139.9.13.143 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: Huawei Cloud Service data center

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
139.9.131.58	attackspam	Sep 22 18:46:51 nxxxxxxx0 sshd[20522]: reveeclipse mapping checking getaddrinfo for ecs-139-9-131-58.compute.hwclouds-dns.com [139.9.131.58] failed - POSSIBLE BREAK-IN ATTEMPT! Sep 22 18:46:51 nxxxxxxx0 sshd[20522]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.9.131.58 user=r.r Sep 22 18:46:53 nxxxxxxx0 sshd[20522]: Failed password for r.r from 139.9.131.58 port 47748 ssh2 Sep 22 18:46:53 nxxxxxxx0 sshd[20522]: Received disconnect from 139.9.131.58: 11: Bye Bye [preauth] Sep 22 18:48:09 nxxxxxxx0 sshd[20638]: reveeclipse mapping checking getaddrinfo for ecs-139-9-131-58.compute.hwclouds-dns.com [139.9.131.58] failed - POSSIBLE BREAK-IN ATTEMPT! Sep 22 18:48:09 nxxxxxxx0 sshd[20638]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.9.131.58 user=r.r Sep 22 18:48:11 nxxxxxxx0 sshd[20638]: Failed password for r.r from 139.9.131.58 port 33564 ssh2 Sep 22 18:48:11 nxxxxxxx0 sshd[20638........ -------------------------------	2020-09-23 22:11:01
139.9.131.58	attackbotsspam	Sep 22 18:46:51 nxxxxxxx0 sshd[20522]: reveeclipse mapping checking getaddrinfo for ecs-139-9-131-58.compute.hwclouds-dns.com [139.9.131.58] failed - POSSIBLE BREAK-IN ATTEMPT! Sep 22 18:46:51 nxxxxxxx0 sshd[20522]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.9.131.58 user=r.r Sep 22 18:46:53 nxxxxxxx0 sshd[20522]: Failed password for r.r from 139.9.131.58 port 47748 ssh2 Sep 22 18:46:53 nxxxxxxx0 sshd[20522]: Received disconnect from 139.9.131.58: 11: Bye Bye [preauth] Sep 22 18:48:09 nxxxxxxx0 sshd[20638]: reveeclipse mapping checking getaddrinfo for ecs-139-9-131-58.compute.hwclouds-dns.com [139.9.131.58] failed - POSSIBLE BREAK-IN ATTEMPT! Sep 22 18:48:09 nxxxxxxx0 sshd[20638]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.9.131.58 user=r.r Sep 22 18:48:11 nxxxxxxx0 sshd[20638]: Failed password for r.r from 139.9.131.58 port 33564 ssh2 Sep 22 18:48:11 nxxxxxxx0 sshd[20638........ -------------------------------	2020-09-23 14:29:53
139.9.131.58	attack	Sep 22 18:46:51 nxxxxxxx0 sshd[20522]: reveeclipse mapping checking getaddrinfo for ecs-139-9-131-58.compute.hwclouds-dns.com [139.9.131.58] failed - POSSIBLE BREAK-IN ATTEMPT! Sep 22 18:46:51 nxxxxxxx0 sshd[20522]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.9.131.58 user=r.r Sep 22 18:46:53 nxxxxxxx0 sshd[20522]: Failed password for r.r from 139.9.131.58 port 47748 ssh2 Sep 22 18:46:53 nxxxxxxx0 sshd[20522]: Received disconnect from 139.9.131.58: 11: Bye Bye [preauth] Sep 22 18:48:09 nxxxxxxx0 sshd[20638]: reveeclipse mapping checking getaddrinfo for ecs-139-9-131-58.compute.hwclouds-dns.com [139.9.131.58] failed - POSSIBLE BREAK-IN ATTEMPT! Sep 22 18:48:09 nxxxxxxx0 sshd[20638]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.9.131.58 user=r.r Sep 22 18:48:11 nxxxxxxx0 sshd[20638]: Failed password for r.r from 139.9.131.58 port 33564 ssh2 Sep 22 18:48:11 nxxxxxxx0 sshd[20638........ -------------------------------	2020-09-23 06:19:56
139.9.138.93	attack	Port scan on 2 port(s): 2375 2376	2020-02-20 18:16:05
139.9.137.99	attackbots	" "	2019-11-26 13:02:40

