139.99.5.210 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Canada

运营商(isp): Ruk-Com Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Sep 8 00:02:55 fhem-rasp sshd[4268]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.5.210 user=daemon Sep 8 00:02:57 fhem-rasp sshd[4268]: Failed password for invalid user daemon from 139.99.5.210 port 43603 ssh2 ...	2020-09-08 23:54:06
attack	Sep 8 00:02:55 fhem-rasp sshd[4268]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.5.210 user=daemon Sep 8 00:02:57 fhem-rasp sshd[4268]: Failed password for invalid user daemon from 139.99.5.210 port 43603 ssh2 ...	2020-09-08 15:27:45
attackbotsspam	Sep 8 00:02:55 fhem-rasp sshd[4268]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.5.210 user=daemon Sep 8 00:02:57 fhem-rasp sshd[4268]: Failed password for invalid user daemon from 139.99.5.210 port 43603 ssh2 ...	2020-09-08 08:00:19
attackspambots	May 22 00:04:21 163-172-32-151 sshd[11165]: Invalid user admin from 139.99.5.210 port 21049 ...	2020-05-22 06:40:24

相同子网IP讨论:

IP	类型	评论内容	时间
139.99.55.150	attackbots	Oct 5 12:44:19 ns382633 sshd\[16009\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.55.150 user=root Oct 5 12:44:21 ns382633 sshd\[16009\]: Failed password for root from 139.99.55.150 port 33485 ssh2 Oct 5 12:52:28 ns382633 sshd\[16835\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.55.150 user=root Oct 5 12:52:30 ns382633 sshd\[16835\]: Failed password for root from 139.99.55.150 port 57762 ssh2 Oct 5 12:56:23 ns382633 sshd\[17334\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.55.150 user=root	2020-10-06 01:45:25
139.99.55.149	attackbots	[f2b] sshd bruteforce, retries: 1	2020-10-05 04:19:57
139.99.55.149	attackspam	[f2b] sshd bruteforce, retries: 1	2020-10-04 20:12:49
139.99.54.20	attack	Aug 31 00:41:01 ny01 sshd[17004]: Failed password for root from 139.99.54.20 port 34572 ssh2 Aug 31 00:45:16 ny01 sshd[17466]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.54.20 Aug 31 00:45:19 ny01 sshd[17466]: Failed password for invalid user ali from 139.99.54.20 port 40168 ssh2	2020-08-31 12:53:16
139.99.54.20	attack	SSH	2020-08-30 01:54:08
139.99.54.20	attackbots	$f2bV_matches	2020-07-27 15:54:04
139.99.54.20	attackspambots	Connection to SSH Honeypot - Detected by HoneypotDB	2020-07-22 06:16:38
139.99.54.20	attackbots	SSHD brute force attack detected by fail2ban	2020-07-19 16:11:55
139.99.54.20	attackspambots	2020-07-04T03:21:26.033435na-vps210223 sshd[31605]: Invalid user test1 from 139.99.54.20 port 53094 2020-07-04T03:21:26.041561na-vps210223 sshd[31605]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.54.20 2020-07-04T03:21:26.033435na-vps210223 sshd[31605]: Invalid user test1 from 139.99.54.20 port 53094 2020-07-04T03:21:28.230660na-vps210223 sshd[31605]: Failed password for invalid user test1 from 139.99.54.20 port 53094 ssh2 2020-07-04T03:23:37.151063na-vps210223 sshd[5201]: Invalid user admin from 139.99.54.20 port 59606 ...	2020-07-04 15:26:30
139.99.54.20	attackbotsspam	Jun 18 19:45:28 rush sshd[1735]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.54.20 Jun 18 19:45:30 rush sshd[1735]: Failed password for invalid user acs from 139.99.54.20 port 37198 ssh2 Jun 18 19:49:27 rush sshd[1963]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.54.20 ...	2020-06-19 04:00:35
139.99.54.20	attackspam	SSH_attack	2020-06-15 16:46:37
139.99.54.20	attackspambots	May 31 19:30:25 ns382633 sshd\[13435\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.54.20 user=root May 31 19:30:26 ns382633 sshd\[13435\]: Failed password for root from 139.99.54.20 port 33044 ssh2 May 31 19:38:20 ns382633 sshd\[14843\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.54.20 user=root May 31 19:38:22 ns382633 sshd\[14843\]: Failed password for root from 139.99.54.20 port 47142 ssh2 May 31 19:42:13 ns382633 sshd\[15987\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.54.20 user=root	2020-06-01 03:18:08
139.99.54.20	attackbots	May 24 13:16:17 l02a sshd[23182]: Invalid user salb from 139.99.54.20 May 24 13:16:17 l02a sshd[23182]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.54.20 May 24 13:16:17 l02a sshd[23182]: Invalid user salb from 139.99.54.20 May 24 13:16:19 l02a sshd[23182]: Failed password for invalid user salb from 139.99.54.20 port 54544 ssh2	2020-05-24 20:35:09
139.99.54.20	attack	Lines containing failures of 139.99.54.20 May 22 13:52:23 shared09 sshd[4439]: Invalid user nfn from 139.99.54.20 port 41096 May 22 13:52:23 shared09 sshd[4439]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.54.20 May 22 13:52:25 shared09 sshd[4439]: Failed password for invalid user nfn from 139.99.54.20 port 41096 ssh2 May 22 13:52:26 shared09 sshd[4439]: Received disconnect from 139.99.54.20 port 41096:11: Bye Bye [preauth] May 22 13:52:26 shared09 sshd[4439]: Disconnected from invalid user nfn 139.99.54.20 port 41096 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=139.99.54.20	2020-05-23 02:06:38
139.99.57.14	attackbotsspam	Automatic report - XMLRPC Attack	2019-11-13 04:03:37

