必须是合法有效的IP地址, 可以是IPv4或者是IPv6, 例如127.0.0.1或者2001:DB8:0:0:8:800:200C:417A
基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Canada

运营商(isp): OVH Singapore Pte. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:
类型 评论内容 时间
attack
Jul  3 00:05:28 www sshd[1763]: Failed password for invalid user games from 139.99.37.138 port 49294 ssh2
Jul  3 00:05:29 www sshd[1763]: Received disconnect from 139.99.37.138: 11: Bye Bye [preauth]
Jul  3 00:12:19 www sshd[2019]: Invalid user zimbra from 139.99.37.138
Jul  3 00:12:21 www sshd[2019]: Failed password for invalid user zimbra from 139.99.37.138 port 54222 ssh2
Jul  3 00:12:21 www sshd[2019]: Received disconnect from 139.99.37.138: 11: Bye Bye [preauth]


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=139.99.37.138
2019-07-06 21:28:19
相同子网IP讨论:
IP 类型 评论内容 时间
139.99.37.24 attackspambots
2020-06-13T15:17:21.253757h2857900.stratoserver.net sshd[14742]: Invalid user fake from 139.99.37.24 port 42658
2020-06-13T15:17:22.729998h2857900.stratoserver.net sshd[14744]: Invalid user admin from 139.99.37.24 port 45648
...
2020-06-13 21:21:40
139.99.37.130 attackspambots
Nov 22 21:33:45 DAAP sshd[24409]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.37.130  user=backup
Nov 22 21:33:46 DAAP sshd[24409]: Failed password for backup from 139.99.37.130 port 47792 ssh2
Nov 22 21:37:57 DAAP sshd[24440]: Invalid user shopsupport from 139.99.37.130 port 57114
Nov 22 21:37:57 DAAP sshd[24440]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.37.130
Nov 22 21:37:57 DAAP sshd[24440]: Invalid user shopsupport from 139.99.37.130 port 57114
Nov 22 21:37:59 DAAP sshd[24440]: Failed password for invalid user shopsupport from 139.99.37.130 port 57114 ssh2
...
2019-11-23 06:53:54
139.99.37.130 attack
Invalid user barit from 139.99.37.130 port 48420
2019-11-16 21:50:11
139.99.37.130 attack
[Aegis] @ 2019-11-09 07:27:59  0000 -> Attempted Administrator Privilege Gain: ET SCAN LibSSH Based Frequent SSH Connections Likely BruteForce Attack
2019-11-09 15:57:41
139.99.37.130 attackspambots
Nov  2 17:13:22 [host] sshd[27934]: Invalid user danb from 139.99.37.130
Nov  2 17:13:22 [host] sshd[27934]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.37.130
Nov  2 17:13:24 [host] sshd[27934]: Failed password for invalid user danb from 139.99.37.130 port 40456 ssh2
2019-11-03 00:32:27
139.99.37.130 attack
Oct 18 03:52:56 work-partkepr sshd\[16929\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.37.130  user=root
Oct 18 03:52:57 work-partkepr sshd\[16929\]: Failed password for root from 139.99.37.130 port 2472 ssh2
...
2019-10-18 14:45:39
139.99.37.130 attackbotsspam
Oct 13 20:51:10 nandi sshd[28138]: Failed password for r.r from 139.99.37.130 port 63452 ssh2
Oct 13 20:51:10 nandi sshd[28138]: Received disconnect from 139.99.37.130: 11: Bye Bye [preauth]
Oct 13 21:14:17 nandi sshd[20327]: Failed password for r.r from 139.99.37.130 port 61756 ssh2
Oct 13 21:14:17 nandi sshd[20327]: Received disconnect from 139.99.37.130: 11: Bye Bye [preauth]
Oct 13 21:20:19 nandi sshd[26326]: Failed password for r.r from 139.99.37.130 port 34244 ssh2
Oct 13 21:20:19 nandi sshd[26326]: Received disconnect from 139.99.37.130: 11: Bye Bye [preauth]
Oct 13 21:26:10 nandi sshd[1507]: Failed password for r.r from 139.99.37.130 port 6720 ssh2
Oct 13 21:26:10 nandi sshd[1507]: Received disconnect from 139.99.37.130: 11: Bye Bye [preauth]
Oct 13 21:31:54 nandi sshd[7816]: Failed password for r.r from 139.99.37.130 port 43176 ssh2
Oct 13 21:31:55 nandi sshd[7816]: Received disconnect from 139.99.37.130: 11: Bye Bye [preauth]
Oct 13 21:37:31 nandi sshd[14021]:........
-------------------------------
2019-10-14 18:55:09
139.99.37.134 attackbots
Oct 13 17:07:43 sauna sshd[160889]: Failed password for root from 139.99.37.134 port 56616 ssh2
...
2019-10-13 22:34:16
139.99.37.134 attackbotsspam
