116.48.5.49 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Hong Kong

Internet Service Provider: Hong Kong Telecommunications (HKT) Limited

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Unauthorized connection attempt detected from IP address 116.48.5.49 to port 5555 [J]	2020-01-28 22:29:22

Comments on same subnet:

IP	Type	Details	Datetime
116.48.57.61	attackspam	Unauthorized connection attempt detected from IP address 116.48.57.61 to port 5555 [J]	2020-01-20 19:57:33
116.48.57.61	attackbots	Unauthorized connection attempt detected from IP address 116.48.57.61 to port 5555 [J]	2020-01-18 16:09:29
116.48.57.114	attackbots	5555/tcp 5555/tcp 5555/tcp [2019-08-15]3pkt	2019-08-16 06:39:29

Type

Details

Datetime

116.48.57.61

attackspam

Unauthorized connection attempt detected from IP address 116.48.57.61 to port 5555 [J]

2020-01-20 19:57:33

116.48.57.61

attackbots

Unauthorized connection attempt detected from IP address 116.48.57.61 to port 5555 [J]

2020-01-18 16:09:29

116.48.57.114

attackbots

5555/tcp 5555/tcp 5555/tcp
[2019-08-15]3pkt

2019-08-16 06:39:29

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.48.5.49
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1717
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;116.48.5.49.			IN	A

;; AUTHORITY SECTION:
.			346	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020012800 1800 900 604800 86400

;; Query time: 119 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jan 28 22:29:17 CST 2020
;; MSG SIZE  rcvd: 115

Host info

49.5.48.116.in-addr.arpa domain name pointer n116485049.netvigator.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
49.5.48.116.in-addr.arpa	name = n116485049.netvigator.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
113.94.48.44	attackspam	Port scan	2019-11-12 21:54:28
200.122.234.203	attackspam	Nov 12 14:37:16 dedicated sshd[28328]: Invalid user git11 from 200.122.234.203 port 57904	2019-11-12 21:58:38
223.75.51.13	attack	Nov 12 09:27:40 server sshd\[2512\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.75.51.13 user=sshd Nov 12 09:27:43 server sshd\[2512\]: Failed password for sshd from 223.75.51.13 port 58976 ssh2 Nov 12 09:31:06 server sshd\[4548\]: Invalid user daniellacunha from 223.75.51.13 port 17500 Nov 12 09:31:06 server sshd\[4548\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.75.51.13 Nov 12 09:31:07 server sshd\[4548\]: Failed password for invalid user daniellacunha from 223.75.51.13 port 17500 ssh2	2019-11-12 22:02:10
133.130.89.115	attack	SSH Brute Force, server-1 sshd[1272]: Failed password for invalid user info from 133.130.89.115 port 57956 ssh2	2019-11-12 22:16:23
175.45.180.38	attackbots	Nov 12 14:13:55 MK-Soft-VM5 sshd[508]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.45.180.38 Nov 12 14:13:57 MK-Soft-VM5 sshd[508]: Failed password for invalid user zilla from 175.45.180.38 port 22946 ssh2 ...	2019-11-12 22:10:07
115.230.67.23	attackbotsspam	CN China - Failures: 20 ftpd	2019-11-12 22:05:37
5.196.217.177	attack	Nov 12 15:15:39 mail postfix/smtpd[8154]: warning: unknown[5.196.217.177]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 12 15:16:33 mail postfix/smtpd[9796]: warning: unknown[5.196.217.177]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 12 15:16:38 mail postfix/smtpd[9258]: warning: unknown[5.196.217.177]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-11-12 22:31:40
200.129.207.164	attack	Nov 12 14:07:09 ns382633 sshd\[20706\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.129.207.164 user=root Nov 12 14:07:11 ns382633 sshd\[20706\]: Failed password for root from 200.129.207.164 port 47236 ssh2 Nov 12 14:13:06 ns382633 sshd\[21781\]: Invalid user guest from 200.129.207.164 port 60958 Nov 12 14:13:06 ns382633 sshd\[21781\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.129.207.164 Nov 12 14:13:08 ns382633 sshd\[21781\]: Failed password for invalid user guest from 200.129.207.164 port 60958 ssh2	2019-11-12 22:08:45
206.189.231.196	attackbots	206.189.231.196 - - \[12/Nov/2019:07:20:56 +0100\] "POST /wp-login.php HTTP/1.0" 200 5507 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 206.189.231.196 - - \[12/Nov/2019:07:20:59 +0100\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 206.189.231.196 - - \[12/Nov/2019:07:21:01 +0100\] "POST /wp-login.php HTTP/1.0" 200 5494 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-11-12 22:12:17
106.13.4.150	attack	Triggered by Fail2Ban at Vostok web server	2019-11-12 22:17:23
182.61.179.75	attackspam	Nov 12 04:31:15 ws22vmsma01 sshd[96885]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.179.75 Nov 12 04:31:18 ws22vmsma01 sshd[96885]: Failed password for invalid user f12 from 182.61.179.75 port 54709 ssh2 ...	2019-11-12 22:32:41
168.235.81.62	attackbots	Nov 12 14:58:13 * sshd[17627]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.235.81.62 Nov 12 14:58:15 * sshd[17627]: Failed password for invalid user asdfghjkl from 168.235.81.62 port 33352 ssh2	2019-11-12 22:18:35
134.209.216.249	attackbots	miraniessen.de 134.209.216.249 \[12/Nov/2019:08:02:34 +0100\] "POST /wp-login.php HTTP/1.1" 200 5974 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" miraniessen.de 134.209.216.249 \[12/Nov/2019:08:02:37 +0100\] "POST /wp-login.php HTTP/1.1" 200 5975 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-11-12 22:28:04
188.131.130.44	attackbotsspam	Nov 12 10:35:46 minden010 sshd[31346]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.131.130.44 Nov 12 10:35:48 minden010 sshd[31346]: Failed password for invalid user apache from 188.131.130.44 port 40010 ssh2 Nov 12 10:40:24 minden010 sshd[549]: Failed password for root from 188.131.130.44 port 47774 ssh2 ...	2019-11-12 21:54:48
77.247.110.16	attackbots	\[2019-11-12 08:55:38\] NOTICE\[2601\] chan_sip.c: Registration from '"602" \' failed for '77.247.110.16:6213' - Wrong password \[2019-11-12 08:55:38\] SECURITY\[2634\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-11-12T08:55:38.189-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="602",SessionID="0x7fdf2c190e28",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.247.110.16/6213",Challenge="7eac9329",ReceivedChallenge="7eac9329",ReceivedHash="a9d5d9b31e355d49ea82cf261c16028b" \[2019-11-12 08:55:38\] NOTICE\[2601\] chan_sip.c: Registration from '"602" \' failed for '77.247.110.16:6213' - Wrong password \[2019-11-12 08:55:38\] SECURITY\[2634\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-11-12T08:55:38.388-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="602",SessionID="0x7fdf2c48e508",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.2	2019-11-12 22:02:49

Recently Reported IPs

222.219.183.190	217.218.250.158	217.128.148.99	137.111.80.167
189.213.105.188	186.183.170.208	186.109.88.187	174.45.161.183
157.245.248.172	121.17.152.87	111.35.155.231	98.242.174.199
91.185.19.189	80.22.8.239	62.234.122.11	50.111.87.148
49.89.183.97	45.37.145.2	37.156.14.244	31.167.6.216