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.99.5.210
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55113
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.99.5.210.			IN	A

;; AUTHORITY SECTION:
.			500	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020052102 1800 900 604800 86400

;; Query time: 102 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri May 22 06:40:19 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

210.5.99.139.in-addr.arpa domain name pointer ip210.ip-139-99-5.net.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
210.5.99.139.in-addr.arpa	name = ip210.ip-139-99-5.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
34.122.249.54	attackspam	Oct 9 06:46:36 server-01 sshd[20024]: Invalid user test from 34.122.249.54 port 42578 Oct 9 06:47:26 server-01 sshd[20056]: Invalid user admin from 34.122.249.54 port 37594 Oct 9 06:48:18 server-01 sshd[20101]: Invalid user testuser from 34.122.249.54 port 60872 ...	2020-10-09 12:55:36
194.26.25.116	attack	TCP (SYN) 194.26.25.116:59754 -> port 33897, len 44	2020-10-09 13:22:01
182.151.47.140	attackbots	Oct 9 04:39:28 vps639187 sshd\[30152\]: Invalid user testftp from 182.151.47.140 port 38332 Oct 9 04:39:28 vps639187 sshd\[30152\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.151.47.140 Oct 9 04:39:30 vps639187 sshd\[30152\]: Failed password for invalid user testftp from 182.151.47.140 port 38332 ssh2 ...	2020-10-09 12:54:14
202.5.17.78	attack	SSH login attempts.	2020-10-09 13:08:59
58.87.84.31	attack	Oct 9 04:05:51 cho sshd[266662]: Failed password for invalid user ts from 58.87.84.31 port 40602 ssh2 Oct 9 04:08:25 cho sshd[266780]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.87.84.31 user=root Oct 9 04:08:27 cho sshd[266780]: Failed password for root from 58.87.84.31 port 48758 ssh2 Oct 9 04:10:52 cho sshd[266998]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.87.84.31 user=root Oct 9 04:10:54 cho sshd[266998]: Failed password for root from 58.87.84.31 port 56838 ssh2 ...	2020-10-09 12:46:46
45.142.120.52	attackspam	2020-10-08T19:48:33.612538linuxbox-skyline auth[56796]: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=webpop rhost=45.142.120.52 ...	2020-10-09 13:18:06
203.137.119.217	attack	Oct 9 04:06:16 inter-technics sshd[3272]: Invalid user root0 from 203.137.119.217 port 48280 Oct 9 04:06:16 inter-technics sshd[3272]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.137.119.217 Oct 9 04:06:16 inter-technics sshd[3272]: Invalid user root0 from 203.137.119.217 port 48280 Oct 9 04:06:18 inter-technics sshd[3272]: Failed password for invalid user root0 from 203.137.119.217 port 48280 ssh2 Oct 9 04:07:47 inter-technics sshd[3348]: Invalid user linux1 from 203.137.119.217 port 37852 ...	2020-10-09 13:06:44
