104.140.99.56 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America (the)

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
104.140.99.59	attack	Jul 8 05:53:04 our-server-hostname postfix/smtpd[12481]: connect from unknown[104.140.99.59] Jul 8 05:53:06 our-server-hostname sqlgrey: grey: new: 104.140.99.59(104.140.99.59), x@x -> x@x Jul x@x Jul x@x Jul x@x Jul 8 05:53:21 our-server-hostname postfix/smtpd[12481]: disconnect from unknown[104.140.99.59] Jul 8 05:53:46 our-server-hostname postfix/smtpd[12769]: connect from unknown[104.140.99.59] Jul 8 05:55:27 our-server-hostname postfix/smtpd[12770]: connect from unknown[104.140.99.59] Jul x@x Jul x@x Jul 8 05:55:38 our-server-hostname postfix/smtpd[12770]: 34226A40005: client=unknown[104.140.99.59] Jul 8 05:55:55 our-server-hostname postfix/smtpd[11549]: 8DBCAA40008: client=unknown[127.0.0.1], orig_client=unknown[104.140.99.59] Jul 8 05:55:55 our-server-hostname amavis[28214]: (28214-18) Passed CLEAN, [104.140.99.59] [104.140.99.59] , mail_id: UCOs0W1Dnu5S, Hhostnames: -, size: 17309, queued_as: 8DBCAA40008, 139 ms Jul x@x Jul x@x Jul 8 05:55:55 our-s........ -------------------------------	2020-07-08 23:24:07
104.140.99.59	attackbotsspam	Spam	2020-07-08 07:56:00

类型

评论内容

时间

104.140.99.59

attack

Jul  8 05:53:04 our-server-hostname postfix/smtpd[12481]: connect from unknown[104.140.99.59]
Jul  8 05:53:06 our-server-hostname sqlgrey: grey: new: 104.140.99.59(104.140.99.59), x@x -> x@x
Jul x@x
Jul x@x
Jul x@x
Jul  8 05:53:21 our-server-hostname postfix/smtpd[12481]: disconnect from unknown[104.140.99.59]
Jul  8 05:53:46 our-server-hostname postfix/smtpd[12769]: connect from unknown[104.140.99.59]
Jul  8 05:55:27 our-server-hostname postfix/smtpd[12770]: connect from unknown[104.140.99.59]
Jul x@x
Jul x@x
Jul  8 05:55:38 our-server-hostname postfix/smtpd[12770]: 34226A40005: client=unknown[104.140.99.59]
Jul  8 05:55:55 our-server-hostname postfix/smtpd[11549]: 8DBCAA40008: client=unknown[127.0.0.1], orig_client=unknown[104.140.99.59]
Jul  8 05:55:55 our-server-hostname amavis[28214]: (28214-18) Passed CLEAN, [104.140.99.59] [104.140.99.59] , mail_id: UCOs0W1Dnu5S, Hhostnames: -, size: 17309, queued_as: 8DBCAA40008, 139 ms
Jul x@x
Jul x@x
Jul  8 05:55:55 our-s........
-------------------------------

2020-07-08 23:24:07

104.140.99.59

attackbotsspam

Spam

2020-07-08 07:56:00

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.140.99.56
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 40580
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.140.99.56.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025022400 1800 900 604800 86400

;; Query time: 13 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 24 18:17:10 CST 2025
;; MSG SIZE  rcvd: 106

HOST信息:

56.99.140.104.in-addr.arpa domain name pointer cheappump.live.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
56.99.140.104.in-addr.arpa	name = cheappump.live.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
61.151.130.22	attack	2020-06-12T00:28:00.833860rocketchat.forhosting.nl sshd[15960]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.151.130.22 2020-06-12T00:28:00.830671rocketchat.forhosting.nl sshd[15960]: Invalid user vic from 61.151.130.22 port 16224 2020-06-12T00:28:02.421487rocketchat.forhosting.nl sshd[15960]: Failed password for invalid user vic from 61.151.130.22 port 16224 ssh2 ...	2020-06-12 07:18:18
138.197.179.111	attack	2020-06-12T01:35:07.169173afi-git.jinr.ru sshd[32298]: Failed password for invalid user csgoserver from 138.197.179.111 port 36452 ssh2 2020-06-12T01:38:07.128304afi-git.jinr.ru sshd[583]: Invalid user xylin from 138.197.179.111 port 37242 2020-06-12T01:38:07.131544afi-git.jinr.ru sshd[583]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.179.111 2020-06-12T01:38:07.128304afi-git.jinr.ru sshd[583]: Invalid user xylin from 138.197.179.111 port 37242 2020-06-12T01:38:08.714224afi-git.jinr.ru sshd[583]: Failed password for invalid user xylin from 138.197.179.111 port 37242 ssh2 ...	2020-06-12 07:36:14
92.222.93.104	attack	Jun 12 01:00:24 vps639187 sshd\[30639\]: Invalid user upload from 92.222.93.104 port 43824 Jun 12 01:00:24 vps639187 sshd\[30639\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.222.93.104 Jun 12 01:00:26 vps639187 sshd\[30639\]: Failed password for invalid user upload from 92.222.93.104 port 43824 ssh2 ...	2020-06-12 07:01:22
162.243.136.62	attack	path hacking	2020-06-12 07:02:50
103.136.182.184	attackspambots	2020-06-11T23:07:08.372813shield sshd\[28583\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.136.182.184 user=root 2020-06-11T23:07:10.634659shield sshd\[28583\]: Failed password for root from 103.136.182.184 port 41806 ssh2 2020-06-11T23:10:41.798321shield sshd\[30047\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.136.182.184 user=root 2020-06-11T23:10:43.631597shield sshd\[30047\]: Failed password for root from 103.136.182.184 port 42384 ssh2 2020-06-11T23:14:23.130651shield sshd\[31965\]: Invalid user ftpuser from 103.136.182.184 port 42950	2020-06-12 07:15:39
67.205.145.234	attack	web-1 [ssh_2] SSH Attack	2020-06-12 07:17:50
182.75.216.74	attackbots	Jun 12 02:02:34 pkdns2 sshd\[56356\]: Address 182.75.216.74 maps to nsg-static-74.216.75.182-airtel.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Jun 12 02:02:34 pkdns2 sshd\[56356\]: Invalid user lol from 182.75.216.74Jun 12 02:02:36 pkdns2 sshd\[56356\]: Failed password for invalid user lol from 182.75.216.74 port 59235 ssh2Jun 12 02:09:24 pkdns2 sshd\[56716\]: Address 182.75.216.74 maps to nsg-static-74.216.75.182-airtel.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Jun 12 02:09:24 pkdns2 sshd\[56716\]: Invalid user root@12 from 182.75.216.74Jun 12 02:09:25 pkdns2 sshd\[56716\]: Failed password for invalid user root@12 from 182.75.216.74 port 37647 ssh2 ...	2020-06-12 07:24:15
