192.144.218.139

Basic Info

City: unknown

Region: Beijing

Country: China

Internet Service Provider: Tencent Cloud Computing (Beijing) Co. Ltd

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Invalid user janecka from 192.144.218.139 port 56414	2020-01-04 05:17:36
attack	$f2bV_matches	2019-12-10 05:50:17
attack	2019-11-08T06:01:21.351538abusebot-4.cloudsearch.cf sshd\[4981\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.144.218.139 user=root	2019-11-08 14:25:53
attack	Nov 4 23:06:31 riskplan-s sshd[27566]: Invalid user admin from 192.144.218.139 Nov 4 23:06:31 riskplan-s sshd[27566]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.144.218.139 Nov 4 23:06:32 riskplan-s sshd[27566]: Failed password for invalid user admin from 192.144.218.139 port 41748 ssh2 Nov 4 23:06:32 riskplan-s sshd[27566]: Received disconnect from 192.144.218.139: 11: Bye Bye [preauth] Nov 4 23:26:50 riskplan-s sshd[27808]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.144.218.139 user=r.r Nov 4 23:26:52 riskplan-s sshd[27808]: Failed password for r.r from 192.144.218.139 port 37462 ssh2 Nov 4 23:26:53 riskplan-s sshd[27808]: Received disconnect from 192.144.218.139: 11: Bye Bye [preauth] Nov 4 23:30:09 riskplan-s sshd[27849]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.144.218.139 user=r.r Nov 4 23:30:10 riskplan-s........ -------------------------------	2019-11-05 07:08:44

Comments on same subnet:

IP	Type	Details	Datetime
192.144.218.254	attackbotsspam	Oct 14 00:07:46 v22019038103785759 sshd\[24621\]: Invalid user mona from 192.144.218.254 port 42400 Oct 14 00:07:46 v22019038103785759 sshd\[24621\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.144.218.254 Oct 14 00:07:48 v22019038103785759 sshd\[24621\]: Failed password for invalid user mona from 192.144.218.254 port 42400 ssh2 Oct 14 00:12:52 v22019038103785759 sshd\[25148\]: Invalid user svn from 192.144.218.254 port 41618 Oct 14 00:12:52 v22019038103785759 sshd\[25148\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.144.218.254 ...	2020-10-14 07:40:37
192.144.218.254	attack	Brute-force attempt banned	2020-10-07 02:07:01
192.144.218.254	attackbots	SSH login attempts.	2020-10-06 18:02:36
192.144.218.101	attackbotsspam	Triggered by Fail2Ban at Ares web server	2020-09-28 05:10:15
192.144.218.101	attackbots	(sshd) Failed SSH login from 192.144.218.101 (CN/China/-): 5 in the last 3600 secs	2020-09-27 21:27:48
192.144.218.101	attackspam	(sshd) Failed SSH login from 192.144.218.101 (CN/China/-): 5 in the last 3600 secs	2020-09-27 13:11:33
192.144.218.143	attackspam	Aug 27 18:07:57 h2646465 sshd[21407]: Invalid user user from 192.144.218.143 Aug 27 18:07:57 h2646465 sshd[21407]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.144.218.143 Aug 27 18:07:57 h2646465 sshd[21407]: Invalid user user from 192.144.218.143 Aug 27 18:07:59 h2646465 sshd[21407]: Failed password for invalid user user from 192.144.218.143 port 58296 ssh2 Aug 27 18:10:42 h2646465 sshd[22067]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.144.218.143 user=root Aug 27 18:10:44 h2646465 sshd[22067]: Failed password for root from 192.144.218.143 port 52084 ssh2 Aug 27 18:12:11 h2646465 sshd[22177]: Invalid user richard from 192.144.218.143 Aug 27 18:12:11 h2646465 sshd[22177]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.144.218.143 Aug 27 18:12:11 h2646465 sshd[22177]: Invalid user richard from 192.144.218.143 Aug 27 18:12:13 h2646465 sshd[22177]: Failed password for in	2020-08-28 00:56:17
192.144.218.46	attackbots	(sshd) Failed SSH login from 192.144.218.46 (CN/China/-): 5 in the last 3600 secs	2020-08-27 01:19:14
192.144.218.254	attackspambots	Invalid user abhijeet from 192.144.218.254 port 57836	2020-08-24 19:24:40
192.144.218.46	attackspambots	Aug 22 14:34:39 NG-HHDC-SVS-001 sshd[4627]: Invalid user lw from 192.144.218.46 ...	2020-08-22 15:40:21
192.144.218.143	attackbotsspam	Aug 22 01:58:07 firewall sshd[14758]: Failed password for invalid user bmm from 192.144.218.143 port 47962 ssh2 Aug 22 02:01:27 firewall sshd[14890]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.144.218.143 user=gnats Aug 22 02:01:29 firewall sshd[14890]: Failed password for gnats from 192.144.218.143 port 55304 ssh2 ...	2020-08-22 13:13:11
192.144.218.46	attack	Triggered by Fail2Ban at Ares web server	2020-08-19 17:56:25
192.144.218.101	attack	invalid user	2020-08-19 04:01:56
192.144.218.46	attackspam	fail2ban	2020-08-18 06:15:07
192.144.218.254	attackbotsspam	Aug 17 08:22:32 mailrelay sshd[9963]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.144.218.254 user=r.r Aug 17 08:22:34 mailrelay sshd[9963]: Failed password for r.r from 192.144.218.254 port 51188 ssh2 Aug 17 08:22:35 mailrelay sshd[9963]: Received disconnect from 192.144.218.254 port 51188:11: Bye Bye [preauth] Aug 17 08:22:35 mailrelay sshd[9963]: Disconnected from 192.144.218.254 port 51188 [preauth] Aug 17 08:33:57 mailrelay sshd[10000]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.144.218.254 user=r.r Aug 17 08:33:59 mailrelay sshd[10000]: Failed password for r.r from 192.144.218.254 port 41792 ssh2 Aug 17 08:33:59 mailrelay sshd[10000]: Received disconnect from 192.144.218.254 port 41792:11: Bye Bye [preauth] Aug 17 08:33:59 mailrelay sshd[10000]: Disconnected from 192.144.218.254 port 41792 [preauth] Aug 17 08:39:55 mailrelay sshd[10035]: Invalid user oracle from 192......... -------------------------------	2020-08-18 05:31:17

