140.143.206.106

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	$f2bV_matches	2020-03-20 18:59:16
attack	2020-02-08T23:56:51.196012vostok sshd\[5141\]: Invalid user iuk from 140.143.206.106 port 58076 \| Triggered by Fail2Ban at Vostok web server	2020-02-09 14:23:58
attack	(sshd) Failed SSH login from 140.143.206.106 (CN/China/-): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Feb 1 22:35:30 ubuntu sshd[10612]: Invalid user test from 140.143.206.106 port 47996 Feb 1 22:35:32 ubuntu sshd[10612]: Failed password for invalid user test from 140.143.206.106 port 47996 ssh2	2020-02-02 05:47:20
attack	Jan 27 11:29:07 hcbbdb sshd\[31441\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.206.106 user=root Jan 27 11:29:10 hcbbdb sshd\[31441\]: Failed password for root from 140.143.206.106 port 32816 ssh2 Jan 27 11:34:50 hcbbdb sshd\[32157\]: Invalid user yatin from 140.143.206.106 Jan 27 11:34:50 hcbbdb sshd\[32157\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.206.106 Jan 27 11:34:53 hcbbdb sshd\[32157\]: Failed password for invalid user yatin from 140.143.206.106 port 55586 ssh2	2020-01-27 19:38:15
attackbotsspam	$f2bV_matches	2020-01-12 09:00:32
attackbotsspam	$f2bV_matches	2020-01-11 23:22:19
attack	fail2ban	2020-01-11 09:14:04
attackbotsspam	Unauthorized connection attempt detected from IP address 140.143.206.106 to port 22	2020-01-07 05:07:38
attackspambots	Jan 2 11:58:18 vps46666688 sshd[4602]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.206.106 Jan 2 11:58:20 vps46666688 sshd[4602]: Failed password for invalid user test from 140.143.206.106 port 35588 ssh2 ...	2020-01-02 23:10:43
attackspam	Dec 18 23:47:35 legacy sshd[6931]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.206.106 Dec 18 23:47:37 legacy sshd[6931]: Failed password for invalid user test from 140.143.206.106 port 50160 ssh2 Dec 18 23:54:23 legacy sshd[7152]: Failed password for root from 140.143.206.106 port 51552 ssh2 ...	2019-12-19 07:02:59
attackspam	$f2bV_matches	2019-12-19 05:35:00
attackspam	2019-12-08T10:18:01.371621abusebot-5.cloudsearch.cf sshd\[19069\]: Invalid user pasqualino from 140.143.206.106 port 52368	2019-12-08 18:35:48
attackspam	Dec 4 15:12:05 xxx sshd[25597]: Failed password for r.r from 140.143.206.106 port 60994 ssh2 Dec 4 15:12:05 xxx sshd[25597]: Received disconnect from 140.143.206.106 port 60994:11: Bye Bye [preauth] Dec 4 15:12:05 xxx sshd[25597]: Disconnected from 140.143.206.106 port 60994 [preauth] Dec 4 15:35:21 xxx sshd[29853]: Connection closed by 140.143.206.106 port 46546 [preauth] Dec 4 15:42:01 xxx sshd[31813]: Failed password for r.r from 140.143.206.106 port 43214 ssh2 Dec 4 15:42:01 xxx sshd[31813]: Received disconnect from 140.143.206.106 port 43214:11: Bye Bye [preauth] Dec 4 15:42:01 xxx sshd[31813]: Disconnected from 140.143.206.106 port 43214 [preauth] Dec 4 15:49:35 xxx sshd[467]: Invalid user guest from 140.143.206.106 port 39846 Dec 4 15:49:35 xxx sshd[467]: Failed password for invalid user guest from 140.143.206.106 port 39846 ssh2 Dec 4 15:49:35 xxx sshd[467]: Received disconnect from 140.143.206.106 port 39846:11: Bye Bye [preauth] Dec 4 15:49:35 xxx s........ -------------------------------	2019-12-07 15:56:02
attackspambots	Dec 4 15:12:05 xxx sshd[25597]: Failed password for r.r from 140.143.206.106 port 60994 ssh2 Dec 4 15:12:05 xxx sshd[25597]: Received disconnect from 140.143.206.106 port 60994:11: Bye Bye [preauth] Dec 4 15:12:05 xxx sshd[25597]: Disconnected from 140.143.206.106 port 60994 [preauth] Dec 4 15:35:21 xxx sshd[29853]: Connection closed by 140.143.206.106 port 46546 [preauth] Dec 4 15:42:01 xxx sshd[31813]: Failed password for r.r from 140.143.206.106 port 43214 ssh2 Dec 4 15:42:01 xxx sshd[31813]: Received disconnect from 140.143.206.106 port 43214:11: Bye Bye [preauth] Dec 4 15:42:01 xxx sshd[31813]: Disconnected from 140.143.206.106 port 43214 [preauth] Dec 4 15:49:35 xxx sshd[467]: Invalid user guest from 140.143.206.106 port 39846 Dec 4 15:49:35 xxx sshd[467]: Failed password for invalid user guest from 140.143.206.106 port 39846 ssh2 Dec 4 15:49:35 xxx sshd[467]: Received disconnect from 140.143.206.106 port 39846:11: Bye Bye [preauth] Dec 4 15:49:35 xxx s........ -------------------------------	2019-12-07 02:45:55

