140.143.139.97

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Tencent Cloud Computing (Beijing) Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	2020-07-27T08:19:23.260395vps751288.ovh.net sshd\[31022\]: Invalid user user1 from 140.143.139.97 port 53806 2020-07-27T08:19:23.267678vps751288.ovh.net sshd\[31022\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.139.97 2020-07-27T08:19:25.303389vps751288.ovh.net sshd\[31022\]: Failed password for invalid user user1 from 140.143.139.97 port 53806 ssh2 2020-07-27T08:24:11.746286vps751288.ovh.net sshd\[31038\]: Invalid user chenpq from 140.143.139.97 port 36528 2020-07-27T08:24:11.755588vps751288.ovh.net sshd\[31038\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.139.97	2020-07-27 14:43:32
attackspambots	Unauthorized connection attempt detected from IP address 140.143.139.97 to port 815	2020-07-20 05:33:46
attack	2020-07-06T23:58:16.207245mail.standpoint.com.ua sshd[31798]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.139.97 2020-07-06T23:58:16.204574mail.standpoint.com.ua sshd[31798]: Invalid user daniel from 140.143.139.97 port 48236 2020-07-06T23:58:18.378922mail.standpoint.com.ua sshd[31798]: Failed password for invalid user daniel from 140.143.139.97 port 48236 ssh2 2020-07-07T00:01:59.796834mail.standpoint.com.ua sshd[32322]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.139.97 user=root 2020-07-07T00:02:01.581467mail.standpoint.com.ua sshd[32322]: Failed password for root from 140.143.139.97 port 58712 ssh2 ...	2020-07-07 05:28:57
attackbots	Jun 17 00:46:12 Host-KLAX-C sshd[29368]: User root from 140.143.139.97 not allowed because not listed in AllowUsers ...	2020-06-17 15:36:22

Comments on same subnet:

IP	Type	Details	Datetime
140.143.139.14	attackbotsspam	Unauthorized SSH login attempts	2020-03-11 12:37:25
140.143.139.14	attackbotsspam	Mar 7 15:39:52 * sshd[5437]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.139.14 Mar 7 15:39:54 * sshd[5437]: Failed password for invalid user hadoop from 140.143.139.14 port 50048 ssh2	2020-03-07 22:41:04
140.143.139.14	attackbots	5x Failed Password	2020-03-04 06:31:16
140.143.139.14	attack	Feb 11 03:04:33 legacy sshd[9262]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.139.14 Feb 11 03:04:35 legacy sshd[9262]: Failed password for invalid user oov from 140.143.139.14 port 58434 ssh2 Feb 11 03:08:58 legacy sshd[9593]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.139.14 ...	2020-02-11 10:31:12
140.143.139.14	attackbotsspam	$f2bV_matches	2020-01-21 13:30:27
140.143.139.14	attackspambots	Dec 16 07:04:19 OPSO sshd\[10034\]: Invalid user test from 140.143.139.14 port 44044 Dec 16 07:04:19 OPSO sshd\[10034\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.139.14 Dec 16 07:04:21 OPSO sshd\[10034\]: Failed password for invalid user test from 140.143.139.14 port 44044 ssh2 Dec 16 07:11:55 OPSO sshd\[11550\]: Invalid user valerio from 140.143.139.14 port 43956 Dec 16 07:11:55 OPSO sshd\[11550\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.139.14	2019-12-16 14:14:37
140.143.139.14	attack	Dec 15 20:46:48 gw1 sshd[23724]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.139.14 Dec 15 20:46:50 gw1 sshd[23724]: Failed password for invalid user roebling from 140.143.139.14 port 55976 ssh2 ...	2019-12-16 04:19:09
140.143.139.14	attackspam	Dec 4 08:28:04 eventyay sshd[2787]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.139.14 Dec 4 08:28:06 eventyay sshd[2787]: Failed password for invalid user hhhhhhh from 140.143.139.14 port 39298 ssh2 Dec 4 08:34:49 eventyay sshd[3030]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.139.14 ...	2019-12-04 15:49:50
140.143.139.14	attack	Nov 30 10:18:44 srv01 sshd[15211]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.139.14 user=root Nov 30 10:18:46 srv01 sshd[15211]: Failed password for root from 140.143.139.14 port 49344 ssh2 Nov 30 10:22:25 srv01 sshd[15597]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.139.14 user=root Nov 30 10:22:27 srv01 sshd[15597]: Failed password for root from 140.143.139.14 port 54306 ssh2 Nov 30 10:26:05 srv01 sshd[15838]: Invalid user nilesh from 140.143.139.14 port 59272 ...	2019-11-30 22:22:27
140.143.139.14	attackbots	Nov 22 13:27:47 vibhu-HP-Z238-Microtower-Workstation sshd\[8412\]: Invalid user betsabe from 140.143.139.14 Nov 22 13:27:47 vibhu-HP-Z238-Microtower-Workstation sshd\[8412\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.139.14 Nov 22 13:27:49 vibhu-HP-Z238-Microtower-Workstation sshd\[8412\]: Failed password for invalid user betsabe from 140.143.139.14 port 57918 ssh2 Nov 22 13:32:00 vibhu-HP-Z238-Microtower-Workstation sshd\[8653\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.139.14 user=lp Nov 22 13:32:02 vibhu-HP-Z238-Microtower-Workstation sshd\[8653\]: Failed password for lp from 140.143.139.14 port 59216 ssh2 ...	2019-11-22 17:43:24
140.143.139.14	attackbots	Nov 4 07:35:10 vmanager6029 sshd\[12910\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.139.14 user=root Nov 4 07:35:12 vmanager6029 sshd\[12910\]: Failed password for root from 140.143.139.14 port 53878 ssh2 Nov 4 07:40:20 vmanager6029 sshd\[13057\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.139.14 user=mysql	2019-11-04 14:58:22