94.176.186.215	attackspambots	(Oct 9) LEN=52 TTL=114 ID=337 DF TCP DPT=445 WINDOW=8192 SYN (Oct 9) LEN=52 TTL=114 ID=14964 DF TCP DPT=445 WINDOW=8192 SYN (Oct 8) LEN=52 TTL=114 ID=6253 DF TCP DPT=445 WINDOW=8192 SYN (Oct 8) LEN=52 TTL=117 ID=19841 DF TCP DPT=445 WINDOW=8192 SYN (Oct 8) LEN=52 TTL=117 ID=4641 DF TCP DPT=445 WINDOW=8192 SYN (Oct 8) LEN=52 TTL=114 ID=12967 DF TCP DPT=445 WINDOW=8192 SYN (Oct 8) LEN=52 TTL=114 ID=26876 DF TCP DPT=445 WINDOW=8192 SYN (Oct 8) LEN=52 TTL=114 ID=19462 DF TCP DPT=445 WINDOW=8192 SYN (Oct 8) LEN=52 TTL=117 ID=12154 DF TCP DPT=445 WINDOW=8192 SYN (Oct 8) LEN=52 TTL=117 ID=5234 DF TCP DPT=445 WINDOW=8192 SYN (Oct 8) LEN=52 TTL=114 ID=21806 DF TCP DPT=445 WINDOW=8192 SYN (Oct 8) LEN=52 TTL=117 ID=7935 DF TCP DPT=445 WINDOW=8192 SYN (Oct 7) LEN=52 TTL=114 ID=6437 DF TCP DPT=445 WINDOW=8192 SYN (Oct 7) LEN=52 TTL=117 ID=24971 DF TCP DPT=445 WINDOW=8192 SYN (Oct 7) LEN=52 TTL=114 ID=24955 DF TCP DPT=445 WINDOW=8192 SYN (...	2020-10-09 13:08:03
49.88.112.71	attack	Oct 9 10:18:47 gw1 sshd[22357]: Failed password for root from 49.88.112.71 port 50078 ssh2 ...	2020-10-09 13:22:33
203.99.62.158	attack	Oct 9 03:38:39 xeon sshd[46892]: Failed password for root from 203.99.62.158 port 50252 ssh2	2020-10-09 13:14:00
178.128.121.137	attack	SSH Bruteforce Attempt on Honeypot	2020-10-09 13:01:24
51.38.211.30	attack	51.38.211.30 - - [09/Oct/2020:06:04:19 +0200] "GET /wp-login.php HTTP/1.1" 200 8796 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 51.38.211.30 - - [09/Oct/2020:06:04:20 +0200] "POST /wp-login.php HTTP/1.1" 200 9047 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 51.38.211.30 - - [09/Oct/2020:06:04:21 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-10-09 13:18:37
202.0.103.51	attackbotsspam	202.0.103.51 - - [09/Oct/2020:03:02:05 +0200] "POST /xmlrpc.php HTTP/1.1" 403 613 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 202.0.103.51 - - [09/Oct/2020:03:28:10 +0200] "POST /xmlrpc.php HTTP/1.1" 403 13669 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-09 13:15:33
120.53.243.211	attack	SSH login attempts.	2020-10-09 13:16:39
104.236.182.223	attackbots	Oct 8 18:19:57 pixelmemory sshd[1414975]: Failed password for invalid user student from 104.236.182.223 port 48600 ssh2 Oct 8 18:25:13 pixelmemory sshd[1423348]: Invalid user test from 104.236.182.223 port 54558 Oct 8 18:25:13 pixelmemory sshd[1423348]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.182.223 Oct 8 18:25:13 pixelmemory sshd[1423348]: Invalid user test from 104.236.182.223 port 54558 Oct 8 18:25:15 pixelmemory sshd[1423348]: Failed password for invalid user test from 104.236.182.223 port 54558 ssh2 ...	2020-10-09 13:26:24

最近上报的IP列表

84.148.174.164	128.151.5.210	90.191.132.19	174.254.64.70
119.122.77.250	160.80.156.35	121.209.61.210	85.94.75.19
157.245.86.220	125.115.73.171	79.226.82.186	89.232.146.132
100.149.206.88	141.8.129.79	93.218.75.205	154.110.19.30
191.159.227.164	100.48.34.49	88.19.251.117	181.133.128.152