139.155.21.34 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Tencent Cloud Computing (Beijing) Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	SSH login attempts.	2020-09-09 00:18:04
attackspambots	SSH login attempts.	2020-09-08 15:49:56
attack	Lines containing failures of 139.155.21.34 Sep 7 02:16:25 v2hgb sshd[5602]: Invalid user ubnt from 139.155.21.34 port 38778 Sep 7 02:16:25 v2hgb sshd[5602]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.21.34 Sep 7 02:16:27 v2hgb sshd[5602]: Failed password for invalid user ubnt from 139.155.21.34 port 38778 ssh2 Sep 7 02:16:27 v2hgb sshd[5602]: Received disconnect from 139.155.21.34 port 38778:11: Bye Bye [preauth] Sep 7 02:16:27 v2hgb sshd[5602]: Disconnected from invalid user ubnt 139.155.21.34 port 38778 [preauth] Sep 7 02:37:10 v2hgb sshd[7634]: Connection closed by 139.155.21.34 port 39446 [preauth] Sep 7 02:41:12 v2hgb sshd[8175]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.21.34 user=r.r Sep 7 02:41:14 v2hgb sshd[8175]: Failed password for r.r from 139.155.21.34 port 58590 ssh2 Sep 7 02:41:15 v2hgb sshd[8175]: Received disconnect from 139.155.21.34 por........ ------------------------------	2020-09-08 08:24:38
attack	Invalid user git from 139.155.21.34 port 43078	2020-09-02 20:36:28
attackbotsspam	Jul 24 10:30:38 server sshd[8988]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.21.34 Jul 24 10:30:39 server sshd[8988]: Failed password for invalid user admin from 139.155.21.34 port 53580 ssh2 Jul 24 10:38:03 server sshd[10333]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.21.34	2020-09-02 12:30:53
attackbots	Input Traffic from this IP, but critial abuseconfidencescore	2020-09-02 05:39:51
attackbotsspam	Fail2Ban Ban Triggered (2)	2020-08-28 03:54:16
attackspam	fail2ban -- 139.155.21.34 ...	2020-08-21 17:07:27
attackspambots	Aug 18 15:36:13 vps639187 sshd\[15240\]: Invalid user le from 139.155.21.34 port 48616 Aug 18 15:36:13 vps639187 sshd\[15240\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.21.34 Aug 18 15:36:15 vps639187 sshd\[15240\]: Failed password for invalid user le from 139.155.21.34 port 48616 ssh2 ...	2020-08-18 22:01:22
attackspam	Aug 11 15:07:58 cosmoit sshd[21906]: Failed password for root from 139.155.21.34 port 46194 ssh2	2020-08-11 21:46:31
attack	Aug 8 07:07:49 journals sshd\[123764\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.21.34 user=root Aug 8 07:07:51 journals sshd\[123764\]: Failed password for root from 139.155.21.34 port 58630 ssh2 Aug 8 07:12:28 journals sshd\[124225\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.21.34 user=root Aug 8 07:12:29 journals sshd\[124225\]: Failed password for root from 139.155.21.34 port 53102 ssh2 Aug 8 07:17:08 journals sshd\[124585\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.21.34 user=root ...	2020-08-08 15:41:50
attack	Jul 11 18:52:00 sachi sshd\[15065\]: Invalid user ilie from 139.155.21.34 Jul 11 18:52:00 sachi sshd\[15065\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.21.34 Jul 11 18:52:02 sachi sshd\[15065\]: Failed password for invalid user ilie from 139.155.21.34 port 59428 ssh2 Jul 11 18:54:53 sachi sshd\[15318\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.21.34 user=root Jul 11 18:54:54 sachi sshd\[15318\]: Failed password for root from 139.155.21.34 port 34656 ssh2	2020-07-12 12:57:45

Comments on same subnet:

IP	Type	Details	Datetime
139.155.21.186	attack	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-08-09T16:44:02Z and 2020-08-09T16:54:14Z	2020-08-10 03:46:07
139.155.21.186	attack	Aug 9 06:35:30 marvibiene sshd[6560]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.21.186 user=root Aug 9 06:35:32 marvibiene sshd[6560]: Failed password for root from 139.155.21.186 port 38006 ssh2 Aug 9 06:50:11 marvibiene sshd[6820]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.21.186 user=root Aug 9 06:50:12 marvibiene sshd[6820]: Failed password for root from 139.155.21.186 port 46438 ssh2	2020-08-09 15:03:59
139.155.21.186	attackbotsspam	Jul 29 11:04:16 journals sshd\[12620\]: Invalid user yzhu from 139.155.21.186 Jul 29 11:04:16 journals sshd\[12620\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.21.186 Jul 29 11:04:18 journals sshd\[12620\]: Failed password for invalid user yzhu from 139.155.21.186 port 41158 ssh2 Jul 29 11:07:56 journals sshd\[13104\]: Invalid user tomcat from 139.155.21.186 Jul 29 11:07:56 journals sshd\[13104\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.21.186 ...	2020-07-29 16:17:53
139.155.21.186	attack	Jul 28 12:04:50 onepixel sshd[3644051]: Invalid user wangwq from 139.155.21.186 port 54182 Jul 28 12:04:50 onepixel sshd[3644051]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.21.186 Jul 28 12:04:50 onepixel sshd[3644051]: Invalid user wangwq from 139.155.21.186 port 54182 Jul 28 12:04:52 onepixel sshd[3644051]: Failed password for invalid user wangwq from 139.155.21.186 port 54182 ssh2 Jul 28 12:08:21 onepixel sshd[3646075]: Invalid user pengteng from 139.155.21.186 port 34680	2020-07-28 20:13:58
139.155.21.186	attack	Jul 12 06:16:00 PorscheCustomer sshd[15893]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.21.186 Jul 12 06:16:02 PorscheCustomer sshd[15893]: Failed password for invalid user grj from 139.155.21.186 port 60786 ssh2 Jul 12 06:16:48 PorscheCustomer sshd[15942]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.21.186 ...	2020-07-12 13:41:20
139.155.21.186	attackbots	Jun 28 15:14:03 Invalid user multicraft from 139.155.21.186 port 43430	2020-06-28 23:01:14
139.155.21.186	attack	$f2bV_matches	2020-06-26 22:47:59
139.155.21.186	attack	SSH Brute-Force attacks	2020-06-08 15:33:29
139.155.21.186	attackbotsspam	Jun 5 13:58:33 cloud sshd[18333]: Failed password for root from 139.155.21.186 port 40924 ssh2	2020-06-05 21:15:05
139.155.21.186	attackspambots	May 25 14:03:37 ns3164893 sshd[9358]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.21.186 user=root May 25 14:03:39 ns3164893 sshd[9358]: Failed password for root from 139.155.21.186 port 55062 ssh2 ...	2020-05-25 20:51:09
139.155.21.186	attack	2020-05-23T04:35:10.697143server.espacesoutien.com sshd[13504]: Invalid user lkj from 139.155.21.186 port 34074 2020-05-23T04:35:10.713013server.espacesoutien.com sshd[13504]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.21.186 2020-05-23T04:35:10.697143server.espacesoutien.com sshd[13504]: Invalid user lkj from 139.155.21.186 port 34074 2020-05-23T04:35:12.665872server.espacesoutien.com sshd[13504]: Failed password for invalid user lkj from 139.155.21.186 port 34074 ssh2 ...	2020-05-23 13:01:03
139.155.21.186	attackbots	May 10 22:27:19 ns382633 sshd\[24505\]: Invalid user postgres from 139.155.21.186 port 42884 May 10 22:27:19 ns382633 sshd\[24505\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.21.186 May 10 22:27:20 ns382633 sshd\[24505\]: Failed password for invalid user postgres from 139.155.21.186 port 42884 ssh2 May 10 22:36:37 ns382633 sshd\[26288\]: Invalid user smbuser from 139.155.21.186 port 40350 May 10 22:36:37 ns382633 sshd\[26288\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.21.186	2020-05-11 05:02:38
139.155.21.186	attack	5x Failed Password	2020-05-07 01:11:34
139.155.21.186	attackspambots	Invalid user zw from 139.155.21.186 port 44238	2020-04-25 15:58:55
139.155.21.186	attackbots	SSH invalid-user multiple login try	2020-04-12 17:14:06

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.155.21.34
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4271
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.155.21.34.			IN	A

;; AUTHORITY SECTION:
.			156	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020061801 1800 900 604800 86400

