138.68.29.52 - IPInfo

基本信息:

城市(city): Santa Clara

省份(region): California

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): DigitalOcean, LLC

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Oct 1 02:23:11 hpm sshd\[14787\]: Invalid user alexander from 138.68.29.52 Oct 1 02:23:11 hpm sshd\[14787\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.29.52 Oct 1 02:23:14 hpm sshd\[14787\]: Failed password for invalid user alexander from 138.68.29.52 port 55570 ssh2 Oct 1 02:27:07 hpm sshd\[15092\]: Invalid user bianka from 138.68.29.52 Oct 1 02:27:07 hpm sshd\[15092\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.29.52	2019-10-02 03:50:16
attackspambots	[ssh] SSH attack	2019-09-30 06:56:04
attackbots	Sep 23 15:11:59 game-panel sshd[24868]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.29.52 Sep 23 15:12:02 game-panel sshd[24868]: Failed password for invalid user quagga from 138.68.29.52 port 38782 ssh2 Sep 23 15:15:53 game-panel sshd[24986]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.29.52	2019-09-23 23:19:26
attackspambots	Sep 23 06:58:07 hcbbdb sshd\[19576\]: Invalid user yoko from 138.68.29.52 Sep 23 06:58:07 hcbbdb sshd\[19576\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.29.52 Sep 23 06:58:09 hcbbdb sshd\[19576\]: Failed password for invalid user yoko from 138.68.29.52 port 39198 ssh2 Sep 23 07:01:54 hcbbdb sshd\[20024\]: Invalid user ci from 138.68.29.52 Sep 23 07:01:54 hcbbdb sshd\[20024\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.29.52	2019-09-23 15:09:24
attackspambots	Automatic report - Banned IP Access	2019-09-17 07:01:42
attackbots	Sep 11 23:31:42 vps691689 sshd[4760]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.29.52 Sep 11 23:31:44 vps691689 sshd[4760]: Failed password for invalid user 123456 from 138.68.29.52 port 32898 ssh2 ...	2019-09-12 05:49:34
attackbotsspam	Sep 7 05:00:30 site2 sshd\[6854\]: Invalid user usuario from 138.68.29.52Sep 7 05:00:32 site2 sshd\[6854\]: Failed password for invalid user usuario from 138.68.29.52 port 36966 ssh2Sep 7 05:04:14 site2 sshd\[7084\]: Invalid user ubuntu from 138.68.29.52Sep 7 05:04:15 site2 sshd\[7084\]: Failed password for invalid user ubuntu from 138.68.29.52 port 51432 ssh2Sep 7 05:08:09 site2 sshd\[7412\]: Invalid user esbuser from 138.68.29.52Sep 7 05:08:10 site2 sshd\[7412\]: Failed password for invalid user esbuser from 138.68.29.52 port 37690 ssh2 ...	2019-09-07 10:20:22
attack	Sep 3 19:13:13 tdfoods sshd\[5242\]: Invalid user chu from 138.68.29.52 Sep 3 19:13:13 tdfoods sshd\[5242\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.29.52 Sep 3 19:13:15 tdfoods sshd\[5242\]: Failed password for invalid user chu from 138.68.29.52 port 34500 ssh2 Sep 3 19:17:17 tdfoods sshd\[5658\]: Invalid user zq from 138.68.29.52 Sep 3 19:17:17 tdfoods sshd\[5658\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.29.52	2019-09-04 13:47:24
attackbotsspam	Aug 30 02:19:58 localhost sshd\[5924\]: Invalid user gerrit2 from 138.68.29.52 port 57218 Aug 30 02:19:58 localhost sshd\[5924\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.29.52 Aug 30 02:20:00 localhost sshd\[5924\]: Failed password for invalid user gerrit2 from 138.68.29.52 port 57218 ssh2	2019-08-30 08:56:40
attack	Aug 26 06:25:11 MK-Soft-Root2 sshd\[24665\]: Invalid user wangtao from 138.68.29.52 port 49090 Aug 26 06:25:11 MK-Soft-Root2 sshd\[24665\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.29.52 Aug 26 06:25:13 MK-Soft-Root2 sshd\[24665\]: Failed password for invalid user wangtao from 138.68.29.52 port 49090 ssh2 ...	2019-08-26 18:23:20
