AbuseIPDB » 140.249.213.103

140.249.213.103 was found in our database!

This IP was reported 129 times. Confidence of Abuse is 100%: ?

100%

ISP	CHINANET SHANDONG PROVINCE NETWORK
Usage Type	Fixed Line ISP
ASN	AS58541
Domain Name	chinatelecom.cn
Country	China
City	Qingdao, Shandong

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated biweekly.

Report 140.249.213.103

Whois 140.249.213.103

IP Abuse Reports for 140.249.213.103:

This IP address has been reported a total of 129 times from 77 distinct sources. 140.249.213.103 was first reported on June 6th 2025, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago. It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp in UTC	Comment	Categories
RuVeR	2025-06-08 20:21:13 (1 month ago)	2025-06-08T23:14:11.129810pantelemone.ru sshd[2468712]: Failed password for invalid user user1 from ... show more2025-06-08T23:14:11.129810pantelemone.ru sshd[2468712]: Failed password for invalid user user1 from 140.249.213.103 port 34056 ssh2 2025-06-08T23:17:43.052147pantelemone.ru sshd[2469008]: Invalid user mailuser from 140.249.213.103 port 56176 2025-06-08T23:17:43.056033pantelemone.ru sshd[2469008]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.249.213.103 2025-06-08T23:17:44.811363pantelemone.ru sshd[2469008]: Failed password for invalid user mailuser from 140.249.213.103 port 56176 ssh2 2025-06-08T23:21:12.486006pantelemone.ru sshd[2469479]: Invalid user qiuhan from 140.249.213.103 port 50088 ... show less	Brute-Force SSH
formality	2025-06-08 20:13:59 (1 month ago)	Invalid user user1 from 140.249.213.103 port 35034	Brute-Force SSH
SecondBanana	2025-06-08 19:59:01 (1 month ago)	2025-06-08T19:59:00.854485+00:00 thecount sshd[486053]: Disconnected from authenticating user root 1 ... show more2025-06-08T19:59:00.854485+00:00 thecount sshd[486053]: Disconnected from authenticating user root 140.249.213.103 port 51676 [preauth] ... show less	Brute-Force SSH
sh97	2025-06-08 17:09:16 (1 month ago)	DE02-HBRR-STOR: SSH Brute Force from 140.249.213.103 at 2025-06-08 22:38:58 IST	Brute-Force SSH
Ad0lar	2025-06-08 10:12:34 (1 month ago)	ports, 22/24H:1/7D:1	Port Scan
trivox.sh	2025-06-08 04:06:00 (1 month ago)	Jun 8 04:01:10 honey3 sshd[1470827]: Failed password for invalid user prod from 140.249.213.103 por ... show moreJun 8 04:01:10 honey3 sshd[1470827]: Failed password for invalid user prod from 140.249.213.103 port 40642 ssh2 Jun 8 04:01:10 honey3 sshd[1470827]: Disconnected from invalid user prod 140.249.213.103 port 40642 [preauth] Jun 8 04:05:57 honey3 sshd[1471204]: Invalid user adrian from 140.249.213.103 port 33204 Jun 8 04:05:57 honey3 sshd[1471204]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.249.213.103 Jun 8 04:05:59 honey3 sshd[1471204]: Failed password for invalid user adrian from 140.249.213.103 port 33204 ssh2 ... show less	Brute-Force SSH
Woodie	2025-06-08 02:31:50 (1 month ago)	2025-06-07T22:20:48.970884-04:00 debian sshd[2017423]: Failed password for invalid user psg from 140 ... show more2025-06-07T22:20:48.970884-04:00 debian sshd[2017423]: Failed password for invalid user psg from 140.249.213.103 port 36180 ssh2 2025-06-07T22:25:14.400420-04:00 debian sshd[2021618]: Invalid user ecs from 140.249.213.103 port 35950 2025-06-07T22:25:14.403613-04:00 debian sshd[2021618]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.249.213.103 2025-06-07T22:25:16.160896-04:00 debian sshd[2021618]: Failed password for invalid user ecs from 140.249.213.103 port 35950 ssh2 2025-06-07T22:31:49.989668-04:00 debian sshd[2028318]: Invalid user media from 140.249.213.103 port 49776 ... show less	Brute-Force SSH