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 140.143.139.97
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 48672
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;140.143.139.97.			IN	A

;; AUTHORITY SECTION:
.			597	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020061700 1800 900 604800 86400

;; Query time: 95 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jun 17 15:36:10 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 97.139.143.140.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 97.139.143.140.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
195.54.161.15	attack	Jun 17 08:29:58 debian-2gb-nbg1-2 kernel: \[14634098.370864\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=195.54.161.15 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=54321 PROTO=TCP SPT=36014 DPT=10022 WINDOW=65535 RES=0x00 SYN URGP=0 Jun 17 08:29:58 debian-2gb-nbg1-2 kernel: \[14634098.382008\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=195.54.161.15 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=54321 PROTO=TCP SPT=36015 DPT=10022 WINDOW=65535 RES=0x00 SYN URGP=0 Jun 17 08:29:58 debian-2gb-nbg1-2 kernel: \[14634098.401187\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=195.54.161.15 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=54321 PROTO=TCP SPT=36013 DPT=10022 WINDOW=65535 RES=0x00 SYN URGP=0	2020-06-17 16:23:49
211.33.249.229	attackspam	TCP (SYN) 211.33.249.229:19395 -> port 23, len 40	2020-06-17 15:59:56
13.95.211.158	attackspam	Invalid user wordpress from 13.95.211.158 port 40580	2020-06-17 15:55:06
58.221.204.114	attackspambots	Jun 17 07:26:54 vps639187 sshd\[23164\]: Invalid user flood from 58.221.204.114 port 60235 Jun 17 07:26:54 vps639187 sshd\[23164\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.221.204.114 Jun 17 07:26:55 vps639187 sshd\[23164\]: Failed password for invalid user flood from 58.221.204.114 port 60235 ssh2 ...	2020-06-17 16:21:51
183.91.7.53	attack	SMB Server BruteForce Attack	2020-06-17 15:57:29
200.73.128.100	attackbotsspam	Invalid user office from 200.73.128.100 port 36964	2020-06-17 16:25:01
110.12.8.10	attack	Jun 16 22:32:47 mockhub sshd[29946]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.12.8.10 Jun 16 22:32:50 mockhub sshd[29946]: Failed password for invalid user oracle from 110.12.8.10 port 24616 ssh2 ...	2020-06-17 16:35:57
49.233.208.40	attackspambots	Jun 17 05:51:59 ncomp sshd[27347]: Invalid user vmware from 49.233.208.40 Jun 17 05:51:59 ncomp sshd[27347]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.208.40 Jun 17 05:51:59 ncomp sshd[27347]: Invalid user vmware from 49.233.208.40 Jun 17 05:52:02 ncomp sshd[27347]: Failed password for invalid user vmware from 49.233.208.40 port 36652 ssh2	2020-06-17 16:16:43
61.177.172.159	attack	2020-06-17T09:47:38.207536vps751288.ovh.net sshd\[3360\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.159 user=root 2020-06-17T09:47:39.878711vps751288.ovh.net sshd\[3360\]: Failed password for root from 61.177.172.159 port 56926 ssh2 2020-06-17T09:47:43.216818vps751288.ovh.net sshd\[3360\]: Failed password for root from 61.177.172.159 port 56926 ssh2 2020-06-17T09:47:46.293649vps751288.ovh.net sshd\[3360\]: Failed password for root from 61.177.172.159 port 56926 ssh2 2020-06-17T09:47:50.420665vps751288.ovh.net sshd\[3360\]: Failed password for root from 61.177.172.159 port 56926 ssh2	2020-06-17 15:56:41
185.16.238.198	attackspambots	23 attempts against mh-misbehave-ban on sonic	2020-06-17 15:55:37
111.68.98.152	attack	Jun 17 10:02:58 sso sshd[11022]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.68.98.152 Jun 17 10:03:00 sso sshd[11022]: Failed password for invalid user ftp from 111.68.98.152 port 57762 ssh2 ...	2020-06-17 16:07:10
193.169.52.164	attack	445/tcp 1433/tcp... [2020-04-30/06-17]9pkt,2pt.(tcp)	2020-06-17 15:57:55
106.12.175.218	attack	2020-06-17T09:52:22.486263 sshd[23911]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.175.218 user=root 2020-06-17T09:52:24.478751 sshd[23911]: Failed password for root from 106.12.175.218 port 55052 ssh2 2020-06-17T10:01:39.506480 sshd[24183]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.175.218 user=root 2020-06-17T10:01:41.633467 sshd[24183]: Failed password for root from 106.12.175.218 port 35316 ssh2 ...	2020-06-17 16:03:12
118.25.74.199	attackspam	Jun 17 09:36:17 pornomens sshd\[23004\]: Invalid user sinus from 118.25.74.199 port 54042 Jun 17 09:36:17 pornomens sshd\[23004\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.74.199 Jun 17 09:36:19 pornomens sshd\[23004\]: Failed password for invalid user sinus from 118.25.74.199 port 54042 ssh2 ...	2020-06-17 16:26:52
185.39.10.58	attack	Port scan on 3 port(s): 2986 3010 3041	2020-06-17 16:07:38

Recently Reported IPs

93.117.224.209	225.234.199.71	80.30.255.180	17.27.59.224
183.116.195.70	40.2.151.16	142.217.202.21	72.223.188.123
61.177.172.159	3.70.14.140	245.57.226.225	106.172.180.250
151.178.96.94	51.149.182.227	88.233.182.162	9.228.179.12
15.179.78.246	240.155.156.143	183.91.7.53	232.133.242.127