140.143.140.139

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Aug 22 23:06:44 localhost sshd\[5348\]: Invalid user george from 140.143.140.139 port 60320 Aug 22 23:06:44 localhost sshd\[5348\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.140.139 Aug 22 23:06:46 localhost sshd\[5348\]: Failed password for invalid user george from 140.143.140.139 port 60320 ssh2	2019-08-23 07:07:44

类型

评论内容

时间

attack

Aug 22 23:06:44 localhost sshd\[5348\]: Invalid user george from 140.143.140.139 port 60320
Aug 22 23:06:44 localhost sshd\[5348\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.140.139
Aug 22 23:06:46 localhost sshd\[5348\]: Failed password for invalid user george from 140.143.140.139 port 60320 ssh2

2019-08-23 07:07:44

相同子网IP讨论:

IP	类型	评论内容	时间
140.143.140.242	attackspam	May 7 21:02:42 hosting sshd[30698]: Invalid user xpm from 140.143.140.242 port 43654 ...	2020-05-08 03:19:47
140.143.140.242	attackbotsspam	Tried sshing with brute force.	2020-04-23 00:57:34
140.143.140.242	attack	Invalid user ubuntu from 140.143.140.242 port 60730	2020-04-22 00:56:17
140.143.140.242	attack	Brute force attempt	2020-04-19 04:47:12
140.143.140.242	attackbotsspam	k+ssh-bruteforce	2020-04-16 07:37:32
140.143.140.242	attack	SSH bruteforce	2020-04-02 15:12:25
140.143.140.242	attackbots	Mar 29 20:17:15 rotator sshd\[23263\]: Invalid user jwy from 140.143.140.242Mar 29 20:17:18 rotator sshd\[23263\]: Failed password for invalid user jwy from 140.143.140.242 port 50596 ssh2Mar 29 20:22:06 rotator sshd\[24052\]: Invalid user gny from 140.143.140.242Mar 29 20:22:08 rotator sshd\[24052\]: Failed password for invalid user gny from 140.143.140.242 port 50204 ssh2Mar 29 20:27:00 rotator sshd\[24831\]: Invalid user iqh from 140.143.140.242Mar 29 20:27:03 rotator sshd\[24831\]: Failed password for invalid user iqh from 140.143.140.242 port 49822 ssh2 ...	2020-03-30 02:29:32
140.143.140.242	attackbots	Mar 26 05:49:09 lukav-desktop sshd\[32714\]: Invalid user qucheng from 140.143.140.242 Mar 26 05:49:09 lukav-desktop sshd\[32714\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.140.242 Mar 26 05:49:11 lukav-desktop sshd\[32714\]: Failed password for invalid user qucheng from 140.143.140.242 port 40040 ssh2 Mar 26 05:51:49 lukav-desktop sshd\[308\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.140.242 user=mail Mar 26 05:51:51 lukav-desktop sshd\[308\]: Failed password for mail from 140.143.140.242 port 44868 ssh2	2020-03-26 15:18:35
140.143.140.242	attackspambots	Feb 23 06:47:05 dedicated sshd[21991]: Invalid user diana from 140.143.140.242 port 52302	2020-02-23 13:55:28
140.143.140.242	attackbots	5x Failed Password	2020-02-21 16:21:36
140.143.140.242	attack	Feb 14 09:36:05 markkoudstaal sshd[6831]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.140.242 Feb 14 09:36:07 markkoudstaal sshd[6831]: Failed password for invalid user geotail from 140.143.140.242 port 35194 ssh2 Feb 14 09:39:13 markkoudstaal sshd[7375]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.140.242	2020-02-14 21:45:05
140.143.140.242	attackspam	" "	2020-02-07 02:38:08
140.143.140.142	attack	Unauthorized connection attempt detected from IP address 140.143.140.142 to port 22 [T]	2020-01-09 03:01:06

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 140.143.140.139
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56143
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;140.143.140.139.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019082200 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Aug 22 17:32:53 CST 2019
;; MSG SIZE  rcvd: 119

HOST信息:

Host 139.140.143.140.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 139.140.143.140.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
92.53.65.184	attackbotsspam	Scanning (more than 2 packets) random ports - tries to find possible vulnerable services	2019-07-22 15:42:33
190.112.253.194	attackspambots	Jul 22 05:06:07 mintao sshd\[1663\]: Invalid user pi from 190.112.253.194\ Jul 22 05:06:07 mintao sshd\[1662\]: Invalid user pi from 190.112.253.194\	2019-07-22 16:20:11
51.255.35.58	attackspambots	Jul 22 04:04:09 vps200512 sshd\[17867\]: Invalid user pk from 51.255.35.58 Jul 22 04:04:09 vps200512 sshd\[17867\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.255.35.58 Jul 22 04:04:11 vps200512 sshd\[17867\]: Failed password for invalid user pk from 51.255.35.58 port 57151 ssh2 Jul 22 04:08:30 vps200512 sshd\[17934\]: Invalid user vinod from 51.255.35.58 Jul 22 04:08:30 vps200512 sshd\[17934\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.255.35.58	2019-07-22 16:16:35
116.212.138.146	attackspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-22 03:01:09,596 INFO [amun_request_handler] PortScan Detected on Port: 445 (116.212.138.146)	2019-07-22 15:36:09
112.211.105.103	attackspam	2019-07-22T00:07:11.692780mizuno.rwx.ovh sshd[14028]: Connection from 112.211.105.103 port 60256 on 78.46.61.178 port 22 2019-07-22T00:07:12.908852mizuno.rwx.ovh sshd[14028]: Invalid user user1 from 112.211.105.103 port 60256 2019-07-22T00:07:13.164487mizuno.rwx.ovh sshd[14028]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.211.105.103 2019-07-22T00:07:11.692780mizuno.rwx.ovh sshd[14028]: Connection from 112.211.105.103 port 60256 on 78.46.61.178 port 22 2019-07-22T00:07:12.908852mizuno.rwx.ovh sshd[14028]: Invalid user user1 from 112.211.105.103 port 60256 2019-07-22T00:07:14.823253mizuno.rwx.ovh sshd[14028]: Failed password for invalid user user1 from 112.211.105.103 port 60256 ssh2 ...	2019-07-22 15:46:21
46.173.211.203	attackbotsspam	" "	2019-07-22 15:43:58
218.92.0.172	attack	2019-07-22T06:32:11.6498001240 sshd\[32556\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.172 user=root 2019-07-22T06:32:13.5103811240 sshd\[32556\]: Failed password for root from 218.92.0.172 port 8459 ssh2 2019-07-22T06:32:16.8743301240 sshd\[32556\]: Failed password for root from 218.92.0.172 port 8459 ssh2 ...	2019-07-22 15:47:03
190.245.102.73	attack	2019-07-22T08:21:41.603266abusebot-5.cloudsearch.cf sshd\[26092\]: Invalid user testuser from 190.245.102.73 port 60076	2019-07-22 16:22:19
157.230.91.45	attack	Jul 22 08:47:42 debian sshd\[30639\]: Invalid user mb from 157.230.91.45 port 37564 Jul 22 08:47:42 debian sshd\[30639\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.91.45 ...	2019-07-22 15:53:49
37.120.135.90	attackspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-20 12:21:19,613 INFO [shellcode_manager] (37.120.135.90) no match, writing hexdump (3a7f51f52b86dea4b25a287c08abf9ca :2200189) - MS17010 (EternalBlue)	2019-07-22 15:34:43
41.94.97.138	attackbots	2019-07-22T09:37:29.008643 sshd[22705]: Invalid user oracle from 41.94.97.138 port 34410 2019-07-22T09:37:29.018885 sshd[22705]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.94.97.138 2019-07-22T09:37:29.008643 sshd[22705]: Invalid user oracle from 41.94.97.138 port 34410 2019-07-22T09:37:31.189030 sshd[22705]: Failed password for invalid user oracle from 41.94.97.138 port 34410 ssh2 2019-07-22T09:43:48.303925 sshd[22766]: Invalid user git from 41.94.97.138 port 60818 ...	2019-07-22 16:05:05
125.161.138.50	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-22 03:01:12,439 INFO [amun_request_handler] PortScan Detected on Port: 445 (125.161.138.50)	2019-07-22 15:33:37
167.99.200.84	attack	Jul 22 05:43:13 *** sshd[7056]: Invalid user ftpuser from 167.99.200.84	2019-07-22 16:14:05
117.200.205.148	attackspambots	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-22 01:34:34,519 INFO [shellcode_manager] (117.200.205.148) no match, writing hexdump (d43ae1956ef66ee56ca672695960cb4a :2439079) - MS17010 (EternalBlue)	2019-07-22 15:55:40
165.227.151.59	attack	Jul 22 09:57:10 host sshd\[24413\]: Invalid user nagios from 165.227.151.59 port 55390 Jul 22 09:57:12 host sshd\[24413\]: Failed password for invalid user nagios from 165.227.151.59 port 55390 ssh2 ...	2019-07-22 16:20:53

最近上报的IP列表

182.75.61.238	202.11.83.107	68.104.199.63	185.153.196.47
53.41.196.220	210.215.111.168	68.13.196.250	198.199.109.214
138.15.206.193	60.202.234.203	2.199.35.22	128.199.199.113
172.105.216.75	66.220.149.16	47.91.104.125	3.14.253.241
173.252.127.39	192.217.80.247	68.236.215.220	206.87.251.45