必须是合法有效的IP地址, 可以是IPv4或者是IPv6, 例如127.0.0.1或者2001:DB8:0:0:8:800:200C:417A
基本信息:

城市(city): Beijing

省份(region): Beijing

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): Shenzhen Tencent Computer Systems Company Limited

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:
类型 评论内容 时间
attackbotsspam
Exploited Host.
2020-07-26 01:03:10
attackbots
May  1 00:11:12 legacy sshd[9150]: Failed password for root from 140.143.130.52 port 45690 ssh2
May  1 00:16:15 legacy sshd[9267]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.130.52
May  1 00:16:17 legacy sshd[9267]: Failed password for invalid user qswang from 140.143.130.52 port 47296 ssh2
...
2020-05-01 06:22:05
attack
Invalid user kw from 140.143.130.52 port 41778
2020-04-22 00:56:51
attackspam
Apr 17 03:58:41 *** sshd[10821]: Invalid user hz from 140.143.130.52
2020-04-17 12:57:23
attackbots
fail2ban -- 140.143.130.52
...
2020-04-05 15:50:01
attack
Apr  4 10:44:03 server sshd\[17153\]: Invalid user cl from 140.143.130.52
Apr  4 10:44:03 server sshd\[17153\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.130.52 
Apr  4 10:44:05 server sshd\[17153\]: Failed password for invalid user cl from 140.143.130.52 port 58426 ssh2
Apr  4 11:11:49 server sshd\[25058\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.130.52  user=root
Apr  4 11:11:51 server sshd\[25058\]: Failed password for root from 140.143.130.52 port 48532 ssh2
...
2020-04-04 16:37:41
attack
$f2bV_matches
2020-03-28 15:29:40
attack
Mar 24 04:58:38 srv206 sshd[19480]: Invalid user kurokawa from 140.143.130.52
...
2020-03-24 13:13:08
attackbots
Jan  6 03:58:41 pi sshd[14701]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.130.52 
Jan  6 03:58:43 pi sshd[14701]: Failed password for invalid user gnome-initial-setup from 140.143.130.52 port 46344 ssh2
2020-03-14 03:53:03
attackbotsspam
Fail2Ban Ban Triggered (2)
2020-03-12 18:37:07
attackspambots
Mar  1 18:45:56 server sshd\[23964\]: Invalid user speech-dispatcher from 140.143.130.52
Mar  1 18:45:56 server sshd\[23964\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.130.52 
Mar  1 18:45:58 server sshd\[23964\]: Failed password for invalid user speech-dispatcher from 140.143.130.52 port 33494 ssh2
Mar  1 18:48:37 server sshd\[24199\]: Invalid user speech-dispatcher from 140.143.130.52
Mar  1 18:48:38 server sshd\[24199\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.130.52 
...
2020-03-02 03:33:55
attackbots
Feb 22 05:37:48 mockhub sshd[29779]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.130.52
Feb 22 05:37:50 mockhub sshd[29779]: Failed password for invalid user administrator from 140.143.130.52 port 53756 ssh2
...
2020-02-23 00:18:03
attackbotsspam
Jan  6 03:58:41 pi sshd[14701]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.130.52 
Jan  6 03:58:43 pi sshd[14701]: Failed password for invalid user gnome-initial-setup from 140.143.130.52 port 46344 ssh2
2020-02-16 09:30:24
attackbots
Feb 15 20:28:47 v22018076622670303 sshd\[3060\]: Invalid user rabbitmq from 140.143.130.52 port 48150
Feb 15 20:28:47 v22018076622670303 sshd\[3060\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.130.52
Feb 15 20:28:49 v22018076622670303 sshd\[3060\]: Failed password for invalid user rabbitmq from 140.143.130.52 port 48150 ssh2
...
2020-02-16 05:11:01
attack
Invalid user sinusbot from 140.143.130.52 port 49640
2020-01-18 22:09:14
attackspambots
$f2bV_matches
2020-01-11 23:24:21
attackbotsspam
Automatic report - Banned IP Access
2020-01-01 15:50:48
attackbots
Dec 18 00:17:24 microserver sshd[9707]: Invalid user institute from 140.143.130.52 port 35608
Dec 18 00:17:24 microserver sshd[9707]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.130.52
Dec 18 00:17:26 microserver sshd[9707]: Failed password for invalid user institute from 140.143.130.52 port 35608 ssh2
Dec 18 00:23:54 microserver sshd[10581]: Invalid user nymann from 140.143.130.52 port 37964
Dec 18 00:23:54 microserver sshd[10581]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.130.52
Dec 18 00:37:18 microserver sshd[12838]: Invalid user schultze from 140.143.130.52 port 42312
Dec 18 00:37:18 microserver sshd[12838]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.130.52
Dec 18 00:37:20 microserver sshd[12838]: Failed password for invalid user schultze from 140.143.130.52 port 42312 ssh2
Dec 18 00:43:52 microserver sshd[13741]: Invalid user named from 140.143.13
2019-12-18 08:03:04
attackspam
$f2bV_matches
2019-12-11 21:28:57
attackbotsspam
