114.143.139.18

Basic Info

City: Mumbai

Region: Maharashtra

Country: India

Internet Service Provider: Tata Teleservices Ltd

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt detected from IP address 114.143.139.18 to port 445	2020-02-19 04:38:07

Comments on same subnet:

IP	Type	Details	Datetime
114.143.139.222	attackspambots	Sep 17 05:00:19 sip sshd[1628644]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.143.139.222 user=root Sep 17 05:00:21 sip sshd[1628644]: Failed password for root from 114.143.139.222 port 60354 ssh2 Sep 17 05:04:30 sip sshd[1628749]: Invalid user jackson from 114.143.139.222 port 40636 ...	2020-09-17 18:08:54
114.143.139.222	attack	$f2bV_matches	2020-09-17 09:21:25
114.143.139.222	attackbotsspam	2020-08-09T00:31:48.090163vps751288.ovh.net sshd\[2813\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.143.139.222 user=root 2020-08-09T00:31:49.791449vps751288.ovh.net sshd\[2813\]: Failed password for root from 114.143.139.222 port 54980 ssh2 2020-08-09T00:35:12.445255vps751288.ovh.net sshd\[2829\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.143.139.222 user=root 2020-08-09T00:35:13.819997vps751288.ovh.net sshd\[2829\]: Failed password for root from 114.143.139.222 port 57036 ssh2 2020-08-09T00:38:42.223362vps751288.ovh.net sshd\[2859\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.143.139.222 user=root	2020-08-09 06:49:10
114.143.139.222	attack	Aug 8 00:58:57 root sshd[1849]: Failed password for root from 114.143.139.222 port 56056 ssh2 Aug 8 01:08:28 root sshd[3174]: Failed password for root from 114.143.139.222 port 44870 ssh2 ...	2020-08-08 08:09:32
114.143.139.222	attackbots	Coordinated SSH brute-force attack from different IPs. pam_unix(sshd:auth): user=root	2020-08-07 01:18:31
114.143.139.222	attackspambots	Aug 3 01:13:01 NPSTNNYC01T sshd[11893]: Failed password for root from 114.143.139.222 port 56916 ssh2 Aug 3 01:17:58 NPSTNNYC01T sshd[12380]: Failed password for root from 114.143.139.222 port 45896 ssh2 ...	2020-08-03 19:35:17
114.143.139.222	attackspam	Lines containing failures of 114.143.139.222 Jul 28 17:06:50 v2hgb sshd[6218]: Invalid user yucen from 114.143.139.222 port 41508 Jul 28 17:06:50 v2hgb sshd[6218]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.143.139.222 Jul 28 17:06:52 v2hgb sshd[6218]: Failed password for invalid user yucen from 114.143.139.222 port 41508 ssh2 Jul 28 17:06:53 v2hgb sshd[6218]: Received disconnect from 114.143.139.222 port 41508:11: Bye Bye [preauth] Jul 28 17:06:53 v2hgb sshd[6218]: Disconnected from invalid user yucen 114.143.139.222 port 41508 [preauth] Jul 28 17:19:27 v2hgb sshd[7568]: Invalid user yihuan from 114.143.139.222 port 54502 Jul 28 17:19:27 v2hgb sshd[7568]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.143.139.222 Jul 28 17:19:30 v2hgb sshd[7568]: Failed password for invalid user yihuan from 114.143.139.222 port 54502 ssh2 Jul 28 17:19:32 v2hgb sshd[7568]: Received disconnect ........ ------------------------------	2020-07-30 14:14:20
114.143.139.222	attack	Invalid user aqmao from 114.143.139.222 port 48736	2020-07-29 13:44:12
114.143.139.230	attackspambots	RDP Brute-Force (Grieskirchen RZ2)	2019-11-12 16:55:25
114.143.139.38	attackspam	Invalid user temp from 114.143.139.38 port 41538	2019-09-25 09:22:07
114.143.139.38	attack	Automated report - ssh fail2ban: Sep 24 17:31:36 authentication failure Sep 24 17:31:38 wrong password, user=prueba, port=55554, ssh2 Sep 24 17:55:41 authentication failure	2019-09-25 00:19:33
114.143.139.38	attack	Sep 23 10:51:42 ns37 sshd[11495]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.143.139.38 Sep 23 10:51:42 ns37 sshd[11495]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.143.139.38	2019-09-23 17:14:34
114.143.139.38	attack	Sep 22 16:19:02 SilenceServices sshd[3864]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.143.139.38 Sep 22 16:19:04 SilenceServices sshd[3864]: Failed password for invalid user ccccc from 114.143.139.38 port 35808 ssh2 Sep 22 16:22:59 SilenceServices sshd[5281]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.143.139.38	2019-09-22 22:38:03
114.143.139.38	attackspambots	Sep 21 13:53:15 thevastnessof sshd[24067]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.143.139.38 ...	2019-09-22 01:34:09
114.143.139.38	attack	Sep 21 13:44:46 vps691689 sshd[17955]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.143.139.38 Sep 21 13:44:48 vps691689 sshd[17955]: Failed password for invalid user cherry from 114.143.139.38 port 56886 ssh2 ...	2019-09-21 20:01:12

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 114.143.139.18
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 40267
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;114.143.139.18.			IN	A

;; AUTHORITY SECTION:
.			531	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020021803 1800 900 604800 86400

;; Query time: 118 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Feb 19 04:38:03 CST 2020
;; MSG SIZE  rcvd: 118