222.186.169.194	attack	2020-06-12T01:17:14.575557sd-86998 sshd[14714]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.169.194 user=root 2020-06-12T01:17:16.694822sd-86998 sshd[14714]: Failed password for root from 222.186.169.194 port 42556 ssh2 2020-06-12T01:17:20.380858sd-86998 sshd[14714]: Failed password for root from 222.186.169.194 port 42556 ssh2 2020-06-12T01:17:14.575557sd-86998 sshd[14714]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.169.194 user=root 2020-06-12T01:17:16.694822sd-86998 sshd[14714]: Failed password for root from 222.186.169.194 port 42556 ssh2 2020-06-12T01:17:20.380858sd-86998 sshd[14714]: Failed password for root from 222.186.169.194 port 42556 ssh2 2020-06-12T01:17:14.575557sd-86998 sshd[14714]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.169.194 user=root 2020-06-12T01:17:16.694822sd-86998 sshd[14714]: Failed password for roo ...	2020-06-12 07:29:45
49.248.3.10	attackspambots	Jun 11 18:27:31 Tower sshd[11968]: Connection from 49.248.3.10 port 52160 on 192.168.10.220 port 22 rdomain "" Jun 11 18:27:33 Tower sshd[11968]: Invalid user weblogic from 49.248.3.10 port 52160 Jun 11 18:27:33 Tower sshd[11968]: error: Could not get shadow information for NOUSER Jun 11 18:27:33 Tower sshd[11968]: Failed password for invalid user weblogic from 49.248.3.10 port 52160 ssh2 Jun 11 18:27:33 Tower sshd[11968]: Received disconnect from 49.248.3.10 port 52160:11: Bye Bye [preauth] Jun 11 18:27:33 Tower sshd[11968]: Disconnected from invalid user weblogic 49.248.3.10 port 52160 [preauth]	2020-06-12 07:31:12
115.166.142.214	attack	2020-06-11 22:00:59,860 fail2ban.actions [937]: NOTICE [sshd] Ban 115.166.142.214 2020-06-11 22:37:21,426 fail2ban.actions [937]: NOTICE [sshd] Ban 115.166.142.214 2020-06-11 23:13:53,396 fail2ban.actions [937]: NOTICE [sshd] Ban 115.166.142.214 2020-06-11 23:54:17,478 fail2ban.actions [937]: NOTICE [sshd] Ban 115.166.142.214 2020-06-12 00:28:04,807 fail2ban.actions [937]: NOTICE [sshd] Ban 115.166.142.214 ...	2020-06-12 07:14:07
203.128.18.14	attack	Jun 11 18:27:45 debian sshd[15751]: Invalid user pi from 203.128.18.14 port 59578 Jun 11 18:27:45 debian sshd[15751]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.128.18.14 Jun 11 18:27:45 debian sshd[15753]: Invalid user pi from 203.128.18.14 port 59580 Jun 11 18:27:45 debian sshd[15753]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.128.18.14 Jun 11 18:27:47 debian sshd[15751]: Failed password for invalid user pi from 203.128.18.14 port 59578 ssh2 ...	2020-06-12 07:28:35
222.186.30.112	attack	Jun 12 04:03:19 gw1 sshd[21511]: Failed password for root from 222.186.30.112 port 35436 ssh2 Jun 12 04:03:22 gw1 sshd[21511]: Failed password for root from 222.186.30.112 port 35436 ssh2 ...	2020-06-12 07:04:56
191.101.201.42	attack	Registration form abuse	2020-06-12 07:11:46
118.98.96.184	attackbots	Jun 12 00:53:33 home sshd[7356]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.98.96.184 Jun 12 00:53:35 home sshd[7356]: Failed password for invalid user wqt from 118.98.96.184 port 55310 ssh2 Jun 12 00:57:08 home sshd[7688]: Failed password for root from 118.98.96.184 port 55499 ssh2 ...	2020-06-12 07:15:08
106.52.234.191	attack	2020-06-11T17:50:56.246068morrigan.ad5gb.com sshd[20049]: Invalid user dante from 106.52.234.191 port 46543 2020-06-11T17:50:58.073107morrigan.ad5gb.com sshd[20049]: Failed password for invalid user dante from 106.52.234.191 port 46543 ssh2 2020-06-11T17:50:59.434098morrigan.ad5gb.com sshd[20049]: Disconnected from invalid user dante 106.52.234.191 port 46543 [preauth]	2020-06-12 06:58:04

最近上报的IP列表

46.4.74.39	101.13.7.53	134.251.179.103	101.60.38.56
246.235.14.27	32.208.212.254	249.41.79.93	178.127.142.187
2.248.205.151	134.212.144.48	130.84.14.137	173.94.143.112
235.250.174.87	178.175.218.109	185.150.24.43	92.191.37.214
103.155.132.104	55.45.187.200	249.172.230.227	68.51.75.184