140.143.105.239

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Blocked for port scanning (Port 23 / Telnet brute-force). Time: Thu Jun 27. 00:14:28 2019 +0200 IP: 140.143.105.239 (CN/China/-) Sample of block hits: Jun 27 00:10:14 vserv kernel: [4203378.458761] Firewall: TCP_IN Blocked IN=eth0 OUT= MAC= SRC=140.143.105.239 DST=[removed] LEN=60 TOS=0x00 PREC=0x00 TTL=45 ID=51680 DF PROTO=TCP SPT=60197 DPT=23 WINDOW=14600 RES=0x00 SYN URGP=0 Jun 27 00:10:15 vserv kernel: [4203379.458634] Firewall: TCP_IN Blocked IN=eth0 OUT= MAC= SRC=140.143.105.239 DST=[removed] LEN=60 TOS=0x00 PREC=0x00 TTL=45 ID=51681 DF PROTO=TCP SPT=60197 DPT=23 WINDOW=14600 RES=0x00 SYN URGP=0 Jun 27 00:10:17 vserv kernel: [4203381.458540] Firewall: TCP_IN Blocked IN=eth0 OUT= MAC= SRC=140.143.105.239 DST=[removed] LEN=60 TOS=0x00 PREC=0x00 TTL=45 ID=51682 DF PROTO=TCP SPT=60197 DPT=23 WINDOW=14600 RES=0x00 SYN URGP=0 Jun 27 00:10:21 vserv kernel: [4203385.458541] Firewall: TCP_IN Blocked IN=eth0 OUT= MAC= SRC=140.143.105.239 DST=[removed] LEN=60 TOS=0x00 PREC=0x00 TTL=45 ID=51683	2019-06-27 18:42:47

类型

评论内容

时间

attackbotsspam

Blocked for port scanning (Port 23 / Telnet brute-force).
Time: Thu Jun 27. 00:14:28 2019 +0200
IP: 140.143.105.239 (CN/China/-)

Sample of block hits:
Jun 27 00:10:14 vserv kernel: [4203378.458761] Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=140.143.105.239 DST=[removed] LEN=60 TOS=0x00 PREC=0x00 TTL=45 ID=51680 DF PROTO=TCP SPT=60197 DPT=23 WINDOW=14600 RES=0x00 SYN URGP=0
Jun 27 00:10:15 vserv kernel: [4203379.458634] Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=140.143.105.239 DST=[removed] LEN=60 TOS=0x00 PREC=0x00 TTL=45 ID=51681 DF PROTO=TCP SPT=60197 DPT=23 WINDOW=14600 RES=0x00 SYN URGP=0
Jun 27 00:10:17 vserv kernel: [4203381.458540] Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=140.143.105.239 DST=[removed] LEN=60 TOS=0x00 PREC=0x00 TTL=45 ID=51682 DF PROTO=TCP SPT=60197 DPT=23 WINDOW=14600 RES=0x00 SYN URGP=0
Jun 27 00:10:21 vserv kernel: [4203385.458541] Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=140.143.105.239 DST=[removed] LEN=60 TOS=0x00 PREC=0x00 TTL=45 ID=51683

2019-06-27 18:42:47

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 140.143.105.239
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 13622
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;140.143.105.239.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019042401 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Thu Apr 25 06:50:48 +08 2019
;; MSG SIZE  rcvd: 119

HOST信息:

