120.38.48.16 - IPInfo

Basic Info

City: Fuzhou

Region: Fujian

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: No.31,Jin-rong Street

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
120.38.48.199	attack	ET SCAN Suspicious inbound to MSSQL port 1433 - port: 1433 proto: TCP cat: Potentially Bad Traffic	2020-05-17 08:08:10
120.38.48.109	attackspam	DATE:2020-03-11 03:11:16, IP:120.38.48.109, PORT:1433 MSSQL brute force auth on honeypot server (epe-honey1-hq)	2020-03-11 12:35:03
120.38.48.46	attackbots	lfd: (smtpauth) Failed SMTP AUTH login from 120.38.48.46 (46.48.38.120.broad.zz.fj.dynamic.163data.com.cn): 5 in the last 3600 secs - Sun Jul 15 05:38:04 2018	2020-02-27 22:40:41

Type

Details

Datetime

120.38.48.199

attack

ET SCAN Suspicious inbound to MSSQL port 1433 - port: 1433 proto: TCP cat: Potentially Bad Traffic

2020-05-17 08:08:10

120.38.48.109

attackspam

DATE:2020-03-11 03:11:16, IP:120.38.48.109, PORT:1433 MSSQL brute force auth on honeypot server (epe-honey1-hq)

2020-03-11 12:35:03

120.38.48.46

attackbots

lfd: (smtpauth) Failed SMTP AUTH login from 120.38.48.46 (46.48.38.120.broad.zz.fj.dynamic.163data.com.cn): 5 in the last 3600 secs - Sun Jul 15 05:38:04 2018

2020-02-27 22:40:41

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 120.38.48.16
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4308
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;120.38.48.16.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019070200 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Jul 03 02:06:58 CST 2019
;; MSG SIZE  rcvd: 116

Host info

16.48.38.120.in-addr.arpa domain name pointer 16.48.38.120.broad.zz.fj.dynamic.163data.com.cn.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
16.48.38.120.in-addr.arpa	name = 16.48.38.120.broad.zz.fj.dynamic.163data.com.cn.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
98.244.101.201	attackbots	Feb 16 20:33:50 auw2 sshd\[952\]: Invalid user health from 98.244.101.201 Feb 16 20:33:50 auw2 sshd\[952\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=c-98-244-101-201.hsd1.va.comcast.net Feb 16 20:33:52 auw2 sshd\[952\]: Failed password for invalid user health from 98.244.101.201 port 36976 ssh2 Feb 16 20:36:33 auw2 sshd\[1200\]: Invalid user project from 98.244.101.201 Feb 16 20:36:33 auw2 sshd\[1200\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=c-98-244-101-201.hsd1.va.comcast.net	2020-02-17 17:00:07
118.69.225.171	attack	DATE:2020-02-17 09:51:19, IP:118.69.225.171, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2020-02-17 17:06:40
51.77.245.181	attackbots	Feb 16 19:48:16 sachi sshd\[23920\]: Invalid user boo from 51.77.245.181 Feb 16 19:48:16 sachi sshd\[23920\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.ip-51-77-245.eu Feb 16 19:48:18 sachi sshd\[23920\]: Failed password for invalid user boo from 51.77.245.181 port 33820 ssh2 Feb 16 19:50:34 sachi sshd\[24114\]: Invalid user palonso from 51.77.245.181 Feb 16 19:50:34 sachi sshd\[24114\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.ip-51-77-245.eu	2020-02-17 17:19:23
23.23.105.248	attack	SSH login attempts.	2020-02-17 16:55:03
23.21.50.37	attackspam	SSH login attempts.	2020-02-17 17:06:13
152.32.187.51	attack	Feb 17 07:57:55 v22018076622670303 sshd\[28701\]: Invalid user nagios from 152.32.187.51 port 39982 Feb 17 07:57:55 v22018076622670303 sshd\[28701\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.32.187.51 Feb 17 07:57:57 v22018076622670303 sshd\[28701\]: Failed password for invalid user nagios from 152.32.187.51 port 39982 ssh2 ...	2020-02-17 17:02:23
212.9.21.34	attack	SSH login attempts.	2020-02-17 17:15:36
24.232.0.226	attackbots	SSH login attempts.	2020-02-17 17:07:16
206.189.132.204	attackbotsspam	Invalid user ubuntu from 206.189.132.204 port 33624	2020-02-17 17:04:22
178.62.44.233	attack	Feb 17 06:03:05 MK-Soft-VM7 sshd[30544]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.44.233 Feb 17 06:03:07 MK-Soft-VM7 sshd[30544]: Failed password for invalid user rstudio from 178.62.44.233 port 35904 ssh2 ...	2020-02-17 16:42:51
139.199.78.228	attack	Feb 17 06:34:34 legacy sshd[9430]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.78.228 Feb 17 06:34:37 legacy sshd[9430]: Failed password for invalid user melinda from 139.199.78.228 port 42084 ssh2 Feb 17 06:37:54 legacy sshd[9573]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.78.228 ...	2020-02-17 17:19:40
195.243.147.170	attackbotsspam	SSH login attempts.	2020-02-17 17:13:18
147.46.10.142	attack	SSH login attempts.	2020-02-17 17:24:12
5.255.255.5	attackbots	SSH login attempts.	2020-02-17 16:39:46
121.201.17.102	attackbotsspam	$f2bV_matches	2020-02-17 16:54:41

Recently Reported IPs

77.40.62.132	155.219.249.149	55.19.208.150	58.126.177.21
172.173.6.203	50.175.33.123	236.46.212.120	81.130.138.156
117.164.112.219	44.107.16.10	131.79.14.42	45.227.253.212
97.201.149.131	212.156.84.182	187.78.37.41	82.7.113.61
201.92.214.243	41.156.132.165	1.56.44.28	85.10.68.53