2019-12-08T16:05:37.992711abusebot-2.cloudsearch.cf sshd\[29063\]: Invalid user nugent from 140.143.130.52 port 34288
2019-12-09 00:34:57
attackspambots
Dec  2 23:43:00 pi sshd\[22719\]: Failed password for invalid user zp from 140.143.130.52 port 52468 ssh2
Dec  2 23:50:26 pi sshd\[23142\]: Invalid user balmont from 140.143.130.52 port 55472
Dec  2 23:50:26 pi sshd\[23142\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.130.52
Dec  2 23:50:28 pi sshd\[23142\]: Failed password for invalid user balmont from 140.143.130.52 port 55472 ssh2
Dec  3 00:04:38 pi sshd\[23891\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.130.52  user=www-data
...
2019-12-03 08:11:50
attackbots
Nov 29 13:56:29 vibhu-HP-Z238-Microtower-Workstation sshd\[29808\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.130.52  user=root
Nov 29 13:56:30 vibhu-HP-Z238-Microtower-Workstation sshd\[29808\]: Failed password for root from 140.143.130.52 port 51120 ssh2
Nov 29 14:00:40 vibhu-HP-Z238-Microtower-Workstation sshd\[31457\]: Invalid user csgo from 140.143.130.52
Nov 29 14:00:40 vibhu-HP-Z238-Microtower-Workstation sshd\[31457\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.130.52
Nov 29 14:00:42 vibhu-HP-Z238-Microtower-Workstation sshd\[31457\]: Failed password for invalid user csgo from 140.143.130.52 port 56138 ssh2
...
2019-11-29 17:14:55
attackbotsspam
Nov 23 05:48:32 lcl-usvr-02 sshd[5409]: Invalid user my from 140.143.130.52 port 42270
Nov 23 05:48:32 lcl-usvr-02 sshd[5409]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.130.52
Nov 23 05:48:32 lcl-usvr-02 sshd[5409]: Invalid user my from 140.143.130.52 port 42270
Nov 23 05:48:34 lcl-usvr-02 sshd[5409]: Failed password for invalid user my from 140.143.130.52 port 42270 ssh2
Nov 23 05:52:53 lcl-usvr-02 sshd[6634]: Invalid user webmaster from 140.143.130.52 port 45240
...
2019-11-23 09:29:21
attackspambots
Nov 20 12:35:02 auw2 sshd\[9349\]: Invalid user nfs from 140.143.130.52
Nov 20 12:35:02 auw2 sshd\[9349\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.130.52
Nov 20 12:35:03 auw2 sshd\[9349\]: Failed password for invalid user nfs from 140.143.130.52 port 43638 ssh2
Nov 20 12:38:42 auw2 sshd\[9638\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.130.52  user=root
Nov 20 12:38:44 auw2 sshd\[9638\]: Failed password for root from 140.143.130.52 port 46926 ssh2
2019-11-21 06:47:13
attackbotsspam
Nov 17 15:44:22 ks10 sshd[25429]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.130.52 
Nov 17 15:44:24 ks10 sshd[25429]: Failed password for invalid user t-bone from 140.143.130.52 port 44700 ssh2
...
2019-11-18 00:08:48
attackspambots
Nov  5 21:44:33 hpm sshd\[12427\]: Invalid user user from 140.143.130.52
Nov  5 21:44:33 hpm sshd\[12427\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.130.52
Nov  5 21:44:35 hpm sshd\[12427\]: Failed password for invalid user user from 140.143.130.52 port 33280 ssh2
Nov  5 21:49:38 hpm sshd\[12832\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.130.52  user=root
Nov  5 21:49:41 hpm sshd\[12832\]: Failed password for root from 140.143.130.52 port 43618 ssh2
2019-11-06 15:59:55
attackspam
Oct 24 07:24:03 MK-Soft-VM7 sshd[21547]: Failed password for root from 140.143.130.52 port 51376 ssh2
...
2019-10-24 14:16:56
attackbots
Oct 22 05:51:42 MK-Soft-VM7 sshd[17825]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.130.52 
Oct 22 05:51:44 MK-Soft-VM7 sshd[17825]: Failed password for invalid user alyssa from 140.143.130.52 port 50376 ssh2
...
2019-10-22 17:05:19
attackspam
Oct 21 11:00:44 ArkNodeAT sshd\[16860\]: Invalid user fm365 from 140.143.130.52
Oct 21 11:00:44 ArkNodeAT sshd\[16860\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.130.52
Oct 21 11:00:45 ArkNodeAT sshd\[16860\]: Failed password for invalid user fm365 from 140.143.130.52 port 34324 ssh2
2019-10-21 17:54:29
attackbots
Oct 16 20:27:16 php1 sshd\[3791\]: Invalid user woofer from 140.143.130.52
Oct 16 20:27:16 php1 sshd\[3791\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.130.52
Oct 16 20:27:18 php1 sshd\[3791\]: Failed password for invalid user woofer from 140.143.130.52 port 37892 ssh2
Oct 16 20:32:26 php1 sshd\[4379\]: Invalid user t3mp from 140.143.130.52
Oct 16 20:32:26 php1 sshd\[4379\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.130.52
2019-10-17 18:03:08
相同子网IP讨论:
暂无关于此IP所属子网相关IP的讨论.
WHOIS信息:
b
DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 140.143.130.52
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 5619
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;140.143.130.52.			IN	A

