城市(city): unknown
省份(region): unknown
国家(country): United States
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 104.140.148.58 | attackspam | firewall-block, port(s): 161/udp |
2019-09-21 04:37:23 |
| 104.140.148.58 | attack | Sep 11 14:57:21 localhost kernel: [1966058.443067] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=104.140.148.58 DST=[mungedIP2] LEN=44 TOS=0x00 PREC=0x00 TTL=245 ID=2495 PROTO=TCP SPT=65325 DPT=987 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 11 14:57:21 localhost kernel: [1966058.443093] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=104.140.148.58 DST=[mungedIP2] LEN=44 TOS=0x00 PREC=0x00 TTL=245 ID=2495 PROTO=TCP SPT=65325 DPT=987 SEQ=3815533082 ACK=0 WINDOW=1024 RES=0x00 SYN URGP=0 OPT (020405B4) Sep 11 14:59:52 localhost kernel: [1966209.518449] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=104.140.148.58 DST=[mungedIP2] LEN=44 TOS=0x00 PREC=0x00 TTL=245 ID=43417 PROTO=TCP SPT=64300 DPT=5910 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 11 14:59:52 localhost kernel: [1966209.518469] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=104.140.148.58 DST=[mungedIP2] LEN=4 |
2019-09-12 03:13:24 |
| 104.140.148.58 | attackspam | 23.08.2019 20:09:25 Connection to port 21 blocked by firewall |
2019-08-24 04:38:34 |
| 104.140.148.58 | attackbotsspam | Automatic report - Port Scan Attack |
2019-07-30 03:10:28 |
| 104.140.148.58 | attackbots | 8444/tcp 21/tcp 5900/tcp... [2019-06-13/07-24]35pkt,13pt.(tcp),1pt.(udp) |
2019-07-26 11:47:12 |
| 104.140.148.58 | attackbotsspam | " " |
2019-07-25 06:38:18 |
| 104.140.148.58 | attackspambots | 22.07.2019 18:53:41 Connection to port 3306 blocked by firewall |
2019-07-23 05:55:25 |
| 104.140.148.58 | attackbots | RDP brute force attack detected by fail2ban |
2019-07-18 14:04:36 |
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#
NetRange: 104.140.0.0 - 104.140.255.255
CIDR: 104.140.0.0/16
NetName: EONIX
NetHandle: NET-104-140-0-0-1
Parent: NET104 (NET-104-0-0-0-0)
NetType: Direct Allocation
OriginAS:
Organization: Eonix Corporation (EONIX)
RegDate: 2014-06-20
Updated: 2019-02-28
Comment: Please use the below contact information to report suspected security issues specific to traffic emanating from net blocks in this range, including the distribution of malicious content or other illicit or illegal material.
Comment:
Comment: For SPAM and other abuse issues, please contact:
Comment: * net-abuse@eonix.net
Comment:
Comment: For legal and law enforcement-related requests, please contact:
Comment: * legal@eonix.net
Comment:
Comment: For Routing, Peering or DNS issues, please contact:
Comment: * noc@eonix.net
Ref: https://rdap.arin.net/registry/ip/104.140.0.0
OrgName: Eonix Corporation
OrgId: EONIX
Address: 9107 W Russell Rd Suite 100
City: Las Vegas
StateProv: NV
PostalCode: 89148
Country: US
RegDate: 2006-05-31
Updated: 2025-10-16
Comment: Please use the below contact information to report suspected security issues specific to traffic emanating from net blocks in this range, including the distribution of malicious content or other illicit or illegal material.