attackspambots	Aug 23 05:32:31 vps200512 sshd\[21938\]: Invalid user navneet from 138.68.29.52 Aug 23 05:32:31 vps200512 sshd\[21938\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.29.52 Aug 23 05:32:33 vps200512 sshd\[21938\]: Failed password for invalid user navneet from 138.68.29.52 port 33992 ssh2 Aug 23 05:36:40 vps200512 sshd\[22137\]: Invalid user veronica from 138.68.29.52 Aug 23 05:36:40 vps200512 sshd\[22137\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.29.52	2019-08-23 18:12:19
attackbots	Aug 19 19:54:03 MK-Soft-VM3 sshd\[9720\]: Invalid user mihai from 138.68.29.52 port 44354 Aug 19 19:54:03 MK-Soft-VM3 sshd\[9720\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.29.52 Aug 19 19:54:05 MK-Soft-VM3 sshd\[9720\]: Failed password for invalid user mihai from 138.68.29.52 port 44354 ssh2 ...	2019-08-20 10:52:40
attack	Aug 16 12:16:58 hpm sshd\[30356\]: Invalid user test from 138.68.29.52 Aug 16 12:16:58 hpm sshd\[30356\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.29.52 Aug 16 12:17:00 hpm sshd\[30356\]: Failed password for invalid user test from 138.68.29.52 port 60172 ssh2 Aug 16 12:21:16 hpm sshd\[30737\]: Invalid user yellow from 138.68.29.52 Aug 16 12:21:16 hpm sshd\[30737\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.29.52	2019-08-17 07:39:16
attack	Aug 8 03:51:34 dedicated sshd[24541]: Invalid user nagios from 138.68.29.52 port 35556	2019-08-08 09:56:24
attackspam	Aug 7 03:37:35 sshgateway sshd\[32301\]: Invalid user samba from 138.68.29.52 Aug 7 03:37:35 sshgateway sshd\[32301\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.29.52 Aug 7 03:37:37 sshgateway sshd\[32301\]: Failed password for invalid user samba from 138.68.29.52 port 45318 ssh2	2019-08-07 14:55:57
attackspambots	SSH Brute-Force reported by Fail2Ban	2019-08-06 22:28:03
attackbotsspam	Jul 31 04:41:12 TORMINT sshd\[21395\]: Invalid user pentagon from 138.68.29.52 Jul 31 04:41:12 TORMINT sshd\[21395\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.29.52 Jul 31 04:41:14 TORMINT sshd\[21395\]: Failed password for invalid user pentagon from 138.68.29.52 port 55158 ssh2 ...	2019-07-31 16:49:17
attackbots	Jul 15 10:22:04 v22018076622670303 sshd\[28715\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.29.52 user=root Jul 15 10:22:06 v22018076622670303 sshd\[28715\]: Failed password for root from 138.68.29.52 port 36562 ssh2 Jul 15 10:26:55 v22018076622670303 sshd\[28740\]: Invalid user cs from 138.68.29.52 port 35056 Jul 15 10:26:55 v22018076622670303 sshd\[28740\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.29.52 ...	2019-07-15 20:11:55
attackspam	Jul 13 21:21:54 vps691689 sshd[22416]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.29.52 Jul 13 21:21:56 vps691689 sshd[22416]: Failed password for invalid user sonata from 138.68.29.52 port 53614 ssh2 Jul 13 21:27:02 vps691689 sshd[22617]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.29.52 ...	2019-07-14 03:33:08
attack	Jun 30 14:12:31 mail sshd\[1012\]: Failed password for invalid user sqlbase from 138.68.29.52 port 36636 ssh2 Jun 30 14:28:59 mail sshd\[1096\]: Invalid user ftpadmin from 138.68.29.52 port 54422 Jun 30 14:28:59 mail sshd\[1096\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.29.52 ...	2019-06-30 22:00:46
attack	Jun 22 06:09:51 mail sshd\[18997\]: Invalid user presta from 138.68.29.52 port 60280 Jun 22 06:09:51 mail sshd\[18997\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.29.52 Jun 22 06:09:53 mail sshd\[18997\]: Failed password for invalid user presta from 138.68.29.52 port 60280 ssh2 Jun 22 06:11:09 mail sshd\[19169\]: Invalid user zhua from 138.68.29.52 port 46282 Jun 22 06:11:09 mail sshd\[19169\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.29.52	2019-06-22 21:44:31

