140.143.140.139

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Aug 22 23:06:44 localhost sshd\[5348\]: Invalid user george from 140.143.140.139 port 60320 Aug 22 23:06:44 localhost sshd\[5348\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.140.139 Aug 22 23:06:46 localhost sshd\[5348\]: Failed password for invalid user george from 140.143.140.139 port 60320 ssh2	2019-08-23 07:07:44

类型

评论内容

时间

attack

Aug 22 23:06:44 localhost sshd\[5348\]: Invalid user george from 140.143.140.139 port 60320
Aug 22 23:06:44 localhost sshd\[5348\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.140.139
Aug 22 23:06:46 localhost sshd\[5348\]: Failed password for invalid user george from 140.143.140.139 port 60320 ssh2

2019-08-23 07:07:44

相同子网IP讨论:

IP	类型	评论内容	时间
140.143.140.242	attackspam	May 7 21:02:42 hosting sshd[30698]: Invalid user xpm from 140.143.140.242 port 43654 ...	2020-05-08 03:19:47
140.143.140.242	attackbotsspam	Tried sshing with brute force.	2020-04-23 00:57:34
140.143.140.242	attack	Invalid user ubuntu from 140.143.140.242 port 60730	2020-04-22 00:56:17
140.143.140.242	attack	Brute force attempt	2020-04-19 04:47:12
140.143.140.242	attackbotsspam	k+ssh-bruteforce	2020-04-16 07:37:32
140.143.140.242	attack	SSH bruteforce	2020-04-02 15:12:25
140.143.140.242	attackbots	Mar 29 20:17:15 rotator sshd\[23263\]: Invalid user jwy from 140.143.140.242Mar 29 20:17:18 rotator sshd\[23263\]: Failed password for invalid user jwy from 140.143.140.242 port 50596 ssh2Mar 29 20:22:06 rotator sshd\[24052\]: Invalid user gny from 140.143.140.242Mar 29 20:22:08 rotator sshd\[24052\]: Failed password for invalid user gny from 140.143.140.242 port 50204 ssh2Mar 29 20:27:00 rotator sshd\[24831\]: Invalid user iqh from 140.143.140.242Mar 29 20:27:03 rotator sshd\[24831\]: Failed password for invalid user iqh from 140.143.140.242 port 49822 ssh2 ...	2020-03-30 02:29:32
140.143.140.242	attackbots	Mar 26 05:49:09 lukav-desktop sshd\[32714\]: Invalid user qucheng from 140.143.140.242 Mar 26 05:49:09 lukav-desktop sshd\[32714\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.140.242 Mar 26 05:49:11 lukav-desktop sshd\[32714\]: Failed password for invalid user qucheng from 140.143.140.242 port 40040 ssh2 Mar 26 05:51:49 lukav-desktop sshd\[308\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.140.242 user=mail Mar 26 05:51:51 lukav-desktop sshd\[308\]: Failed password for mail from 140.143.140.242 port 44868 ssh2	2020-03-26 15:18:35
140.143.140.242	attackspambots	Feb 23 06:47:05 dedicated sshd[21991]: Invalid user diana from 140.143.140.242 port 52302	2020-02-23 13:55:28
140.143.140.242	attackbots	5x Failed Password	2020-02-21 16:21:36
140.143.140.242	attack	Feb 14 09:36:05 markkoudstaal sshd[6831]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.140.242 Feb 14 09:36:07 markkoudstaal sshd[6831]: Failed password for invalid user geotail from 140.143.140.242 port 35194 ssh2 Feb 14 09:39:13 markkoudstaal sshd[7375]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.140.242	2020-02-14 21:45:05
140.143.140.242	attackspam	" "	2020-02-07 02:38:08
140.143.140.142	attack	Unauthorized connection attempt detected from IP address 140.143.140.142 to port 22 [T]	2020-01-09 03:01:06

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 140.143.140.139
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56143
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;140.143.140.139.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019082200 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Aug 22 17:32:53 CST 2019
;; MSG SIZE  rcvd: 119

HOST信息:

