140.143.5.72 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Sep 11 11:30:07 root sshd[25604]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.5.72 ...	2020-09-11 21:31:38
attackbotsspam	Failed password for invalid user ruud from 140.143.5.72 port 58562 ssh2	2020-09-11 13:39:51
attackbotsspam	Invalid user testuser from 140.143.5.72 port 41774	2020-08-28 15:21:09
attackspam	Aug 26 23:04:43 meumeu sshd[383615]: Invalid user zhong from 140.143.5.72 port 59244 Aug 26 23:04:43 meumeu sshd[383615]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.5.72 Aug 26 23:04:43 meumeu sshd[383615]: Invalid user zhong from 140.143.5.72 port 59244 Aug 26 23:04:45 meumeu sshd[383615]: Failed password for invalid user zhong from 140.143.5.72 port 59244 ssh2 Aug 26 23:05:51 meumeu sshd[383642]: Invalid user ubuntu from 140.143.5.72 port 48482 Aug 26 23:05:51 meumeu sshd[383642]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.5.72 Aug 26 23:05:51 meumeu sshd[383642]: Invalid user ubuntu from 140.143.5.72 port 48482 Aug 26 23:05:53 meumeu sshd[383642]: Failed password for invalid user ubuntu from 140.143.5.72 port 48482 ssh2 Aug 26 23:06:57 meumeu sshd[383663]: Invalid user usu from 140.143.5.72 port 37720 ...	2020-08-27 06:15:24
attack	"$f2bV_matches"	2020-08-24 19:33:25
attackspambots	Aug 23 13:19:22 scw-6657dc sshd[24219]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.5.72 Aug 23 13:19:22 scw-6657dc sshd[24219]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.5.72 Aug 23 13:19:24 scw-6657dc sshd[24219]: Failed password for invalid user zfl from 140.143.5.72 port 41518 ssh2 ...	2020-08-23 22:02:35
attack	Aug 12 07:17:32 serwer sshd\[25263\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.5.72 user=root Aug 12 07:17:34 serwer sshd\[25263\]: Failed password for root from 140.143.5.72 port 57914 ssh2 Aug 12 07:23:12 serwer sshd\[25746\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.5.72 user=root ...	2020-08-12 15:23:48
attackspambots	Aug 10 13:56:03 itv-usvr-01 sshd[5606]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.5.72 user=root Aug 10 13:56:04 itv-usvr-01 sshd[5606]: Failed password for root from 140.143.5.72 port 54390 ssh2 Aug 10 14:00:37 itv-usvr-01 sshd[5787]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.5.72 user=root Aug 10 14:00:39 itv-usvr-01 sshd[5787]: Failed password for root from 140.143.5.72 port 49780 ssh2 Aug 10 14:05:06 itv-usvr-01 sshd[5968]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.5.72 user=root Aug 10 14:05:08 itv-usvr-01 sshd[5968]: Failed password for root from 140.143.5.72 port 45170 ssh2	2020-08-10 19:36:35
attackspambots	Aug 4 10:41:22 rush sshd[29973]: Failed password for root from 140.143.5.72 port 59642 ssh2 Aug 4 10:44:05 rush sshd[30091]: Failed password for root from 140.143.5.72 port 36364 ssh2 ...	2020-08-04 21:17:01
attackbotsspam	SSH Brute Force	2020-07-28 16:19:57
attack	Jul 24 07:46:33 web-main sshd[694841]: Invalid user iz from 140.143.5.72 port 60590 Jul 24 07:46:35 web-main sshd[694841]: Failed password for invalid user iz from 140.143.5.72 port 60590 ssh2 Jul 24 07:59:15 web-main sshd[694919]: Invalid user lebesgue from 140.143.5.72 port 35514	2020-07-24 15:25:50
attackspambots	$f2bV_matches	2020-07-20 14:22:10

相同子网IP讨论:

IP	类型	评论内容	时间
140.143.56.61	attack	Oct 8 13:23:37 ns382633 sshd\[30536\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.56.61 user=root Oct 8 13:23:39 ns382633 sshd\[30536\]: Failed password for root from 140.143.56.61 port 40856 ssh2 Oct 8 13:31:46 ns382633 sshd\[31749\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.56.61 user=root Oct 8 13:31:48 ns382633 sshd\[31749\]: Failed password for root from 140.143.56.61 port 34130 ssh2 Oct 8 13:36:49 ns382633 sshd\[32538\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.56.61 user=root	2020-10-09 06:43:07
140.143.56.61	attackbotsspam	Oct 8 13:23:37 ns382633 sshd\[30536\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.56.61 user=root Oct 8 13:23:39 ns382633 sshd\[30536\]: Failed password for root from 140.143.56.61 port 40856 ssh2 Oct 8 13:31:46 ns382633 sshd\[31749\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.56.61 user=root Oct 8 13:31:48 ns382633 sshd\[31749\]: Failed password for root from 140.143.56.61 port 34130 ssh2 Oct 8 13:36:49 ns382633 sshd\[32538\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.56.61 user=root	2020-10-08 23:05:19
140.143.56.61	attackspambots	SSH bruteforce	2020-10-08 15:00:27
140.143.57.159	attackspam	Port scan denied	2020-09-29 00:25:16
140.143.57.159	attackbotsspam	Port scan denied	2020-09-28 16:27:07
140.143.57.195	attackspam	2020-09-17T17:49:41.180330mail.broermann.family sshd[5714]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.57.195 user=root 2020-09-17T17:49:43.273900mail.broermann.family sshd[5714]: Failed password for root from 140.143.57.195 port 46620 ssh2 2020-09-17T17:53:19.731350mail.broermann.family sshd[5876]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.57.195 user=root 2020-09-17T17:53:22.084032mail.broermann.family sshd[5876]: Failed password for root from 140.143.57.195 port 55882 ssh2 2020-09-17T18:00:25.779048mail.broermann.family sshd[6188]: Invalid user mikel from 140.143.57.195 port 46180 ...	2020-09-18 00:42:48
140.143.57.195	attackspambots	$f2bV_matches	2020-09-17 16:44:11
140.143.57.195	attackbots	Sep 16 21:28:06 roki sshd[25735]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.57.195 user=root Sep 16 21:28:08 roki sshd[25735]: Failed password for root from 140.143.57.195 port 38052 ssh2 Sep 16 21:37:24 roki sshd[26402]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.57.195 user=root Sep 16 21:37:26 roki sshd[26402]: Failed password for root from 140.143.57.195 port 55000 ssh2 Sep 16 21:43:20 roki sshd[26844]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.57.195 user=root ...	2020-09-17 07:49:53
140.143.57.195	attackbots	Bruteforce detected by fail2ban	2020-09-12 20:14:33
140.143.57.195	attackbots	SSH Invalid Login	2020-09-12 12:17:42
140.143.57.195	attack	Sep 11 20:54:03 sshgateway sshd\[10501\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.57.195 user=root Sep 11 20:54:05 sshgateway sshd\[10501\]: Failed password for root from 140.143.57.195 port 48694 ssh2 Sep 11 20:56:08 sshgateway sshd\[10759\]: Invalid user walt from 140.143.57.195 Sep 11 20:56:08 sshgateway sshd\[10759\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.57.195	2020-09-12 04:06:12
140.143.56.61	attackspambots	Sep 9 02:32:57 vlre-nyc-1 sshd\[13464\]: Invalid user echo from 140.143.56.61 Sep 9 02:32:57 vlre-nyc-1 sshd\[13464\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.56.61 Sep 9 02:32:59 vlre-nyc-1 sshd\[13464\]: Failed password for invalid user echo from 140.143.56.61 port 56458 ssh2 Sep 9 02:38:46 vlre-nyc-1 sshd\[13580\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.56.61 user=root Sep 9 02:38:48 vlre-nyc-1 sshd\[13580\]: Failed password for root from 140.143.56.61 port 58408 ssh2 ...	2020-09-09 15:39:04
140.143.56.61	attackspambots	2020-09-08T12:41:28.865689morrigan.ad5gb.com sshd[2611175]: Failed password for root from 140.143.56.61 port 45160 ssh2 2020-09-08T12:41:31.289233morrigan.ad5gb.com sshd[2611175]: Disconnected from authenticating user root 140.143.56.61 port 45160 [preauth]	2020-09-09 07:48:26
140.143.57.195	attackspam	Sep 4 11:54:57 vm1 sshd[1663]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.57.195 Sep 4 11:54:58 vm1 sshd[1663]: Failed password for invalid user jsa from 140.143.57.195 port 54488 ssh2 ...	2020-09-05 04:36:32
140.143.57.195	attack	Sep 4 11:54:57 vm1 sshd[1663]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.57.195 Sep 4 11:54:58 vm1 sshd[1663]: Failed password for invalid user jsa from 140.143.57.195 port 54488 ssh2 ...	2020-09-04 20:14:24