相同子网IP讨论:

IP	类型	评论内容	时间
140.143.206.191	attack	(sshd) Failed SSH login from 140.143.206.191 (CN/China/-): 5 in the last 3600 secs	2020-09-30 02:56:40
140.143.206.191	attackspambots	2020-09-29T08:12:45.913407abusebot-4.cloudsearch.cf sshd[25608]: Invalid user vnc from 140.143.206.191 port 33678 2020-09-29T08:12:45.921270abusebot-4.cloudsearch.cf sshd[25608]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.206.191 2020-09-29T08:12:45.913407abusebot-4.cloudsearch.cf sshd[25608]: Invalid user vnc from 140.143.206.191 port 33678 2020-09-29T08:12:47.856088abusebot-4.cloudsearch.cf sshd[25608]: Failed password for invalid user vnc from 140.143.206.191 port 33678 ssh2 2020-09-29T08:16:38.132609abusebot-4.cloudsearch.cf sshd[25617]: Invalid user aron from 140.143.206.191 port 48494 2020-09-29T08:16:38.139413abusebot-4.cloudsearch.cf sshd[25617]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.206.191 2020-09-29T08:16:38.132609abusebot-4.cloudsearch.cf sshd[25617]: Invalid user aron from 140.143.206.191 port 48494 2020-09-29T08:16:40.730931abusebot-4.cloudsearch.cf sshd[25617]: ...	2020-09-29 18:59:09
140.143.206.191	attackspambots	Sep 9 08:15:10 scw-tender-jepsen sshd[27539]: Failed password for root from 140.143.206.191 port 55882 ssh2	2020-09-09 16:56:17
140.143.206.191	attackspambots	Sep 6 22:12:22 ip106 sshd[510]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.206.191 Sep 6 22:12:23 ip106 sshd[510]: Failed password for invalid user radio from 140.143.206.191 port 54232 ssh2 ...	2020-09-07 04:39:24
140.143.206.191	attackbots	Sep 6 12:01:48 root sshd[31781]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.206.191 Sep 6 12:10:07 root sshd[7906]: Failed password for root from 140.143.206.191 port 45916 ssh2 ...	2020-09-06 20:15:33
140.143.206.191	attack	Aug 21 02:38:37 logopedia-1vcpu-1gb-nyc1-01 sshd[497900]: Invalid user mit from 140.143.206.191 port 35204 ...	2020-08-21 19:26:19
140.143.206.191	attack	"fail2ban match"	2020-08-06 23:53:40
140.143.206.191	attack	Aug 3 06:32:15 myhostname sshd[25373]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.206.191 user=r.r Aug 3 06:32:17 myhostname sshd[25373]: Failed password for r.r from 140.143.206.191 port 35354 ssh2 Aug 3 06:32:17 myhostname sshd[25373]: Received disconnect from 140.143.206.191 port 35354:11: Bye Bye [preauth] Aug 3 06:32:17 myhostname sshd[25373]: Disconnected from 140.143.206.191 port 35354 [preauth] Aug 3 06:41:11 myhostname sshd[31239]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.206.191 user=r.r Aug 3 06:41:13 myhostname sshd[31239]: Failed password for r.r from 140.143.206.191 port 60960 ssh2 Aug 3 06:41:13 myhostname sshd[31239]: Received disconnect from 140.143.206.191 port 60960:11: Bye Bye [preauth] Aug 3 06:41:13 myhostname sshd[31239]: Disconnected from 140.143.206.191 port 60960 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html	2020-08-03 20:54:20
140.143.206.137	attack	Exploited Host.	2020-07-26 00:54:59
140.143.206.137	attackspambots	2020-04-11T05:48:19.453225 sshd[11515]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.206.137 2020-04-11T05:48:19.438572 sshd[11515]: Invalid user guest from 140.143.206.137 port 50678 2020-04-11T05:48:20.797195 sshd[11515]: Failed password for invalid user guest from 140.143.206.137 port 50678 ssh2 2020-04-11T07:49:13.646661 sshd[13841]: Invalid user mother from 140.143.206.137 port 47644 ...	2020-04-11 18:07:24
140.143.206.137	attackbotsspam	SSH Invalid Login	2020-04-11 07:10:20
140.143.206.137	attackspam	Apr 7 20:13:24 php1 sshd\[7423\]: Invalid user ricochet from 140.143.206.137 Apr 7 20:13:25 php1 sshd\[7423\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.206.137 Apr 7 20:13:27 php1 sshd\[7423\]: Failed password for invalid user ricochet from 140.143.206.137 port 57190 ssh2 Apr 7 20:17:08 php1 sshd\[7791\]: Invalid user work from 140.143.206.137 Apr 7 20:17:08 php1 sshd\[7791\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.206.137	2020-04-08 16:07:51
140.143.206.99	attack	20 attempts against mh-misbehave-ban on hail	2020-04-07 04:33:03
140.143.206.137	attackbots	Apr 6 05:37:41 IngegnereFirenze sshd[22914]: User root from 140.143.206.137 not allowed because not listed in AllowUsers ...	2020-04-06 20:16:52
140.143.206.216	attack	Invalid user hh from 140.143.206.216 port 45392	2020-03-28 21:47:15

