222.79.48.2 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: None

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
222.79.48.48	attackspambots	trying to access non-authorized port	2020-04-28 14:48:25
222.79.48.32	attackspambots	Unauthorized connection attempt detected from IP address 222.79.48.32 to port 8080 [J]	2020-03-03 02:05:03
222.79.48.90	attack	Unauthorized connection attempt detected from IP address 222.79.48.90 to port 8082 [J]	2020-03-03 02:04:37
222.79.48.105	attack	222.79.48.105 - - \[27/Feb/2020:16:27:06 +0200\] "GET http://www.rfa.org/english/ HTTP/1.1" 404 206 "-" "Mozilla/5.0 \(Windows NT 10.0\; WOW64\) AppleWebKit/537.36 \(KHTML, like Gecko\) Chrome/45.0.2454.101 Safari/537.36"	2020-02-27 23:26:29
222.79.48.33	attackbotsspam	Unauthorized connection attempt detected from IP address 222.79.48.33 to port 8443 [J]	2020-01-27 15:28:47
222.79.48.220	attackbotsspam	Unauthorized connection attempt detected from IP address 222.79.48.220 to port 8080 [J]	2020-01-27 15:28:10
222.79.48.146	attackbots	Unauthorized connection attempt detected from IP address 222.79.48.146 to port 8123 [T]	2020-01-14 20:33:56
222.79.48.82	attack	Unauthorized connection attempt detected from IP address 222.79.48.82 to port 801 [T]	2020-01-10 08:37:37
222.79.48.225	attack	Unauthorized connection attempt detected from IP address 222.79.48.225 to port 8899 [T]	2020-01-10 08:09:30
222.79.48.169	attackbots	Unauthorized connection attempt detected from IP address 222.79.48.169 to port 80	2019-12-27 00:40:45
222.79.48.153	attack	The IP has triggered Cloudflare WAF. CF-Ray: 543802c41e9ce821 \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: d.skk.moe \| User-Agent: Mozilla/5.096783921 Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 06:13:53
222.79.48.199	attackspam	The IP has triggered Cloudflare WAF. CF-Ray: 5435e737bc76e7dd \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: ping.skk.moe \| User-Agent: Mozilla/5.067805899 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 02:53:45
222.79.48.170	attackspam	The IP has triggered Cloudflare WAF. CF-Ray: 54341a79d861eb69 \| WAF_Rule_ID: 1122843 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: theme-suka.skk.moe \| User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 9_1 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Version/9.0 Mobile/13B143 Safari/601.1 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 01:42:02
222.79.48.201	attack	The IP has triggered Cloudflare WAF. CF-Ray: 543406eae9d3eaf4 \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: blog.skk.moe \| User-Agent: Mozilla/5.081397758 Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0) \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 00:55:29
222.79.48.54	attack	The IP has triggered Cloudflare WAF. CF-Ray: 54138ca5bca59893 \| WAF_Rule_ID: 53b8357af6d244d3a132bcf913c3a388 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: img.skk.moe \| User-Agent: Mozilla/4.054101423 Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1) \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 07:01:12

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 222.79.48.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3365
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;222.79.48.2.			IN	A

;; AUTHORITY SECTION:
.			157	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021301 1800 900 604800 86400

;; Query time: 68 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 14 08:23:26 CST 2022
;; MSG SIZE  rcvd: 104

