139.155.17.13 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Tencent Cloud Computing (Beijing) Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	2020-09-28 UTC: (32x) - albert,ali,caixa,dev,ips,manager,mysql,nproc(2x),oracle,root(12x),steve,sun,sysadmin,teamspeak,test,testuser,user2,usuario1,yang,zope	2020-09-29 19:34:05
attackspambots	Aug 28 02:57:03 gw1 sshd[32707]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.17.13 Aug 28 02:57:05 gw1 sshd[32707]: Failed password for invalid user map from 139.155.17.13 port 38256 ssh2 ...	2020-08-28 06:19:51
attackbots	2020-08-23T16:11:58.4657311495-001 sshd[9465]: Invalid user ubuntu from 139.155.17.13 port 40676 2020-08-23T16:12:00.2619481495-001 sshd[9465]: Failed password for invalid user ubuntu from 139.155.17.13 port 40676 ssh2 2020-08-23T16:13:41.8235541495-001 sshd[9573]: Invalid user customer from 139.155.17.13 port 36722 2020-08-23T16:13:41.8267241495-001 sshd[9573]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.17.13 2020-08-23T16:13:41.8235541495-001 sshd[9573]: Invalid user customer from 139.155.17.13 port 36722 2020-08-23T16:13:43.4300711495-001 sshd[9573]: Failed password for invalid user customer from 139.155.17.13 port 36722 ssh2 ...	2020-08-24 04:55:00
attackbots	Invalid user xy from 139.155.17.13 port 47326	2020-08-23 15:51:19
attackbots	Aug 7 13:52:28 ovpn sshd\[15233\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.17.13 user=root Aug 7 13:52:30 ovpn sshd\[15233\]: Failed password for root from 139.155.17.13 port 46064 ssh2 Aug 7 14:05:31 ovpn sshd\[20625\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.17.13 user=root Aug 7 14:05:33 ovpn sshd\[20625\]: Failed password for root from 139.155.17.13 port 34348 ssh2 Aug 7 14:08:06 ovpn sshd\[21492\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.17.13 user=root	2020-08-07 20:57:33
attack	Aug 5 02:58:10 firewall sshd[30102]: Failed password for root from 139.155.17.13 port 45364 ssh2 Aug 5 03:02:22 firewall sshd[30373]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.17.13 user=root Aug 5 03:02:24 firewall sshd[30373]: Failed password for root from 139.155.17.13 port 35118 ssh2 ...	2020-08-05 19:59:05
attackspam	Invalid user calin from 139.155.17.13 port 57342	2020-07-12 01:17:52
attackbotsspam	SSH Brute-Forcing (server1)	2020-06-27 22:36:19
attack	(sshd) Failed SSH login from 139.155.17.13 (CN/China/-): 10 in the last 3600 secs	2020-06-25 17:35:09
attack	Jun 8 06:48:52 vpn01 sshd[30804]: Failed password for root from 139.155.17.13 port 58498 ssh2 ...	2020-06-08 15:54:10
attackbotsspam	Jun 7 19:58:11 roki sshd[19612]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.17.13 user=root Jun 7 19:58:14 roki sshd[19612]: Failed password for root from 139.155.17.13 port 55056 ssh2 Jun 7 20:16:02 roki sshd[20893]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.17.13 user=root Jun 7 20:16:04 roki sshd[20893]: Failed password for root from 139.155.17.13 port 46040 ssh2 Jun 7 20:19:05 roki sshd[21096]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.17.13 user=root ...	2020-06-08 02:49:53
attack	SSH Brute-Force attacks	2020-06-07 16:14:37
attack	Invalid user jca from 139.155.17.13 port 40368	2020-05-16 12:04:50

Comments on same subnet:

IP	Type	Details	Datetime
139.155.17.76	attackbotsspam	Sep 16 08:56:25 itv-usvr-01 sshd[28095]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.17.76 user=root Sep 16 08:56:26 itv-usvr-01 sshd[28095]: Failed password for root from 139.155.17.76 port 53894 ssh2 Sep 16 08:58:10 itv-usvr-01 sshd[28179]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.17.76 user=root Sep 16 08:58:12 itv-usvr-01 sshd[28179]: Failed password for root from 139.155.17.76 port 43986 ssh2 Sep 16 08:59:25 itv-usvr-01 sshd[28212]: Invalid user medical from 139.155.17.76	2020-09-16 12:13:07
139.155.17.76	attackspambots	Sep 15 19:15:20 master sshd[23060]: Failed password for root from 139.155.17.76 port 41072 ssh2 Sep 15 19:20:16 master sshd[23099]: Failed password for invalid user tortoisesvn from 139.155.17.76 port 56516 ssh2 Sep 15 19:23:05 master sshd[23112]: Failed password for root from 139.155.17.76 port 55714 ssh2 Sep 15 19:25:36 master sshd[23126]: Failed password for root from 139.155.17.76 port 54902 ssh2 Sep 15 19:28:12 master sshd[23140]: Failed password for root from 139.155.17.76 port 54090 ssh2 Sep 15 19:36:13 master sshd[23212]: Failed password for root from 139.155.17.76 port 51656 ssh2 Sep 15 19:38:48 master sshd[23236]: Failed password for invalid user greta from 139.155.17.76 port 50852 ssh2 Sep 15 19:43:57 master sshd[23269]: Failed password for invalid user macallister from 139.155.17.76 port 49246 ssh2 Sep 15 19:46:30 master sshd[23302]: Failed password for root from 139.155.17.76 port 48440 ssh2 Sep 15 19:49:03 master sshd[23325]: Failed password for root from 139.155.17.76 port 47634 ssh2	2020-09-16 04:02:12
139.155.17.74	attack	" "	2020-08-24 23:14:42
139.155.17.74	attackbots	Aug 21 00:35:12 vps639187 sshd\[4672\]: Invalid user ebs from 139.155.17.74 port 53114 Aug 21 00:35:12 vps639187 sshd\[4672\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.17.74 Aug 21 00:35:14 vps639187 sshd\[4672\]: Failed password for invalid user ebs from 139.155.17.74 port 53114 ssh2 ...	2020-08-21 06:52:03
139.155.17.125	attack	Aug 2 19:55:48 lnxweb61 sshd[3600]: Failed password for root from 139.155.17.125 port 36230 ssh2 Aug 2 19:55:48 lnxweb61 sshd[3600]: Failed password for root from 139.155.17.125 port 36230 ssh2	2020-08-03 02:04:31
139.155.17.85	attackspam	Jul 29 22:17:42 h2646465 sshd[25917]: Invalid user hongge from 139.155.17.85 Jul 29 22:17:42 h2646465 sshd[25917]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.17.85 Jul 29 22:17:42 h2646465 sshd[25917]: Invalid user hongge from 139.155.17.85 Jul 29 22:17:44 h2646465 sshd[25917]: Failed password for invalid user hongge from 139.155.17.85 port 50062 ssh2 Jul 29 22:22:35 h2646465 sshd[26557]: Invalid user wyx from 139.155.17.85 Jul 29 22:22:35 h2646465 sshd[26557]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.17.85 Jul 29 22:22:35 h2646465 sshd[26557]: Invalid user wyx from 139.155.17.85 Jul 29 22:22:37 h2646465 sshd[26557]: Failed password for invalid user wyx from 139.155.17.85 port 56030 ssh2 Jul 29 22:26:20 h2646465 sshd[27169]: Invalid user tyc from 139.155.17.85 ...	2020-07-30 07:00:14