Comment:
Comment: For SPAM and other abuse issues, please contact:
Comment: * net-abuse@eonix.net
Comment:
Comment: For legal and law enforcement-related requests, please contact:
Comment: * legal@eonix.net
Comment:
Comment: For Routing, Peering or DNS issues, please contact:
Comment: * noc@eonix.net
Ref: https://rdap.arin.net/registry/entity/EONIX
OrgAbuseHandle: NTS22-ARIN
OrgAbuseName: Network Trust and Safety
OrgAbusePhone: +1-702-605-2981
OrgAbuseEmail: net-admin@eonix.net
OrgAbuseRef: https://rdap.arin.net/registry/entity/NTS22-ARIN
OrgNOCHandle: NOC31884-ARIN
OrgNOCName: Network Operations Center
OrgNOCPhone: +1-702-605-2981
OrgNOCEmail: noc@eonix.net
OrgNOCRef: https://rdap.arin.net/registry/entity/NOC31884-ARIN
OrgTechHandle: EDM7-ARIN
OrgTechName: Eonix DNS Management
OrgTechPhone: +1-877-841-3341
OrgTechEmail: 902214@serverhub.com
OrgTechRef: https://rdap.arin.net/registry/entity/EDM7-ARIN
OrgAbuseHandle: NTS29-ARIN
OrgAbuseName: Network Trust and Safety
OrgAbusePhone: +1-702-605-2981
OrgAbuseEmail: net-admin@eonix.net
OrgAbuseRef: https://rdap.arin.net/registry/entity/NTS29-ARIN
OrgDNSHandle: EDM7-ARIN
OrgDNSName: Eonix DNS Management
OrgDNSPhone: +1-877-841-3341
OrgDNSEmail: 902214@serverhub.com
OrgDNSRef: https://rdap.arin.net/registry/entity/EDM7-ARIN
OrgTechHandle: NOC31884-ARIN
OrgTechName: Network Operations Center
OrgTechPhone: +1-702-605-2981
OrgTechEmail: noc@eonix.net
OrgTechRef: https://rdap.arin.net/registry/entity/NOC31884-ARIN
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.140.148.102
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 34676
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;104.140.148.102. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2026041301 1800 900 604800 86400
;; Query time: 28 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Apr 14 04:30:24 CST 2026
;; MSG SIZE rcvd: 108Host 102.148.140.104.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 102.148.140.104.in-addr.arpa: NXDOMAIN| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 201.234.238.10 | attackbotsspam | Banned for a week because repeated abuses, for example SSH, but not only |
2020-09-24 03:57:52 |
| 105.112.25.78 | attack | 1600880764 - 09/23/2020 19:06:04 Host: 105.112.25.78/105.112.25.78 Port: 445 TCP Blocked |
2020-09-24 03:30:10 |
| 115.98.12.33 | attackspambots | Listed on dnsbl-sorbs plus abuseat.org and zen-spamhaus / proto=6 . srcport=23932 . dstport=23 . (2904) |
2020-09-24 03:48:09 |
| 210.5.85.150 | attackspam | Sep 23 19:36:13 ns381471 sshd[30608]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.5.85.150 Sep 23 19:36:15 ns381471 sshd[30608]: Failed password for invalid user owen from 210.5.85.150 port 34314 ssh2 |
2020-09-24 04:07:05 |
| 60.199.134.114 | attackbots | Sep 23 19:21:26 haigwepa sshd[31936]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.199.134.114 Sep 23 19:21:28 haigwepa sshd[31936]: Failed password for invalid user downloader from 60.199.134.114 port 55052 ssh2 ... |
2020-09-24 03:41:09 |
| 106.51.85.16 | attack | 2020-09-23T22:41:37.137287paragon sshd[334743]: Invalid user mcserver from 106.51.85.16 port 50124 2020-09-23T22:41:37.141318paragon sshd[334743]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.51.85.16 2020-09-23T22:41:37.137287paragon sshd[334743]: Invalid user mcserver from 106.51.85.16 port 50124 2020-09-23T22:41:39.402230paragon sshd[334743]: Failed password for invalid user mcserver from 106.51.85.16 port 50124 ssh2 2020-09-23T22:45:38.401201paragon sshd[334808]: Invalid user osm from 106.51.85.16 port 59160 ... |
