116.21.48.62 - IPInfo

Basic Info

City: Dongguan

Region: Guangdong

Country: China

Internet Service Provider: ChinaNet Guangdong Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Unauthorized connection attempt from IP address 116.21.48.62 on Port 445(SMB)	2019-11-06 05:59:27

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.21.48.62
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29960
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;116.21.48.62.			IN	A

;; AUTHORITY SECTION:
.			527	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019110501 1800 900 604800 86400

;; Query time: 281 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Nov 06 05:59:24 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 62.48.21.116.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 62.48.21.116.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
193.107.75.42	attackbots	Sep 15 13:52:10 ift sshd\[50260\]: Invalid user web from 193.107.75.42Sep 15 13:52:12 ift sshd\[50260\]: Failed password for invalid user web from 193.107.75.42 port 54720 ssh2Sep 15 13:56:02 ift sshd\[50857\]: Invalid user manager from 193.107.75.42Sep 15 13:56:04 ift sshd\[50857\]: Failed password for invalid user manager from 193.107.75.42 port 38902 ssh2Sep 15 13:59:46 ift sshd\[51447\]: Failed password for root from 193.107.75.42 port 51296 ssh2 ...	2020-09-15 20:00:03
13.71.21.123	attack	Fail2Ban Ban Triggered (2)	2020-09-15 20:06:18
159.65.151.8	attackbots	159.65.151.8 - - [15/Sep/2020:11:32:39 +0100] "POST /wp-login.php HTTP/1.1" 200 2231 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.65.151.8 - - [15/Sep/2020:11:32:39 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.65.151.8 - - [15/Sep/2020:11:42:03 +0100] "POST /wp-login.php HTTP/1.1" 200 2231 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-15 20:17:07
185.16.37.135	attackbotsspam	detected by Fail2Ban	2020-09-15 19:51:59
164.90.216.156	attack	(sshd) Failed SSH login from 164.90.216.156 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 15 05:58:18 idl1-dfw sshd[3962158]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.90.216.156 user=root Sep 15 05:58:21 idl1-dfw sshd[3962158]: Failed password for root from 164.90.216.156 port 39814 ssh2 Sep 15 06:04:08 idl1-dfw sshd[3966284]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.90.216.156 user=root Sep 15 06:04:09 idl1-dfw sshd[3966284]: Failed password for root from 164.90.216.156 port 48380 ssh2 Sep 15 06:07:45 idl1-dfw sshd[3969167]: Invalid user test from 164.90.216.156 port 60714	2020-09-15 20:15:44
94.102.49.114	attackspambots	TCP (SYN) 94.102.49.114:49992 -> port 5367, len 44	2020-09-15 20:13:48
194.26.25.41	attack	[H1.VM7] Blocked by UFW	2020-09-15 20:22:17
202.104.113.226	attackspam	Sep 15 08:18:14 h2646465 sshd[13795]: Invalid user rdc from 202.104.113.226 Sep 15 08:18:14 h2646465 sshd[13795]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.104.113.226 Sep 15 08:18:14 h2646465 sshd[13795]: Invalid user rdc from 202.104.113.226 Sep 15 08:18:16 h2646465 sshd[13795]: Failed password for invalid user rdc from 202.104.113.226 port 46144 ssh2 Sep 15 08:42:09 h2646465 sshd[17116]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.104.113.226 user=root Sep 15 08:42:11 h2646465 sshd[17116]: Failed password for root from 202.104.113.226 port 40329 ssh2 Sep 15 08:47:52 h2646465 sshd[17793]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.104.113.226 user=root Sep 15 08:47:54 h2646465 sshd[17793]: Failed password for root from 202.104.113.226 port 53876 ssh2 Sep 15 08:54:01 h2646465 sshd[18553]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh	2020-09-15 20:03:59
116.236.60.114	attack	Brute%20Force%20SSH	2020-09-15 20:23:51
156.198.227.25	attackbots	Auto Detect Rule! proto TCP (SYN), 156.198.227.25:42811->gjan.info:23, len 40	2020-09-15 19:57:14
23.101.183.9	attack	Sep 15 11:02:26 scw-focused-cartwright sshd[3623]: Failed password for root from 23.101.183.9 port 50610 ssh2 Sep 15 11:14:33 scw-focused-cartwright sshd[3843]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.101.183.9	2020-09-15 20:24:17
222.186.180.6	attack	Sep 15 13:54:03 vps647732 sshd[9120]: Failed password for root from 222.186.180.6 port 32858 ssh2 Sep 15 13:54:16 vps647732 sshd[9120]: error: maximum authentication attempts exceeded for root from 222.186.180.6 port 32858 ssh2 [preauth] ...	2020-09-15 20:06:48
27.7.14.31	attack	Auto Detect Rule! proto TCP (SYN), 27.7.14.31:24905->gjan.info:23, len 40	2020-09-15 20:01:31
190.198.160.37	attackbots	Unauthorized connection attempt from IP address 190.198.160.37 on Port 445(SMB)	2020-09-15 20:34:02
122.163.126.206	attackspam	SSH brute-force attempt	2020-09-15 20:05:29

Recently Reported IPs

2a02:a31c:8447:9c80:ed70:8de0:a66b:6401	14.189.39.247	107.175.38.115	112.186.49.40
102.182.63.160	65.30.45.147	2a00:f41:58b6:7f4f:7d1a:cf6f:ee9c:14e5	54.36.63.4
95.68.192.123	27.72.29.131	176.40.232.181	89.64.44.6
31.202.255.87	91.206.55.87	173.212.252.245	36.65.86.2
171.252.192.237	189.58.77.115	188.163.50.119	218.173.5.119