140.143.139.14

Basic Info

City: Beijing

Region: Beijing

Country: China

Internet Service Provider: Tencent Cloud Computing (Beijing) Co. Ltd.

Hostname: unknown

Organization: Shenzhen Tencent Computer Systems Company Limited

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Unauthorized SSH login attempts	2020-03-11 12:37:25
attackbotsspam	Mar 7 15:39:52 * sshd[5437]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.139.14 Mar 7 15:39:54 * sshd[5437]: Failed password for invalid user hadoop from 140.143.139.14 port 50048 ssh2	2020-03-07 22:41:04
attackbots	5x Failed Password	2020-03-04 06:31:16
attack	Feb 11 03:04:33 legacy sshd[9262]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.139.14 Feb 11 03:04:35 legacy sshd[9262]: Failed password for invalid user oov from 140.143.139.14 port 58434 ssh2 Feb 11 03:08:58 legacy sshd[9593]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.139.14 ...	2020-02-11 10:31:12
attackbotsspam	$f2bV_matches	2020-01-21 13:30:27
attackspambots	Dec 16 07:04:19 OPSO sshd\[10034\]: Invalid user test from 140.143.139.14 port 44044 Dec 16 07:04:19 OPSO sshd\[10034\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.139.14 Dec 16 07:04:21 OPSO sshd\[10034\]: Failed password for invalid user test from 140.143.139.14 port 44044 ssh2 Dec 16 07:11:55 OPSO sshd\[11550\]: Invalid user valerio from 140.143.139.14 port 43956 Dec 16 07:11:55 OPSO sshd\[11550\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.139.14	2019-12-16 14:14:37
attack	Dec 15 20:46:48 gw1 sshd[23724]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.139.14 Dec 15 20:46:50 gw1 sshd[23724]: Failed password for invalid user roebling from 140.143.139.14 port 55976 ssh2 ...	2019-12-16 04:19:09
attackspam	Dec 4 08:28:04 eventyay sshd[2787]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.139.14 Dec 4 08:28:06 eventyay sshd[2787]: Failed password for invalid user hhhhhhh from 140.143.139.14 port 39298 ssh2 Dec 4 08:34:49 eventyay sshd[3030]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.139.14 ...	2019-12-04 15:49:50
attack	Nov 30 10:18:44 srv01 sshd[15211]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.139.14 user=root Nov 30 10:18:46 srv01 sshd[15211]: Failed password for root from 140.143.139.14 port 49344 ssh2 Nov 30 10:22:25 srv01 sshd[15597]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.139.14 user=root Nov 30 10:22:27 srv01 sshd[15597]: Failed password for root from 140.143.139.14 port 54306 ssh2 Nov 30 10:26:05 srv01 sshd[15838]: Invalid user nilesh from 140.143.139.14 port 59272 ...	2019-11-30 22:22:27
attackbots	Nov 22 13:27:47 vibhu-HP-Z238-Microtower-Workstation sshd\[8412\]: Invalid user betsabe from 140.143.139.14 Nov 22 13:27:47 vibhu-HP-Z238-Microtower-Workstation sshd\[8412\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.139.14 Nov 22 13:27:49 vibhu-HP-Z238-Microtower-Workstation sshd\[8412\]: Failed password for invalid user betsabe from 140.143.139.14 port 57918 ssh2 Nov 22 13:32:00 vibhu-HP-Z238-Microtower-Workstation sshd\[8653\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.139.14 user=lp Nov 22 13:32:02 vibhu-HP-Z238-Microtower-Workstation sshd\[8653\]: Failed password for lp from 140.143.139.14 port 59216 ssh2 ...	2019-11-22 17:43:24
attackbots	Nov 4 07:35:10 vmanager6029 sshd\[12910\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.139.14 user=root Nov 4 07:35:12 vmanager6029 sshd\[12910\]: Failed password for root from 140.143.139.14 port 53878 ssh2 Nov 4 07:40:20 vmanager6029 sshd\[13057\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.139.14 user=mysql	2019-11-04 14:58:22

Comments on same subnet:

IP	Type	Details	Datetime
140.143.139.97	attackbotsspam	2020-07-27T08:19:23.260395vps751288.ovh.net sshd\[31022\]: Invalid user user1 from 140.143.139.97 port 53806 2020-07-27T08:19:23.267678vps751288.ovh.net sshd\[31022\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.139.97 2020-07-27T08:19:25.303389vps751288.ovh.net sshd\[31022\]: Failed password for invalid user user1 from 140.143.139.97 port 53806 ssh2 2020-07-27T08:24:11.746286vps751288.ovh.net sshd\[31038\]: Invalid user chenpq from 140.143.139.97 port 36528 2020-07-27T08:24:11.755588vps751288.ovh.net sshd\[31038\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.139.97	2020-07-27 14:43:32
140.143.139.97	attackspambots	Unauthorized connection attempt detected from IP address 140.143.139.97 to port 815	2020-07-20 05:33:46
140.143.139.97	attack	2020-07-06T23:58:16.207245mail.standpoint.com.ua sshd[31798]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.139.97 2020-07-06T23:58:16.204574mail.standpoint.com.ua sshd[31798]: Invalid user daniel from 140.143.139.97 port 48236 2020-07-06T23:58:18.378922mail.standpoint.com.ua sshd[31798]: Failed password for invalid user daniel from 140.143.139.97 port 48236 ssh2 2020-07-07T00:01:59.796834mail.standpoint.com.ua sshd[32322]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.139.97 user=root 2020-07-07T00:02:01.581467mail.standpoint.com.ua sshd[32322]: Failed password for root from 140.143.139.97 port 58712 ssh2 ...	2020-07-07 05:28:57
140.143.139.97	attackbots	Jun 17 00:46:12 Host-KLAX-C sshd[29368]: User root from 140.143.139.97 not allowed because not listed in AllowUsers ...	2020-06-17 15:36:22

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 140.143.139.14
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 5654
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;140.143.139.14.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019033001 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sun Mar 31 07:09:13 +08 2019
;; MSG SIZE  rcvd: 118