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 140.143.206.106
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22194
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;140.143.206.106.		IN	A

;; AUTHORITY SECTION:
.			458	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019120600 1800 900 604800 86400

;; Query time: 220 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Dec 07 02:45:51 CST 2019
;; MSG SIZE  rcvd: 119

HOST信息:

Host 106.206.143.140.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 106.206.143.140.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
185.234.216.144	attackspam	smtp attack	2019-12-07 02:27:29
52.64.20.252	attackbots	WordPress wp-login brute force :: 52.64.20.252 0.292 BYPASS [06/Dec/2019:16:58:36 0000] [censored_4] "POST /wp-login.php HTTP/1.1" 200 2131 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36"	2019-12-07 02:36:19
51.11.32.88	attack	RDP Bruteforce	2019-12-07 02:52:25
144.217.39.131	attackspam	Dec 6 08:17:55 php1 sshd\[5556\]: Invalid user trudie from 144.217.39.131 Dec 6 08:17:55 php1 sshd\[5556\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.217.39.131 Dec 6 08:17:56 php1 sshd\[5556\]: Failed password for invalid user trudie from 144.217.39.131 port 60684 ssh2 Dec 6 08:23:21 php1 sshd\[6071\]: Invalid user dupe from 144.217.39.131 Dec 6 08:23:21 php1 sshd\[6071\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.217.39.131	2019-12-07 02:43:51
107.189.11.11	attackbots	2019-12-06T17:26:50.294238abusebot-2.cloudsearch.cf sshd\[7678\]: Invalid user fake from 107.189.11.11 port 56334	2019-12-07 02:48:56
37.114.133.121	attackspambots	Dec 6 15:47:34 [munged] sshd[28785]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.114.133.121	2019-12-07 02:56:00
184.185.2.211	attackspam	2019/12/06 14:48:05 \[error\] 3564\#0: \2136 An error occurred in mail zmauth: user not found:agustin94@fathog.com while SSL handshaking to lookup handler, client: 184.185.2.211:33972, server: 45.79.145.195:993, login: "agustin94@*fathog.com"	2019-12-07 02:28:40
106.12.30.59	attack	Dec 6 17:39:16 server sshd\[32367\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.30.59 user=root Dec 6 17:39:19 server sshd\[32367\]: Failed password for root from 106.12.30.59 port 50031 ssh2 Dec 6 17:48:01 server sshd\[2402\]: Invalid user psw from 106.12.30.59 Dec 6 17:48:01 server sshd\[2402\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.30.59 Dec 6 17:48:03 server sshd\[2402\]: Failed password for invalid user psw from 106.12.30.59 port 51711 ssh2 ...	2019-12-07 02:38:16
183.161.0.183	attackbotsspam	Dec 6 09:42:24 esmtp postfix/smtpd[30783]: lost connection after AUTH from unknown[183.161.0.183] Dec 6 09:42:29 esmtp postfix/smtpd[30682]: lost connection after AUTH from unknown[183.161.0.183] Dec 6 09:42:38 esmtp postfix/smtpd[30637]: lost connection after AUTH from unknown[183.161.0.183] Dec 6 09:47:45 esmtp postfix/smtpd[30783]: lost connection after AUTH from unknown[183.161.0.183] Dec 6 09:48:00 esmtp postfix/smtpd[30783]: lost connection after AUTH from unknown[183.161.0.183] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=183.161.0.183	2019-12-07 02:41:52
125.44.210.202	attack	Telnet/23 MH Probe, BF, Hack -	2019-12-07 02:31:59
124.43.16.244	attack	Tried sshing with brute force.	2019-12-07 02:42:10
192.99.245.135	attack	$f2bV_matches	2019-12-07 02:54:40
187.178.173.161	attackspambots	Dec 7 01:08:57 webhost01 sshd[26656]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.178.173.161 Dec 7 01:08:59 webhost01 sshd[26656]: Failed password for invalid user busalacc from 187.178.173.161 port 60536 ssh2 ...	2019-12-07 02:26:53
1.1.236.131	attack	Telnet/23 MH Probe, BF, Hack -	2019-12-07 02:42:43
52.220.208.101	attackspambots	$f2bV_matches	2019-12-07 02:25:04

最近上报的IP列表

151.10.250.176	39.52.126.210	79.243.147.231	63.135.27.130
177.208.32.74	92.36.159.22	31.227.251.74	74.213.193.226
112.171.244.194	37.114.133.121	87.165.155.129	123.87.195.138
37.117.149.61	123.80.6.232	90.103.146.251	32.238.26.149
208.184.239.62	158.182.201.177	66.209.254.236	54.92.98.246