必须是合法有效的IP地址, 可以是IPv4或者是IPv6, 例如127.0.0.1或者2001:DB8:0:0:8:800:200C:417A
基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America

运营商(isp): Oracle Public Cloud

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:
类型 评论内容 时间
attackspambots
404 NOT FOUND
2020-06-22 12:52:30
attackbots
Lines containing failures of 168.138.14.139
May  5 07:22:51 nexus sshd[15918]: Invalid user elastic from 168.138.14.139 port 52324
May  5 07:22:51 nexus sshd[15918]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.138.14.139
May  5 07:22:53 nexus sshd[15918]: Failed password for invalid user elastic from 168.138.14.139 port 52324 ssh2
May  5 07:22:54 nexus sshd[15918]: Connection closed by 168.138.14.139 port 52324 [preauth]
May  5 09:16:45 nexus sshd[17826]: Invalid user regwag2003 from 168.138.14.139 port 47954
May  5 09:16:45 nexus sshd[17826]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.138.14.139


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=168.138.14.139
2020-05-07 23:24:39
相同子网IP讨论:
IP 类型 评论内容 时间
168.138.140.50 attack
DATE:2020-09-30 22:37:31, IP:168.138.140.50, PORT:1433 MSSQL brute force auth on honeypot server (epe-honey1-hq)
2020-10-02 05:55:23
168.138.140.50 attackspambots
DATE:2020-09-30 22:37:31, IP:168.138.140.50, PORT:1433 MSSQL brute force auth on honeypot server (epe-honey1-hq)
2020-10-01 22:18:06
168.138.140.50 attackbots
DATE:2020-09-30 22:37:31, IP:168.138.140.50, PORT:1433 MSSQL brute force auth on honeypot server (epe-honey1-hq)
2020-10-01 14:37:16
168.138.145.173 attackspambots
Unauthorized connection attempt detected from IP address 168.138.145.173 to port 445 [T]
2020-07-22 02:32:41
168.138.144.172 attackspam
phpMyAdmin_Attack
2020-05-15 15:58:04
168.138.144.172 attack
php WP PHPmyadamin ABUSE blocked for 12h
2020-05-14 08:54:19
168.138.147.95 attack
May  5 20:10:51 inter-technics sshd[5375]: Invalid user daniel from 168.138.147.95 port 40858
May  5 20:10:51 inter-technics sshd[5375]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.138.147.95
May  5 20:10:51 inter-technics sshd[5375]: Invalid user daniel from 168.138.147.95 port 40858
May  5 20:10:54 inter-technics sshd[5375]: Failed password for invalid user daniel from 168.138.147.95 port 40858 ssh2
May  5 20:17:35 inter-technics sshd[8505]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.138.147.95  user=root
May  5 20:17:37 inter-technics sshd[8505]: Failed password for root from 168.138.147.95 port 47372 ssh2
...
2020-05-06 02:53:18
168.138.144.172 attackspambots
Hacking
2020-05-04 08:21:01
168.138.147.95 attackspam
Invalid user ts4 from 168.138.147.95 port 40946
2020-05-01 12:08:34
168.138.147.95 attackbots
Apr 27 15:03:44 ArkNodeAT sshd\[23003\]: Invalid user mall from 168.138.147.95
Apr 27 15:03:44 ArkNodeAT sshd\[23003\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.138.147.95
Apr 27 15:03:46 ArkNodeAT sshd\[23003\]: Failed password for invalid user mall from 168.138.147.95 port 47106 ssh2
2020-04-28 00:23:51
168.138.147.95 attack
Apr 21 14:22:41 ns382633 sshd\[32632\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.138.147.95  user=root
Apr 21 14:22:43 ns382633 sshd\[32632\]: Failed password for root from 168.138.147.95 port 58264 ssh2
Apr 21 14:33:14 ns382633 sshd\[2542\]: Invalid user testftp from 168.138.147.95 port 46414
Apr 21 14:33:14 ns382633 sshd\[2542\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.138.147.95
Apr 21 14:33:17 ns382633 sshd\[2542\]: Failed password for invalid user testftp from 168.138.147.95 port 46414 ssh2
2020-04-21 20:35:39
168.138.147.95 attackbotsspam
2020-04-11T22:42:26.380453ns386461 sshd\[6771\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.138.147.95  user=root
2020-04-11T22:42:28.623859ns386461 sshd\[6771\]: Failed password for root from 168.138.147.95 port 39768 ssh2
2020-04-11T22:51:16.278747ns386461 sshd\[14589\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.138.147.95  user=root
2020-04-11T22:51:18.282557ns386461 sshd\[14589\]: Failed password for root from 168.138.147.95 port 33900 ssh2
2020-04-11T22:56:59.951658ns386461 sshd\[19994\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.138.147.95  user=root
...
2020-04-12 05:27:01
WHOIS信息:
b
DIG信息:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 168.138.14.139
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 25224
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;168.138.14.139.			IN	A

;; AUTHORITY SECTION:
.			411	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020050700 1800 900 604800 86400