2020-09-24 03:29:28 |
| 51.15.178.69 | attackspam | fail2ban/Sep 23 18:58:18 h1962932 sshd[16315]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.15.178.69 user=root Sep 23 18:58:20 h1962932 sshd[16315]: Failed password for root from 51.15.178.69 port 50220 ssh2 Sep 23 19:05:37 h1962932 sshd[17330]: Invalid user wang from 51.15.178.69 port 45073 Sep 23 19:05:37 h1962932 sshd[17330]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.15.178.69 Sep 23 19:05:37 h1962932 sshd[17330]: Invalid user wang from 51.15.178.69 port 45073 Sep 23 19:05:39 h1962932 sshd[17330]: Failed password for invalid user wang from 51.15.178.69 port 45073 ssh2 |
2020-09-24 04:02:09 |
| 104.215.96.168 | attackspam | 2020-09-24T05:28:19.025240luisaranguren sshd[2613213]: Failed password for root from 104.215.96.168 port 50714 ssh2 2020-09-24T05:28:19.560049luisaranguren sshd[2613213]: Disconnected from authenticating user root 104.215.96.168 port 50714 [preauth] ... |
2020-09-24 03:30:23 |
| 102.133.165.93 | attack | SSH brutforce |
2020-09-24 03:42:39 |
| 74.95.222.34 | attack | Sep 23 17:06:04 ssh2 sshd[70044]: Invalid user osmc from 74.95.222.34 port 47141 Sep 23 17:06:04 ssh2 sshd[70044]: Failed password for invalid user osmc from 74.95.222.34 port 47141 ssh2 Sep 23 17:06:04 ssh2 sshd[70044]: Connection closed by invalid user osmc 74.95.222.34 port 47141 [preauth] ... |
2020-09-24 03:30:43 |
| 159.89.89.65 | attackspam | Sep 23 19:01:59 abendstille sshd\[31583\]: Invalid user web1 from 159.89.89.65 Sep 23 19:01:59 abendstille sshd\[31583\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.89.65 Sep 23 19:02:01 abendstille sshd\[31583\]: Failed password for invalid user web1 from 159.89.89.65 port 46442 ssh2 Sep 23 19:05:36 abendstille sshd\[2658\]: Invalid user git from 159.89.89.65 Sep 23 19:05:36 abendstille sshd\[2658\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.89.65 ... |
2020-09-24 04:04:06 |
| 121.131.134.206 | attackspam | Sep 23 20:05:52 root sshd[25279]: Invalid user admin from 121.131.134.206 ... |
2020-09-24 03:48:50 |
| 61.177.172.61 | attack | Sep 23 21:43:41 piServer sshd[3627]: Failed password for root from 61.177.172.61 port 35710 ssh2 Sep 23 21:43:45 piServer sshd[3627]: Failed password for root from 61.177.172.61 port 35710 ssh2 Sep 23 21:43:49 piServer sshd[3627]: Failed password for root from 61.177.172.61 port 35710 ssh2 Sep 23 21:43:53 piServer sshd[3627]: Failed password for root from 61.177.172.61 port 35710 ssh2 ... |
2020-09-24 03:46:25 |
| 213.141.157.220 | attack | 213.141.157.220 (RU/Russia/-), 6 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 23 13:04:48 server5 sshd[12765]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.165.107 user=root Sep 23 13:04:50 server5 sshd[12765]: Failed password for root from 180.76.165.107 port 60396 ssh2 Sep 23 13:04:34 server5 sshd[12713]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.141.157.220 user=root Sep 23 13:04:36 server5 sshd[12713]: Failed password for root from 213.141.157.220 port 55616 ssh2 Sep 23 13:05:56 server5 sshd[13227]: Failed password for root from 164.68.118.155 port 52548 ssh2 Sep 23 13:01:21 server5 sshd[11204]: Failed password for root from 58.185.183.60 port 36062 ssh2 IP Addresses Blocked: 180.76.165.107 (CN/China/-) |
2020-09-24 03:37:09 |
| 41.59.210.12 | attackbots | 1600880749 - 09/23/2020 19:05:49 Host: 41.59.210.12/41.59.210.12 Port: 23 TCP Blocked ... |
2020-09-24 03:50:37 |