116.48.164.148

Basic Info

City: Central

Region: Central and Western District

Country: Hong Kong

Internet Service Provider: Hong Kong Telecommunications (HKT) Limited

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	suspicious action Tue, 25 Feb 2020 13:36:01 -0300	2020-02-26 04:35:31

Comments on same subnet:

IP	Type	Details	Datetime
116.48.164.112	attackspam	Jul 1 04:32:35 mout sshd[12716]: Invalid user postgres from 116.48.164.112 port 44574 Jul 1 04:32:36 mout sshd[12716]: Failed password for invalid user postgres from 116.48.164.112 port 44574 ssh2 Jul 1 04:32:38 mout sshd[12716]: Disconnected from invalid user postgres 116.48.164.112 port 44574 [preauth]	2020-07-02 07:50:36

Type

Details

Datetime

116.48.164.112

attackspam

Jul  1 04:32:35 mout sshd[12716]: Invalid user postgres from 116.48.164.112 port 44574
Jul  1 04:32:36 mout sshd[12716]: Failed password for invalid user postgres from 116.48.164.112 port 44574 ssh2
Jul  1 04:32:38 mout sshd[12716]: Disconnected from invalid user postgres 116.48.164.112 port 44574 [preauth]

2020-07-02 07:50:36

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.48.164.148
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31082
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;116.48.164.148.			IN	A

;; AUTHORITY SECTION:
.			540	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020022501 1800 900 604800 86400

;; Query time: 119 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Feb 26 04:35:29 CST 2020
;; MSG SIZE  rcvd: 118

Host info

148.164.48.116.in-addr.arpa domain name pointer n11648164148.netvigator.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
148.164.48.116.in-addr.arpa	name = n11648164148.netvigator.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
123.30.246.169	attackspambots	Honeypot attack, port: 445, PTR: static.vnpt.vn.	2020-02-20 04:56:27
190.7.137.210	attackspam	20/2/19@08:31:28: FAIL: IoT-Telnet address from=190.7.137.210 ...	2020-02-20 05:11:35
185.81.99.206	attack	Feb 19 17:08:02 sip sshd[8011]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.81.99.206 Feb 19 17:08:04 sip sshd[8011]: Failed password for invalid user dingwei from 185.81.99.206 port 44590 ssh2 Feb 19 17:27:16 sip sshd[12950]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.81.99.206	2020-02-20 04:44:57
14.98.166.30	attackspam	Unauthorized connection attempt from IP address 14.98.166.30 on Port 445(SMB)	2020-02-20 04:44:35
212.92.123.5	attackbotsspam	RDP Bruteforce	2020-02-20 04:54:03
124.77.208.167	attackspam	Unauthorized connection attempt from IP address 124.77.208.167 on Port 445(SMB)	2020-02-20 04:42:22
81.18.66.4	attackspam	Unauthorized connection attempt from IP address 81.18.66.4 on Port 445(SMB)	2020-02-20 05:15:32
92.118.161.33	attack	" "	2020-02-20 04:57:09
109.237.209.214	attackspambots	Feb 19 20:44:27 *** sshd[13562]: User man from 109.237.209.214 not allowed because not listed in AllowUsers	2020-02-20 05:04:34
122.0.25.130	attack	Unauthorized connection attempt from IP address 122.0.25.130 on Port 445(SMB)	2020-02-20 05:14:28
179.124.227.234	attackbots	Unauthorized connection attempt detected from IP address 179.124.227.234 to port 1433	2020-02-20 04:43:51
150.95.129.175	attackbots	02/19/2020-14:31:46.857632 150.95.129.175 Protocol: 6 ET POLICY Cleartext WordPress Login	2020-02-20 04:56:13
212.144.102.107	attack	Feb 19 05:30:11 php1 sshd\[11557\]: Invalid user cpanellogin from 212.144.102.107 Feb 19 05:30:11 php1 sshd\[11557\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.144.102.107 Feb 19 05:30:13 php1 sshd\[11557\]: Failed password for invalid user cpanellogin from 212.144.102.107 port 49508 ssh2 Feb 19 05:33:20 php1 sshd\[11980\]: Invalid user lby from 212.144.102.107 Feb 19 05:33:20 php1 sshd\[11980\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.144.102.107	2020-02-20 04:48:03
188.136.223.143	attackspam	Automatic report - Port Scan Attack	2020-02-20 05:00:39
49.149.109.116	attack	Unauthorized connection attempt from IP address 49.149.109.116 on Port 445(SMB)	2020-02-20 05:01:56

Recently Reported IPs

105.204.23.165	18.19.94.128	63.225.235.58	184.22.102.67
195.176.143.24	31.131.6.235	72.69.229.168	159.146.28.208
117.160.141.43	87.196.230.110	96.28.238.117	177.9.74.206
193.80.9.103	101.171.177.88	149.202.205.19	129.187.77.44
109.201.38.12	24.191.97.208	97.26.67.71	178.73.6.5