Host info

2.48.79.222.in-addr.arpa domain name pointer 2.48.79.222.broad.fz.fj.dynamic.163data.com.cn.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
2.48.79.222.in-addr.arpa	name = 2.48.79.222.broad.fz.fj.dynamic.163data.com.cn.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
51.195.136.14	attack	SSH bruteforce	2020-09-04 22:08:21
200.119.138.42	attackbotsspam	Sep 4 04:19:49 mailman postfix/smtpd[28694]: warning: unknown[200.119.138.42]: SASL PLAIN authentication failed: authentication failure	2020-09-04 22:03:09
198.38.86.161	attackbots	Sep 4 00:45:39 ns382633 sshd\[16438\]: Invalid user test5 from 198.38.86.161 port 47534 Sep 4 00:45:39 ns382633 sshd\[16438\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.38.86.161 Sep 4 00:45:41 ns382633 sshd\[16438\]: Failed password for invalid user test5 from 198.38.86.161 port 47534 ssh2 Sep 4 00:52:42 ns382633 sshd\[17544\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.38.86.161 user=root Sep 4 00:52:43 ns382633 sshd\[17544\]: Failed password for root from 198.38.86.161 port 55508 ssh2	2020-09-04 22:25:08
197.58.171.7	attack	port scan and connect, tcp 23 (telnet)	2020-09-04 22:22:57
41.60.14.91	attack	Sep 3 18:49:23 mellenthin postfix/smtpd[21047]: NOQUEUE: reject: RCPT from unknown[41.60.14.91]: 554 5.7.1 Service unavailable; Client host [41.60.14.91] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/41.60.14.91; from= to= proto=ESMTP helo=<41.60.14.91.liquidtelecom.net>	2020-09-04 21:58:15
167.99.77.94	attack	167.99.77.94 (SG/Singapore/-), 6 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 4 04:48:07 server2 sshd[13042]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.56.89 user=root Sep 4 04:30:20 server2 sshd[3898]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.77.94 user=root Sep 4 04:30:22 server2 sshd[3898]: Failed password for root from 167.99.77.94 port 47870 ssh2 Sep 4 04:21:56 server2 sshd[29632]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.29.196.186 user=root Sep 4 04:21:58 server2 sshd[29632]: Failed password for root from 218.29.196.186 port 42738 ssh2 Sep 4 04:19:32 server2 sshd[27850]: Failed password for root from 203.66.168.81 port 37356 ssh2 IP Addresses Blocked: 178.128.56.89 (SG/Singapore/-)	2020-09-04 22:29:09
186.136.244.203	attackspam	Sep 3 18:49:03 mellenthin postfix/smtpd[20267]: NOQUEUE: reject: RCPT from unknown[186.136.244.203]: 554 5.7.1 Service unavailable; Client host [186.136.244.203] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/186.136.244.203; from= to= proto=ESMTP helo=<203-244-136-186.fibertel.com.ar>	2020-09-04 22:16:39
80.24.149.228	attack	Invalid user jmy from 80.24.149.228 port 54284	2020-09-04 22:46:40
119.235.19.66	attackbotsspam	ssh brute force	2020-09-04 22:18:14
45.95.168.157	attack	SSH Brute-Forcing (server1)	2020-09-04 22:33:47
45.142.120.179	attackbotsspam	2020-09-04T07:59:47.762676linuxbox-skyline auth[78267]: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=ato rhost=45.142.120.179 ...	2020-09-04 22:33:18
177.124.23.197	attackspambots	Sep 3 18:49:01 host postfix/smtps/smtpd\[20586\]: warning: 177-124-23-197.altinformatica.com.br\[177.124.23.197\]: SASL PLAIN authentication failed:	2020-09-04 22:21:48
124.160.96.249	attackbotsspam	(sshd) Failed SSH login from 124.160.96.249 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 4 09:28:27 server2 sshd[29612]: Invalid user lb from 124.160.96.249 Sep 4 09:28:27 server2 sshd[29612]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.160.96.249 Sep 4 09:28:29 server2 sshd[29612]: Failed password for invalid user lb from 124.160.96.249 port 53170 ssh2 Sep 4 09:46:34 server2 sshd[7509]: Invalid user helen from 124.160.96.249 Sep 4 09:46:34 server2 sshd[7509]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.160.96.249	2020-09-04 22:14:27
212.60.66.145	attackspambots	WordPress Drone detected by safePassage	2020-09-04 22:19:39
27.128.162.183	attackspam	Sep 4 12:19:36 vpn01 sshd[6142]: Failed password for root from 27.128.162.183 port 54190 ssh2 Sep 4 12:37:28 vpn01 sshd[6450]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.128.162.183 ...	2020-09-04 22:09:39

Recently Reported IPs

222.79.10.130	222.79.48.214	222.79.48.234	222.79.48.72
222.79.49.123	222.79.49.243	222.79.49.242	222.79.49.183
222.79.48.57	222.80.35.5	222.80.41.153	222.80.251.219
222.80.47.240	222.80.84.18	222.81.245.63	222.82.130.249
222.83.225.238	222.85.39.147	222.82.178.30	222.82.125.73