;; Query time: 95 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu May 07 23:24:34 CST 2020
;; MSG SIZE  rcvd: 118
HOST信息:
Host 139.14.138.168.in-addr.arpa. not found: 3(NXDOMAIN)
NSLOOKUP信息:
Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 139.14.138.168.in-addr.arpa: NXDOMAIN
相关IP信息:
最新评论:
IP 类型 评论内容 时间
31.211.86.13 attackbotsspam
Automatic report - Banned IP Access
2020-08-24 22:52:34
111.74.11.85 attack
$f2bV_matches
2020-08-24 22:53:48
222.73.182.137 attackspambots
Aug 24 17:02:59 hosting sshd[14957]: Invalid user matt from 222.73.182.137 port 34360
...
2020-08-24 23:05:40
191.233.142.46 attack
Aug 24 08:43:03 ny01 sshd[28948]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.233.142.46
Aug 24 08:43:05 ny01 sshd[28948]: Failed password for invalid user kfk from 191.233.142.46 port 58000 ssh2
Aug 24 08:47:59 ny01 sshd[29729]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.233.142.46
2020-08-24 22:30:41
185.220.101.213 attackspambots
detected by Fail2Ban
2020-08-24 22:22:13
163.179.97.16 attack
Icarus honeypot on github
2020-08-24 22:56:28
18.27.197.252 attack
(imapd) Failed IMAP login from 18.27.197.252 (US/United States/wholesomeserver.media.mit.edu): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Aug 24 16:20:25 ir1 dovecot[3110802]: imap-login: Disconnected (auth failed, 1 attempts in 3 secs): user=, method=PLAIN, rip=18.27.197.252, lip=5.63.12.44, TLS, session=
2020-08-24 22:59:51
218.92.0.173 attackspam
Aug 24 07:55:20 dignus sshd[11057]: Failed password for root from 218.92.0.173 port 26853 ssh2
Aug 24 07:55:23 dignus sshd[11057]: Failed password for root from 218.92.0.173 port 26853 ssh2
Aug 24 07:55:30 dignus sshd[11057]: error: maximum authentication attempts exceeded for root from 218.92.0.173 port 26853 ssh2 [preauth]
Aug 24 07:55:36 dignus sshd[11118]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.173  user=root
Aug 24 07:55:38 dignus sshd[11118]: Failed password for root from 218.92.0.173 port 50074 ssh2
...
2020-08-24 22:55:50
156.196.240.185 attack
Icarus honeypot on github
2020-08-24 22:36:12
91.121.68.60 attack
[MonAug2413:50:36.3796312020][:error][pid32741:tid47165108848384][client91.121.68.60:49532][client91.121.68.60]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch"python-requests/"atREQUEST_HEADERS:User-Agent.[file"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf"][line"218"][id"332039"][rev"4"][msg"Atomicorp.comWAFRules:SuspiciousUnusualUserAgent\(python-requests\).Disablethisruleifyouusepython-requests/."][severity"CRITICAL"][hostname"fit-easy.com"][uri"/admin/images/cal_date_over.gif"][unique_id"X0OpjCtSzoxNLh@Tstk9aAAAAUk"][MonAug2413:50:47.9381692020][:error][pid32482:tid47165098342144][client91.121.68.60:50388][client91.121.68.60]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch"python-requests/"atREQUEST_HEADERS:User-Agent.[file"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf"][line"218"][id"332039"][rev"4"][msg"Atomicorp.comWAFRules:SuspiciousUnusualUserAgent\(python-requests\).Disablethisruleifyouusepython-requests/."][severity"CRITICAL\
2020-08-24 22:37:51
211.149.155.116 attackbotsspam
port
2020-08-24 22:40:40
46.214.192.199 attack
Automatic report - XMLRPC Attack
2020-08-24 22:48:20
194.36.108.6 attackbotsspam
0,20-13/09 [bc01/m10] PostRequest-Spammer scoring: zurich
2020-08-24 22:31:41
106.13.201.44 attackbots
2020-08-24T14:36:42.231757shield sshd\[27371\]: Invalid user zx from 106.13.201.44 port 52142
2020-08-24T14:36:42.260335shield sshd\[27371\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.201.44
2020-08-24T14:36:44.362653shield sshd\[27371\]: Failed password for invalid user zx from 106.13.201.44 port 52142 ssh2
2020-08-24T14:40:35.724652shield sshd\[27788\]: Invalid user qadmin from 106.13.201.44 port 35946
2020-08-24T14:40:35.745242shield sshd\[27788\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.201.44
2020-08-24 22:52:53
45.129.33.142 attack
[portscan] Port scan
2020-08-24 22:37:01

最近上报的IP列表

210.21.36.182 97.87.51.228 83.196.98.96 187.177.183.18
148.105.11.43 145.239.90.198 216.41.205.1 91.148.138.116
94.21.40.231 210.211.117.41 78.180.38.127 5.253.206.142
89.34.18.94 67.70.142.247 87.251.74.173 76.238.219.68
121.156.122.97 2.86.246.211 183.11.235.24 90.189.197.237