139.99.5.223 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Singapore

运营商(isp): Ruk-Com Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	2019-11-11T07:18:32.357592mail01 postfix/smtpd[15209]: warning: ip223.ip-139-99-5.net[139.99.5.223]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-11-11T07:18:39.181446mail01 postfix/smtpd[27485]: warning: ip223.ip-139-99-5.net[139.99.5.223]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-11-11T07:25:10.187867mail01 postfix/smtpd[1250]: warning: ip223.ip-139-99-5.net[139.99.5.223]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-11-11 18:14:20
attackspam	2019-11-10T10:29:34.413912mail01 postfix/smtpd[28849]: warning: ip223.ip-139-99-5.net[139.99.5.223]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-11-10T10:29:41.418003mail01 postfix/smtpd[17098]: warning: ip223.ip-139-99-5.net[139.99.5.223]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-11-10T10:39:12.041723mail01 postfix/smtpd[31681]: warning: ip223.ip-139-99-5.net[139.99.5.223]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-11-10 18:24:42
attackspambots	2019-11-08T08:31:08.186192mail01 postfix/smtpd[31209]: warning: ip223.ip-139-99-5.net[139.99.5.223]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-11-08T08:32:38.204450mail01 postfix/smtpd[22413]: warning: ip223.ip-139-99-5.net[139.99.5.223]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-11-08T08:35:58.475070mail01 postfix/smtpd[10215]: warning: ip223.ip-139-99-5.net[139.99.5.223]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-11-08 16:14:27
attackspam	2019-11-07T01:45:37.353071mail01 postfix/smtpd[28225]: warning: ip223.ip-139-99-5.net[139.99.5.223]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-11-07T01:46:25.332841mail01 postfix/smtpd[8569]: warning: ip223.ip-139-99-5.net[139.99.5.223]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-11-07T01:46:50.180077mail01 postfix/smtpd[28225]: warning: ip223.ip-139-99-5.net[139.99.5.223]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-11-07 08:54:08
attackbotsspam	Jul 17 19:35:34 web1 postfix/smtpd[27824]: warning: ip223.ip-139-99-5.net[139.99.5.223]: SASL LOGIN authentication failed: authentication failure ...	2019-07-18 08:41:44
attackspam	Jul 15 21:22:20 mail postfix/smtpd\[11322\]: warning: ip223.ip-139-99-5.net\[139.99.5.223\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 15 21:23:01 mail postfix/smtpd\[11321\]: warning: ip223.ip-139-99-5.net\[139.99.5.223\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 15 21:24:27 mail postfix/smtpd\[11321\]: warning: ip223.ip-139-99-5.net\[139.99.5.223\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-07-16 05:42:59

相同子网IP讨论:

IP	类型	评论内容	时间
139.99.55.150	attackbots	Oct 5 12:44:19 ns382633 sshd\[16009\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.55.150 user=root Oct 5 12:44:21 ns382633 sshd\[16009\]: Failed password for root from 139.99.55.150 port 33485 ssh2 Oct 5 12:52:28 ns382633 sshd\[16835\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.55.150 user=root Oct 5 12:52:30 ns382633 sshd\[16835\]: Failed password for root from 139.99.55.150 port 57762 ssh2 Oct 5 12:56:23 ns382633 sshd\[17334\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.55.150 user=root	2020-10-06 01:45:25
139.99.55.149	attackbots	[f2b] sshd bruteforce, retries: 1	2020-10-05 04:19:57
139.99.55.149	attackspam	[f2b] sshd bruteforce, retries: 1	2020-10-04 20:12:49
139.99.5.210	attackbotsspam	Sep 8 00:02:55 fhem-rasp sshd[4268]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.5.210 user=daemon Sep 8 00:02:57 fhem-rasp sshd[4268]: Failed password for invalid user daemon from 139.99.5.210 port 43603 ssh2 ...	2020-09-08 23:54:06
139.99.5.210	attack	Sep 8 00:02:55 fhem-rasp sshd[4268]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.5.210 user=daemon Sep 8 00:02:57 fhem-rasp sshd[4268]: Failed password for invalid user daemon from 139.99.5.210 port 43603 ssh2 ...	2020-09-08 15:27:45
139.99.5.210	attackbotsspam	Sep 8 00:02:55 fhem-rasp sshd[4268]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.5.210 user=daemon Sep 8 00:02:57 fhem-rasp sshd[4268]: Failed password for invalid user daemon from 139.99.5.210 port 43603 ssh2 ...	2020-09-08 08:00:19
139.99.54.20	attack	Aug 31 00:41:01 ny01 sshd[17004]: Failed password for root from 139.99.54.20 port 34572 ssh2 Aug 31 00:45:16 ny01 sshd[17466]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.54.20 Aug 31 00:45:19 ny01 sshd[17466]: Failed password for invalid user ali from 139.99.54.20 port 40168 ssh2	2020-08-31 12:53:16
139.99.54.20	attack	SSH	2020-08-30 01:54:08
139.99.54.20	attackbots	$f2bV_matches	2020-07-27 15:54:04
139.99.54.20	attackspambots	Connection to SSH Honeypot - Detected by HoneypotDB	2020-07-22 06:16:38
139.99.54.20	attackbots	SSHD brute force attack detected by fail2ban	2020-07-19 16:11:55
139.99.54.20	attackspambots	2020-07-04T03:21:26.033435na-vps210223 sshd[31605]: Invalid user test1 from 139.99.54.20 port 53094 2020-07-04T03:21:26.041561na-vps210223 sshd[31605]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.54.20 2020-07-04T03:21:26.033435na-vps210223 sshd[31605]: Invalid user test1 from 139.99.54.20 port 53094 2020-07-04T03:21:28.230660na-vps210223 sshd[31605]: Failed password for invalid user test1 from 139.99.54.20 port 53094 ssh2 2020-07-04T03:23:37.151063na-vps210223 sshd[5201]: Invalid user admin from 139.99.54.20 port 59606 ...	2020-07-04 15:26:30
139.99.54.20	attackbotsspam	Jun 18 19:45:28 rush sshd[1735]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.54.20 Jun 18 19:45:30 rush sshd[1735]: Failed password for invalid user acs from 139.99.54.20 port 37198 ssh2 Jun 18 19:49:27 rush sshd[1963]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.54.20 ...	2020-06-19 04:00:35
139.99.54.20	attackspam	SSH_attack	2020-06-15 16:46:37
139.99.54.20	attackspambots	May 31 19:30:25 ns382633 sshd\[13435\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.54.20 user=root May 31 19:30:26 ns382633 sshd\[13435\]: Failed password for root from 139.99.54.20 port 33044 ssh2 May 31 19:38:20 ns382633 sshd\[14843\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.54.20 user=root May 31 19:38:22 ns382633 sshd\[14843\]: Failed password for root from 139.99.54.20 port 47142 ssh2 May 31 19:42:13 ns382633 sshd\[15987\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.54.20 user=root	2020-06-01 03:18:08

