5.39.221.55 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Netherlands

运营商(isp): Hostkey B.V.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Fail2Ban Ban Triggered	2019-10-27 07:31:03

相同子网IP讨论:

IP	类型	评论内容	时间
5.39.221.61	attackbotsspam	ET CINS Active Threat Intelligence Poor Reputation IP group 8 - port: 3387 proto: TCP cat: Misc Attack	2019-10-27 07:30:37
5.39.221.48	attack	3390/tcp [2019-06-23]1pkt	2019-06-24 03:12:48

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 5.39.221.55
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10615
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;5.39.221.55.			IN	A

;; AUTHORITY SECTION:
.			530	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102601 1800 900 604800 86400

;; Query time: 44 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Oct 27 07:30:59 CST 2019
;; MSG SIZE  rcvd: 115

HOST信息:

Host 55.221.39.5.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 55.221.39.5.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
112.120.75.39	attack	SSH login attempts.	2020-03-28 04:05:01
185.147.215.12	attack	[2020-03-27 15:56:06] NOTICE[1148] chan_sip.c: Registration from '' failed for '185.147.215.12:55341' - Wrong password [2020-03-27 15:56:06] SECURITY[1163] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-03-27T15:56:06.723-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="1867",SessionID="0x7fd82c8d10a8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.147.215.12/55341",Challenge="6f333275",ReceivedChallenge="6f333275",ReceivedHash="b544500330a661237bb1c01b948076a6" [2020-03-27 15:56:43] NOTICE[1148] chan_sip.c: Registration from '' failed for '185.147.215.12:51386' - Wrong password [2020-03-27 15:56:43] SECURITY[1163] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-03-27T15:56:43.867-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="1266",SessionID="0x7fd82c221b18",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.147.21 ...	2020-03-28 04:11:08
188.166.117.213	attack	2020-03-27T01:40:49.427000homeassistant sshd[9375]: Failed password for invalid user rlk from 188.166.117.213 port 47416 ssh2 2020-03-27T19:24:01.962411homeassistant sshd[9443]: Invalid user admin from 188.166.117.213 port 59638 2020-03-27T19:24:01.972181homeassistant sshd[9443]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.117.213 ...	2020-03-28 03:59:16
140.143.57.159	attackspam	Mar 27 20:31:07 webhost01 sshd[10120]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.57.159 Mar 27 20:31:09 webhost01 sshd[10120]: Failed password for invalid user xbb from 140.143.57.159 port 39532 ssh2 ...	2020-03-28 04:13:29
94.139.160.112	attack	SSH login attempts.	2020-03-28 04:00:05
104.248.149.130	attackspam	2020-03-27 19:09:51,104 fail2ban.actions: WARNING [ssh] Ban 104.248.149.130	2020-03-28 04:12:08
132.232.21.19	attack	Mar 27 15:31:51 ny01 sshd[14317]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.21.19 Mar 27 15:31:53 ny01 sshd[14317]: Failed password for invalid user ravi from 132.232.21.19 port 49690 ssh2 Mar 27 15:37:45 ny01 sshd[16768]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.21.19	2020-03-28 03:46:45
107.170.99.119	attackbotsspam	20 attempts against mh-ssh on cloud	2020-03-28 03:47:02
119.27.191.172	attackbots	Mar 27 20:39:49 [HOSTNAME] sshd[8061]: Invalid user oot from 119.27.191.172 port 41012 Mar 27 20:39:49 [HOSTNAME] sshd[8061]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.27.191.172 Mar 27 20:39:51 [HOSTNAME] sshd[8061]: Failed password for invalid user oot from 119.27.191.172 port 41012 ssh2 ...	2020-03-28 03:54:41
80.211.7.53	attackspambots	Mar 26 09:22:11 our-server-hostname sshd[12832]: reveeclipse mapping checking getaddrinfo for host53-7-211-80.serverdedicati.aruba.hostname [80.211.7.53] failed - POSSIBLE BREAK-IN ATTEMPT! Mar 26 09:22:11 our-server-hostname sshd[12832]: Invalid user PlcmSpIp from 80.211.7.53 Mar 26 09:22:11 our-server-hostname sshd[12832]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.7.53 Mar 26 09:22:13 our-server-hostname sshd[12832]: Failed password for invalid user PlcmSpIp from 80.211.7.53 port 40828 ssh2 Mar 26 09:34:42 our-server-hostname sshd[14835]: reveeclipse mapping checking getaddrinfo for host53-7-211-80.serverdedicati.aruba.hostname [80.211.7.53] failed - POSSIBLE BREAK-IN ATTEMPT! Mar 26 09:34:42 our-server-hostname sshd[14835]: Invalid user ct from 80.211.7.53 Mar 26 09:34:42 our-server-hostname sshd[14835]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.7.53 Mar 26 09:........ -------------------------------	2020-03-28 04:22:00
104.248.170.45	attackspambots	Mar 27 14:03:21 server1 sshd\[18280\]: Failed password for invalid user eqa from 104.248.170.45 port 33304 ssh2 Mar 27 14:03:21 server1 sshd\[18279\]: Failed password for invalid user eqa from 104.248.170.45 port 33302 ssh2 Mar 27 14:06:41 server1 sshd\[19253\]: Invalid user form-test from 104.248.170.45 Mar 27 14:06:41 server1 sshd\[19253\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.170.45 Mar 27 14:06:41 server1 sshd\[19254\]: Invalid user form-test from 104.248.170.45 ...	2020-03-28 04:09:06
195.9.109.198	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-03-28 04:23:11
93.39.104.224	attackbots	Mar 27 12:22:29 mockhub sshd[6456]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.39.104.224 Mar 27 12:22:31 mockhub sshd[6456]: Failed password for invalid user hqs from 93.39.104.224 port 35058 ssh2 ...	2020-03-28 03:51:30
51.83.78.82	attack	Fail2Ban Ban Triggered	2020-03-28 03:54:05
5.39.77.117	attack	(sshd) Failed SSH login from 5.39.77.117 (FR/France/-/-/ns3262586.ip-5-39-77.eu/[AS16276 OVH SAS]): 1 in the last 3600 secs	2020-03-28 03:48:56

最近上报的IP列表

141.198.87.106	183.233.197.42	176.115.153.236	159.203.201.95
148.251.20.147	148.251.20.144	148.251.20.143	159.138.118.70
148.251.20.138	148.251.20.132	148.251.20.131	148.251.20.130
131.161.122.165	123.1.154.224	112.67.252.237	111.61.81.13
14.111.93.253	88.254.111.116	83.16.200.171	91.203.236.226