140.143.193.42

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Aug 15 04:48:17 yabzik sshd[1074]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.193.42 Aug 15 04:48:19 yabzik sshd[1074]: Failed password for invalid user ricki from 140.143.193.42 port 50486 ssh2 Aug 15 04:50:46 yabzik sshd[2141]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.193.42	2019-08-15 10:16:18

类型

评论内容

时间

attack

Aug 15 04:48:17 yabzik sshd[1074]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.193.42
Aug 15 04:48:19 yabzik sshd[1074]: Failed password for invalid user ricki from 140.143.193.42 port 50486 ssh2
Aug 15 04:50:46 yabzik sshd[2141]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.193.42

2019-08-15 10:16:18

相同子网IP讨论:

IP	类型	评论内容	时间
140.143.193.52	attackspambots	Automatic report - Banned IP Access	2020-10-05 06:12:07
140.143.193.52	attackspam	SSH Brute-Force attacks	2020-10-04 22:11:26
140.143.193.52	attackspambots	SSH Brute-Force attacks	2020-10-04 13:57:35
140.143.193.52	attack	Invalid user oracle from 140.143.193.52 port 38014	2020-09-30 06:00:50
140.143.193.52	attackspambots	Bruteforce detected by fail2ban	2020-09-29 22:12:32
140.143.193.52	attackspambots	Sep 29 07:21:14 buvik sshd[15268]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.193.52 Sep 29 07:21:16 buvik sshd[15268]: Failed password for invalid user guest from 140.143.193.52 port 50244 ssh2 Sep 29 07:26:49 buvik sshd[15944]: Invalid user puebra from 140.143.193.52 ...	2020-09-29 14:29:20
140.143.193.52	attackspambots	Automatic Fail2ban report - Trying login SSH	2020-09-14 01:02:41
140.143.193.52	attackspam	Automatic Fail2ban report - Trying login SSH	2020-09-13 16:55:01
140.143.193.52	attackbotsspam	21 attempts against mh-ssh on echoip	2020-09-03 01:36:49
140.143.193.52	attack	Failed password for invalid user svg from 140.143.193.52 port 43392 ssh2	2020-09-02 17:04:21
140.143.193.52	attackbotsspam	Mar 13 10:43:39 ws22vmsma01 sshd[39866]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.193.52 Mar 13 10:43:41 ws22vmsma01 sshd[39866]: Failed password for invalid user proftpd from 140.143.193.52 port 52470 ssh2 ...	2020-03-14 03:47:48
140.143.193.52	attackspam	Feb 5 06:12:50 dedicated sshd[20796]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.193.52 Feb 5 06:12:50 dedicated sshd[20796]: Invalid user admin from 140.143.193.52 port 53734 Feb 5 06:12:52 dedicated sshd[20796]: Failed password for invalid user admin from 140.143.193.52 port 53734 ssh2 Feb 5 06:21:26 dedicated sshd[22672]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.193.52 user=root Feb 5 06:21:28 dedicated sshd[22672]: Failed password for root from 140.143.193.52 port 45250 ssh2	2020-02-05 13:32:33
140.143.193.52	attackbotsspam	Feb 2 00:32:05 dedicated sshd[9689]: Invalid user musikbot from 140.143.193.52 port 42724	2020-02-02 07:44:33
140.143.193.52	attack	$f2bV_matches	2020-02-02 05:53:34
140.143.193.52	attackbotsspam	Jan 29 06:08:48 OPSO sshd\[7132\]: Invalid user radhasuta from 140.143.193.52 port 59528 Jan 29 06:08:48 OPSO sshd\[7132\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.193.52 Jan 29 06:08:50 OPSO sshd\[7132\]: Failed password for invalid user radhasuta from 140.143.193.52 port 59528 ssh2 Jan 29 06:11:57 OPSO sshd\[7999\]: Invalid user radhatanaya from 140.143.193.52 port 49182 Jan 29 06:11:57 OPSO sshd\[7999\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.193.52	2020-01-29 13:26:18