相同子网IP讨论:

IP	类型	评论内容	时间
138.68.29.69	attackspambots	Apr 26 19:01:23 master sshd[32396]: Failed password for invalid user pmc2 from 138.68.29.69 port 53048 ssh2	2020-04-27 04:16:59

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.68.29.52
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 20251
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.68.29.52.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019041200 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sat Apr 13 00:05:44 +08 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 52.29.68.138.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 52.29.68.138.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
183.88.191.53	attackbots	183.88.191.53 - - [19/Aug/2020:14:27:26 +0200] "POST /xmlrpc.php HTTP/1.1" 200 255 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.109 Safari/537.36" 183.88.191.53 - - [19/Aug/2020:14:27:31 +0200] "POST /xmlrpc.php HTTP/1.1" 200 255 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.109 Safari/537.36" 183.88.191.53 - - [19/Aug/2020:14:27:35 +0200] "POST /xmlrpc.php HTTP/1.1" 200 255 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.109 Safari/537.36" 183.88.191.53 - - [19/Aug/2020:14:27:41 +0200] "POST /xmlrpc.php HTTP/1.1" 200 255 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.109 Safari/537.36" 183.88.191.53 - - [19/Aug/2020:14:27:47 +0200] "POST /xmlrpc.php HTTP/1.1" 200 255 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071 ...	2020-08-20 02:08:51
210.245.119.136	attackbots	TCP (SYN) 210.245.119.136:44908 -> port 976, len 44	2020-08-20 02:24:19
187.141.128.42	attackbotsspam	Aug 19 13:52:18 ny01 sshd[10808]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.141.128.42 Aug 19 13:52:20 ny01 sshd[10808]: Failed password for invalid user teamspeak3 from 187.141.128.42 port 48172 ssh2 Aug 19 13:56:25 ny01 sshd[11794]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.141.128.42	2020-08-20 01:56:42
156.96.154.51	attackspambots	Port Scan detected! ...	2020-08-20 02:22:05
198.89.92.162	attackbotsspam	Aug 19 19:12:49 marvibiene sshd[22518]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.89.92.162 Aug 19 19:12:51 marvibiene sshd[22518]: Failed password for invalid user vq from 198.89.92.162 port 47734 ssh2	2020-08-20 02:23:00
188.166.58.29	attackbotsspam	Aug 19 20:21:53 dhoomketu sshd[2488368]: Invalid user dwp from 188.166.58.29 port 49682 Aug 19 20:21:53 dhoomketu sshd[2488368]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.58.29 Aug 19 20:21:53 dhoomketu sshd[2488368]: Invalid user dwp from 188.166.58.29 port 49682 Aug 19 20:21:55 dhoomketu sshd[2488368]: Failed password for invalid user dwp from 188.166.58.29 port 49682 ssh2 Aug 19 20:25:46 dhoomketu sshd[2488491]: Invalid user crm from 188.166.58.29 port 57492 ...	2020-08-20 01:44:08
154.0.161.99	attackspam	Aug 19 17:32:07 db sshd[14408]: Invalid user sales from 154.0.161.99 port 37440 ...	2020-08-20 02:04:49
188.165.230.118	attackbotsspam	188.165.230.118 - - [19/Aug/2020:19:09:01 +0100] "POST /wp-login.php HTTP/1.1" 200 5611 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 188.165.230.118 - - [19/Aug/2020:19:10:03 +0100] "POST /wp-login.php HTTP/1.1" 200 5611 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 188.165.230.118 - - [19/Aug/2020:19:11:26 +0100] "POST /wp-login.php HTTP/1.1" 200 5611 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" ...	2020-08-20 02:20:02
61.177.172.41	attackspam	Aug 19 13:47:13 ny01 sshd[9864]: Failed password for root from 61.177.172.41 port 22882 ssh2 Aug 19 13:47:27 ny01 sshd[9864]: error: maximum authentication attempts exceeded for root from 61.177.172.41 port 22882 ssh2 [preauth] Aug 19 13:47:33 ny01 sshd[9899]: Failed password for root from 61.177.172.41 port 61369 ssh2	2020-08-20 01:56:28
218.93.114.155	attackbots	2020-08-19T17:20:43.737973vps1033 sshd[25980]: Invalid user ubuntu from 218.93.114.155 port 63157 2020-08-19T17:20:45.768390vps1033 sshd[25980]: Failed password for invalid user ubuntu from 218.93.114.155 port 63157 ssh2 2020-08-19T17:21:58.200646vps1033 sshd[28469]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.93.114.155 user=root 2020-08-19T17:22:00.521151vps1033 sshd[28469]: Failed password for root from 218.93.114.155 port 63428 ssh2 2020-08-19T17:23:17.083901vps1033 sshd[31140]: Invalid user lyne from 218.93.114.155 port 63681 ...	2020-08-20 01:47:03
106.77.85.109	attack	Unauthorised access (Aug 19) SRC=106.77.85.109 LEN=52 TOS=0x10 TTL=44 ID=2488 DF TCP DPT=445 WINDOW=8192 SYN	2020-08-20 02:15:21
222.186.42.7	attackbotsspam	Aug 19 13:50:15 plusreed sshd[19304]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.7 user=root Aug 19 13:50:17 plusreed sshd[19304]: Failed password for root from 222.186.42.7 port 22926 ssh2 ...	2020-08-20 01:54:23
120.24.109.27	attackspam	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-08-20 01:45:08
208.177.252.122	attackbots	Port Scan detected! ...	2020-08-20 01:56:05
193.27.229.190	attackbotsspam	[MK-VM4] Blocked by UFW	2020-08-20 02:01:38

最近上报的IP列表

121.200.61.250	1.169.103.128	101.142.5.172	58.218.213.77
23.224.185.62	5.234.228.143	81.229.116.167	183.91.67.246
5.144.130.12	212.253.77.169	183.157.169.145	177.184.139.230
222.139.92.89	59.1.104.140	218.60.67.7	36.81.112.131
187.72.232.172	211.105.82.250	187.120.183.20	51.15.156.40