;; Query time: 51 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jun 19 06:47:52 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 34.21.155.139.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 34.21.155.139.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
112.74.186.78	attack	112.74.186.78 - - [08/May/2020:14:50:26 +0300] "GET /console HTTP/1.0" 403 1460 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0" 112.74.186.78 - - [08/May/2020:14:50:32 +0300] "GET / HTTP/1.0" 403 1460 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0" 112.74.186.78 - - [08/May/2020:14:50:33 +0300] "GET /horde/imp/test.php HTTP/1.0" 403 1460 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0" ...	2020-05-09 19:29:30
91.121.104.181	attack	May 8 19:21:53 [host] sshd[29989]: Invalid user m May 8 19:21:53 [host] sshd[29989]: pam_unix(sshd: May 8 19:21:55 [host] sshd[29989]: Failed passwor	2020-05-09 19:08:10
118.113.145.225	attack	$f2bV_matches	2020-05-09 19:20:42
45.83.29.122	attack	Scanned 2 times in the last 24 hours on port 5060	2020-05-09 19:15:35
206.189.66.165	attack	206.189.66.165 - - \[08/May/2020:19:39:45 +0200\] "POST /wp-login.php HTTP/1.0" 200 4128 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 206.189.66.165 - - \[08/May/2020:19:39:52 +0200\] "POST /wp-login.php HTTP/1.0" 200 4134 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 206.189.66.165 - - \[08/May/2020:19:39:54 +0200\] "POST /wp-login.php HTTP/1.0" 200 4067 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-05-09 19:17:10
182.43.134.224	attackbots	SSH invalid-user multiple login try	2020-05-09 18:56:34
106.12.55.57	attack	2020-05-09T04:53:31.596071centos sshd[19976]: Failed password for invalid user vera from 106.12.55.57 port 48806 ssh2 2020-05-09T04:59:10.861933centos sshd[20338]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.55.57 user=root 2020-05-09T04:59:13.053715centos sshd[20338]: Failed password for root from 106.12.55.57 port 49156 ssh2 ...	2020-05-09 19:21:05
198.108.67.18	attack	May 8 21:02:41 debian-2gb-nbg1-2 kernel: \[11223441.547421\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=198.108.67.18 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=32 ID=63489 PROTO=TCP SPT=18462 DPT=2 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-09 19:01:14
45.162.32.226	attackbotsspam	May 8 22:30:48 dns-1 sshd[18726]: User r.r from 45.162.32.226 not allowed because not listed in AllowUsers May 8 22:30:48 dns-1 sshd[18726]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.162.32.226 user=r.r May 8 22:30:50 dns-1 sshd[18726]: Failed password for invalid user r.r from 45.162.32.226 port 40298 ssh2 May 8 22:30:51 dns-1 sshd[18726]: Received disconnect from 45.162.32.226 port 40298:11: Bye Bye [preauth] May 8 22:30:51 dns-1 sshd[18726]: Disconnected from invalid user r.r 45.162.32.226 port 40298 [preauth] May 8 22:33:18 dns-1 sshd[18859]: Invalid user prueba from 45.162.32.226 port 54886 May 8 22:33:18 dns-1 sshd[18859]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.162.32.226 May 8 22:33:20 dns-1 sshd[18859]: Failed password for invalid user prueba from 45.162.32.226 port 54886 ssh2 May 8 22:33:23 dns-1 sshd[18859]: Received disconnect from 45.162.32.226 por........ -------------------------------	2020-05-09 19:26:14
191.191.42.172	attackspam	May 9 04:45:39 ns3164893 sshd[3485]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.191.42.172 May 9 04:45:41 ns3164893 sshd[3485]: Failed password for invalid user adam from 191.191.42.172 port 30984 ssh2 ...	2020-05-09 19:18:52
185.234.228.40	attack	Unauthorized connection attempt detected from IP address 185.234.228.40 to port 445 [T]	2020-05-09 19:23:17
61.160.96.90	attack	May 8 22:50:06 ws12vmsma01 sshd[17504]: Failed password for invalid user qzh from 61.160.96.90 port 26006 ssh2 May 8 22:51:39 ws12vmsma01 sshd[17781]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.160.96.90 user=root May 8 22:51:41 ws12vmsma01 sshd[17781]: Failed password for root from 61.160.96.90 port 5686 ssh2 ...	2020-05-09 19:14:06
108.16.20.180	attack	108.16.20.180 has been banned for [spam] ...	2020-05-09 18:48:55
49.235.135.230	attackbots	May 8 21:35:33 pve1 sshd[27057]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.135.230 May 8 21:35:35 pve1 sshd[27057]: Failed password for invalid user abdul from 49.235.135.230 port 55888 ssh2 ...	2020-05-09 19:16:52
213.239.212.121	attackbotsspam	May 8 21:09:50 datentool sshd[12181]: Did not receive identification string from 213.239.212.121 May 8 21:09:51 datentool sshd[12187]: Did not receive identification string from 213.239.212.121 May 8 21:09:57 datentool sshd[12188]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.239.212.121 user=r.r May 8 21:09:58 datentool sshd[12190]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.239.212.121 user=r.r May 8 21:09:59 datentool sshd[12192]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.239.212.121 user=r.r May 8 21:09:59 datentool sshd[12190]: Failed password for r.r from 213.239.212.121 port 38932 ssh2 May 8 21:09:59 datentool sshd[12188]: Failed password for r.r from 213.239.212.121 port 33400 ssh2 May 8 21:10:00 datentool sshd[12194]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=21........ -------------------------------	2020-05-09 19:10:37

Recently Reported IPs

168.243.231.82	193.14.214.151	85.105.16.144	187.14.149.154
171.78.202.231	72.128.211.70	45.55.156.19	101.31.93.147
247.190.15.57	110.136.8.10	45.92.73.62	63.174.89.97
147.167.63.45	155.236.220.70	112.66.10.153	202.204.239.208
61.214.117.102	233.74.159.59	138.88.117.95	15.105.119.109