138.68.136.152

Basic Info

City: unknown

Region: unknown

Country: United Kingdom

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	$f2bV_matches	2020-03-18 13:00:56
attackbots	Wordpress login scanning	2020-03-18 01:18:28
attack	xmlrpc attack	2020-02-21 16:55:11
attack	Automatic report - Banned IP Access	2020-02-11 13:34:27
attackspam	Automatic report - Banned IP Access	2019-12-30 05:47:05
attack	blogonese.net 138.68.136.152 \[19/Nov/2019:07:28:37 +0100\] "POST /wp-login.php HTTP/1.1" 200 6376 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" blogonese.net 138.68.136.152 \[19/Nov/2019:07:28:38 +0100\] "POST /wp-login.php HTTP/1.1" 200 6340 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" blogonese.net 138.68.136.152 \[19/Nov/2019:07:28:38 +0100\] "POST /xmlrpc.php HTTP/1.1" 200 4085 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-11-19 15:34:03
attackspam	\[Sun Nov 17 15:39:23.191526 2019\] \[authz_core:error\] \[pid 18326\] \[client 138.68.136.152:36356\] AH01630: client denied by server configuration: /var/www/michele/xmlrpc.php ...	2019-11-18 03:40:42
attackbots	138.68.136.152 - - \[10/Nov/2019:07:24:00 +0100\] "POST /wp-login.php HTTP/1.0" 200 5269 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 138.68.136.152 - - \[10/Nov/2019:07:24:05 +0100\] "POST /wp-login.php HTTP/1.0" 200 5099 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 138.68.136.152 - - \[10/Nov/2019:07:24:09 +0100\] "POST /wp-login.php HTTP/1.0" 200 5093 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-11-10 20:29:37
attackbots	138.68.136.152 - - [08/Nov/2019:15:36:26 +0100] "GET /wp-login.php HTTP/1.1" 200 1238 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.136.152 - - [08/Nov/2019:15:36:26 +0100] "POST /wp-login.php HTTP/1.1" 200 1632 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.136.152 - - [08/Nov/2019:15:36:26 +0100] "GET /wp-login.php HTTP/1.1" 200 1238 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.136.152 - - [08/Nov/2019:15:36:27 +0100] "POST /wp-login.php HTTP/1.1" 200 1608 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.136.152 - - [08/Nov/2019:15:36:28 +0100] "GET /wp-login.php HTTP/1.1" 200 1238 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.136.152 - - [08/Nov/2019:15:36:30 +0100] "POST /wp-login.php HTTP/1.1" 200 1608 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 138.68.	2019-11-09 02:24:02
attackbots	Brute forcing Wordpress login	2019-11-05 14:10:34
attackbots	WordPress wp-login brute force :: 138.68.136.152 0.060 BYPASS [05/Oct/2019:21:40:21 1000] [censored_2] "POST /wp-login.php HTTP/1.1" 200 4630 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-10-05 20:47:51
attackspambots	WordPress wp-login brute force :: 138.68.136.152 0.128 BYPASS [05/Oct/2019:06:25:24 1000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 3972 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-10-05 06:39:02
attack	Automatic report - XMLRPC Attack	2019-10-04 21:01:38
attackbots	xmlrpc attack	2019-09-28 08:34:40
attackspam	WordPress wp-login brute force :: 138.68.136.152 0.040 BYPASS [25/Sep/2019:22:23:43 1000] [censored_2] "POST /wp-login.php HTTP/1.1" 200 4630 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-09-25 20:39:50
attack	B: Abusive content scan (301)	2019-09-20 14:08:31

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.68.136.152
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 45020
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.68.136.152.			IN	A

;; AUTHORITY SECTION:
.			551	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019091902 1800 900 604800 86400

