122.129.85.139

Basic Info

City: unknown

Region: unknown

Country: Pakistan

Internet Service Provider: Brain Telecommunication Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Honeypot attack, port: 445, PTR: 122-129-85-139.brain.net.pk.	2019-08-30 19:54:30

Comments on same subnet:

IP	Type	Details	Datetime
122.129.85.244	attackspam	Unauthorized connection attempt from IP address 122.129.85.244 on Port 445(SMB)	2020-08-04 08:37:20
122.129.85.251	attack	Unauthorized connection attempt from IP address 122.129.85.251 on Port 445(SMB)	2020-02-20 21:45:52
122.129.85.244	attack	Unauthorized connection attempt from IP address 122.129.85.244 on Port 445(SMB)	2020-01-26 18:18:32

Type

Details

Datetime

122.129.85.244

attackspam

Unauthorized connection attempt from IP address 122.129.85.244 on Port 445(SMB)

2020-08-04 08:37:20

122.129.85.251

attack

Unauthorized connection attempt from IP address 122.129.85.251 on Port 445(SMB)

2020-02-20 21:45:52

122.129.85.244

attack

Unauthorized connection attempt from IP address 122.129.85.244 on Port 445(SMB)

2020-01-26 18:18:32

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 122.129.85.139
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 30440
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;122.129.85.139.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019053101 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Jun 01 03:23:35 CST 2019
;; MSG SIZE  rcvd: 118