;; AUTHORITY SECTION:
.			3280	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019033102 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Mon Apr 01 09:24:23 +08 2019
;; MSG SIZE  rcvd: 118

HOST信息:
Host 52.130.143.140.in-addr.arpa. not found: 3(NXDOMAIN)
NSLOOKUP信息:
Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 52.130.143.140.in-addr.arpa: NXDOMAIN

相关IP信息:
最新评论:
IP 类型 评论内容 时间
173.89.50.22 attackspam
$f2bV_matches
2019-06-24 09:49:35
78.134.3.221 attackspam
Jun 23 15:58:35 Tower sshd[1186]: Connection from 78.134.3.221 port 55568 on 192.168.10.220 port 22
Jun 23 15:58:50 Tower sshd[1186]: Invalid user sk from 78.134.3.221 port 55568
Jun 23 15:58:50 Tower sshd[1186]: error: Could not get shadow information for NOUSER
Jun 23 15:58:50 Tower sshd[1186]: Failed password for invalid user sk from 78.134.3.221 port 55568 ssh2
Jun 23 15:58:51 Tower sshd[1186]: Received disconnect from 78.134.3.221 port 55568:11: Bye Bye [preauth]
Jun 23 15:58:51 Tower sshd[1186]: Disconnected from invalid user sk 78.134.3.221 port 55568 [preauth]
2019-06-24 09:05:42
159.65.96.102 attackbots
Automatic report - Web App Attack
2019-06-24 09:37:44
18.85.192.253 attack
pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=18.85.192.253  user=root
Failed password for root from 18.85.192.253 port 35786 ssh2
Failed password for root from 18.85.192.253 port 35786 ssh2
Failed password for root from 18.85.192.253 port 35786 ssh2
Failed password for root from 18.85.192.253 port 35786 ssh2
2019-06-24 09:00:36
123.16.254.196 attackbotsspam
detected by Fail2Ban
2019-06-24 09:35:19
77.247.110.194 attack
SIP Server BruteForce Attack
2019-06-24 09:50:45
89.210.161.193 attackspam
Telnet Server BruteForce Attack
2019-06-24 09:38:37
36.80.170.184 attackspam
TCP port 445 (SMB) attempt blocked by firewall. [2019-06-23 21:57:51]
2019-06-24 09:10:58
162.249.236.55 attack
3389BruteforceFW21
2019-06-24 09:04:57
106.51.128.133 attackbotsspam
detected by Fail2Ban
2019-06-24 09:17:56
84.1.244.52 attackbots
MultiHost/MultiPort Probe, Scan, Hack -
2019-06-24 09:51:44
177.55.145.130 attackbotsspam
SMTP-sasl brute force
...
2019-06-24 09:03:28
205.186.161.61 attackspam
205.186.161.61 - - \[23/Jun/2019:21:57:18 +0200\] "GET /wp-login.php HTTP/1.1" 200 1301 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
205.186.161.61 - - \[23/Jun/2019:21:57:18 +0200\] "POST /wp-login.php HTTP/1.1" 200 1704 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
205.186.161.61 - - \[23/Jun/2019:21:57:19 +0200\] "GET /wp-login.php HTTP/1.1" 200 1301 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
205.186.161.61 - - \[23/Jun/2019:21:57:19 +0200\] "POST /wp-login.php HTTP/1.1" 200 1684 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
205.186.161.61 - - \[23/Jun/2019:21:57:19 +0200\] "GET /wp-login.php HTTP/1.1" 200 1301 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
205.186.161.61 - - \[23/Jun/2019:21:57:20 +0200\] "POST /wp-login.php HTTP/1.1" 200 1688 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:6
2019-06-24 09:33:38
178.128.57.53 attackspam
scan z
2019-06-24 09:35:36
170.244.13.7 attackspam
dovecot jail - smtp auth [ma]
2019-06-24 09:28:17

最近上报的IP列表

73.63.68.254 206.189.130.251 68.46.208.41 64.190.4.62
103.74.119.100 185.254.122.12 125.133.65.226 132.232.108.143
113.173.105.7 103.74.123.83 87.112.165.121 68.183.35.69
113.169.136.51 37.59.46.60 89.151.134.78 82.132.241.238
187.19.212.75 178.128.241.194 182.243.91.145 76.120.104.36