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.99.5.223
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18816
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.99.5.223.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071501 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Jul 16 05:42:54 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

223.5.99.139.in-addr.arpa domain name pointer ip223.ip-139-99-5.net.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
223.5.99.139.in-addr.arpa	name = ip223.ip-139-99-5.net.

Authoritative answers can be found from:

IP	类型	评论内容	时间
200.98.73.50	attackbots	Honeypot attack, port: 445, PTR: 200-98-73-50.clouduol.com.br.	2020-03-04 23:03:54
23.88.142.81	attackbots	22/tcp [2020-03-04]1pkt	2020-03-04 23:31:06
121.162.60.159	attackbots	Mar 4 15:16:46 MK-Soft-VM5 sshd[23614]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.162.60.159 Mar 4 15:16:48 MK-Soft-VM5 sshd[23614]: Failed password for invalid user couchdb from 121.162.60.159 port 60624 ssh2 ...	2020-03-04 23:15:21
117.146.60.116	attackspam	suspicious action Wed, 04 Mar 2020 10:36:33 -0300	2020-03-04 23:20:10
140.255.139.154	attack	Mar 4 13:36:17 l03 postfix/smtpd[23984]: lost connection after AUTH from unknown[140.255.139.154] Mar 4 13:36:19 l03 postfix/smtpd[23984]: lost connection after AUTH from unknown[140.255.139.154] Mar 4 13:36:22 l03 postfix/smtpd[23984]: lost connection after AUTH from unknown[140.255.139.154] Mar 4 13:36:23 l03 postfix/smtpd[23984]: lost connection after AUTH from unknown[140.255.139.154] Mar 4 13:36:24 l03 postfix/smtpd[23984]: lost connection after AUTH from unknown[140.255.139.154] ...	2020-03-04 23:29:35
221.180.141.5	attack	$f2bV_matches	2020-03-04 23:02:14
179.189.246.102	attack	Honeypot attack, port: 445, PTR: 179-189-246-102.clnt-fixed.worldnet.psi.br.	2020-03-04 23:21:55
221.165.151.244	attackspambots	$f2bV_matches	2020-03-04 23:20:52
60.53.219.187	attack	Honeypot attack, port: 5555, PTR: PTR record not found	2020-03-04 23:10:38
109.75.38.178	attackspam	445/tcp [2020-03-04]1pkt	2020-03-04 23:15:59
77.42.92.16	attack	Automatic report - Port Scan Attack	2020-03-04 23:08:46
102.189.252.86	attackspambots	445/tcp [2020-03-04]1pkt	2020-03-04 23:17:03
190.219.15.69	attackspambots	81/tcp [2020-03-04]1pkt	2020-03-04 23:40:15
195.154.169.48	attack	Fail2Ban Ban Triggered	2020-03-04 23:46:05
91.121.109.45	attackbotsspam	$f2bV_matches	2020-03-04 23:09:59

最近上报的IP列表

99.238.44.137	179.90.234.123	73.95.96.181	161.65.51.110
109.117.164.178	178.219.50.205	106.4.255.198	94.221.213.21
87.110.42.107	93.81.103.25	82.181.113.248	50.77.86.160
209.122.13.204	67.15.79.90	201.136.79.121	89.170.193.108
196.29.164.164	108.73.139.8	22.38.20.121	202.137.10.179