140.250.149.139

Basic Info

City: Shenzhen

Region: Guangdong

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
140.250.149.83	attack	Jun 29 08:40:26 nirvana postfix/smtpd[9476]: connect from unknown[140.250.149.83] Jun 29 08:40:28 nirvana postfix/smtpd[9476]: warning: unknown[140.250.149.83]: SASL LOGIN authentication failed: authentication failure Jun 29 08:40:29 nirvana postfix/smtpd[9476]: lost connection after AUTH from unknown[140.250.149.83] Jun 29 08:40:29 nirvana postfix/smtpd[9476]: disconnect from unknown[140.250.149.83] Jun 29 08:40:29 nirvana postfix/smtpd[9479]: connect from unknown[140.250.149.83] Jun 29 08:40:32 nirvana postfix/smtpd[9479]: warning: unknown[140.250.149.83]: SASL LOGIN authentication failed: authentication failure Jun 29 08:40:32 nirvana postfix/smtpd[9479]: lost connection after AUTH from unknown[140.250.149.83] Jun 29 08:40:32 nirvana postfix/smtpd[9479]: disconnect from unknown[140.250.149.83] Jun 29 08:40:32 nirvana postfix/smtpd[9478]: connect from unknown[140.250.149.83] Jun 29 08:40:34 nirvana postfix/smtpd[9478]: warning: unknown[140.250.149.83]: SASL LOGIN auth........ -------------------------------	2020-07-06 08:41:30

Type

Details

Datetime

140.250.149.83

attack

Jun 29 08:40:26 nirvana postfix/smtpd[9476]: connect from unknown[140.250.149.83]
Jun 29 08:40:28 nirvana postfix/smtpd[9476]: warning: unknown[140.250.149.83]: SASL LOGIN authentication failed: authentication failure
Jun 29 08:40:29 nirvana postfix/smtpd[9476]: lost connection after AUTH from unknown[140.250.149.83]
Jun 29 08:40:29 nirvana postfix/smtpd[9476]: disconnect from unknown[140.250.149.83]
Jun 29 08:40:29 nirvana postfix/smtpd[9479]: connect from unknown[140.250.149.83]
Jun 29 08:40:32 nirvana postfix/smtpd[9479]: warning: unknown[140.250.149.83]: SASL LOGIN authentication failed: authentication failure
Jun 29 08:40:32 nirvana postfix/smtpd[9479]: lost connection after AUTH from unknown[140.250.149.83]
Jun 29 08:40:32 nirvana postfix/smtpd[9479]: disconnect from unknown[140.250.149.83]
Jun 29 08:40:32 nirvana postfix/smtpd[9478]: connect from unknown[140.250.149.83]
Jun 29 08:40:34 nirvana postfix/smtpd[9478]: warning: unknown[140.250.149.83]: SASL LOGIN auth........
-------------------------------

2020-07-06 08:41:30

Whois info:

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#


NetRange:       140.250.0.0 - 140.250.255.255
CIDR:           140.250.0.0/16
NetName:        APNIC-ERX-140-250-0-0
NetHandle:      NET-140-250-0-0-1
Parent:         NET140 (NET-140-0-0-0-0)
NetType:        Early Registrations, Transferred to APNIC
OriginAS:       
Organization:   Asia Pacific Network Information Centre (APNIC)
RegDate:        2010-11-03
Updated:        2010-11-17
Comment:        This IP address range is not registered in the ARIN database.
Comment:        This range was transferred to the APNIC Whois Database as
Comment:        part of the ERX (Early Registration Transfer) project.
Comment:        For details, refer to the APNIC Whois Database via
Comment:        WHOIS.APNIC.NET or http://wq.apnic.net/apnic-bin/whois.pl
Comment:        
Comment:        ** IMPORTANT NOTE: APNIC is the Regional Internet Registry
Comment:        for the Asia Pacific region.  APNIC does not operate networks
Comment:        using this IP address range and is not able to investigate
Comment:        spam or abuse reports relating to these addresses.  For more
Comment:        help, refer to http://www.apnic.net/apnic-info/whois_search2/abuse-and-spamming
Ref:            https://rdap.arin.net/registry/ip/140.250.0.0

ResourceLink:  https://apps.db.ripe.net/db-web-ui/query
ResourceLink:  whois.apnic.net


OrgName:        Asia Pacific Network Information Centre
OrgId:          APNIC
Address:        PO Box 3646
City:           South Brisbane
StateProv:      QLD
PostalCode:     4101
Country:        AU
RegDate:        
Updated:        2012-01-24
Ref:            https://rdap.arin.net/registry/entity/APNIC

ReferralServer:  whois://whois.apnic.net
ResourceLink:  http://wq.apnic.net/whois-search/static/search.html

OrgAbuseHandle: AWC12-ARIN
OrgAbuseName:   APNIC Whois Contact
OrgAbusePhone:  +61 7 3858 3188 
OrgAbuseEmail:  search-apnic-not-arin@apnic.net
OrgAbuseRef:    https://rdap.arin.net/registry/entity/AWC12-ARIN

OrgTechHandle: AWC12-ARIN
OrgTechName:   APNIC Whois Contact
OrgTechPhone:  +61 7 3858 3188 
OrgTechEmail:  search-apnic-not-arin@apnic.net
OrgTechRef:    https://rdap.arin.net/registry/entity/AWC12-ARIN


#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#



Found a referral to whois.apnic.net.

