116.48.63.189 - IPInfo

Basic Info

City: Central

Region: Central and Western District

Country: Hong Kong

Internet Service Provider: Hong Kong Telecommunications (HKT) Limited

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt detected from IP address 116.48.63.189 to port 5555 [J]	2020-01-26 03:53:37

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.48.63.189
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 35028
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;116.48.63.189.			IN	A

;; AUTHORITY SECTION:
.			537	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020012500 1800 900 604800 86400

;; Query time: 126 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jan 26 03:53:35 CST 2020
;; MSG SIZE  rcvd: 117

Host info

189.63.48.116.in-addr.arpa domain name pointer n1164863189.netvigator.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
189.63.48.116.in-addr.arpa	name = n1164863189.netvigator.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
93.170.144.45	attack	scan z	2019-11-20 23:54:25
104.131.15.189	attack	2019-11-20T15:22:24.090746abusebot-6.cloudsearch.cf sshd\[28467\]: Invalid user platao from 104.131.15.189 port 40827	2019-11-20 23:26:54
222.186.175.202	attackspambots	Nov 20 16:20:09 v22018076622670303 sshd\[7536\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.202 user=root Nov 20 16:20:11 v22018076622670303 sshd\[7536\]: Failed password for root from 222.186.175.202 port 57932 ssh2 Nov 20 16:20:14 v22018076622670303 sshd\[7536\]: Failed password for root from 222.186.175.202 port 57932 ssh2 ...	2019-11-20 23:25:24
219.240.49.50	attack	SSH bruteforce (Triggered fail2ban) Nov 20 15:46:17 dev1 sshd[4541]: error: maximum authentication attempts exceeded for invalid user admin from 219.240.49.50 port 39100 ssh2 [preauth] Nov 20 15:46:17 dev1 sshd[4541]: Disconnecting invalid user admin 219.240.49.50 port 39100: Too many authentication failures [preauth]	2019-11-20 23:34:06
213.248.168.160	attackbotsspam	Unauthorized connection attempt from IP address 213.248.168.160 on Port 445(SMB)	2019-11-20 23:49:33
187.125.101.61	attackspambots	Unauthorized connection attempt from IP address 187.125.101.61 on Port 445(SMB)	2019-11-20 23:38:29
81.22.45.25	attack	Port scan on 3 port(s): 3393 13389 23389	2019-11-21 00:07:22
115.73.211.145	attackspam	Unauthorized connection attempt from IP address 115.73.211.145 on Port 445(SMB)	2019-11-20 23:51:39
196.43.171.28	attack	port scan and connect, tcp 1433 (ms-sql-s)	2019-11-20 23:36:56
186.0.109.126	attackbotsspam	Unauthorized connection attempt from IP address 186.0.109.126 on Port 445(SMB)	2019-11-20 23:28:34
41.111.132.33	attackbots	Unauthorized connection attempt from IP address 41.111.132.33 on Port 445(SMB)	2019-11-20 23:44:32
36.81.5.90	attackspambots	Unauthorized connection attempt from IP address 36.81.5.90 on Port 445(SMB)	2019-11-20 23:58:12
37.171.129.25	attackbotsspam	2019-11-20 15:03:02 H=([37.171.129.25]) [37.171.129.25]:38729 I=[10.100.18.22]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=37.171.129.25) 2019-11-20 15:03:03 unexpected disconnection while reading SMTP command from ([37.171.129.25]) [37.171.129.25]:38729 I=[10.100.18.22]:25 (error: Connection reset by peer) 2019-11-20 15:31:37 H=([37.171.129.25]) [37.171.129.25]:43643 I=[10.100.18.22]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=37.171.129.25) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=37.171.129.25	2019-11-21 00:04:58
211.24.95.202	attackspambots	Unauthorized connection attempt from IP address 211.24.95.202 on Port 445(SMB)	2019-11-20 23:45:21
175.207.219.185	attack	Nov 20 15:58:41 srv01 sshd[2257]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.207.219.185 user=root Nov 20 15:58:43 srv01 sshd[2257]: Failed password for root from 175.207.219.185 port 20433 ssh2 Nov 20 16:03:05 srv01 sshd[2541]: Invalid user pfleghar from 175.207.219.185 port 39055 Nov 20 16:03:06 srv01 sshd[2541]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.207.219.185 Nov 20 16:03:05 srv01 sshd[2541]: Invalid user pfleghar from 175.207.219.185 port 39055 Nov 20 16:03:08 srv01 sshd[2541]: Failed password for invalid user pfleghar from 175.207.219.185 port 39055 ssh2 ...	2019-11-21 00:04:14

Recently Reported IPs

84.154.208.32	108.46.100.32	131.129.156.29	184.219.200.63
125.127.19.237	124.126.171.91	103.107.114.175	70.145.89.103
88.248.112.2	217.80.151.74	39.45.189.235	165.54.119.18
212.246.253.158	82.53.208.22	120.112.255.67	72.255.43.19
205.158.168.101	81.183.154.6	202.79.203.136	79.143.35.68