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 140.143.193.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 14195
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;140.143.193.42.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080501 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Aug 05 14:28:56 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 42.193.143.140.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 42.193.143.140.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
222.186.173.226	attackspam	May 9 04:56:13 santamaria sshd\[14353\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.226 user=root May 9 04:56:15 santamaria sshd\[14353\]: Failed password for root from 222.186.173.226 port 3308 ssh2 May 9 04:56:31 santamaria sshd\[14355\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.226 user=root ...	2020-05-09 12:47:46
192.95.41.112	attackbotsspam	May 9 02:47:09 *** sshd[14038]: Invalid user bbbbb from 192.95.41.112	2020-05-09 12:42:08
198.108.67.106	attackspambots	" "	2020-05-09 12:50:02
69.94.135.160	attack	Email Spam	2020-05-09 12:19:15
222.186.180.147	attackbotsspam	May 8 22:59:35 NPSTNNYC01T sshd[12610]: Failed password for root from 222.186.180.147 port 39196 ssh2 May 8 22:59:39 NPSTNNYC01T sshd[12610]: Failed password for root from 222.186.180.147 port 39196 ssh2 May 8 22:59:42 NPSTNNYC01T sshd[12610]: Failed password for root from 222.186.180.147 port 39196 ssh2 May 8 22:59:46 NPSTNNYC01T sshd[12610]: Failed password for root from 222.186.180.147 port 39196 ssh2 ...	2020-05-09 12:10:41
186.38.26.5	attackspambots	Scanned 3 times in the last 24 hours on port 22	2020-05-09 12:23:36
2.47.230.222	attackspam	May 9 04:39:55 fshare1.srvfarm.net webmin[342844]: Non-existent login as azure from 2.47.230.222 May 9 04:39:57 fshare1.srvfarm.net webmin[342847]: Non-existent login as azure from 2.47.230.222 May 9 04:39:59 fshare1.srvfarm.net webmin[342850]: Non-existent login as azure from 2.47.230.222 May 9 04:40:02 fshare1.srvfarm.net webmin[342853]: Non-existent login as azure from 2.47.230.222 May 9 04:40:06 fshare1.srvfarm.net webmin[342856]: Non-existent login as azure from 2.47.230.222	2020-05-09 12:23:21
221.122.73.130	attack	May 8 18:52:45 sip sshd[25350]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.122.73.130 May 8 18:52:46 sip sshd[25350]: Failed password for invalid user nancy from 221.122.73.130 port 56607 ssh2 May 8 18:59:49 sip sshd[27909]: Failed password for root from 221.122.73.130 port 37772 ssh2	2020-05-09 12:45:54
222.186.190.2	attackspam	2020-05-09T02:57:16.134242shield sshd\[5098\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.190.2 user=root 2020-05-09T02:57:18.009879shield sshd\[5098\]: Failed password for root from 222.186.190.2 port 29720 ssh2 2020-05-09T02:57:20.853209shield sshd\[5098\]: Failed password for root from 222.186.190.2 port 29720 ssh2 2020-05-09T02:57:24.444741shield sshd\[5098\]: Failed password for root from 222.186.190.2 port 29720 ssh2 2020-05-09T02:57:27.781967shield sshd\[5098\]: Failed password for root from 222.186.190.2 port 29720 ssh2	2020-05-09 12:35:22
49.233.182.23	attackbotsspam	$f2bV_matches	2020-05-09 12:21:23
112.85.42.232	attackbots	May 9 04:47:38 home sshd[30634]: Failed password for root from 112.85.42.232 port 20611 ssh2 May 9 04:48:49 home sshd[30798]: Failed password for root from 112.85.42.232 port 21158 ssh2 ...	2020-05-09 12:29:07
211.103.95.118	attackbots	May 9 04:48:11 ns381471 sshd[22433]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.103.95.118 May 9 04:48:14 ns381471 sshd[22433]: Failed password for invalid user ts from 211.103.95.118 port 42779 ssh2	2020-05-09 12:25:33
51.255.35.41	attackbots	2020-05-08T17:55:49.1236311495-001 sshd[58296]: Invalid user jack from 51.255.35.41 port 35328 2020-05-08T17:55:51.6374251495-001 sshd[58296]: Failed password for invalid user jack from 51.255.35.41 port 35328 ssh2 2020-05-08T17:59:30.3854571495-001 sshd[58498]: Invalid user brayden from 51.255.35.41 port 39687 2020-05-08T17:59:30.3891341495-001 sshd[58498]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.ip-51-255-35.eu 2020-05-08T17:59:30.3854571495-001 sshd[58498]: Invalid user brayden from 51.255.35.41 port 39687 2020-05-08T17:59:32.0124091495-001 sshd[58498]: Failed password for invalid user brayden from 51.255.35.41 port 39687 ssh2 ...	2020-05-09 12:30:06
222.186.15.158	attackbots	May 9 04:54:16 vmanager6029 sshd\[6277\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.158 user=root May 9 04:54:19 vmanager6029 sshd\[6275\]: error: PAM: Authentication failure for root from 222.186.15.158 May 9 04:54:19 vmanager6029 sshd\[6280\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.158 user=root	2020-05-09 12:36:28
162.214.96.184	attack	May 8 08:04:43 web01.agentur-b-2.de postfix/smtpd[108582]: NOQUEUE: reject: RCPT from unknown[162.214.96.184]: 450 4.7.1 <162-214-96-184.webhostbox.net>: Helo command rejected: Host not found; from= to= proto=ESMTP helo=<162-214-96-184.webhostbox.net> May 8 08:05:18 web01.agentur-b-2.de postfix/smtpd[108804]: NOQUEUE: reject: RCPT from unknown[162.214.96.184]: 450 4.7.1 <162-214-96-184.webhostbox.net>: Helo command rejected: Host not found; from= to= proto=ESMTP helo=<162-214-96-184.webhostbox.net> May 8 08:09:18 web01.agentur-b-2.de postfix/smtpd[108804]: NOQUEUE: reject: RCPT from unknown[162.214.96.184]: 450 4.7.1 <162-214-96-184.webhostbox.net>: Helo command rejected: Host not found; from= to= proto=ESMTP helo=<162-214-96-184.webhostbox.net> May 8 08:11:59 web01.agentur-b-2.de postfix/smtpd[108805]: NOQUEUE: reject: RCPT from unknown[162.214.96.184]: 450 4.7.1	2020-05-09 12:17:05

最近上报的IP列表

85.25.203.19	145.249.107.242	122.118.250.99	180.201.10.32
122.118.111.60	48.128.220.128	233.147.30.110	121.154.47.71
92.119.160.173	120.7.234.208	12.61.193.92	119.7.142.187
23.158.96.84	119.183.53.125	185.143.221.7	113.205.76.248
119.153.161.188	14.231.140.228	134.209.154.143	46.151.42.127