140.143.138.59

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Tencent Cloud Computing (Beijing) Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Unauthorized connection attempt detected from IP address 140.143.138.59 to port 6379 [T]	2020-01-07 02:04:08

Comments on same subnet:

IP	Type	Details	Datetime
140.143.138.202	attack	Invalid user deploy from 140.143.138.202 port 55078	2020-05-14 09:26:58
140.143.138.202	attack	May 12 08:09:33 ns382633 sshd\[14187\]: Invalid user paulo from 140.143.138.202 port 48428 May 12 08:09:33 ns382633 sshd\[14187\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.138.202 May 12 08:09:35 ns382633 sshd\[14187\]: Failed password for invalid user paulo from 140.143.138.202 port 48428 ssh2 May 12 08:23:52 ns382633 sshd\[16823\]: Invalid user it from 140.143.138.202 port 38890 May 12 08:23:52 ns382633 sshd\[16823\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.138.202	2020-05-12 16:33:42
140.143.138.196	attackspambots	May 9 04:16:30 host sshd[49003]: Invalid user apagar from 140.143.138.196 port 50484 ...	2020-05-09 16:41:10
140.143.138.196	attackbots	Unauthorized SSH login attempts	2020-05-02 21:15:12
140.143.138.117	attackspam	Invalid user df from 140.143.138.117 port 35254	2020-04-21 13:08:28

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 140.143.138.59
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29985
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;140.143.138.59.			IN	A

;; AUTHORITY SECTION:
.			497	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020010601 1800 900 604800 86400

;; Query time: 94 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jan 07 02:04:05 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 59.138.143.140.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 59.138.143.140.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
142.93.247.238	attackspambots	$f2bV_matches	2020-10-01 06:35:04
207.154.242.83	attackbots	Sep 27 03:50:18 : SSH login attempts with invalid user	2020-10-01 06:35:59
190.0.159.74	attack	Sep 30 23:50:14 ns3164893 sshd[18651]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.0.159.74 Sep 30 23:50:15 ns3164893 sshd[18651]: Failed password for invalid user deploy from 190.0.159.74 port 47163 ssh2 ...	2020-10-01 06:24:12
200.216.59.194	attackbots	Telnet/23 MH Probe, Scan, BF, Hack -	2020-10-01 06:22:58
80.82.77.245	attack	80.82.77.245 was recorded 5 times by 3 hosts attempting to connect to the following ports: 2638,3671,5093. Incident counter (4h, 24h, all-time): 5, 37, 27744	2020-10-01 06:21:39
92.118.161.21	attackbotsspam	Port Scan/VNC login attempt ...	2020-10-01 06:45:49
103.145.13.221	attack	UDP 103.145.13.221:5349 -> port 5060, len 442	2020-10-01 06:41:45
195.154.177.22	attack	195.154.177.22 - - [30/Sep/2020:22:04:42 +0100] "POST //xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 195.154.177.22 - - [30/Sep/2020:22:04:42 +0100] "POST //xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 195.154.177.22 - - [30/Sep/2020:22:04:42 +0100] "POST //xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" ...	2020-10-01 06:16:54
102.165.30.41	attackspambots	firewall-block, port(s): 3493/tcp	2020-10-01 06:43:03
114.113.81.130	attack	[N3.H3.VM3] Port Scanner Detected Blocked by UFW	2020-10-01 06:39:34
206.189.88.253	attackbots	4580/tcp 25249/tcp 13327/tcp... [2020-08-01/09-30]174pkt,60pt.(tcp)	2020-10-01 06:23:26
134.122.17.163	attack	Wordpress malicious attack:[sshd]	2020-10-01 06:20:20
120.194.194.86	attack	ET SCAN Suspicious inbound to MSSQL port 1433 - port: 1433 proto: tcp cat: Potentially Bad Trafficbytes: 60	2020-10-01 06:38:59
106.12.15.239	attack	2020-09-30T23:49:51+0200 Failed SSH Authentication/Brute Force Attack. (Server 9)	2020-10-01 06:40:39
148.72.23.247	attackbots	wp-login.php	2020-10-01 06:24:25

Recently Reported IPs

122.51.103.132	122.51.99.115	119.123.128.116	118.73.64.51
118.70.91.189	118.68.154.32	117.68.113.247	5.88.130.165
115.238.183.110	115.201.100.46	115.126.224.10	113.220.113.190
111.172.164.201	101.51.5.203	95.85.62.70	80.240.104.10
72.52.72.75	49.88.172.134	49.82.135.85	47.100.215.19