Host info

Host 14.139.143.140.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 14.139.143.140.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
156.236.119.175	attackbotsspam	Feb 8 11:50:29 vps647732 sshd[29887]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=156.236.119.175 Feb 8 11:50:32 vps647732 sshd[29887]: Failed password for invalid user zpq from 156.236.119.175 port 38662 ssh2 ...	2020-02-08 19:45:41
80.82.70.206	attackbots	80.82.70.206 - - \[08/Feb/2020:08:42:32 +0100\] "GET / HTTP/1.1" 404 129 "-" "Mozilla/5.0 $compatible\; MSIE 9.0\; Windows NT 6.1\; Trident/5.0$" 80.82.70.206 - - \[08/Feb/2020:08:42:32 +0100\] "GET /wp-login.php HTTP/1.1" 404 129 "-" "Mozilla/5.0 $compatible\; MSIE 9.0\; Windows NT 6.1\; Trident/5.0$" 80.82.70.206 - - \[08/Feb/2020:08:42:32 +0100\] "GET /blog/wp-login.php HTTP/1.1" 404 129 "-" "Mozilla/5.0 $compatible\; MSIE 9.0\; Windows NT 6.1\; Trident/5.0$" 80.82.70.206 - - \[08/Feb/2020:08:42:32 +0100\] "GET /blogs/wp-login.php HTTP/1.1" 404 129 "-" "Mozilla/5.0 $compatible\; MSIE 9.0\; Windows NT 6.1\; Trident/5.0$" 80.82.70.206 - - \[08/Feb/2020:08:42:32 +0100\] "GET /home/wp-login.php HTTP/1.1" 404 129 "-" "Mozilla/5.0 $compatible\; MSIE 9.0\; Windows NT 6.1\; Trident/5.0$" ...	2020-02-08 19:30:11
92.118.37.88	attackbotsspam	Feb 8 12:48:05 mail kernel: [571942.750548] [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=92.118.37.88 DST=77.73.69.240 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=460 PROTO=TCP SPT=48566 DPT=30745 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2020-02-08 19:58:01
121.238.174.127	attackspambots	Honeypot attack, port: 81, PTR: PTR record not found	2020-02-08 19:39:40
73.36.232.192	attackspam	Brute force attempt	2020-02-08 19:56:26
103.105.227.65	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-02-08 20:00:17
187.73.17.183	attackspambots	Email rejected due to spam filtering	2020-02-08 19:34:07
139.59.7.76	attackbotsspam	$f2bV_matches_ltvn	2020-02-08 19:57:10
49.236.192.74	attack	Feb 8 05:34:01 plusreed sshd[20211]: Invalid user esw from 49.236.192.74 ...	2020-02-08 19:37:51
36.78.201.122	attackspambots	Feb 8 11:32:22 hcbbdb sshd\[7578\]: Invalid user admin from 36.78.201.122 Feb 8 11:32:23 hcbbdb sshd\[7578\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.78.201.122 Feb 8 11:32:25 hcbbdb sshd\[7578\]: Failed password for invalid user admin from 36.78.201.122 port 1580 ssh2 Feb 8 11:32:36 hcbbdb sshd\[7587\]: Invalid user admin from 36.78.201.122 Feb 8 11:32:38 hcbbdb sshd\[7587\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.78.201.122	2020-02-08 19:41:54
222.186.175.150	attack	Feb 8 12:45:52 v22018076622670303 sshd\[17303\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.150 user=root Feb 8 12:45:54 v22018076622670303 sshd\[17303\]: Failed password for root from 222.186.175.150 port 52298 ssh2 Feb 8 12:46:03 v22018076622670303 sshd\[17303\]: Failed password for root from 222.186.175.150 port 52298 ssh2 ...	2020-02-08 19:47:01
94.191.36.246	attackspambots	Feb 8 10:28:59 Ubuntu-1404-trusty-64-minimal sshd\[29473\]: Invalid user hdd from 94.191.36.246 Feb 8 10:28:59 Ubuntu-1404-trusty-64-minimal sshd\[29473\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.191.36.246 Feb 8 10:29:02 Ubuntu-1404-trusty-64-minimal sshd\[29473\]: Failed password for invalid user hdd from 94.191.36.246 port 58360 ssh2 Feb 8 10:30:25 Ubuntu-1404-trusty-64-minimal sshd\[2165\]: Invalid user xaz from 94.191.36.246 Feb 8 10:30:25 Ubuntu-1404-trusty-64-minimal sshd\[2165\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.191.36.246	2020-02-08 19:41:00
218.92.0.175	attackspambots	Feb 8 12:34:25 dcd-gentoo sshd[25851]: User root from 218.92.0.175 not allowed because none of user's groups are listed in AllowGroups Feb 8 12:34:28 dcd-gentoo sshd[25851]: error: PAM: Authentication failure for illegal user root from 218.92.0.175 Feb 8 12:34:25 dcd-gentoo sshd[25851]: User root from 218.92.0.175 not allowed because none of user's groups are listed in AllowGroups Feb 8 12:34:28 dcd-gentoo sshd[25851]: error: PAM: Authentication failure for illegal user root from 218.92.0.175 Feb 8 12:34:25 dcd-gentoo sshd[25851]: User root from 218.92.0.175 not allowed because none of user's groups are listed in AllowGroups Feb 8 12:34:28 dcd-gentoo sshd[25851]: error: PAM: Authentication failure for illegal user root from 218.92.0.175 Feb 8 12:34:28 dcd-gentoo sshd[25851]: Failed keyboard-interactive/pam for invalid user root from 218.92.0.175 port 14673 ssh2 ...	2020-02-08 19:44:08
187.111.192.202	attackspambots	Email rejected due to spam filtering	2020-02-08 19:36:24
111.93.4.174	attackspambots	2020-2-8 11:27:34 AM: failed ssh attempt	2020-02-08 19:50:17

Recently Reported IPs

89.231.35.29	125.227.38.168	188.254.0.170	194.61.24.222
145.239.90.16	176.31.250.160	188.226.219.141	82.102.18.57
103.52.16.35	40.121.164.112	59.174.55.6	37.221.164.116
177.19.181.10	107.151.222.9	66.85.6.225	45.57.147.87
125.109.117.34	40.121.194.233	13.64.93.10	51.255.197.18