Host 139.140.143.140.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 139.140.143.140.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
122.114.70.12	attackbots	" "	2020-09-09 06:30:16
45.55.195.191	attack	Sep 8 23:03:50 www sshd\[71657\]: Invalid user 185.82.126.133 - SSH-2.0-Ope.SSH_7.6p1 Ubuntu-4ubuntu0.3\r from 45.55.195.191 Sep 8 23:03:50 www sshd\[71657\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.195.191 Sep 8 23:03:52 www sshd\[71657\]: Failed password for invalid user 185.82.126.133 - SSH-2.0-Ope.SSH_7.6p1 Ubuntu-4ubuntu0.3\r from 45.55.195.191 port 45102 ssh2 ...	2020-09-09 06:23:15
94.23.33.22	attackspambots	Failed password for root from 94.23.33.22 port 57852 ssh2 Failed password for root from 94.23.33.22 port 35808 ssh2	2020-09-09 06:15:37
216.218.206.85	attackspambots	srv02 Mass scanning activity detected Target: 21(ftp) ..	2020-09-09 06:40:21
188.173.97.144	attackbotsspam	Sep 8 13:06:07 NPSTNNYC01T sshd[7486]: Failed password for root from 188.173.97.144 port 39898 ssh2 Sep 8 13:10:02 NPSTNNYC01T sshd[7823]: Failed password for root from 188.173.97.144 port 43750 ssh2 ...	2020-09-09 06:49:12
164.90.208.135	attackspambots	ET SCAN Sipvicious Scan - port: 5060 proto: sip cat: Attempted Information Leakbytes: 456	2020-09-09 06:29:35
45.142.120.93	attack	Sep 7 01:35:42 nirvana postfix/smtpd[15112]: connect from unknown[45.142.120.93] Sep 7 01:35:47 nirvana postfix/smtpd[15112]: warning: unknown[45.142.120.93]: SASL LOGIN authentication failed: authentication failure Sep 7 01:35:48 nirvana postfix/smtpd[15112]: disconnect from unknown[45.142.120.93] Sep 7 01:35:50 nirvana postfix/smtpd[15112]: connect from unknown[45.142.120.93] Sep 7 01:35:53 nirvana postfix/smtpd[15117]: connect from unknown[45.142.120.93] Sep 7 01:35:53 nirvana postfix/smtpd[15118]: connect from unknown[45.142.120.93] Sep 7 01:35:54 nirvana postfix/smtpd[15116]: connect from unknown[45.142.120.93] Sep 7 01:35:55 nirvana postfix/smtpd[15112]: warning: unknown[45.142.120.93]: SASL LOGIN authentication failed: authentication failure Sep 7 01:35:56 nirvana postfix/smtpd[15112]: disconnect from unknown[45.142.120.93] Sep 7 01:35:57 nirvana postfix/smtpd[15116]: warning: unknown[45.142.120.93]: SASL LOGIN authentication failed: authentication fail........ -------------------------------	2020-09-09 06:19:07
157.245.178.61	attackspam	Sep 8 18:47:12 srv-ubuntu-dev3 sshd[41144]: Invalid user user1 from 157.245.178.61 Sep 8 18:47:12 srv-ubuntu-dev3 sshd[41144]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.178.61 Sep 8 18:47:12 srv-ubuntu-dev3 sshd[41144]: Invalid user user1 from 157.245.178.61 Sep 8 18:47:14 srv-ubuntu-dev3 sshd[41144]: Failed password for invalid user user1 from 157.245.178.61 port 39954 ssh2 Sep 8 18:50:54 srv-ubuntu-dev3 sshd[41534]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.178.61 user=root Sep 8 18:50:56 srv-ubuntu-dev3 sshd[41534]: Failed password for root from 157.245.178.61 port 44276 ssh2 Sep 8 18:54:36 srv-ubuntu-dev3 sshd[41985]: Invalid user sarvub from 157.245.178.61 Sep 8 18:54:36 srv-ubuntu-dev3 sshd[41985]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.178.61 Sep 8 18:54:36 srv-ubuntu-dev3 sshd[41985]: Invalid user sarvub f ...	2020-09-09 06:50:58
92.118.160.49	attack	Icarus honeypot on github	2020-09-09 06:36:23
51.75.52.127	attackbots	TCP (SYN) 51.75.52.127:26200 -> port 8602, len 44	2020-09-09 06:21:56
167.88.170.2	attack	167.88.170.2 - - [08/Sep/2020:17:42:00 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 167.88.170.2 - - [08/Sep/2020:17:55:14 +0100] "POST /wp-login.php HTTP/1.1" 200 1933 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 167.88.170.2 - - [08/Sep/2020:17:55:15 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-09 06:26:04
91.149.139.198	attack	Multiple SSH login attempts.	2020-09-09 06:35:41
73.6.227.20	attack	6x Failed Password	2020-09-09 06:47:10
223.182.49.192	attackbots	Icarus honeypot on github	2020-09-09 06:38:50
187.176.185.65	attackspambots	Sep 8 20:15:59 eventyay sshd[3555]: Failed password for root from 187.176.185.65 port 45050 ssh2 Sep 8 20:20:05 eventyay sshd[3643]: Failed password for root from 187.176.185.65 port 51010 ssh2 ...	2020-09-09 06:44:38

最近上报的IP列表

182.75.61.238	202.11.83.107	68.104.199.63	185.153.196.47
53.41.196.220	210.215.111.168	68.13.196.250	198.199.109.214
138.15.206.193	60.202.234.203	2.199.35.22	128.199.199.113
172.105.216.75	66.220.149.16	47.91.104.125	3.14.253.241
173.252.127.39	192.217.80.247	68.236.215.220	206.87.251.45