123.148.244.49

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: China Network Communications Group Corporation

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Bad_requests	2020-03-19 20:03:26

Comments on same subnet:

IP	Type	Details	Datetime
123.148.244.246	attack	Attack, like DDOS, Brute-Force, Port Scan, Hack, etc.	2020-05-31 05:40:43
123.148.244.246	attack	Attack, like DDOS, Brute-Force, Port Scan, Hack, etc.	2020-05-31 05:40:38
123.148.244.80	attackbotsspam	Bad_requests	2020-03-08 14:54:37
123.148.244.188	attackbotsspam	123.148.244.188 - - [23/Dec/2019:10:20:47 +0000] "POST /xmlrpc.php HTTP/1.1" 301 596 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36" 123.148.244.188 - - [23/Dec/2019:10:20:49 +0000] "POST /xmlrpc.php HTTP/1.1" 301 596 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36" ...	2020-03-03 23:56:36
123.148.244.246	attackspam	123.148.244.246 - - \[01/Feb/2020:06:35:07 +0100\] "POST /xmlrpc.php HTTP/1.0" 200 536 "-" "Mozilla/5.0 \(Windows NT 10.0\; Win64\; x64\) AppleWebKit/537.36 \(KHTML, like Gecko\) Chrome/63.0.3239.132 Safari/537.36" 123.148.244.246 - - \[01/Feb/2020:06:35:07 +0100\] "POST /xmlrpc.php HTTP/1.0" 200 536 "-" "Mozilla/5.0 \(Windows NT 10.0\; Win64\; x64\) AppleWebKit/537.36 \(KHTML, like Gecko\) Chrome/63.0.3239.132 Safari/537.36" 123.148.244.246 - - \[01/Feb/2020:06:35:09 +0100\] "POST /xmlrpc.php HTTP/1.0" 200 536 "-" "Mozilla/5.0 \(Windows NT 10.0\; Win64\; x64\) AppleWebKit/537.36 \(KHTML, like Gecko\) Chrome/63.0.3239.132 Safari/537.36"	2020-02-01 14:59:49
123.148.244.35	attack	multiple requests to xmlrpc.php	2020-01-13 21:48:05
123.148.244.20	spambots	Attack, like DDOS, Brute-Force, Port Scan, Hack, etc	2019-10-13 21:18:50
123.148.244.20	attackbots	REQUESTED PAGE: /wp-login.php	2019-07-29 12:42:49

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 123.148.244.49
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 12805
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;123.148.244.49.			IN	A

;; AUTHORITY SECTION:
.			333	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020031900 1800 900 604800 86400

;; Query time: 70 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Mar 19 20:03:17 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 49.244.148.123.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 49.244.148.123.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
192.241.238.218	attack	[N3.H3.VM3] Port Scanner Detected Blocked by UFW	2020-10-04 08:20:55
77.69.82.176	attack	Telnet Server BruteForce Attack	2020-10-04 08:20:28
88.234.60.237	attackbots	445/tcp [2020-10-02]1pkt	2020-10-04 08:43:16
64.225.106.12	attack	Oct 4 00:09:10 localhost sshd\[28400\]: Invalid user stefan from 64.225.106.12 Oct 4 00:09:10 localhost sshd\[28400\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=64.225.106.12 Oct 4 00:09:12 localhost sshd\[28400\]: Failed password for invalid user stefan from 64.225.106.12 port 49200 ssh2 Oct 4 00:12:40 localhost sshd\[28641\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=64.225.106.12 user=root Oct 4 00:12:42 localhost sshd\[28641\]: Failed password for root from 64.225.106.12 port 56198 ssh2 ...	2020-10-04 08:10:48
176.214.44.245	attackspambots	TCP (SYN) 176.214.44.245:49139 -> port 23, len 40	2020-10-04 08:48:07
128.201.207.224	attackbotsspam	23/tcp [2020-10-02]1pkt	2020-10-04 08:45:28
195.58.56.170	attackbotsspam	Unauthorized connection attempt from IP address 195.58.56.170 on Port 445(SMB)	2020-10-04 08:24:15
5.183.255.15	attackspam	(mod_security) mod_security (id:210730) triggered by 5.183.255.15 (RU/Russia/-): 5 in the last 300 secs	2020-10-04 08:13:34
119.15.80.203	attack	ET SCAN Suspicious inbound to MSSQL port 1433 - port: 1433 proto: tcp cat: Potentially Bad Trafficbytes: 60	2020-10-04 08:21:42
202.137.142.159	attack	" "	2020-10-04 08:18:10
212.119.46.211	attack	(mod_security) mod_security (id:210730) triggered by 212.119.46.211 (RU/Russia/-): 5 in the last 300 secs	2020-10-04 08:44:17
27.217.101.136	attackspam	23/tcp [2020-10-02]1pkt	2020-10-04 08:42:39
123.253.125.75	attackbots	8080/tcp [2020-10-02]1pkt	2020-10-04 08:39:20
51.68.71.102	attack	Oct 4 05:17:01 gw1 sshd[27702]: Failed password for root from 51.68.71.102 port 54182 ssh2 ...	2020-10-04 08:40:13
218.155.199.58	attackbotsspam	[AUTOMATIC REPORT] - 48 tries in total - SSH BRUTE FORCE - IP banned	2020-10-04 08:14:31

Recently Reported IPs

206.189.158.109	48.20.34.6	54.36.0.111	178.33.237.66
43.254.55.86	42.179.7.82	42.141.216.21	103.40.26.77
235.170.14.77	116.111.98.128	215.40.44.198	119.90.51.171
27.104.135.156	178.252.111.184	106.13.49.213	14.116.150.230
185.17.120.15	185.242.86.47	185.242.86.46	129.82.138.12