必须是合法有效的IP地址, 可以是IPv4或者是IPv6, 例如127.0.0.1或者2001:DB8:0:0:8:800:200C:417A
基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Canada

运营商(isp): Ruk-Com Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:
类型 评论内容 时间
attackbotsspam
Sep  8 00:02:55 fhem-rasp sshd[4268]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.5.210  user=daemon
Sep  8 00:02:57 fhem-rasp sshd[4268]: Failed password for invalid user daemon from 139.99.5.210 port 43603 ssh2
...
2020-09-08 23:54:06
attack
Sep  8 00:02:55 fhem-rasp sshd[4268]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.5.210  user=daemon
Sep  8 00:02:57 fhem-rasp sshd[4268]: Failed password for invalid user daemon from 139.99.5.210 port 43603 ssh2
...
2020-09-08 15:27:45
attackbotsspam
Sep  8 00:02:55 fhem-rasp sshd[4268]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.5.210  user=daemon
Sep  8 00:02:57 fhem-rasp sshd[4268]: Failed password for invalid user daemon from 139.99.5.210 port 43603 ssh2
...
2020-09-08 08:00:19
attackspambots
May 22 00:04:21 163-172-32-151 sshd[11165]: Invalid user admin from 139.99.5.210 port 21049
...
2020-05-22 06:40:24
相同子网IP讨论:
IP 类型 评论内容 时间
139.99.55.150 attackbots
Oct  5 12:44:19 ns382633 sshd\[16009\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.55.150  user=root
Oct  5 12:44:21 ns382633 sshd\[16009\]: Failed password for root from 139.99.55.150 port 33485 ssh2
Oct  5 12:52:28 ns382633 sshd\[16835\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.55.150  user=root
Oct  5 12:52:30 ns382633 sshd\[16835\]: Failed password for root from 139.99.55.150 port 57762 ssh2
Oct  5 12:56:23 ns382633 sshd\[17334\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.55.150  user=root
2020-10-06 01:45:25
139.99.55.149 attackbots
[f2b] sshd bruteforce, retries: 1
2020-10-05 04:19:57
139.99.55.149 attackspam
[f2b] sshd bruteforce, retries: 1
2020-10-04 20:12:49
139.99.54.20 attack
Aug 31 00:41:01 ny01 sshd[17004]: Failed password for root from 139.99.54.20 port 34572 ssh2
Aug 31 00:45:16 ny01 sshd[17466]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.54.20
Aug 31 00:45:19 ny01 sshd[17466]: Failed password for invalid user ali from 139.99.54.20 port 40168 ssh2
2020-08-31 12:53:16
139.99.54.20 attack
SSH
2020-08-30 01:54:08
139.99.54.20 attackbots
$f2bV_matches
2020-07-27 15:54:04
139.99.54.20 attackspambots
Connection to SSH Honeypot - Detected by HoneypotDB
2020-07-22 06:16:38
139.99.54.20 attackbots
SSHD brute force attack detected by fail2ban
2020-07-19 16:11:55
139.99.54.20 attackspambots
2020-07-04T03:21:26.033435na-vps210223 sshd[31605]: Invalid user test1 from 139.99.54.20 port 53094
2020-07-04T03:21:26.041561na-vps210223 sshd[31605]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.54.20
2020-07-04T03:21:26.033435na-vps210223 sshd[31605]: Invalid user test1 from 139.99.54.20 port 53094
2020-07-04T03:21:28.230660na-vps210223 sshd[31605]: Failed password for invalid user test1 from 139.99.54.20 port 53094 ssh2
2020-07-04T03:23:37.151063na-vps210223 sshd[5201]: Invalid user admin from 139.99.54.20 port 59606
...
2020-07-04 15:26:30
139.99.54.20 attackbotsspam
Jun 18 19:45:28 rush sshd[1735]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.54.20
Jun 18 19:45:30 rush sshd[1735]: Failed password for invalid user acs from 139.99.54.20 port 37198 ssh2
Jun 18 19:49:27 rush sshd[1963]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.54.20
...
2020-06-19 04:00:35
139.99.54.20 attackspam
SSH_attack
2020-06-15 16:46:37
139.99.54.20 attackspambots
May 31 19:30:25 ns382633 sshd\[13435\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.54.20  user=root
May 31 19:30:26 ns382633 sshd\[13435\]: Failed password for root from 139.99.54.20 port 33044 ssh2
May 31 19:38:20 ns382633 sshd\[14843\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.54.20  user=root
May 31 19:38:22 ns382633 sshd\[14843\]: Failed password for root from 139.99.54.20 port 47142 ssh2
May 31 19:42:13 ns382633 sshd\[15987\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.54.20  user=root
2020-06-01 03:18:08
139.99.54.20 attackbots
May 24 13:16:17 l02a sshd[23182]: Invalid user salb from 139.99.54.20
May 24 13:16:17 l02a sshd[23182]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.54.20 
May 24 13:16:17 l02a sshd[23182]: Invalid user salb from 139.99.54.20
May 24 13:16:19 l02a sshd[23182]: Failed password for invalid user salb from 139.99.54.20 port 54544 ssh2
2020-05-24 20:35:09
139.99.54.20 attack
Lines containing failures of 139.99.54.20
May 22 13:52:23 shared09 sshd[4439]: Invalid user nfn from 139.99.54.20 port 41096
May 22 13:52:23 shared09 sshd[4439]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.54.20
May 22 13:52:25 shared09 sshd[4439]: Failed password for invalid user nfn from 139.99.54.20 port 41096 ssh2
May 22 13:52:26 shared09 sshd[4439]: Received disconnect from 139.99.54.20 port 41096:11: Bye Bye [preauth]
May 22 13:52:26 shared09 sshd[4439]: Disconnected from invalid user nfn 139.99.54.20 port 41096 [preauth]