139.155.17.74	attackbotsspam	Jul 12 00:01:36 main sshd[16938]: Failed password for invalid user jenkins from 139.155.17.74 port 38048 ssh2 Jul 12 00:03:55 main sshd[16967]: Failed password for invalid user lianqing from 139.155.17.74 port 42422 ssh2 Jul 12 00:06:25 main sshd[17004]: Failed password for invalid user gengxin from 139.155.17.74 port 46816 ssh2	2020-07-13 07:27:11
139.155.17.74	attack	Jul 10 05:35:39 saturn sshd[185831]: Invalid user sys-a from 139.155.17.74 port 40014 Jul 10 05:35:40 saturn sshd[185831]: Failed password for invalid user sys-a from 139.155.17.74 port 40014 ssh2 Jul 10 05:57:14 saturn sshd[186605]: Invalid user gitlab-prometheus from 139.155.17.74 port 59554 ...	2020-07-10 12:42:54
139.155.17.74	attackbotsspam	Jul 8 07:06:57 h2427292 sshd\[17239\]: Invalid user zyxq from 139.155.17.74 Jul 8 07:06:57 h2427292 sshd\[17239\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.17.74 Jul 8 07:06:59 h2427292 sshd\[17239\]: Failed password for invalid user zyxq from 139.155.17.74 port 59954 ssh2 ...	2020-07-08 14:38:51
139.155.17.85	attackbots	Jul 7 14:00:37 sip sshd[858051]: Invalid user ppl from 139.155.17.85 port 43564 Jul 7 14:00:39 sip sshd[858051]: Failed password for invalid user ppl from 139.155.17.85 port 43564 ssh2 Jul 7 14:08:24 sip sshd[858143]: Invalid user app from 139.155.17.85 port 41030 ...	2020-07-07 20:31:35
139.155.17.74	attack	Automatic report BANNED IP	2020-06-30 05:15:20
139.155.17.76	attackbotsspam	Jun 25 12:22:22 ns3033917 sshd[20998]: Invalid user mauricio from 139.155.17.76 port 46894 Jun 25 12:22:24 ns3033917 sshd[20998]: Failed password for invalid user mauricio from 139.155.17.76 port 46894 ssh2 Jun 25 12:33:12 ns3033917 sshd[21108]: Invalid user bssh from 139.155.17.76 port 44072 ...	2020-06-25 21:08:51
139.155.17.76	attack	Jun 21 07:42:00 vps687878 sshd\[11794\]: Failed password for invalid user ts from 139.155.17.76 port 35180 ssh2 Jun 21 07:42:59 vps687878 sshd\[11894\]: Invalid user javier from 139.155.17.76 port 45592 Jun 21 07:42:59 vps687878 sshd\[11894\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.17.76 Jun 21 07:43:01 vps687878 sshd\[11894\]: Failed password for invalid user javier from 139.155.17.76 port 45592 ssh2 Jun 21 07:44:04 vps687878 sshd\[11986\]: Invalid user oracle from 139.155.17.76 port 56006 Jun 21 07:44:04 vps687878 sshd\[11986\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.17.76 ...	2020-06-21 17:33:17
139.155.17.74	attackspam	Jun 18 16:18:58 buvik sshd[19083]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.17.74 Jun 18 16:19:01 buvik sshd[19083]: Failed password for invalid user ww from 139.155.17.74 port 32784 ssh2 Jun 18 16:22:36 buvik sshd[19624]: Invalid user vitor from 139.155.17.74 ...	2020-06-19 00:42:13
139.155.17.74	attackspam	2020-06-10 05:51:03,895 fail2ban.actions: WARNING [ssh] Ban 139.155.17.74	2020-06-10 15:45:31