ThreatBook.io	2025-06-07 23:22:36 (1 month ago)	ThreatBook Intelligence: Gateway more details on http://threatbook.io/ip/140.249.213.103	SSH
William Mussi Lacerda	2025-06-07 23:00:03 (1 month ago)	SSH brute force attack detected by Fail2Ban	Brute-Force SSH
Anonymous	2025-06-07 22:43:36 (1 month ago)	Jun 7 22:43:35 f2b auth.info sshd[276776]: Invalid user panel from 140.249.213.103 port 48930 ... show moreJun 7 22:43:35 f2b auth.info sshd[276776]: Invalid user panel from 140.249.213.103 port 48930 Jun 7 22:43:35 f2b auth.info sshd[276776]: Failed password for invalid user panel from 140.249.213.103 port 48930 ssh2 Jun 7 22:43:35 f2b auth.info sshd[276776]: Disconnected from invalid user panel 140.249.213.103 port 48930 [preauth] ... show less	Brute-Force SSH
trivox.sh	2025-06-07 21:24:11 (1 month ago)	Jun 7 21:21:26 honey3 sshd[1441121]: Failed password for invalid user admin1 from 140.249.213.103 p ... show moreJun 7 21:21:26 honey3 sshd[1441121]: Failed password for invalid user admin1 from 140.249.213.103 port 47192 ssh2 Jun 7 21:21:28 honey3 sshd[1441121]: Disconnected from invalid user admin1 140.249.213.103 port 47192 [preauth] Jun 7 21:24:08 honey3 sshd[1441290]: Invalid user yasu from 140.249.213.103 port 35754 Jun 7 21:24:08 honey3 sshd[1441290]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.249.213.103 Jun 7 21:24:10 honey3 sshd[1441290]: Failed password for invalid user yasu from 140.249.213.103 port 35754 ssh2 ... show less	Brute-Force SSH
SchorelWeb	2025-06-07 21:18:08 (1 month ago)	Cluster member (Omitted) (US/United States/-) said, DENY 140.249.213.103, Reason:[(sshd) Failed SSH ... show moreCluster member (Omitted) (US/United States/-) said, DENY 140.249.213.103, Reason:[(sshd) Failed SSH login from 140.249.213.103 (CN/China/-): 3 in the last 3600 secs] show less	Brute-Force SSH
Birdo	2025-06-07 15:02:44 (1 month ago)	[Birdo SSH Honeypot] SSH login attempt	Port Scan Hacking Brute-Force Exploited Host SSH
grassau.com	2025-06-07 10:41:42 (1 month ago)	(sshd) Failed SSH login from 140.249.213.103 (CN/China/-)	Brute-Force SSH
MD	2025-06-07 10:26:40 (1 month ago)	2025-06-07T11:20:11.432304 mybox.markdonnellyonline.com sshd[277872]: Disconnected from authenticati ... show more2025-06-07T11:20:11.432304 mybox.markdonnellyonline.com sshd[277872]: Disconnected from authenticating user root 140.249.213.103 port 36984 [preauth] 2025-06-07T11:28:55.694659 mybox.markdonnellyonline.com sshd[277989]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.249.213.103 user=root 2025-06-07T11:28:57.650773 mybox.markdonnellyonline.com sshd[277989]: Failed password for root from 140.249.213.103 port 44962 ssh2 ... show less	FTP Brute-Force Port Scan Hacking Brute-Force Web App Attack SSH

Showing 106 to 120 of 129 reports

Is this your IP? You may request to takedown any associated reports. We will attempt to verify your ownership. Request Takedown 🚩

Recently Reported IPs:

80.241.216.90

13.79.243.123

102.211.152.28

202.165.14.77

67.225.136.133

113.113.80.36

45.135.232.177

114.119.152.47

119.162.214.126

103.186.1.150

120.1.4.212

36.134.69.15

172.233.249.199

103.157.25.60

93.152.210.187

103.183.75.228

181.209.31.85

92.118.39.71

119.207.156.209

41.60.235.59