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=139.99.54.20
2020-05-23 02:06:38
139.99.57.14 attackbotsspam
Automatic report - XMLRPC Attack
2019-11-13 04:03:37
WHOIS信息:
b
DIG信息:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.99.5.210
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55113
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.99.5.210.			IN	A

;; AUTHORITY SECTION:
.			500	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020052102 1800 900 604800 86400

;; Query time: 102 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri May 22 06:40:19 CST 2020
;; MSG SIZE  rcvd: 116
HOST信息:
210.5.99.139.in-addr.arpa domain name pointer ip210.ip-139-99-5.net.
NSLOOKUP信息:
Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
210.5.99.139.in-addr.arpa	name = ip210.ip-139-99-5.net.

Authoritative answers can be found from:
相关IP信息:
最新评论:
IP 类型 评论内容 时间
34.122.249.54 attackspam
Oct  9 06:46:36 server-01 sshd[20024]: Invalid user test from 34.122.249.54 port 42578
Oct  9 06:47:26 server-01 sshd[20056]: Invalid user admin from 34.122.249.54 port 37594
Oct  9 06:48:18 server-01 sshd[20101]: Invalid user testuser from 34.122.249.54 port 60872
...
2020-10-09 12:55:36
194.26.25.116 attack
 TCP (SYN) 194.26.25.116:59754 -> port 33897, len 44
2020-10-09 13:22:01
182.151.47.140 attackbots
Oct  9 04:39:28 vps639187 sshd\[30152\]: Invalid user testftp from 182.151.47.140 port 38332
Oct  9 04:39:28 vps639187 sshd\[30152\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.151.47.140
Oct  9 04:39:30 vps639187 sshd\[30152\]: Failed password for invalid user testftp from 182.151.47.140 port 38332 ssh2
...
2020-10-09 12:54:14
202.5.17.78 attack
SSH login attempts.
2020-10-09 13:08:59
58.87.84.31 attack
Oct  9 04:05:51 cho sshd[266662]: Failed password for invalid user ts from 58.87.84.31 port 40602 ssh2
Oct  9 04:08:25 cho sshd[266780]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.87.84.31  user=root
Oct  9 04:08:27 cho sshd[266780]: Failed password for root from 58.87.84.31 port 48758 ssh2
Oct  9 04:10:52 cho sshd[266998]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.87.84.31  user=root
Oct  9 04:10:54 cho sshd[266998]: Failed password for root from 58.87.84.31 port 56838 ssh2
...
2020-10-09 12:46:46
45.142.120.52 attackspam
2020-10-08T19:48:33.612538linuxbox-skyline auth[56796]: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=webpop rhost=45.142.120.52
...
2020-10-09 13:18:06
203.137.119.217 attack
Oct  9 04:06:16 inter-technics sshd[3272]: Invalid user root0 from 203.137.119.217 port 48280
Oct  9 04:06:16 inter-technics sshd[3272]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.137.119.217
Oct  9 04:06:16 inter-technics sshd[3272]: Invalid user root0 from 203.137.119.217 port 48280
Oct  9 04:06:18 inter-technics sshd[3272]: Failed password for invalid user root0 from 203.137.119.217 port 48280 ssh2
Oct  9 04:07:47 inter-technics sshd[3348]: Invalid user linux1 from 203.137.119.217 port 37852
...
2020-10-09 13:06:44
94.176.186.215 attackspambots
