AbuseIPDB » 171.13.39.249

171.13.39.249 was found in our database!

This IP was reported 1,191 times. Confidence of Abuse is 100%: ?

100%

ISP	CHINANET henan province network
Usage Type	Fixed Line ISP
ASN	AS4134
Hostname(s)	13.171.broad.ha.dynamic.163data.com.cn
Domain Name	hntele.com
Country	China
City	Shanghai, Shanghai

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated biweekly.

Report 171.13.39.249

Whois 171.13.39.249

IP Abuse Reports for 171.13.39.249:

This IP address has been reported a total of 1,191 times from 219 distinct sources. 171.13.39.249 was first reported on January 17th 2025, and the most recent report was 21 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp in UTC	Comment	Categories
aglenday	2025-07-12 15:45:44 (21 minutes ago)	(imapd) Failed IMAP login from 171.13.39.249 (CN/China/13.171.broad.ha.dynamic.163data.com.cn): 3 in ... show more(imapd) Failed IMAP login from 171.13.39.249 (CN/China/13.171.broad.ha.dynamic.163data.com.cn): 3 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2025-07-13T01:45:39.756417+10:00 mail dovecot: imap-login: Disconnected: Connection closed (auth failed, 3 attempts in 16 secs): user=<[email protected]>, method=PLAIN, rip=171.13.39.249, lip=149.28.180.240, session=<cSWMUL05MbqrDSf5> show less	Port Scan
Reaper	2025-07-12 14:36:18 (1 hour ago)	Failed password for user Supervisor from 171.13.39.249	Brute-Force SSH
Swiptly	2025-07-12 14:02:17 (2 hours ago)	Exim Login attempts ...	Email Spam Brute-Force
dd3589	2025-07-12 13:30:03 (2 hours ago)	2025-07-12T15:29:17+02:00 <masked> exim[473526]: REJECT [171.13.39.249]: bad recipient count high [9 ... show more2025-07-12T15:29:17+02:00 <masked> exim[473526]: REJECT [171.13.39.249]: bad recipient count high [99] show less	Brute-Force
DigiBean	2025-07-12 13:12:46 (2 hours ago)	2025-07-12T21:12:40.009091+08:00 erp sshd[261523]: pam_unix(sshd:auth): authentication failure; logn ... show more2025-07-12T21:12:40.009091+08:00 erp sshd[261523]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.13.39.249 2025-07-12T21:12:41.965082+08:00 erp sshd[261523]: Failed password for invalid user router from 171.13.39.249 port 55169 ssh2 2025-07-12T21:12:45.041709+08:00 erp sshd[261523]: Connection closed by invalid user router 171.13.39.249 port 55169 [preauth] ... show less	Brute-Force SSH
Woodie	2025-07-12 10:49:22 (5 hours ago)	2025-07-12T06:45:04.057148-04:00 debian sshd[3944205]: Failed password for invalid user Operator fro ... show more2025-07-12T06:45:04.057148-04:00 debian sshd[3944205]: Failed password for invalid user Operator from 171.13.39.249 port 45337 ssh2 2025-07-12T06:46:29.787458-04:00 debian sshd[3945572]: Invalid user Noname from 171.13.39.249 port 49989 2025-07-12T06:46:29.790969-04:00 debian sshd[3945572]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.13.39.249 2025-07-12T06:46:32.307321-04:00 debian sshd[3945572]: Failed password for invalid user Noname from 171.13.39.249 port 49989 ssh2 2025-07-12T06:49:21.902448-04:00 debian sshd[3947786]: Invalid user pi from 171.13.39.249 port 44954 ... show less	Brute-Force SSH
LRob.fr	2025-07-12 10:45:15 (5 hours ago)	SMTP brute-force detected by Fail2Ban in plesk-postfix jail	Email Spam Brute-Force
ggb_st	2025-07-12 04:57:45 (11 hours ago)	2025-07-12T07:57:42.398857+03:00 gogo-server sshd-session[571716]: Invalid user router from 171.13.3 ... show more2025-07-12T07:57:42.398857+03:00 gogo-server sshd-session[571716]: Invalid user router from 171.13.39.249 port 54095 2025-07-12T07:57:42.406551+03:00 gogo-server sshd-session[571716]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.13.39.249 2025-07-12T07:57:45.127618+03:00 gogo-server sshd-session[571716]: Failed password for invalid user router from 171.13.39.249 port 54095 ssh2 ... show less	Brute-Force SSH
Anonymous	2025-07-12 03:41:59 (12 hours ago)	IMAP password guessing	Brute-Force
juutis	2025-07-12 01:22:19 (14 hours ago)	Jul 12 03:22:19 butler postfix/smtpd[640291]: warning: unknown[171.13.39.249]: SASL LOGIN authentica ... show moreJul 12 03:22:19 butler postfix/smtpd[640291]: warning: unknown[171.13.39.249]: SASL LOGIN authentication failed: authentication failure, [email protected] show less	Brute-Force
KlinikaMD	2025-07-11 21:00:53 (19 hours ago)	Automatic report from KMD firewall log.	Port Scan Hacking Brute-Force
Exatek Online	2025-07-11 20:50:40 (19 hours ago)	2025-07-11T17:32:30.584674+02:00 kenny dovecot: auth-worker(1867721): conn unix:auth-worker (pid=186 ... show more2025-07-11T17:32:30.584674+02:00 kenny dovecot: auth-worker(1867721): conn unix:auth-worker (pid=1866073,uid=107): auth-worker<29>: sql([email protected],171.13.39.249): unknown user 2025-07-11T17:32:31.791807+02:00 kenny dovecot: auth-worker(1867721): conn unix:auth-worker (pid=1866073,uid=107): auth-worker<30>: pam([email protected],171.13.39.249): pam_authenticate() failed: Authentication failure (Password mismatch?) 2025-07-11T22:50:39.532784+02:00 kenny dovecot: auth-worker(1899873): conn unix:auth-worker (pid=1876008,uid=107): auth-worker<13>: sql([email protected],171.13.39.249): unknown user ... show less	Email Spam Brute-Force
rtbh.com.tr	2025-07-11 20:07:38 (19 hours ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
eyesilyurt	2025-07-11 11:32:55 (1 day ago)	c- login authenticator failed Incorrect authentication data	Brute-Force SSH
Anonymous	2025-07-11 11:22:11 (1 day ago)	SMTP brute force - auth failed	Brute-Force Exploited Host

Is this your IP? You may request to takedown any associated reports. We will attempt to verify your ownership. Request Takedown 🚩