Host 239.105.143.140.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 239.105.143.140.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
49.88.112.55	attackspam	Apr 11 11:36:13 minden010 sshd[8834]: Failed password for root from 49.88.112.55 port 24876 ssh2 Apr 11 11:36:16 minden010 sshd[8834]: Failed password for root from 49.88.112.55 port 24876 ssh2 Apr 11 11:36:20 minden010 sshd[8834]: Failed password for root from 49.88.112.55 port 24876 ssh2 Apr 11 11:36:23 minden010 sshd[8834]: Failed password for root from 49.88.112.55 port 24876 ssh2 ...	2020-04-11 17:45:10
106.124.129.115	attack	(sshd) Failed SSH login from 106.124.129.115 (CN/China/-): 5 in the last 3600 secs	2020-04-11 17:38:38
86.108.62.30	attack	Hits on port :	2020-04-11 17:36:01
51.38.37.89	attackbots	2020-04-11T08:35:49.245188shield sshd\[10005\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=gg-int.org user=root 2020-04-11T08:35:51.717316shield sshd\[10005\]: Failed password for root from 51.38.37.89 port 37026 ssh2 2020-04-11T08:39:38.019974shield sshd\[10854\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=gg-int.org user=root 2020-04-11T08:39:39.941890shield sshd\[10854\]: Failed password for root from 51.38.37.89 port 47564 ssh2 2020-04-11T08:43:34.062899shield sshd\[11559\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=gg-int.org user=root	2020-04-11 17:26:22
174.138.44.201	attack	174.138.44.201 - - [11/Apr/2020:11:27:57 +0200] "GET /wp-login.php HTTP/1.1" 200 5702 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 174.138.44.201 - - [11/Apr/2020:11:27:59 +0200] "POST /wp-login.php HTTP/1.1" 200 6601 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 174.138.44.201 - - [11/Apr/2020:11:28:01 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-04-11 17:32:46
129.211.45.88	attackspambots	Apr 11 06:39:13 pkdns2 sshd\[6651\]: Invalid user lora from 129.211.45.88Apr 11 06:39:15 pkdns2 sshd\[6651\]: Failed password for invalid user lora from 129.211.45.88 port 39640 ssh2Apr 11 06:44:02 pkdns2 sshd\[6894\]: Invalid user nagios from 129.211.45.88Apr 11 06:44:04 pkdns2 sshd\[6894\]: Failed password for invalid user nagios from 129.211.45.88 port 35868 ssh2Apr 11 06:48:53 pkdns2 sshd\[7174\]: Invalid user akhan from 129.211.45.88Apr 11 06:48:55 pkdns2 sshd\[7174\]: Failed password for invalid user akhan from 129.211.45.88 port 60320 ssh2 ...	2020-04-11 17:40:04
37.59.55.14	attackbots	Brute force SMTP login attempted. ...	2020-04-11 17:47:58
122.128.111.204	attackspambots	Apr 11 05:09:39 web8 sshd\[4889\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.128.111.204 user=root Apr 11 05:09:41 web8 sshd\[4889\]: Failed password for root from 122.128.111.204 port 26142 ssh2 Apr 11 05:12:47 web8 sshd\[6551\]: Invalid user netman from 122.128.111.204 Apr 11 05:12:47 web8 sshd\[6551\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.128.111.204 Apr 11 05:12:50 web8 sshd\[6551\]: Failed password for invalid user netman from 122.128.111.204 port 12878 ssh2	2020-04-11 17:20:28
222.186.175.163	attack	Apr 11 11:42:17 legacy sshd[8590]: Failed password for root from 222.186.175.163 port 1908 ssh2 Apr 11 11:42:20 legacy sshd[8590]: Failed password for root from 222.186.175.163 port 1908 ssh2 Apr 11 11:42:23 legacy sshd[8590]: Failed password for root from 222.186.175.163 port 1908 ssh2 Apr 11 11:42:30 legacy sshd[8590]: error: maximum authentication attempts exceeded for root from 222.186.175.163 port 1908 ssh2 [preauth] ...	2020-04-11 17:45:47
180.76.53.42	attackspambots	Apr 11 06:49:13 hosting sshd[24508]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.53.42 user=root Apr 11 06:49:15 hosting sshd[24508]: Failed password for root from 180.76.53.42 port 40936 ssh2 ...	2020-04-11 17:26:43
213.32.91.71	attackbotsspam	213.32.91.71 - - \[11/Apr/2020:10:34:22 +0200\] "POST /wp-login.php HTTP/1.0" 200 2795 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 213.32.91.71 - - \[11/Apr/2020:10:34:22 +0200\] "POST /wp-login.php HTTP/1.0" 200 2723 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 213.32.91.71 - - \[11/Apr/2020:10:34:23 +0200\] "POST /wp-login.php HTTP/1.0" 200 2731 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2020-04-11 17:14:40
222.186.173.180	attackspambots	Apr 11 16:43:45 webhost01 sshd[10859]: Failed password for root from 222.186.173.180 port 15948 ssh2 Apr 11 16:43:48 webhost01 sshd[10859]: Failed password for root from 222.186.173.180 port 15948 ssh2 ...	2020-04-11 17:47:41
129.204.205.125	attackbotsspam	Apr 11 05:45:50 rotator sshd\[27362\]: Invalid user hadoop from 129.204.205.125Apr 11 05:45:52 rotator sshd\[27362\]: Failed password for invalid user hadoop from 129.204.205.125 port 39550 ssh2Apr 11 05:47:07 rotator sshd\[27390\]: Failed password for root from 129.204.205.125 port 54590 ssh2Apr 11 05:48:04 rotator sshd\[27401\]: Failed password for root from 129.204.205.125 port 38226 ssh2Apr 11 05:49:03 rotator sshd\[27414\]: Invalid user nyx from 129.204.205.125Apr 11 05:49:05 rotator sshd\[27414\]: Failed password for invalid user nyx from 129.204.205.125 port 50098 ssh2 ...	2020-04-11 17:30:46
14.229.204.98	attackbots	1586576964 - 04/11/2020 05:49:24 Host: 14.229.204.98/14.229.204.98 Port: 445 TCP Blocked	2020-04-11 17:23:41
169.45.108.19	attackspam	2020-04-11T09:28:21.952487abusebot-6.cloudsearch.cf sshd[22259]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.6c.2da9.ip4.static.sl-reverse.com user=root 2020-04-11T09:28:24.140463abusebot-6.cloudsearch.cf sshd[22259]: Failed password for root from 169.45.108.19 port 32860 ssh2 2020-04-11T09:29:04.039579abusebot-6.cloudsearch.cf sshd[22292]: Invalid user admin from 169.45.108.19 port 39146 2020-04-11T09:29:04.045606abusebot-6.cloudsearch.cf sshd[22292]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.6c.2da9.ip4.static.sl-reverse.com 2020-04-11T09:29:04.039579abusebot-6.cloudsearch.cf sshd[22292]: Invalid user admin from 169.45.108.19 port 39146 2020-04-11T09:29:05.469385abusebot-6.cloudsearch.cf sshd[22292]: Failed password for invalid user admin from 169.45.108.19 port 39146 ssh2 2020-04-11T09:29:20.120269abusebot-6.cloudsearch.cf sshd[22307]: Invalid user test from 169.45.108.19 port 41380 ...	2020-04-11 17:46:10

最近上报的IP列表

109.110.59.4	85.117.56.73	190.171.133.35	217.168.76.230
185.56.81.41	111.30.31.176	103.57.80.56	71.6.147.254
93.212.72.13	210.242.157.12	148.251.10.183	47.154.229.133
41.238.244.70	5.228.232.101	121.54.164.151	191.37.183.209
92.241.65.174	200.188.129.178	190.63.144.26	185.173.35.53