140.143.199.249

Basic Info

City: Beijing

Region: Beijing

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: Shenzhen Tencent Computer Systems Company Limited

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
140.143.199.89	attack	SSH login attempts.	2020-08-27 04:47:16
140.143.199.89	attackspam	Aug 25 14:47:39 XXX sshd[56331]: Invalid user web from 140.143.199.89 port 37546	2020-08-26 03:11:55
140.143.199.89	attackbots	Invalid user hub from 140.143.199.89 port 47702	2020-08-21 14:33:12
140.143.199.89	attackspambots	Bruteforce detected by fail2ban	2020-08-10 15:28:10
140.143.199.68	attack	Aug 3 11:35:15 cumulus sshd[20050]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.199.68 user=r.r Aug 3 11:35:17 cumulus sshd[20050]: Failed password for r.r from 140.143.199.68 port 54612 ssh2 Aug 3 11:35:18 cumulus sshd[20050]: Received disconnect from 140.143.199.68 port 54612:11: Bye Bye [preauth] Aug 3 11:35:18 cumulus sshd[20050]: Disconnected from 140.143.199.68 port 54612 [preauth] Aug 3 11:41:21 cumulus sshd[20776]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.199.68 user=r.r Aug 3 11:41:22 cumulus sshd[20776]: Failed password for r.r from 140.143.199.68 port 51122 ssh2 Aug 3 11:41:23 cumulus sshd[20776]: Received disconnect from 140.143.199.68 port 51122:11: Bye Bye [preauth] Aug 3 11:41:23 cumulus sshd[20776]: Disconnected from 140.143.199.68 port 51122 [preauth] Aug 3 11:43:25 cumulus sshd[20932]: pam_unix(sshd:auth): authentication failure; lognam........ -------------------------------	2020-08-04 08:23:45
140.143.199.89	attack	[ssh] SSH attack	2020-07-29 17:39:33
140.143.199.169	attack	Jul 13 05:44:30 Ubuntu-1404-trusty-64-minimal sshd\[8587\]: Invalid user apache from 140.143.199.169 Jul 13 05:44:30 Ubuntu-1404-trusty-64-minimal sshd\[8587\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.199.169 Jul 13 05:44:32 Ubuntu-1404-trusty-64-minimal sshd\[8587\]: Failed password for invalid user apache from 140.143.199.169 port 35000 ssh2 Jul 13 05:50:17 Ubuntu-1404-trusty-64-minimal sshd\[11610\]: Invalid user sysadmin from 140.143.199.169 Jul 13 05:50:17 Ubuntu-1404-trusty-64-minimal sshd\[11610\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.199.169	2020-07-13 17:19:04
140.143.199.89	attackspam	fail2ban/Jun 28 05:50:07 h1962932 sshd[11044]: Invalid user zwg from 140.143.199.89 port 40784 Jun 28 05:50:07 h1962932 sshd[11044]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.199.89 Jun 28 05:50:07 h1962932 sshd[11044]: Invalid user zwg from 140.143.199.89 port 40784 Jun 28 05:50:09 h1962932 sshd[11044]: Failed password for invalid user zwg from 140.143.199.89 port 40784 ssh2 Jun 28 05:54:11 h1962932 sshd[20976]: Invalid user abel from 140.143.199.89 port 53926	2020-06-28 14:41:37
140.143.199.169	attackspam	Invalid user jack from 140.143.199.169 port 34148	2020-06-21 13:27:46
140.143.199.169	attack	ssh brute force	2020-06-19 13:53:08
140.143.199.169	attack	...	2020-06-17 02:45:35
140.143.199.169	attackspam	Jun 16 06:52:00 * sshd[21040]: Failed password for root from 140.143.199.169 port 43058 ssh2	2020-06-16 17:02:58
140.143.199.89	attack	Jun 8 22:19:39 piServer sshd[20263]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.199.89 Jun 8 22:19:41 piServer sshd[20263]: Failed password for invalid user admin from 140.143.199.89 port 57424 ssh2 Jun 8 22:23:41 piServer sshd[20644]: Failed password for root from 140.143.199.89 port 47244 ssh2 ...	2020-06-09 07:19:17
140.143.199.169	attackspambots	Jun 8 14:04:51 nextcloud sshd\[22676\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.199.169 user=root Jun 8 14:04:53 nextcloud sshd\[22676\]: Failed password for root from 140.143.199.169 port 45924 ssh2 Jun 8 14:09:20 nextcloud sshd\[28531\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.199.169 user=root	2020-06-08 20:53:02
140.143.199.169	attackbotsspam	Jun 7 00:33:22 prox sshd[9245]: Failed password for root from 140.143.199.169 port 59264 ssh2	2020-06-07 07:38:35

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 140.143.199.249
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 9005
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;140.143.199.249.		IN	A

;; AUTHORITY SECTION:
.			3482	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040400 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Thu Apr 04 15:32:04 +08 2019
;; MSG SIZE  rcvd: 119