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 192.144.218.139
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 48808
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;192.144.218.139.		IN	A

;; AUTHORITY SECTION:
.			465	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019110401 1800 900 604800 86400

;; Query time: 103 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Nov 05 07:08:41 CST 2019
;; MSG SIZE  rcvd: 119

Host info

Host 139.218.144.192.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 139.218.144.192.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
217.58.61.49	attack	Unauthorized connection attempt detected from IP address 217.58.61.49 to port 80	2020-04-11 20:19:59
141.98.81.83	attackbotsspam	Invalid user guest from 141.98.81.83 port 40187	2020-04-11 20:06:37
219.233.49.254	attackbotsspam	DATE:2020-04-11 14:20:46, IP:219.233.49.254, PORT:1433 MSSQL brute force auth on honeypot server (epe-honey1-hq)	2020-04-11 20:41:03
89.38.147.247	attack	2020-04-11T08:20:41.560975sorsha.thespaminator.com sshd[28093]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.38.147.247 user=root 2020-04-11T08:20:43.247061sorsha.thespaminator.com sshd[28093]: Failed password for root from 89.38.147.247 port 43750 ssh2 ...	2020-04-11 20:46:04
60.169.208.5	attackspambots	Apr 11 22:14:11 our-server-hostname postfix/smtpd[27217]: connect from unknown[60.169.208.5] Apr x@x Apr x@x Apr x@x Apr x@x Apr x@x Apr x@x Apr x@x Apr x@x Apr x@x Apr x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=60.169.208.5	2020-04-11 20:32:53
203.195.174.122	attackspambots	Apr 11 13:40:22 nextcloud sshd\[5188\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.195.174.122 user=root Apr 11 13:40:24 nextcloud sshd\[5188\]: Failed password for root from 203.195.174.122 port 52110 ssh2 Apr 11 13:46:45 nextcloud sshd\[12460\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.195.174.122 user=root	2020-04-11 20:19:10
58.211.191.20	attackspambots	Apr 11 09:20:41 ws24vmsma01 sshd[160135]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.211.191.20 Apr 11 09:20:43 ws24vmsma01 sshd[160135]: Failed password for invalid user jacob from 58.211.191.20 port 56712 ssh2 ...	2020-04-11 20:43:10
190.103.181.189	attackspam	Apr 11 12:20:59 *** sshd[21948]: User root from 190.103.181.189 not allowed because not listed in AllowUsers	2020-04-11 20:31:58
178.93.22.39	attackbotsspam	Apr 11 22:14:38 our-server-hostname postfix/smtpd[31737]: connect from unknown[178.93.22.39] Apr x@x Apr x@x Apr x@x Apr x@x Apr x@x Apr x@x Apr x@x Apr x@x Apr x@x Apr x@x Apr x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=178.93.22.39	2020-04-11 20:35:41
180.250.108.133	attackbots	Apr 11 14:16:26 vps647732 sshd[11221]: Failed password for root from 180.250.108.133 port 42486 ssh2 ...	2020-04-11 20:30:42
176.32.16.112	attackbots	Email rejected due to spam filtering	2020-04-11 20:44:28
157.230.37.142	attackbotsspam	Apr 11 14:25:42 163-172-32-151 sshd[25327]: Invalid user schlichtherle from 157.230.37.142 port 51504 ...	2020-04-11 20:27:59
212.64.3.137	attackbotsspam	Apr 11 11:50:10 ip-172-31-62-245 sshd\[21785\]: Failed password for root from 212.64.3.137 port 56030 ssh2\ Apr 11 11:52:58 ip-172-31-62-245 sshd\[21798\]: Failed password for root from 212.64.3.137 port 59290 ssh2\ Apr 11 11:55:48 ip-172-31-62-245 sshd\[21811\]: Invalid user apache from 212.64.3.137\ Apr 11 11:55:51 ip-172-31-62-245 sshd\[21811\]: Failed password for invalid user apache from 212.64.3.137 port 34338 ssh2\ Apr 11 11:58:40 ip-172-31-62-245 sshd\[21839\]: Failed password for root from 212.64.3.137 port 37598 ssh2\	2020-04-11 20:20:16
85.185.95.130	attackspam	Unauthorized connection attempt detected from IP address 85.185.95.130 to port 445	2020-04-11 20:08:35
113.176.70.172	attackbotsspam	Unauthorized connection attempt from IP address 113.176.70.172 on Port 445(SMB)	2020-04-11 20:07:00

Recently Reported IPs

87.255.31.27	195.154.211.33	192.229.220.133	196.219.60.70
193.111.78.208	151.236.25.168	95.177.164.41	95.177.164.147
95.177.164.231	95.177.164.141	95.177.164.96	87.120.142.4
51.38.9.197	95.177.164.196	128.199.124.201	170.80.227.229
123.17.67.75	193.56.28.226	120.15.231.163	195.60.175.161