123.158.48.135

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: China Unicom Zhejiang Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt detected from IP address 123.158.48.135 to port 999 [J]	2020-03-02 19:07:21

Comments on same subnet:

IP	Type	Details	Datetime
123.158.48.197	attackspam	Unauthorized connection attempt detected from IP address 123.158.48.197 to port 5061 [T]	2020-04-15 00:27:00
123.158.48.122	attack	Unauthorized connection attempt detected from IP address 123.158.48.122 to port 8118 [J]	2020-01-29 08:17:02
123.158.48.17	attackspam	Unauthorized connection attempt detected from IP address 123.158.48.17 to port 350	2019-12-31 22:15:31
123.158.48.200	attackspam	Unauthorized connection attempt detected from IP address 123.158.48.200 to port 3128	2019-12-31 07:37:02
123.158.48.21	attack	The IP has triggered Cloudflare WAF. CF-Ray: 5435866049da41bb \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: d.skk.moe \| User-Agent: Mozilla/5.081397758 Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0) \| CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 03:03:38
123.158.48.90	attack	The IP has triggered Cloudflare WAF. CF-Ray: 5434243798c493be \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: api.skk.moe \| User-Agent: Mozilla/5.066704189 Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.81 Safari/537.36 \| CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 03:03:10
123.158.48.94	attackbotsspam	The IP has triggered Cloudflare WAF. CF-Ray: 540f61c269e66c98 \| WAF_Rule_ID: 1112825 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: ip.skk.moe \| User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Mobile Safari/537.36 \| CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 05:02:50
123.158.48.247	attack	The IP has triggered Cloudflare WAF. CF-Ray: 541546a26c71ed87 \| WAF_Rule_ID: 1025440 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: disqus.skk.moe \| User-Agent: Mozilla/5.0 (iPad; CPU OS 9_1 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Version/9.0 Mobile/13B143 Safari/601.1 \| CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 03:32:13
123.158.48.231	attackspam	The IP has triggered Cloudflare WAF. CF-Ray: 540f3bdd3dee6bba \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: d.skk.moe \| User-Agent: Mozilla/5.0 (iPad; CPU OS 9_1 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Version/9.0 Mobile/13B143 Safari/601.1 \| CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 03:01:12

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 123.158.48.135
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 36753
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;123.158.48.135.			IN	A

;; AUTHORITY SECTION:
.			525	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020030200 1800 900 604800 86400

;; Query time: 188 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Mar 02 19:07:17 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 135.48.158.123.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 135.48.158.123.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
59.36.173.53	attackspam	Jan 27 11:11:12 km20725 sshd[26456]: reveeclipse mapping checking getaddrinfo for 53.173.36.59.broad.dg.gd.dynamic.163data.com.cn [59.36.173.53] failed - POSSIBLE BREAK-IN ATTEMPT! Jan 27 11:11:12 km20725 sshd[26456]: Invalid user box from 59.36.173.53 Jan 27 11:11:12 km20725 sshd[26456]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.36.173.53 Jan 27 11:11:14 km20725 sshd[26456]: Failed password for invalid user box from 59.36.173.53 port 40002 ssh2 Jan 27 11:11:14 km20725 sshd[26456]: Received disconnect from 59.36.173.53: 11: Bye Bye [preauth] Jan 27 11:18:18 km20725 sshd[26806]: reveeclipse mapping checking getaddrinfo for 53.173.36.59.broad.dg.gd.dynamic.163data.com.cn [59.36.173.53] failed - POSSIBLE BREAK-IN ATTEMPT! Jan 27 11:18:18 km20725 sshd[26806]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.36.173.53 user=r.r Jan 27 11:18:19 km20725 sshd[26806]: Failed password for r........ -------------------------------	2020-01-28 19:01:42
85.196.135.226	attackbots	unauthorized connection attempt	2020-01-28 19:10:37
203.162.230.150	attackspam	Dec 16 02:13:59 dallas01 sshd[3313]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.162.230.150 Dec 16 02:14:00 dallas01 sshd[3313]: Failed password for invalid user lehar from 203.162.230.150 port 11690 ssh2 Dec 16 02:20:41 dallas01 sshd[4645]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.162.230.150	2020-01-28 18:45:40
220.89.197.227	attack	unauthorized connection attempt	2020-01-28 19:12:19
125.161.138.24	attackbotsspam	Honeypot attack, port: 445, PTR: 24.subnet125-161-138.speedy.telkom.net.id.	2020-01-28 19:07:37
58.21.173.178	attackspambots	unauthorized connection attempt	2020-01-28 19:02:12
182.103.14.236	attackspam	Unauthorized connection attempt detected from IP address 182.103.14.236 to port 445 [T]	2020-01-28 19:16:05
115.75.48.75	attackbotsspam	unauthorized connection attempt	2020-01-28 18:38:12
5.235.149.205	attackspam	unauthorized connection attempt	2020-01-28 18:53:47
187.177.43.138	attack	unauthorized connection attempt	2020-01-28 18:56:43
118.70.67.156	attackspam	unauthorized connection attempt	2020-01-28 18:36:01
213.74.206.122	attackbotsspam	Unauthorized connection attempt from IP address 213.74.206.122 on Port 445(SMB)	2020-01-28 19:12:32
46.176.75.112	attackbotsspam	unauthorized connection attempt	2020-01-28 19:11:37
95.6.25.187	attackbots	Unauthorized connection attempt detected from IP address 95.6.25.187 to port 23 [J]	2020-01-28 18:58:34
185.98.208.35	attackbotsspam	unauthorized connection attempt	2020-01-28 19:04:26

Recently Reported IPs

41.151.148.29	127.191.240.9	40.110.196.70	120.69.209.16
25.241.208.198	101.169.235.245	187.122.40.188	90.134.54.97
222.11.104.157	218.72.99.241	119.118.12.71	96.239.82.22
185.126.84.113	118.81.2.180	115.192.213.4	113.229.74.41
112.66.102.182	112.66.97.231	111.224.221.174	105.216.29.43