Oct 11 06:10:53 localhost sshd\[35407\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.37.134  user=root
Oct 11 06:10:54 localhost sshd\[35407\]: Failed password for root from 139.99.37.134 port 38946 ssh2
Oct 11 06:16:16 localhost sshd\[35639\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.37.134  user=root
Oct 11 06:16:18 localhost sshd\[35639\]: Failed password for root from 139.99.37.134 port 50580 ssh2
Oct 11 06:21:43 localhost sshd\[35848\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.37.134  user=root
...
2019-10-11 14:22:49
139.99.37.134 attackspambots
SSH bruteforce
2019-10-05 23:02:28
139.99.37.130 attack
2019-08-23 17:03:29,038 fail2ban.actions        [878]: NOTICE  [sshd] Ban 139.99.37.130
2019-08-23 20:14:57,802 fail2ban.actions        [878]: NOTICE  [sshd] Ban 139.99.37.130
2019-08-23 23:24:35,283 fail2ban.actions        [878]: NOTICE  [sshd] Ban 139.99.37.130
...
2019-10-03 15:12:32
139.99.37.130 attackbotsspam
Sep 29 02:08:08 aat-srv002 sshd[3866]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.37.130
Sep 29 02:08:10 aat-srv002 sshd[3866]: Failed password for invalid user hy123 from 139.99.37.130 port 15394 ssh2
Sep 29 02:12:15 aat-srv002 sshd[4010]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.37.130
Sep 29 02:12:18 aat-srv002 sshd[4010]: Failed password for invalid user fernanda123 from 139.99.37.130 port 52164 ssh2
...
2019-09-29 16:54:01
139.99.37.130 attackspam
Sep 27 23:00:10 microserver sshd[12401]: Invalid user system from 139.99.37.130 port 1658
Sep 27 23:00:10 microserver sshd[12401]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.37.130
Sep 27 23:00:12 microserver sshd[12401]: Failed password for invalid user system from 139.99.37.130 port 1658 ssh2
Sep 27 23:05:17 microserver sshd[13240]: Invalid user fcube from 139.99.37.130 port 38368
Sep 27 23:05:17 microserver sshd[13240]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.37.130
Sep 27 23:18:49 microserver sshd[14857]: Invalid user system from 139.99.37.130 port 20512
Sep 27 23:18:49 microserver sshd[14857]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.37.130
Sep 27 23:18:51 microserver sshd[14857]: Failed password for invalid user system from 139.99.37.130 port 20512 ssh2
Sep 27 23:23:26 microserver sshd[15550]: Invalid user skyrix from 139.99.37.130 port 57210
Se
2019-09-28 06:27:38
139.99.37.157 attackspambots
fail2ban
2019-09-25 18:49:19
139.99.37.130 attack
Sep 25 06:12:43 SilenceServices sshd[9243]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.37.130
Sep 25 06:12:45 SilenceServices sshd[9243]: Failed password for invalid user 123 from 139.99.37.130 port 34802 ssh2
Sep 25 06:16:33 SilenceServices sshd[10253]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.37.130
2019-09-25 12:35:53
WHOIS信息:
b
DIG信息:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.99.37.138
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24784
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.99.37.138.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019070600 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Jul 06 21:28:09 CST 2019
;; MSG SIZE  rcvd: 117
HOST信息:
138.37.99.139.in-addr.arpa domain name pointer ip138.ip-139-99-37.net.
NSLOOKUP信息:
Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
138.37.99.139.in-addr.arpa	name = ip138.ip-139-99-37.net.

Authoritative answers can be found from:
相关IP信息:
最新评论:
IP 类型 评论内容 时间
42.115.133.200 attackbotsspam
2019-07-03 18:35:07 unexpected disconnection while reading SMTP command from ([42.115.133.200]) [42.115.133.200]:20507 I=[10.100.18.22]:25 (error: Connection reset by peer)
2019-07-03 19:16:07 unexpected disconnection while reading SMTP command from ([42.115.133.200]) [42.115.133.200]:22211 I=[10.100.18.22]:25 (error: Connection reset by peer)
2019-07-03 19:16:36 unexpected disconnection while reading SMTP command from ([42.115.133.200]) [42.115.133.200]:22362 I=[10.100.18.22]:25 (error: Connection reset by peer)