(Oct  9)  LEN=52 TTL=114 ID=337 DF TCP DPT=445 WINDOW=8192 SYN 
 (Oct  9)  LEN=52 TTL=114 ID=14964 DF TCP DPT=445 WINDOW=8192 SYN 
 (Oct  8)  LEN=52 TTL=114 ID=6253 DF TCP DPT=445 WINDOW=8192 SYN 
 (Oct  8)  LEN=52 TTL=117 ID=19841 DF TCP DPT=445 WINDOW=8192 SYN 
 (Oct  8)  LEN=52 TTL=117 ID=4641 DF TCP DPT=445 WINDOW=8192 SYN 
 (Oct  8)  LEN=52 TTL=114 ID=12967 DF TCP DPT=445 WINDOW=8192 SYN 
 (Oct  8)  LEN=52 TTL=114 ID=26876 DF TCP DPT=445 WINDOW=8192 SYN 
 (Oct  8)  LEN=52 TTL=114 ID=19462 DF TCP DPT=445 WINDOW=8192 SYN 
 (Oct  8)  LEN=52 TTL=117 ID=12154 DF TCP DPT=445 WINDOW=8192 SYN 
 (Oct  8)  LEN=52 TTL=117 ID=5234 DF TCP DPT=445 WINDOW=8192 SYN 
 (Oct  8)  LEN=52 TTL=114 ID=21806 DF TCP DPT=445 WINDOW=8192 SYN 
 (Oct  8)  LEN=52 TTL=117 ID=7935 DF TCP DPT=445 WINDOW=8192 SYN 
 (Oct  7)  LEN=52 TTL=114 ID=6437 DF TCP DPT=445 WINDOW=8192 SYN 
 (Oct  7)  LEN=52 TTL=117 ID=24971 DF TCP DPT=445 WINDOW=8192 SYN 
 (Oct  7)  LEN=52 TTL=114 ID=24955 DF TCP DPT=445 WINDOW=8192 SYN 
 (...
2020-10-09 13:08:03
49.88.112.71 attack
Oct  9 10:18:47 gw1 sshd[22357]: Failed password for root from 49.88.112.71 port 50078 ssh2
...
2020-10-09 13:22:33
203.99.62.158 attack
Oct  9 03:38:39 xeon sshd[46892]: Failed password for root from 203.99.62.158 port 50252 ssh2
2020-10-09 13:14:00
178.128.121.137 attack
SSH Bruteforce Attempt on Honeypot
2020-10-09 13:01:24
51.38.211.30 attack
51.38.211.30 - - [09/Oct/2020:06:04:19 +0200] "GET /wp-login.php HTTP/1.1" 200 8796 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
51.38.211.30 - - [09/Oct/2020:06:04:20 +0200] "POST /wp-login.php HTTP/1.1" 200 9047 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
51.38.211.30 - - [09/Oct/2020:06:04:21 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
2020-10-09 13:18:37
202.0.103.51 attackbotsspam
202.0.103.51 - - [09/Oct/2020:03:02:05 +0200] "POST /xmlrpc.php HTTP/1.1" 403 613 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
202.0.103.51 - - [09/Oct/2020:03:28:10 +0200] "POST /xmlrpc.php HTTP/1.1" 403 13669 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
...
2020-10-09 13:15:33
120.53.243.211 attack
SSH login attempts.
2020-10-09 13:16:39
104.236.182.223 attackbots
Oct  8 18:19:57 pixelmemory sshd[1414975]: Failed password for invalid user student from 104.236.182.223 port 48600 ssh2
Oct  8 18:25:13 pixelmemory sshd[1423348]: Invalid user test from 104.236.182.223 port 54558
Oct  8 18:25:13 pixelmemory sshd[1423348]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.182.223 
Oct  8 18:25:13 pixelmemory sshd[1423348]: Invalid user test from 104.236.182.223 port 54558
Oct  8 18:25:15 pixelmemory sshd[1423348]: Failed password for invalid user test from 104.236.182.223 port 54558 ssh2
...
2020-10-09 13:26:24

最近上报的IP列表

84.148.174.164 128.151.5.210 90.191.132.19 174.254.64.70
119.122.77.250 160.80.156.35 121.209.61.210 85.94.75.19
157.245.86.220 125.115.73.171 79.226.82.186 89.232.146.132
100.149.206.88 141.8.129.79 93.218.75.205 154.110.19.30
191.159.227.164 100.48.34.49 88.19.251.117 181.133.128.152