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 140.143.5.72
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 39576
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;140.143.5.72.			IN	A

;; AUTHORITY SECTION:
.			265	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020072000 1800 900 604800 86400

;; Query time: 91 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jul 20 14:22:03 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 72.5.143.140.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 72.5.143.140.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
78.189.185.157	attackspam	Fail2Ban Ban Triggered	2020-02-01 07:38:44
119.200.61.177	attackspam	Feb 1 00:26:10 silence02 sshd[26860]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.200.61.177 Feb 1 00:26:12 silence02 sshd[26860]: Failed password for invalid user testerpass from 119.200.61.177 port 37464 ssh2 Feb 1 00:29:53 silence02 sshd[27217]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.200.61.177	2020-02-01 07:37:40
51.91.56.133	attack	Unauthorized connection attempt detected from IP address 51.91.56.133 to port 2220 [J]	2020-02-01 07:57:40
222.186.30.31	attackspam	Feb 1 00:42:29 h2177944 sshd\[19109\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.31 user=root Feb 1 00:42:31 h2177944 sshd\[19109\]: Failed password for root from 222.186.30.31 port 48671 ssh2 Feb 1 00:42:33 h2177944 sshd\[19109\]: Failed password for root from 222.186.30.31 port 48671 ssh2 Feb 1 00:42:36 h2177944 sshd\[19109\]: Failed password for root from 222.186.30.31 port 48671 ssh2 ...	2020-02-01 07:51:23
14.167.181.25	attack	1580506432 - 01/31/2020 22:33:52 Host: 14.167.181.25/14.167.181.25 Port: 445 TCP Blocked	2020-02-01 07:29:18
103.68.81.137	attackspambots	1433/tcp [2020-01-31]1pkt	2020-02-01 07:48:29
189.14.135.202	attackbotsspam	Unauthorized connection attempt detected from IP address 189.14.135.202 to port 2220 [J]	2020-02-01 07:42:55
128.199.218.137	attackbots	Invalid user pugal from 128.199.218.137 port 33402	2020-02-01 07:34:50
112.85.42.178	attackspambots	SSH bruteforce	2020-02-01 08:07:59
148.70.244.67	attack	Invalid user san from 148.70.244.67 port 53982	2020-02-01 07:51:06
192.241.208.173	attackbots	465/tcp [2020-01-31]1pkt	2020-02-01 07:48:03
171.247.140.22	attackspambots	445/tcp [2020-01-31]1pkt	2020-02-01 07:31:16
52.65.180.169	attack	Malicious brute force vulnerability hacking attacks	2020-02-01 07:35:08
193.33.233.6	attackspam	445/tcp [2020-01-31]1pkt	2020-02-01 07:45:00
106.13.187.30	attack	Unauthorized connection attempt detected from IP address 106.13.187.30 to port 2220 [J]	2020-02-01 07:28:48

最近上报的IP列表

233.26.100.208	201.206.69.237	10.54.70.71	232.52.53.191
194.116.236.208	125.164.21.182	109.236.50.201	157.245.252.154
83.248.187.193	157.32.235.198	173.221.26.69	131.230.6.193
29.121.207.11	191.85.97.196	120.238.65.227	20.96.185.22
14.29.51.160	41.218.119.140	11.32.146.247	199.77.94.30