% [whois.apnic.net]
% Whois data copyright terms    http://www.apnic.net/db/dbcopyright.html

% Information related to '140.250.0.0 - 140.250.255.255'

% Abuse contact for '140.250.0.0 - 140.250.255.255' is 'anti-spam@chinatelecom.cn'

inetnum:        140.250.0.0 - 140.250.255.255
netname:        CHINANET-SD
descr:          CHINANET SHANDONG PROVINCE NETWORK
descr:          China Telecom
descr:          No.31,jingrong street
descr:          Beijing 100032
country:        CN
admin-c:        XR55-AP
tech-c:         XR55-AP
abuse-c:        AC1573-AP
status:         ALLOCATED PORTABLE
remarks:        service provider
remarks:        --------------------------------------------------------
remarks:        To report network abuse, please contact mnt-irt
remarks:        For troubleshooting, please contact tech-c and admin-c
remarks:        Report invalid contact via www.apnic.net/invalidcontact
remarks:        --------------------------------------------------------
notify:         ipadmin@sdtele.com
mnt-by:         APNIC-HM
mnt-lower:      MAINT-CHINANET-SD
mnt-routes:     MAINT-CHINANET-SD
mnt-irt:        IRT-CHINANET-CN
last-modified:  2021-06-15T08:05:57Z
source:         APNIC

irt:            IRT-CHINANET-CN
address:        No.31 ,jingrong street,beijing
address:        100032
e-mail:         anti-spam@chinatelecom.cn
abuse-mailbox:  anti-spam@chinatelecom.cn
admin-c:        CH93-AP
tech-c:         CH93-AP
auth:           # Filtered
remarks:        anti-spam@chinatelecom.cn was validated on 2026-05-21
mnt-by:         MAINT-CHINANET
last-modified:  2026-05-21T01:31:36Z
source:         APNIC

role:           ABUSE CHINANETCN
country:        ZZ
address:        No.31 ,jingrong street,beijing
address:        100032
phone:          +000000000
e-mail:         anti-spam@chinatelecom.cn
admin-c:        CH93-AP
tech-c:         CH93-AP
nic-hdl:        AC1573-AP
remarks:        Generated from irt object IRT-CHINANET-CN
remarks:        anti-spam@chinatelecom.cn was validated on 2026-05-21
abuse-mailbox:  anti-spam@chinatelecom.cn
mnt-by:         APNIC-ABUSE
last-modified:  2026-05-21T01:32:00Z
source:         APNIC

person:         Xin Ruosheng
nic-hdl:        XR55-AP
e-mail:         ipreport.sd@chinatelecom.cn
address:        No.999,    road    Shunhua,    Jinan,    Shandong    province,China
phone:          +86-531-83190000
fax-no:         +86-531-83190000
country:        CN
mnt-by:         MAINT-CHINANET-SD
last-modified:  2019-12-20T07:11:49Z
source:         APNIC

% This query was served by the APNIC Whois Service version 1.88.48 (WHOIS-AU5)

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 140.250.149.139
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 20360
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;140.250.149.139.		IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2026061200 1800 900 604800 86400

;; Query time: 8 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jun 12 17:32:02 CST 2026
;; MSG SIZE  rcvd: 108

