
60.29.31.98	attack	$f2bV_matches	2020-06-04 20:19:48
14.242.3.203	attackbots	Lines containing failures of 14.242.3.203 (max 1000) Jun 1 12:33:54 UTC__SANYALnet-Labs__cac12 sshd[26991]: Connection from 14.242.3.203 port 55659 on 64.137.176.96 port 22 Jun 1 12:33:58 UTC__SANYALnet-Labs__cac12 sshd[26991]: Address 14.242.3.203 maps to static.vnpt.vn, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Jun 1 12:33:58 UTC__SANYALnet-Labs__cac12 sshd[26991]: User r.r from 14.242.3.203 not allowed because not listed in AllowUsers Jun 1 12:33:58 UTC__SANYALnet-Labs__cac12 sshd[26991]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.242.3.203 user=r.r Jun 1 12:34:00 UTC__SANYALnet-Labs__cac12 sshd[26991]: Failed password for invalid user r.r from 14.242.3.203 port 55659 ssh2 Jun 1 12:34:00 UTC__SANYALnet-Labs__cac12 sshd[26991]: Received disconnect from 14.242.3.203 port 55659:11: Bye Bye [preauth] Jun 1 12:34:00 UTC__SANYALnet-Labs__cac12 sshd[26991]: Disconnected from 14.242.3.203 por........ ------------------------------	2020-06-04 20:20:17
106.13.219.148	attackspambots	Jun 4 06:42:25 ns382633 sshd\[13482\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.219.148 user=root Jun 4 06:42:27 ns382633 sshd\[13482\]: Failed password for root from 106.13.219.148 port 38296 ssh2 Jun 4 06:57:59 ns382633 sshd\[15919\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.219.148 user=root Jun 4 06:58:01 ns382633 sshd\[15919\]: Failed password for root from 106.13.219.148 port 53158 ssh2 Jun 4 07:00:26 ns382633 sshd\[16598\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.219.148 user=root	2020-06-04 20:06:47
114.25.151.43	attackspam	Unauthorized connection attempt from IP address 114.25.151.43 on Port 445(SMB)	2020-06-04 20:01:48

最近上报的IP列表

121.200.61.250	1.169.103.128	101.142.5.172	58.218.213.77
23.224.185.62	5.234.228.143	81.229.116.167	183.91.67.246
5.144.130.12	212.253.77.169	183.157.169.145	177.184.139.230
222.139.92.89	59.1.104.140	218.60.67.7	36.81.112.131
187.72.232.172	211.105.82.250	187.120.183.20	51.15.156.40