;; Query time: 119 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Sep 20 14:08:26 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 152.136.68.138.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 152.136.68.138.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
190.145.192.106	attackspam	Aug 2 12:34:32 django-0 sshd[23602]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.145.192.106 user=root Aug 2 12:34:34 django-0 sshd[23602]: Failed password for root from 190.145.192.106 port 36112 ssh2 ...	2020-08-03 02:44:14
208.66.193.8	attackbots	Brute-force attempt banned	2020-08-03 02:41:55
159.65.174.29	attackspam	Port scanning [2 denied]	2020-08-03 03:09:06
216.218.206.89	attackbots	TCP (SYN) 216.218.206.89:53219 -> port 50070, len 44	2020-08-03 02:37:59
41.111.135.199	attackbots	Aug 2 13:28:09 rocket sshd[29401]: Failed password for root from 41.111.135.199 port 55736 ssh2 Aug 2 13:30:11 rocket sshd[29761]: Failed password for root from 41.111.135.199 port 58420 ssh2 ...	2020-08-03 02:45:37
212.113.40.142	attackspam	2020-08-02T18:04:30.733580shield sshd\[25563\]: Invalid user RPM from 212.113.40.142 port 49752 2020-08-02T18:04:30.865477shield sshd\[25563\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.113.40.142 2020-08-02T18:04:32.205619shield sshd\[25563\]: Failed password for invalid user RPM from 212.113.40.142 port 49752 ssh2 2020-08-02T18:04:33.305730shield sshd\[25573\]: Invalid user ubnt from 212.113.40.142 port 50457 2020-08-02T18:04:33.431477shield sshd\[25573\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.113.40.142	2020-08-03 02:38:28
223.171.46.146	attackspambots	$f2bV_matches	2020-08-03 03:07:58
121.121.91.109	attack	Aug 2 18:50:27 marvibiene sshd[19033]: Failed password for root from 121.121.91.109 port 39764 ssh2 Aug 2 19:14:12 marvibiene sshd[20220]: Failed password for root from 121.121.91.109 port 50412 ssh2	2020-08-03 03:00:02
216.218.206.91	attackbots	TCP (SYN) 216.218.206.91:35006 -> port 80, len 40	2020-08-03 02:34:03
198.23.236.153	attackbotsspam	2020-08-02T16:22:10.381592abusebot-5.cloudsearch.cf sshd[11141]: Invalid user fake from 198.23.236.153 port 47245 2020-08-02T16:22:10.387389abusebot-5.cloudsearch.cf sshd[11141]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.23.236.153 2020-08-02T16:22:10.381592abusebot-5.cloudsearch.cf sshd[11141]: Invalid user fake from 198.23.236.153 port 47245 2020-08-02T16:22:12.480572abusebot-5.cloudsearch.cf sshd[11141]: Failed password for invalid user fake from 198.23.236.153 port 47245 ssh2 2020-08-02T16:22:16.815943abusebot-5.cloudsearch.cf sshd[11143]: Invalid user admin from 198.23.236.153 port 50002 2020-08-02T16:22:16.821864abusebot-5.cloudsearch.cf sshd[11143]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.23.236.153 2020-08-02T16:22:16.815943abusebot-5.cloudsearch.cf sshd[11143]: Invalid user admin from 198.23.236.153 port 50002 2020-08-02T16:22:19.070786abusebot-5.cloudsearch.cf sshd[11143]: Fa ...	2020-08-03 03:00:51
219.240.99.110	attackbots	2020-08-02T12:18:07.672427shield sshd\[29857\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=219.240.99.110 user=root 2020-08-02T12:18:09.868309shield sshd\[29857\]: Failed password for root from 219.240.99.110 port 46170 ssh2 2020-08-02T12:22:28.118064shield sshd\[30668\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=219.240.99.110 user=root 2020-08-02T12:22:29.476081shield sshd\[30668\]: Failed password for root from 219.240.99.110 port 57064 ssh2 2020-08-02T12:26:41.447697shield sshd\[31182\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=219.240.99.110 user=root	2020-08-03 02:46:37
198.50.177.42	attack	2020-08-02T19:16:23.539757hostname sshd[45298]: Failed password for root from 198.50.177.42 port 60576 ssh2 ...	2020-08-03 02:55:18
167.172.68.76	attackspambots	167.172.68.76 - - [02/Aug/2020:18:35:41 +0100] "POST /wp-login.php HTTP/1.1" 200 1906 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 167.172.68.76 - - [02/Aug/2020:18:35:44 +0100] "POST /wp-login.php HTTP/1.1" 200 1885 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 167.172.68.76 - - [02/Aug/2020:18:35:47 +0100] "POST /wp-login.php HTTP/1.1" 200 1885 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-03 03:02:30
180.242.183.200	attackbotsspam	1596369941 - 08/02/2020 14:05:41 Host: 180.242.183.200/180.242.183.200 Port: 445 TCP Blocked	2020-08-03 02:35:11
210.179.249.45	attackbotsspam	Jul 27 11:49:44 online-web-1 sshd[392572]: Invalid user star from 210.179.249.45 port 58832 Jul 27 11:49:44 online-web-1 sshd[392572]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.179.249.45 Jul 27 11:49:46 online-web-1 sshd[392572]: Failed password for invalid user star from 210.179.249.45 port 58832 ssh2 Jul 27 11:49:46 online-web-1 sshd[392572]: Received disconnect from 210.179.249.45 port 58832:11: Bye Bye [preauth] Jul 27 11:49:46 online-web-1 sshd[392572]: Disconnected from 210.179.249.45 port 58832 [preauth] Jul 27 11:59:12 online-web-1 sshd[394272]: Invalid user dick from 210.179.249.45 port 45440 Jul 27 11:59:12 online-web-1 sshd[394272]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.179.249.45 Jul 27 11:59:14 online-web-1 sshd[394272]: Failed password for invalid user dick from 210.179.249.45 port 45440 ssh2 Jul 27 11:59:14 online-web-1 sshd[394272]: Received disconnec........ -------------------------------	2020-08-03 02:52:43

Recently Reported IPs

111.76.18.112	206.194.53.183	14.224.47.226	134.134.207.217
36.125.47.155	153.215.127.91	93.55.119.128	145.151.198.228
202.120.115.144	219.130.122.129	146.125.215.187	101.214.120.176
1.253.251.201	79.9.67.252	45.210.151.158	199.61.197.107
110.115.145.246	41.60.237.25	72.161.158.213	191.250.154.92