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=42.115.133.200
2019-07-06 15:58:37
106.12.194.234 attackspambots
Jul  6 06:40:53 mail sshd\[30898\]: Invalid user ashlie from 106.12.194.234 port 56912
Jul  6 06:40:53 mail sshd\[30898\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.194.234
...
2019-07-06 16:12:23
71.6.135.131 attack
Automatic report - Web App Attack
2019-07-06 15:50:06
41.233.9.183 attackspambots
Honeypot attack, port: 23, PTR: host-41.233.9.183.tedata.net.
2019-07-06 15:32:18
36.237.196.70 attackbots
Honeypot attack, port: 23, PTR: 36-237-196-70.dynamic-ip.hinet.net.
2019-07-06 15:42:48
83.66.210.239 attackspam
2019-07-03 17:48:05 H=([83.66.210.239]) [83.66.210.239]:54944 I=[10.100.18.20]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=83.66.210.239)
2019-07-03 17:48:05 unexpected disconnection while reading SMTP command from ([83.66.210.239]) [83.66.210.239]:54944 I=[10.100.18.20]:25 (error: Connection reset by peer)
2019-07-03 19:37:22 H=([83.66.210.239]) [83.66.210.239]:23347 I=[10.100.18.20]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=83.66.210.239)


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=83.66.210.239
2019-07-06 16:21:07
185.186.232.35 attackbotsspam
[portscan] Port scan
2019-07-06 16:03:02
175.146.239.251 attackspam
Honeypot attack, port: 23, PTR: PTR record not found
2019-07-06 15:41:06
188.166.12.156 attackspambots
SSH Bruteforce Attack
2019-07-06 15:46:02
187.183.173.209 attack
2019-07-03 18:10:44 H=(bbb7add1.virtua.com.br) [187.183.173.209]:35770 I=[10.100.18.23]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=187.183.173.209)
2019-07-03 18:10:48 unexpected disconnection while reading SMTP command from (bbb7add1.virtua.com.br) [187.183.173.209]:35770 I=[10.100.18.23]:25 (error: Connection reset by peer)
2019-07-03 19:30:10 H=(bbb7add1.virtua.com.br) [187.183.173.209]:16719 I=[10.100.18.23]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=187.183.173.209)


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=187.183.173.209
2019-07-06 16:14:02
178.22.122.51 attackbots
Honeypot attack, port: 445, PTR: PTR record not found
2019-07-06 15:35:43
31.166.127.45 attack
2019-07-03 18:00:11 H=([31.166.127.45]) [31.166.127.45]:34009 I=[10.100.18.22]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=31.166.127.45)
2019-07-03 18:00:11 unexpected disconnection while reading SMTP command from ([31.166.127.45]) [31.166.127.45]:34009 I=[10.100.18.22]:25 (error: Connection reset by peer)
2019-07-03 19:23:10 H=([31.166.127.45]) [31.166.127.45]:30980 I=[10.100.18.22]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=31.166.127.45)


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=31.166.127.45
2019-07-06 16:13:07
189.216.95.164 attack
2019-07-03 18:06:50 H=(customer-189-216-95-164.cablevision.net.mx) [189.216.95.164]:6351 I=[10.100.18.22]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=189.216.95.164)
2019-07-03 18:06:50 unexpected disconnection while reading SMTP command from (customer-189-216-95-164.cablevision.net.mx) [189.216.95.164]:6351 I=[10.100.18.22]:25 (error: Connection reset by peer)
2019-07-03 19:17:52 H=(customer-189-216-95-164.cablevision.net.mx) [189.216.95.164]:47182 I=[10.100.18.22]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=189.216.95.164)


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=189.216.95.164
2019-07-06 16:05:08
66.110.120.2 attackspambots
Unauthorised access (Jul  6) SRC=66.110.120.2 LEN=40 TTL=240 ID=41587 TCP DPT=445 WINDOW=1024 SYN
2019-07-06 16:20:08
196.44.99.234 attack
Honeypot attack, port: 445, PTR: PTR record not found
2019-07-06 15:33:46

最近上报的IP列表

168.228.119.118 177.130.138.159 191.53.59.148 191.53.239.193
147.32.160.146 91.225.85.53 158.192.158.182 91.121.110.86
202.120.171.6 18.173.62.93 187.87.10.242 104.117.159.225
222.74.48.230 175.139.128.149 95.92.36.228 37.79.251.231
5.141.190.237 181.236.160.121 89.165.173.93 39.66.68.77