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.155.17.13
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31450
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.155.17.13.			IN	A

;; AUTHORITY SECTION:
.			287	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020051502 1800 900 604800 86400

;; Query time: 111 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat May 16 12:04:43 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 13.17.155.139.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 13.17.155.139.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
179.176.154.237	attackbots	Automatic report - Port Scan Attack	2019-11-14 22:28:16
106.13.140.52	attackbotsspam	Automatic report - Banned IP Access	2019-11-14 22:29:05
94.23.13.147	attackspambots	Nov 14 14:19:42 mail1 sshd\[16259\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.23.13.147 user=root Nov 14 14:19:44 mail1 sshd\[16259\]: Failed password for root from 94.23.13.147 port 44510 ssh2 Nov 14 14:23:46 mail1 sshd\[18042\]: Invalid user kwasita from 94.23.13.147 port 58624 Nov 14 14:23:46 mail1 sshd\[18042\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.23.13.147 Nov 14 14:23:48 mail1 sshd\[18042\]: Failed password for invalid user kwasita from 94.23.13.147 port 58624 ssh2 ...	2019-11-14 21:51:54
102.133.237.116	attack	GET /vendor/phpunit/phpunit/LICENSE	2019-11-14 22:19:17
178.245.245.40	attackspam	firewall-block, port(s): 23/tcp	2019-11-14 22:01:05
212.47.227.129	attackspambots	WordPress wp-login brute force :: 212.47.227.129 0.124 BYPASS [14/Nov/2019:06:19:25 0000] [censored_4] "POST /wp-login.php HTTP/1.1" 200 2135 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-11-14 22:12:37
207.154.234.102	attackspambots	Nov 14 11:01:45 MainVPS sshd[19941]: Invalid user guest from 207.154.234.102 port 34272 Nov 14 11:01:45 MainVPS sshd[19941]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.154.234.102 Nov 14 11:01:45 MainVPS sshd[19941]: Invalid user guest from 207.154.234.102 port 34272 Nov 14 11:01:47 MainVPS sshd[19941]: Failed password for invalid user guest from 207.154.234.102 port 34272 ssh2 Nov 14 11:05:16 MainVPS sshd[26289]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.154.234.102 user=root Nov 14 11:05:18 MainVPS sshd[26289]: Failed password for root from 207.154.234.102 port 42412 ssh2 ...	2019-11-14 21:54:11
185.156.73.21	attackbotsspam	185.156.73.21 was recorded 33 times by 13 hosts attempting to connect to the following ports: 65013,65012,65011,44889,44887,44888. Incident counter (4h, 24h, all-time): 33, 160, 1078	2019-11-14 22:26:02
111.20.190.43	attackspambots	Fail2Ban - FTP Abuse Attempt	2019-11-14 22:19:59
219.137.207.76	attackbotsspam	Multiple failed FTP logins	2019-11-14 22:14:46
134.209.200.254	attackspambots	5900/tcp [2019-11-14]1pkt	2019-11-14 22:32:07
200.0.50.200	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/200.0.50.200/ BR - 1H : (337) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : BR NAME ASN : ASN262434 IP : 200.0.50.200 CIDR : 200.0.50.0/24 PREFIX COUNT : 24 UNIQUE IP COUNT : 11264 ATTACKS DETECTED ASN262434 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 DateTime : 2019-11-14 07:19:15 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-11-14 22:20:46
61.167.82.214	attack	Port scan detected on ports: 65529[TCP], 3389[TCP], 3389[TCP]	2019-11-14 22:24:04
148.70.250.207	attackspambots	2019-11-14T07:27:48.480327abusebot-8.cloudsearch.cf sshd\[8097\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.250.207 user=root	2019-11-14 22:00:24
124.93.18.202	attack	Invalid user yoyo from 124.93.18.202 port 48481	2019-11-14 21:57:36

Recently Reported IPs

51.38.140.11	96.231.65.122	156.96.118.60	217.91.144.95
123.241.186.245	51.77.124.86	144.76.67.250	139.186.71.62
183.56.203.81	123.21.68.72	187.195.3.195	188.186.180.36
102.45.9.25	79.40.141.39	73.74.1.144	27.185.12.20
232.171.36.199	118.25.177.225	171.224.177.134	165.22.16.193