121.239.199.148

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
121.239.199.193	attack	Scanning	2019-12-26 19:19:47

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 121.239.199.148
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22138
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;121.239.199.148.		IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025021601 1800 900 604800 86400

;; Query time: 40 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 17 03:21:11 CST 2025
;; MSG SIZE  rcvd: 108

Host info

Host 148.199.239.121.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 148.199.239.121.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
189.59.34.126	attackspambots	Oct 14 18:19:29 kapalua sshd\[13021\]: Invalid user asdfg!@\#123 from 189.59.34.126 Oct 14 18:19:29 kapalua sshd\[13021\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.59.34.126.dynamic.adsl.gvt.net.br Oct 14 18:19:31 kapalua sshd\[13021\]: Failed password for invalid user asdfg!@\#123 from 189.59.34.126 port 39918 ssh2 Oct 14 18:24:26 kapalua sshd\[13479\]: Invalid user 12 from 189.59.34.126 Oct 14 18:24:26 kapalua sshd\[13479\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.59.34.126.dynamic.adsl.gvt.net.br	2019-10-15 12:36:20
88.202.177.187	attack	88.202.177.187 - - [14/Oct/2019:23:53:13 -0400] "GET /?page=/etc/passwd&manufacturerID=9&collectionID=75 HTTP/1.1" 200 17733 "https://faucetsupply.com/?page=/etc/passwd&manufacturerID=9&collectionID=75" "Mozilla/5.0 (Windows NT 10.0; WOW64; Rv:50.0) Gecko/20100101 Firefox/50.0" ...	2019-10-15 13:13:52
106.12.178.62	attackbots	detected by Fail2Ban	2019-10-15 12:50:23
50.62.23.56	attackspambots	[Aegis] @ 2019-10-15 04:53:55 0100 -> CMS (WordPress or Joomla) brute force attempt.	2019-10-15 12:39:16
118.24.57.240	attackspambots	Oct 15 06:23:32 vps647732 sshd[29999]: Failed password for root from 118.24.57.240 port 33186 ssh2 ...	2019-10-15 12:35:22
222.74.50.141	attack	Scanning and Vuln Attempts	2019-10-15 12:34:37
211.114.176.34	attackbotsspam	Oct 15 05:23:18 icinga sshd[33348]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.114.176.34 Oct 15 05:23:20 icinga sshd[33348]: Failed password for invalid user hp from 211.114.176.34 port 60574 ssh2 Oct 15 05:59:24 icinga sshd[56943]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.114.176.34 ...	2019-10-15 12:32:54
60.26.200.142	attackbotsspam	Oct 15 00:47:17 firewall sshd[11527]: Invalid user PlMt237 from 60.26.200.142 Oct 15 00:47:19 firewall sshd[11527]: Failed password for invalid user PlMt237 from 60.26.200.142 port 51130 ssh2 Oct 15 00:53:39 firewall sshd[11726]: Invalid user admincdn from 60.26.200.142 ...	2019-10-15 12:55:51
180.153.59.105	attackbots	Oct 15 06:57:31 legacy sshd[6957]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.153.59.105 Oct 15 06:57:33 legacy sshd[6957]: Failed password for invalid user iroda from 180.153.59.105 port 62649 ssh2 Oct 15 07:01:47 legacy sshd[7050]: Failed password for root from 180.153.59.105 port 37996 ssh2 ...	2019-10-15 13:02:45
103.73.151.98	attack	Brute force RDP, port 3389	2019-10-15 13:01:12
185.2.31.10	attack	Oct 15 03:56:52 vayu sshd[581689]: Address 185.2.31.10 maps to gw.rashco.net, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Oct 15 03:56:52 vayu sshd[581689]: Invalid user temp from 185.2.31.10 Oct 15 03:56:52 vayu sshd[581689]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.2.31.10 Oct 15 03:56:54 vayu sshd[581689]: Failed password for invalid user temp from 185.2.31.10 port 53188 ssh2 Oct 15 03:56:54 vayu sshd[581689]: Received disconnect from 185.2.31.10: 11: Bye Bye [preauth] Oct 15 04:10:50 vayu sshd[588220]: Address 185.2.31.10 maps to gw.rashco.net, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Oct 15 04:10:50 vayu sshd[588220]: Invalid user admin from 185.2.31.10 Oct 15 04:10:50 vayu sshd[588220]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.2.31.10 Oct 15 04:10:52 vayu sshd[588220]: Failed password for invalid user admi........ -------------------------------	2019-10-15 13:06:50
125.227.255.79	attack	Oct 15 06:38:18 SilenceServices sshd[31756]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.227.255.79 Oct 15 06:38:21 SilenceServices sshd[31756]: Failed password for invalid user fnjoroge from 125.227.255.79 port 22824 ssh2 Oct 15 06:42:46 SilenceServices sshd[608]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.227.255.79	2019-10-15 13:08:18
139.59.40.233	attackbots	WordPress login Brute force / Web App Attack on client site.	2019-10-15 12:54:10
78.186.141.210	attackbots	Automatic report - Port Scan Attack	2019-10-15 12:37:49
220.180.238.9	attackspam	Scanning and Vuln Attempts	2019-10-15 12:42:16

Recently Reported IPs

185.2.155.127	232.97.174.131	78.135.179.20	144.187.61.50
247.60.67.176	93.233.164.20	5.116.234.22	22.87.67.108
19.81.12.189	86.146.34.217	41.134.126.20	224.177.107.240
145.22.64.157	50.255.185.104	140.127.223.55	139.64.73.109
252.218.169.242	146.59.74.130	145.29.255.244	222.69.106.234