Host info

Host 139.149.250.140.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 139.149.250.140.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
62.210.31.99	attack	ssh failed login	2019-11-09 02:14:51
115.231.231.3	attack	Nov 8 14:37:09 *** sshd[17770]: User root from 115.231.231.3 not allowed because not listed in AllowUsers	2019-11-09 02:03:13
222.186.42.4	attack	Nov 8 18:54:59 tux-35-217 sshd\[14625\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.4 user=root Nov 8 18:55:01 tux-35-217 sshd\[14625\]: Failed password for root from 222.186.42.4 port 12086 ssh2 Nov 8 18:55:06 tux-35-217 sshd\[14625\]: Failed password for root from 222.186.42.4 port 12086 ssh2 Nov 8 18:55:11 tux-35-217 sshd\[14625\]: Failed password for root from 222.186.42.4 port 12086 ssh2 ...	2019-11-09 02:01:27
3.134.91.118	attackbotsspam	2019-11-08 08:36:35 H=ec2-3-134-91-118.us-east-2.compute.amazonaws.com (phylobago.mysecuritycamera.org) [3.134.91.118]:46327 I=[192.147.25.65]:25 sender verify fail for : Unrouteable address 2019-11-08 08:36:35 H=ec2-3-134-91-118.us-east-2.compute.amazonaws.com (phylobago.mysecuritycamera.org) [3.134.91.118]:46327 I=[192.147.25.65]:25 F= rejected RCPT : Sender verify failed 2019-11-08 08:36:35 H=ec2-3-134-91-118.us-east-2.compute.amazonaws.com (phylobago.mysecuritycamera.org) [3.134.91.118]:46327 I=[192.147.25.65]:25 sender verify fail for : Unrouteable address 2019-11-08 08:36:35 H=ec2-3-134-91-118.us-east-2.compute.amazonaws.com (phylobago.mysecuritycamera.org) [3.134.91.118]:46327 I=[192.147.25.65]:25 F= rejected RCPT : Sender verify failed ...	2019-11-09 02:20:29
186.74.247.50	attackbots	Automatic report - Banned IP Access	2019-11-09 02:04:38
58.52.132.201	attack	Nov 8 05:46:13 server sshd\[12172\]: Failed password for invalid user admin from 58.52.132.201 port 4106 ssh2 Nov 8 14:45:12 server sshd\[25188\]: Invalid user admin from 58.52.132.201 Nov 8 14:45:12 server sshd\[25188\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.52.132.201 Nov 8 14:45:14 server sshd\[25188\]: Failed password for invalid user admin from 58.52.132.201 port 13065 ssh2 Nov 8 18:48:49 server sshd\[25431\]: Invalid user admin from 58.52.132.201 Nov 8 18:48:49 server sshd\[25431\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.52.132.201 ...	2019-11-09 02:23:40
187.192.166.112	attackspambots	Automatic report - Port Scan Attack	2019-11-09 01:57:54
185.9.84.182	attack	postfix	2019-11-09 01:51:43
5.196.29.194	attackspambots	Port 22 Scan, PTR: None	2019-11-09 01:50:39
201.47.158.130	attack	Nov 8 17:25:12 server sshd\[2683\]: Invalid user nitish from 201.47.158.130 Nov 8 17:25:12 server sshd\[2683\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.47.158.130 Nov 8 17:25:14 server sshd\[2683\]: Failed password for invalid user nitish from 201.47.158.130 port 42898 ssh2 Nov 8 17:37:49 server sshd\[5637\]: Invalid user administrador from 201.47.158.130 Nov 8 17:37:49 server sshd\[5637\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.47.158.130 ...	2019-11-09 01:44:11
46.38.144.202	attackbots	2019-11-08T19:19:26.051081mail01 postfix/smtpd[29092]: warning: unknown[46.38.144.202]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-11-08T19:19:51.200515mail01 postfix/smtpd[27096]: warning: unknown[46.38.144.202]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-11-08T19:20:16.014622mail01 postfix/smtpd[27096]: warning: unknown[46.38.144.202]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-11-09 02:21:58
209.17.96.170	attackbots	Server penetration trying other domain names than server publicly serves (ex https://localhost)	2019-11-09 01:53:33
83.121.155.98	attack	[portscan] Port scan	2019-11-09 02:12:45
46.38.144.32	attackbots	Nov 8 18:42:43 webserver postfix/smtpd\[1060\]: warning: unknown\[46.38.144.32\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 8 18:43:53 webserver postfix/smtpd\[1060\]: warning: unknown\[46.38.144.32\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 8 18:45:03 webserver postfix/smtpd\[1060\]: warning: unknown\[46.38.144.32\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 8 18:46:11 webserver postfix/smtpd\[1060\]: warning: unknown\[46.38.144.32\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 8 18:47:23 webserver postfix/smtpd\[1086\]: warning: unknown\[46.38.144.32\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-11-09 01:47:44
128.199.47.148	attack	Nov 8 17:22:53 game-panel sshd[7424]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.47.148 Nov 8 17:22:55 game-panel sshd[7424]: Failed password for invalid user frappe from 128.199.47.148 port 42376 ssh2 Nov 8 17:26:45 game-panel sshd[7512]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.47.148	2019-11-09 02:00:59

Recently Reported IPs

171.211.10.249	123.180.161.155	121.235.225.210	121.227.150.87
117.88.237.143	115.210.173.138	115.209.226.217	114.232.37.92
114.219.55.230	113.95.133.40	113.87.81.58	113.121.43.183
113.119.11.205	86.53.57.97	140.174.175.152	115.227.26.85
144.225.124.39	34.251.18.133	223.123.35.44	110.78.153.61