Host info

139.85.129.122.in-addr.arpa domain name pointer 122-129-85-139.brain.net.pk.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
139.85.129.122.in-addr.arpa	name = 122-129-85-139.brain.net.pk.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
58.10.221.177	attack	Honeypot attack, port: 81, PTR: cm-58-10-221-177.revip7.asianet.co.th.	2020-03-07 21:54:54
118.69.244.146	attack	WordPress login Brute force / Web App Attack on client site.	2020-03-07 21:31:10
192.144.132.172	attackspambots	suspicious action Sat, 07 Mar 2020 10:35:00 -0300	2020-03-07 21:54:20
168.128.70.151	attackbots	2020-03-06 UTC: (31x) - admin,mfs,nproc,nx,omn,postgres,root(24x),ubuntu	2020-03-07 21:35:13
106.75.63.218	attackspam	firewall-block, port(s): 5985/tcp	2020-03-07 21:49:44
184.89.147.14	attack	Blocked for port scanning. Time: Fri Mar 6. 08:37:17 2020 +0100 IP: 184.89.147.14 (US/United States/184-089-147-014.res.spectrum.com) Sample of block hits: Mar 6 08:36:05 vserv kernel: [33132679.124709] Firewall: TCP_IN Blocked IN=venet0 OUT= MAC= SRC=184.89.147.14 DST=[removed] LEN=44 TOS=0x00 PREC=0x00 TTL=50 ID=52426 PROTO=TCP SPT=24137 DPT=88 WINDOW=20670 RES=0x00 SYN URGP=0 Mar 6 08:36:24 vserv kernel: [33132698.637758] Firewall: TCP_IN Blocked IN=venet0 OUT= MAC= SRC=184.89.147.14 DST=[removed] LEN=44 TOS=0x00 PREC=0x00 TTL=50 ID=52426 PROTO=TCP SPT=24137 DPT=88 WINDOW=20670 RES=0x00 SYN URGP=0 Mar 6 08:36:27 vserv kernel: [33132701.541535] Firewall: TCP_IN Blocked IN=venet0 OUT= MAC= SRC=184.89.147.14 DST=[removed] LEN=44 TOS=0x00 PREC=0x00 TTL=50 ID=52426 PROTO=TCP SPT=24137 DPT=88 WINDOW=20670 RES=0x00 SYN URGP=0 Mar 6 08:36:30 vserv kernel: [33132704.687610] Firewall: TCP_IN Blocked IN=venet0 OUT= MAC= SRC=184.89.147.14 DST=[removed] LEN=44 TOS=0x00 PREC=0x00 TTL=50 ID=52426 PROTO	2020-03-07 21:25:26
142.93.140.242	attackbots	Mar 7 14:09:13 lnxmysql61 sshd[4694]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.140.242 Mar 7 14:09:13 lnxmysql61 sshd[4694]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.140.242	2020-03-07 21:35:26
118.24.107.39	attack	Mar 7 16:12:18 server sshd\[1841\]: Invalid user admin from 118.24.107.39 Mar 7 16:12:18 server sshd\[1841\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.107.39 Mar 7 16:12:20 server sshd\[1841\]: Failed password for invalid user admin from 118.24.107.39 port 51744 ssh2 Mar 7 16:35:05 server sshd\[5936\]: Invalid user lisha from 118.24.107.39 Mar 7 16:35:05 server sshd\[5936\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.107.39 ...	2020-03-07 21:45:06
222.186.42.7	attackspam	Mar 7 19:05:07 areeb-Workstation sshd[5031]: Failed password for root from 222.186.42.7 port 16594 ssh2 Mar 7 19:05:09 areeb-Workstation sshd[5031]: Failed password for root from 222.186.42.7 port 16594 ssh2 ...	2020-03-07 21:39:03
185.176.27.38	attack	Mar 7 14:51:53 debian-2gb-nbg1-2 kernel: \[5848273.530131\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=185.176.27.38 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=8015 PROTO=TCP SPT=58555 DPT=24086 WINDOW=1024 RES=0x00 SYN URGP=0	2020-03-07 21:55:38
159.89.239.171	attack	Mar 7 08:15:19 ip-172-31-62-245 sshd\[18557\]: Invalid user admin from 159.89.239.171\ Mar 7 08:15:21 ip-172-31-62-245 sshd\[18557\]: Failed password for invalid user admin from 159.89.239.171 port 39560 ssh2\ Mar 7 08:18:54 ip-172-31-62-245 sshd\[18582\]: Invalid user test from 159.89.239.171\ Mar 7 08:18:56 ip-172-31-62-245 sshd\[18582\]: Failed password for invalid user test from 159.89.239.171 port 37328 ssh2\ Mar 7 08:22:24 ip-172-31-62-245 sshd\[18618\]: Invalid user slfphmatch from 159.89.239.171\	2020-03-07 21:21:02
1.22.55.154	attackbotsspam	" "	2020-03-07 21:17:59
119.235.53.228	attackbots	1583560923 - 03/07/2020 07:02:03 Host: 119.235.53.228/119.235.53.228 Port: 445 TCP Blocked	2020-03-07 21:37:37
148.233.136.34	attackbots	Mar 7 13:31:12 localhost sshd[48214]: Invalid user admin from 148.233.136.34 port 47751 Mar 7 13:31:12 localhost sshd[48214]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.233.136.34 Mar 7 13:31:12 localhost sshd[48214]: Invalid user admin from 148.233.136.34 port 47751 Mar 7 13:31:14 localhost sshd[48214]: Failed password for invalid user admin from 148.233.136.34 port 47751 ssh2 Mar 7 13:35:07 localhost sshd[48598]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.233.136.34 user=root Mar 7 13:35:09 localhost sshd[48598]: Failed password for root from 148.233.136.34 port 60752 ssh2 ...	2020-03-07 21:40:32
37.59.57.87	attackbots	37.59.57.87 - - [07/Mar/2020:14:35:00 +0100] "GET /wp-login.php HTTP/1.1" 200 5466 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 37.59.57.87 - - [07/Mar/2020:14:35:00 +0100] "POST /wp-login.php HTTP/1.1" 200 6246 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 37.59.57.87 - - [07/Mar/2020:14:35:01 +0100] "POST /xmlrpc.php HTTP/1.1" 200 438 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-03-07 21:52:24

Recently Reported IPs

192.95.41.115	139.162.112.248	125.161.107.49	196.202.74.18
68.65.122.200	192.248.43.132	80.91.192.165	177.184.13.37
5.63.151.119	202.79.60.37	41.41.149.134	198.71.235.49
188.214.104.146	139.99.122.172	195.13.178.5	218.28.58.186
187.188.193.229	96.87.16.153	220.180.107.193	218.75.148.181