139.159.48.123

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: CNISP-Union Technology (Beijing) Co. Ltd

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Unauthorized connection attempt from IP address 139.159.48.123 on Port 445(SMB)	2019-12-25 03:23:12

Comments on same subnet:

IP	Type	Details	Datetime
139.159.48.155	attack	Unauthorized connection attempt from IP address 139.159.48.155 on Port 445(SMB)	2020-07-11 02:43:26
139.159.48.155	attackbotsspam	Unauthorized connection attempt detected from IP address 139.159.48.155 to port 445	2020-03-27 21:46:07
139.159.48.155	attackbots	spam	2020-01-24 14:53:51
139.159.48.91	attackbots	Unauthorized connection attempt from IP address 139.159.48.91 on Port 445(SMB)	2020-01-15 01:41:40
139.159.48.155	attack	email spam	2019-12-17 17:21:57

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.159.48.123
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 9004
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.159.48.123.			IN	A

;; AUTHORITY SECTION:
.			1960	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019051601 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri May 17 09:29:11 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 123.48.159.139.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 123.48.159.139.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
222.244.167.38	attackspambots	Telnet Server BruteForce Attack	2020-07-23 02:28:56
180.76.158.139	attack	(sshd) Failed SSH login from 180.76.158.139 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jul 22 20:06:05 elude sshd[28040]: Invalid user ssha from 180.76.158.139 port 42020 Jul 22 20:06:07 elude sshd[28040]: Failed password for invalid user ssha from 180.76.158.139 port 42020 ssh2 Jul 22 20:12:16 elude sshd[29087]: Invalid user server from 180.76.158.139 port 50554 Jul 22 20:12:18 elude sshd[29087]: Failed password for invalid user server from 180.76.158.139 port 50554 ssh2 Jul 22 20:14:52 elude sshd[29473]: Invalid user tnt from 180.76.158.139 port 52516	2020-07-23 02:15:46
62.234.193.119	attackspam	Jul 22 20:49:38 pkdns2 sshd\[2482\]: Invalid user jhl from 62.234.193.119Jul 22 20:49:41 pkdns2 sshd\[2482\]: Failed password for invalid user jhl from 62.234.193.119 port 41368 ssh2Jul 22 20:54:32 pkdns2 sshd\[2710\]: Invalid user ubuntu from 62.234.193.119Jul 22 20:54:33 pkdns2 sshd\[2710\]: Failed password for invalid user ubuntu from 62.234.193.119 port 51774 ssh2Jul 22 20:59:17 pkdns2 sshd\[2978\]: Invalid user azuniga from 62.234.193.119Jul 22 20:59:19 pkdns2 sshd\[2978\]: Failed password for invalid user azuniga from 62.234.193.119 port 33938 ssh2 ...	2020-07-23 02:21:36
174.219.17.6	attackbots	Brute forcing email accounts	2020-07-23 01:59:21
122.181.16.134	attackspambots	Jul 22 18:13:42 haigwepa sshd[16235]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.181.16.134 Jul 22 18:13:44 haigwepa sshd[16235]: Failed password for invalid user posto from 122.181.16.134 port 49983 ssh2 ...	2020-07-23 02:01:05
49.88.112.114	attackspam	2020-07-22T18:48:55.593439ks3355764 sshd[8460]: Failed password for root from 49.88.112.114 port 45895 ssh2 2020-07-22T18:48:58.012164ks3355764 sshd[8460]: Failed password for root from 49.88.112.114 port 45895 ssh2 ...	2020-07-23 02:33:02
97.115.86.168	attackbotsspam	Invalid user ftpuser from 97.115.86.168 port 54126	2020-07-23 01:57:33
36.75.228.225	attackspam	Jul 20 20:18:51 web1 sshd[11520]: Invalid user python from 36.75.228.225 Jul 20 20:18:51 web1 sshd[11520]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.75.228.225 Jul 20 20:18:53 web1 sshd[11520]: Failed password for invalid user python from 36.75.228.225 port 56190 ssh2 Jul 20 20:18:54 web1 sshd[11520]: Received disconnect from 36.75.228.225: 11: Bye Bye [preauth] Jul 20 20:19:53 web1 sshd[11536]: Invalid user joseph from 36.75.228.225 Jul 20 20:19:53 web1 sshd[11536]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.75.228.225 Jul 20 20:19:56 web1 sshd[11536]: Failed password for invalid user joseph from 36.75.228.225 port 38846 ssh2 Jul 20 20:19:56 web1 sshd[11536]: Received disconnect from 36.75.228.225: 11: Bye Bye [preauth] Jul 20 20:20:55 web1 sshd[11924]: Invalid user munoz from 36.75.228.225 Jul 20 20:20:55 web1 sshd[11924]: pam_unix(sshd:auth): authentication failure; log........ -------------------------------	2020-07-23 02:17:04
124.78.138.174	attack	TCP (SYN) 124.78.138.174:51074 -> port 445, len 40	2020-07-23 02:22:57
167.250.189.255	attackbotsspam	Automatic report - Port Scan Attack	2020-07-23 02:04:19
50.63.196.79	attack	Automatic report - XMLRPC Attack	2020-07-23 02:18:14
52.178.134.11	attackspambots	SSH Brute Force	2020-07-23 01:54:14
122.254.11.177	attackbots	Hits on port : 23	2020-07-23 02:32:15
101.32.1.249	attack	Connection to SSH Honeypot - Detected by HoneypotDB	2020-07-23 01:54:00
125.71.166.75	attack	"Unauthorized connection attempt on SSHD detected"	2020-07-23 02:23:42

Recently Reported IPs

122.54.111.79	23.236.76.79	222.73.52.214	64.71.32.69
222.92.142.226	178.48.68.61	54.38.195.161	170.81.200.92
46.214.174.37	103.64.12.73	209.85.210.66	119.42.175.200
95.216.33.45	190.223.41.102	61.19.38.146	154.222.138.80
170.84.183.34	139.162.79.87	151.80.56.64	195.56.253.49