116.48.125.48 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Hong Kong

Internet Service Provider: Hong Kong Telecommunications (HKT) Limited

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Feb 22 03:44:57 areeb-Workstation sshd[10440]: Failed password for root from 116.48.125.48 port 42480 ssh2 ...	2020-02-22 06:32:18
attack	Feb 21 17:34:17 vmd17057 sshd[5329]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.48.125.48 Feb 21 17:34:19 vmd17057 sshd[5329]: Failed password for invalid user invoices from 116.48.125.48 port 39024 ssh2 ...	2020-02-22 03:38:17
attackbotsspam	$f2bV_matches	2020-02-18 19:52:29

Type

Details

Datetime

attackspam

Feb 22 03:44:57 areeb-Workstation sshd[10440]: Failed password for root from 116.48.125.48 port 42480 ssh2
...

2020-02-22 06:32:18

attack

Feb 21 17:34:17 vmd17057 sshd[5329]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.48.125.48 
Feb 21 17:34:19 vmd17057 sshd[5329]: Failed password for invalid user invoices from 116.48.125.48 port 39024 ssh2
...

2020-02-22 03:38:17

attackbotsspam

$f2bV_matches

2020-02-18 19:52:29

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.48.125.48
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 476
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;116.48.125.48.			IN	A

;; AUTHORITY SECTION:
.			119	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020021801 1800 900 604800 86400

;; Query time: 532 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 18 19:52:25 CST 2020
;; MSG SIZE  rcvd: 117

Host info

48.125.48.116.in-addr.arpa domain name pointer n11648125048.netvigator.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
48.125.48.116.in-addr.arpa	name = n11648125048.netvigator.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
192.241.235.172	attackspambots	srv03 Mass scanning activity detected Target: 264 ..	2020-04-19 12:46:00
66.249.79.254	attackbots	MYH,DEF GET /adminer1.php	2020-04-19 12:36:02
64.225.42.124	attackspam	64.225.42.124 - - [19/Apr/2020:05:55:52 +0200] "GET /wp-login.php HTTP/1.1" 200 1899 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 64.225.42.124 - - [19/Apr/2020:05:55:53 +0200] "POST /wp-login.php HTTP/1.1" 200 2029 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 64.225.42.124 - - [19/Apr/2020:05:55:53 +0200] "GET /wp-login.php HTTP/1.1" 200 1899 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 64.225.42.124 - - [19/Apr/2020:05:55:54 +0200] "POST /wp-login.php HTTP/1.1" 200 2005 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 64.225.42.124 - - [19/Apr/2020:05:55:54 +0200] "GET /wp-login.php HTTP/1.1" 200 1899 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 64.225.42.124 - - [19/Apr/2020:05:55:55 +0200] "POST /wp-login.php HTTP/1.1" 200 2006 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Fir ...	2020-04-19 12:53:27
197.214.64.230	attackbots	Apr 19 06:22:17 legacy sshd[29137]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.214.64.230 Apr 19 06:22:19 legacy sshd[29137]: Failed password for invalid user ev from 197.214.64.230 port 36028 ssh2 Apr 19 06:27:35 legacy sshd[29384]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.214.64.230 ...	2020-04-19 12:33:39
5.239.104.182	attack	Automatic report - Port Scan Attack	2020-04-19 12:36:43
35.225.211.131	attackbots	Wordpress Admin Login attack	2020-04-19 12:47:12
110.164.151.98	attack	SMB Server BruteForce Attack	2020-04-19 12:46:51
222.186.173.154	attackbotsspam	Apr 19 06:34:04 vps sshd[428076]: Failed password for root from 222.186.173.154 port 25348 ssh2 Apr 19 06:34:08 vps sshd[428076]: Failed password for root from 222.186.173.154 port 25348 ssh2 Apr 19 06:34:11 vps sshd[428076]: Failed password for root from 222.186.173.154 port 25348 ssh2 Apr 19 06:34:15 vps sshd[428076]: Failed password for root from 222.186.173.154 port 25348 ssh2 Apr 19 06:34:17 vps sshd[428076]: Failed password for root from 222.186.173.154 port 25348 ssh2 ...	2020-04-19 12:41:19
183.88.243.179	attackbotsspam	Dovecot Invalid User Login Attempt.	2020-04-19 12:48:42
167.71.254.95	attack	Too many connections or unauthorized access detected from Arctic banned ip	2020-04-19 13:02:50
77.247.109.72	attackbots	77.247.109.72 was recorded 5 times by 2 hosts attempting to connect to the following ports: 4060,8060,7060. Incident counter (4h, 24h, all-time): 5, 19, 189	2020-04-19 12:58:18
49.234.196.215	attack	Apr 19 04:03:00 powerpi2 sshd[10859]: Invalid user cp from 49.234.196.215 port 52964 Apr 19 04:03:02 powerpi2 sshd[10859]: Failed password for invalid user cp from 49.234.196.215 port 52964 ssh2 Apr 19 04:08:06 powerpi2 sshd[11118]: Invalid user git2 from 49.234.196.215 port 58720 ...	2020-04-19 13:07:11
68.183.236.92	attack	Apr 19 04:24:26 sshgateway sshd\[32156\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.236.92 user=root Apr 19 04:24:28 sshgateway sshd\[32156\]: Failed password for root from 68.183.236.92 port 49678 ssh2 Apr 19 04:30:16 sshgateway sshd\[32176\]: Invalid user admin from 68.183.236.92	2020-04-19 12:58:48
217.112.142.250	attackbots	Apr 19 05:45:27 web01.agentur-b-2.de postfix/smtpd[72153]: NOQUEUE: reject: RCPT from unknown[217.112.142.250]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo= Apr 19 05:48:49 web01.agentur-b-2.de postfix/smtpd[75213]: NOQUEUE: reject: RCPT from unknown[217.112.142.250]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo= Apr 19 05:50:41 web01.agentur-b-2.de postfix/smtpd[75211]: NOQUEUE: reject: RCPT from unknown[217.112.142.250]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo= Apr 19 05:51:13 web01.agentur-b-2.de postfix/smtpd[75211]: NOQUEUE: reject: RCPT from unknown[217.112.142.250]: 450 4.7.1 : Helo command rejected: Host not	2020-04-19 12:45:09
167.114.251.107	attack	Invalid user l from 167.114.251.107 port 33345	2020-04-19 12:42:05

Recently Reported IPs

212.134.47.95	201.123.186.227	49.213.163.4	49.213.163.27
180.242.68.198	50.116.23.5	89.120.253.12	49.213.163.233
49.213.163.232	177.97.150.38	46.1.158.121	62.71.74.193
49.213.163.198	93.126.143.232	49.213.163.10	51.38.51.100
49.213.162.84	45.13.132.45	6.188.150.200	49.213.162.80