113.94.48.2 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Guangdong Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	port scan and connect, tcp 23 (telnet)	2019-12-01 13:52:38

Comments on same subnet:

IP	Type	Details	Datetime
113.94.48.144	attackbotsspam	Unauthorized connection attempt detected from IP address 113.94.48.144 to port 23	2020-01-01 03:42:20
113.94.48.44	attackspam	Port scan	2019-11-12 21:54:28

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 113.94.48.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 50324
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;113.94.48.2.			IN	A

;; AUTHORITY SECTION:
.			536	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019113002 1800 900 604800 86400

;; Query time: 98 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Dec 01 13:52:33 CST 2019
;; MSG SIZE  rcvd: 115

Host info

Host 2.48.94.113.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		100.100.2.136
Address:	100.100.2.136#53

** server can't find 2.48.94.113.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
35.192.164.77	attackspambots	Aug 3 07:17:16 firewall sshd[31452]: Failed password for root from 35.192.164.77 port 47754 ssh2 Aug 3 07:21:02 firewall sshd[920]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.192.164.77 user=root Aug 3 07:21:04 firewall sshd[920]: Failed password for root from 35.192.164.77 port 60994 ssh2 ...	2020-08-03 18:36:29
113.107.139.68	attackspam	TCP (SYN) 113.107.139.68:49413 -> port 3389, len 40	2020-08-03 18:30:58
111.229.216.155	attack	Aug 3 11:28:58 myvps sshd[25693]: Failed password for root from 111.229.216.155 port 53864 ssh2 Aug 3 11:44:40 myvps sshd[3172]: Failed password for root from 111.229.216.155 port 54684 ssh2 ...	2020-08-03 18:52:52
111.221.54.113	attack	20/8/2@23:50:32: FAIL: Alarm-Network address from=111.221.54.113 ...	2020-08-03 18:07:43
52.130.74.246	attack	Bruteforce detected by fail2ban	2020-08-03 18:47:05
218.92.0.148	attackspambots	2020-08-03T10:19:23.030538vps1033 sshd[11749]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.148 user=root 2020-08-03T10:19:24.304222vps1033 sshd[11749]: Failed password for root from 218.92.0.148 port 46147 ssh2 2020-08-03T10:19:23.030538vps1033 sshd[11749]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.148 user=root 2020-08-03T10:19:24.304222vps1033 sshd[11749]: Failed password for root from 218.92.0.148 port 46147 ssh2 2020-08-03T10:19:27.068548vps1033 sshd[11749]: Failed password for root from 218.92.0.148 port 46147 ssh2 ...	2020-08-03 18:22:05
186.209.72.166	attackbotsspam	Aug 3 03:40:13 scw-focused-cartwright sshd[30594]: Failed password for root from 186.209.72.166 port 1690 ssh2	2020-08-03 18:24:28
192.144.220.98	attackspam	Aug 3 11:07:56 rancher-0 sshd[738312]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.144.220.98 user=root Aug 3 11:07:58 rancher-0 sshd[738312]: Failed password for root from 192.144.220.98 port 49134 ssh2 ...	2020-08-03 18:41:04
115.79.44.146	attackbotsspam	1596426592 - 08/03/2020 05:49:52 Host: 115.79.44.146/115.79.44.146 Port: 445 TCP Blocked	2020-08-03 18:47:39
54.38.75.44	attackspambots	Aug 3 19:03:18 web1 sshd[30040]: Invalid user admin from 54.38.75.44 port 48158 Aug 3 19:03:18 web1 sshd[30040]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.75.44 Aug 3 19:03:18 web1 sshd[30040]: Invalid user admin from 54.38.75.44 port 48158 Aug 3 19:03:20 web1 sshd[30040]: Failed password for invalid user admin from 54.38.75.44 port 48158 ssh2 Aug 3 19:03:22 web1 sshd[30063]: Invalid user admin from 54.38.75.44 port 49944 Aug 3 19:03:22 web1 sshd[30063]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.75.44 Aug 3 19:03:22 web1 sshd[30063]: Invalid user admin from 54.38.75.44 port 49944 Aug 3 19:03:24 web1 sshd[30063]: Failed password for invalid user admin from 54.38.75.44 port 49944 ssh2 Aug 3 19:53:01 web1 sshd[13988]: Invalid user admin from 54.38.75.44 port 52566 ...	2020-08-03 18:11:10
45.134.179.243	attackbotsspam	TCP ports : 13389 / 33890	2020-08-03 18:39:28
185.234.219.228	attack	2020-08-03 07:59:42 auth_plain authenticator failed for ([185.234.219.228]) [185.234.219.228]: 535 Incorrect authentication data (set_id=test) 2020-08-03 09:36:58 auth_plain authenticator failed for ([185.234.219.228]) [185.234.219.228]: 535 Incorrect authentication data (set_id=scanner) ...	2020-08-03 18:46:02
204.93.161.151	attackbots	trying to access non-authorized port	2020-08-03 18:24:08
119.235.19.66	attack	Aug 3 11:50:11 * sshd[24669]: Failed password for root from 119.235.19.66 port 36602 ssh2	2020-08-03 18:56:38
162.243.128.102	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-08-03 18:27:41

Recently Reported IPs

211.60.45.172	31.85.57.237	153.67.26.67	13.115.225.199
73.93.230.236	216.138.185.40	165.239.13.234	124.130.254.236
123.21.139.151	118.163.190.19	122.140.14.21	51.75.148.89
203.106.116.197	81.82.192.24	57.19.240.244	65.163.126.158
132.218.173.211	85.146.89.104	205.122.101.152	214.249.191.26