Host info

18.139.143.114.in-addr.arpa domain name pointer static-18.139.143.114-tataidc.co.in.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
18.139.143.114.in-addr.arpa	name = static-18.139.143.114-tataidc.co.in.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
203.230.6.175	attackbots	k+ssh-bruteforce	2020-09-10 01:55:21
186.146.1.186	attackspambots	k+ssh-bruteforce	2020-09-10 02:00:13
194.0.139.227	attackbotsspam	(sshd) Failed SSH login from 194.0.139.227 (IT/Italy/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 9 09:24:41 server2 sshd[14127]: Invalid user pi from 194.0.139.227 Sep 9 09:24:42 server2 sshd[14128]: Invalid user pi from 194.0.139.227 Sep 9 09:24:42 server2 sshd[14127]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.0.139.227 Sep 9 09:24:42 server2 sshd[14128]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.0.139.227 Sep 9 09:24:44 server2 sshd[14127]: Failed password for invalid user pi from 194.0.139.227 port 46950 ssh2	2020-09-10 01:41:52
162.247.74.74	attack	Sep 9 20:16:35 vps647732 sshd[24333]: Failed password for root from 162.247.74.74 port 38256 ssh2 Sep 9 20:16:38 vps647732 sshd[24333]: Failed password for root from 162.247.74.74 port 38256 ssh2 ...	2020-09-10 02:21:25
51.75.52.118	attackbots	SSH Brute-Forcing (server2)	2020-09-10 02:08:17
104.248.71.7	attackbotsspam	prod8 ...	2020-09-10 02:12:21
51.79.74.209	attackspam	Sep 9 19:35:10 jane sshd[32007]: Failed password for root from 51.79.74.209 port 58592 ssh2 ...	2020-09-10 01:39:19
45.19.106.95	attackspambots	port scan and connect, tcp 443 (https)	2020-09-10 01:53:51
171.118.9.169	attackspam	TCP (SYN) 171.118.9.169:38377 -> port 8080, len 40	2020-09-10 02:17:07
193.57.40.74	attackspambots	(Sep 9) LEN=40 PREC=0x20 TTL=248 ID=37542 TCP DPT=445 WINDOW=1024 SYN (Sep 9) LEN=40 PREC=0x20 TTL=248 ID=49118 TCP DPT=445 WINDOW=1024 SYN (Sep 9) LEN=40 PREC=0x20 TTL=248 ID=38898 TCP DPT=445 WINDOW=1024 SYN (Sep 8) LEN=40 PREC=0x20 TTL=248 ID=37679 TCP DPT=445 WINDOW=1024 SYN (Sep 8) LEN=40 PREC=0x20 TTL=248 ID=42699 TCP DPT=445 WINDOW=1024 SYN (Sep 8) LEN=40 PREC=0x20 TTL=248 ID=18398 TCP DPT=445 WINDOW=1024 SYN (Sep 8) LEN=40 PREC=0x20 TTL=248 ID=31754 TCP DPT=445 WINDOW=1024 SYN (Sep 8) LEN=40 PREC=0x20 TTL=248 ID=7558 TCP DPT=445 WINDOW=1024 SYN (Sep 7) LEN=40 PREC=0x20 TTL=248 ID=2605 TCP DPT=445 WINDOW=1024 SYN (Sep 7) LEN=40 PREC=0x20 TTL=248 ID=46122 TCP DPT=445 WINDOW=1024 SYN (Sep 7) LEN=40 PREC=0x20 TTL=248 ID=21429 TCP DPT=445 WINDOW=1024 SYN (Sep 7) LEN=40 PREC=0x20 TTL=248 ID=24666 TCP DPT=445 WINDOW=1024 SYN	2020-09-10 01:57:46
188.166.211.194	attackbotsspam	Sep 10 00:49:34 webhost01 sshd[13670]: Failed password for root from 188.166.211.194 port 55293 ssh2 ...	2020-09-10 02:18:42
177.69.237.49	attackspam	(sshd) Failed SSH login from 177.69.237.49 (BR/Brazil/177-069-237-049.static.ctbctelecom.com.br): 5 in the last 3600 secs	2020-09-10 02:09:46
139.59.83.179	attackbotsspam	Fail2Ban Ban Triggered	2020-09-10 02:13:20
115.236.136.89	attackbotsspam	Sep 7 18:09:22 plesk sshd[17069]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.236.136.89 user=r.r Sep 7 18:09:24 plesk sshd[17069]: Failed password for r.r from 115.236.136.89 port 36222 ssh2 Sep 7 18:09:24 plesk sshd[17069]: Received disconnect from 115.236.136.89: 11: Bye Bye [preauth] Sep 7 18:23:28 plesk sshd[18006]: Connection closed by 115.236.136.89 [preauth] Sep 7 18:25:23 plesk sshd[18155]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.236.136.89 user=r.r Sep 7 18:25:25 plesk sshd[18155]: Failed password for r.r from 115.236.136.89 port 57368 ssh2 Sep 7 18:25:25 plesk sshd[18155]: Received disconnect from 115.236.136.89: 11: Bye Bye [preauth] Sep 7 18:27:31 plesk sshd[18343]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.236.136.89 user=r.r Sep 7 18:27:33 plesk sshd[18343]: Failed password for r.r from 115.236.1........ -------------------------------	2020-09-10 01:58:51
152.32.164.141	attackspambots	2020-09-09T09:17:56.848447upcloud.m0sh1x2.com sshd[9070]: Invalid user auy from 152.32.164.141 port 55566	2020-09-10 02:08:50

Recently Reported IPs

124.123.113.120	134.204.110.15	101.65.118.252	86.20.220.60
41.90.50.20	212.34.102.127	2a02:1205:500f:df00:cd23:f124:eb93:e39d	130.86.0.78
3.126.122.30	3.1.107.175	31.216.163.132	27.77.252.145
14.55.183.97	210.10.172.105	198.45.143.47	77.57.206.181
179.24.207.124	92.133.211.117	175.215.79.192	117.52.124.207