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.9.13.143
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56305
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.9.13.143.			IN	A

;; AUTHORITY SECTION:
.			2474	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071800 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Jul 18 23:45:10 CST 2019
;; MSG SIZE  rcvd: 116

Host info

143.13.9.139.in-addr.arpa domain name pointer ecs-139-9-13-143.compute.hwclouds-dns.com.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
143.13.9.139.in-addr.arpa	name = ecs-139-9-13-143.compute.hwclouds-dns.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
93.118.100.44	attackspambots	Aug 5 14:20:26 rancher-0 sshd[807923]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.118.100.44 user=root Aug 5 14:20:29 rancher-0 sshd[807923]: Failed password for root from 93.118.100.44 port 14180 ssh2 ...	2020-08-05 20:22:32
121.61.70.196	attackbotsspam	firewall-block, port(s): 23/tcp	2020-08-05 20:32:02
113.80.224.172	attackbotsspam	Email rejected due to spam filtering	2020-08-05 20:46:46
177.183.44.193	attack	fail2ban -- 177.183.44.193 ...	2020-08-05 20:26:43
220.132.75.140	attackspam	Aug 5 14:49:56 eventyay sshd[30147]: Failed password for root from 220.132.75.140 port 42816 ssh2 Aug 5 14:52:58 eventyay sshd[30241]: Failed password for root from 220.132.75.140 port 59374 ssh2 ...	2020-08-05 21:03:42
222.186.175.202	attackspambots	2020-08-05T14:50:55+0200 Failed SSH Authentication/Brute Force Attack. (Server 10)	2020-08-05 20:53:22
36.7.80.168	attackspam	Attempted to establish connection to non opened port 10270	2020-08-05 21:05:55
37.49.224.33	attack	UDP 37.49.224.33:52128 -> port 37810, len 32	2020-08-05 21:02:55
2a01:4f8:c0c:68::2	attackbots	Automatically reported by fail2ban report script (mx1)	2020-08-05 20:28:09
49.88.112.75	attackspam	Aug 5 14:30:35 jane sshd[24941]: Failed password for root from 49.88.112.75 port 58866 ssh2 Aug 5 14:30:39 jane sshd[24941]: Failed password for root from 49.88.112.75 port 58866 ssh2 ...	2020-08-05 20:31:35
162.243.128.9	attack	Port scan: Attack repeated for 24 hours	2020-08-05 20:55:42
141.98.10.199	attackbotsspam	2020-08-05T12:28:19.258397shield sshd\[18683\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.98.10.199 user=root 2020-08-05T12:28:20.787270shield sshd\[18683\]: Failed password for root from 141.98.10.199 port 34231 ssh2 2020-08-05T12:29:11.361402shield sshd\[18797\]: Invalid user admin from 141.98.10.199 port 38115 2020-08-05T12:29:11.370138shield sshd\[18797\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.98.10.199 2020-08-05T12:29:13.699788shield sshd\[18797\]: Failed password for invalid user admin from 141.98.10.199 port 38115 ssh2	2020-08-05 20:39:51
89.248.168.51	attackbotsspam	firewall-block, port(s): 631/tcp	2020-08-05 20:43:57
186.216.64.231	attack	SMTP-SASL bruteforce attempt	2020-08-05 21:05:42
129.211.99.254	attackbotsspam	Aug 5 09:19:26 vps46666688 sshd[5504]: Failed password for root from 129.211.99.254 port 57318 ssh2 ...	2020-08-05 20:37:16

Recently Reported IPs

57.5.238.163	82.80.61.194	181.245.121.76	222.72.147.10
139.94.27.190	2600:1700:1730:d910:cf5:25c5:525e:acc0	50.243.132.133	2a02:8108:8240:2378:cbf:8284:4596:d31f
175.167.230.11	91.98.157.40	95.103.86.190	24.121.113.74
116.52.177.115	180.27.220.186	14.234.176.133	54.38.169.85
212.139.225.24	191.195.136.78	122.26.81.184	80.240.60.103