Host info

Host 249.199.143.140.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 249.199.143.140.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
93.142.122.122	attack	TCP Port Scanning	2019-10-30 01:24:46
58.229.208.187	attackbotsspam	Oct 29 05:33:31 tdfoods sshd\[548\]: Invalid user TengYuan from 58.229.208.187 Oct 29 05:33:31 tdfoods sshd\[548\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.229.208.187 Oct 29 05:33:33 tdfoods sshd\[548\]: Failed password for invalid user TengYuan from 58.229.208.187 port 39396 ssh2 Oct 29 05:38:39 tdfoods sshd\[949\]: Invalid user awg from 58.229.208.187 Oct 29 05:38:39 tdfoods sshd\[949\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.229.208.187	2019-10-30 01:33:10
110.168.25.21	attackspam	Mail/25/465/587-993/995 Probe, Reject, BadAuth, Hack, SPAM -	2019-10-30 01:08:27
103.219.112.61	attackspambots	Invalid user tipoholding from 103.219.112.61 port 56892	2019-10-30 00:53:32
145.239.87.109	attack	Oct 29 17:48:30 MK-Soft-Root2 sshd[30547]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.87.109 Oct 29 17:48:31 MK-Soft-Root2 sshd[30547]: Failed password for invalid user Maxim1 from 145.239.87.109 port 34808 ssh2 ...	2019-10-30 00:51:00
132.148.148.21	attackspam	Attempt to run wp-login.php	2019-10-30 01:04:16
217.125.172.223	attackspambots	Chat Spam	2019-10-30 01:19:07
187.32.11.45	attackspambots	19/10/29@07:35:00: FAIL: Alarm-Intrusion address from=187.32.11.45 ...	2019-10-30 01:08:13
173.236.137.254	attackbotsspam	Automatic report - XMLRPC Attack	2019-10-30 01:05:40
61.133.232.250	attackbotsspam	2019-10-29T11:34:51.466343abusebot-5.cloudsearch.cf sshd\[350\]: Invalid user harold from 61.133.232.250 port 47557	2019-10-30 01:15:19
181.42.24.54	attack	TCP Port Scanning	2019-10-30 00:56:03
81.22.45.190	attackbotsspam	Oct 29 17:36:15 mc1 kernel: \[3653301.646594\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.190 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=54349 PROTO=TCP SPT=46730 DPT=32923 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 29 17:37:45 mc1 kernel: \[3653391.154448\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.190 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=15538 PROTO=TCP SPT=46730 DPT=33457 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 29 17:40:12 mc1 kernel: \[3653538.443285\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.190 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=47597 PROTO=TCP SPT=46730 DPT=32783 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-10-30 00:57:52
119.29.203.106	attackbotsspam	Oct 29 17:28:44 tux-35-217 sshd\[9891\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.203.106 user=root Oct 29 17:28:46 tux-35-217 sshd\[9891\]: Failed password for root from 119.29.203.106 port 57992 ssh2 Oct 29 17:35:32 tux-35-217 sshd\[9900\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.203.106 user=root Oct 29 17:35:34 tux-35-217 sshd\[9900\]: Failed password for root from 119.29.203.106 port 36190 ssh2 ...	2019-10-30 01:06:35
104.248.31.37	attackspam	Oct 28 13:03:41 shadeyouvpn sshd[27875]: Invalid user kbe from 104.248.31.37 Oct 28 13:03:41 shadeyouvpn sshd[27875]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.31.37 Oct 28 13:03:43 shadeyouvpn sshd[27875]: Failed password for invalid user kbe from 104.248.31.37 port 33718 ssh2 Oct 28 13:03:43 shadeyouvpn sshd[27875]: Received disconnect from 104.248.31.37: 11: Bye Bye [preauth] Oct 28 13:13:52 shadeyouvpn sshd[3009]: Invalid user tf from 104.248.31.37 Oct 28 13:13:52 shadeyouvpn sshd[3009]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.31.37 Oct 28 13:13:53 shadeyouvpn sshd[3009]: Failed password for invalid user tf from 104.248.31.37 port 52732 ssh2 Oct 28 13:13:53 shadeyouvpn sshd[3009]: Received disconnect from 104.248.31.37: 11: Bye Bye [preauth] Oct 28 13:17:35 shadeyouvpn sshd[7671]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh r........ -------------------------------	2019-10-30 01:32:08
177.125.164.225	attack	5x Failed Password	2019-10-30 01:00:14

Recently Reported IPs

212.200.181.161	87.103.200.47	185.231.245.18	37.79.116.74
194.183.173.95	103.71.22.42	121.201.78.33	123.25.114.17
162.105.145.217	106.13.74.87	36.238.74.23	118.24.169.11
14.162.179.24	167.99.110.47	192.99.68.130	51.75.204.86
129.204.58.180	123.27.31.9	78.220.108.171	85.159.27.40