222.79.48.48 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Fujian Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	trying to access non-authorized port	2020-04-28 14:48:25

Comments on same subnet:

IP	Type	Details	Datetime
222.79.48.32	attackspambots	Unauthorized connection attempt detected from IP address 222.79.48.32 to port 8080 [J]	2020-03-03 02:05:03
222.79.48.90	attack	Unauthorized connection attempt detected from IP address 222.79.48.90 to port 8082 [J]	2020-03-03 02:04:37
222.79.48.105	attack	222.79.48.105 - - \[27/Feb/2020:16:27:06 +0200\] "GET http://www.rfa.org/english/ HTTP/1.1" 404 206 "-" "Mozilla/5.0 \(Windows NT 10.0\; WOW64\) AppleWebKit/537.36 \(KHTML, like Gecko\) Chrome/45.0.2454.101 Safari/537.36"	2020-02-27 23:26:29
222.79.48.33	attackbotsspam	Unauthorized connection attempt detected from IP address 222.79.48.33 to port 8443 [J]	2020-01-27 15:28:47
222.79.48.220	attackbotsspam	Unauthorized connection attempt detected from IP address 222.79.48.220 to port 8080 [J]	2020-01-27 15:28:10
222.79.48.146	attackbots	Unauthorized connection attempt detected from IP address 222.79.48.146 to port 8123 [T]	2020-01-14 20:33:56
222.79.48.82	attack	Unauthorized connection attempt detected from IP address 222.79.48.82 to port 801 [T]	2020-01-10 08:37:37
222.79.48.225	attack	Unauthorized connection attempt detected from IP address 222.79.48.225 to port 8899 [T]	2020-01-10 08:09:30
222.79.48.169	attackbots	Unauthorized connection attempt detected from IP address 222.79.48.169 to port 80	2019-12-27 00:40:45
222.79.48.153	attack	The IP has triggered Cloudflare WAF. CF-Ray: 543802c41e9ce821 \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: d.skk.moe \| User-Agent: Mozilla/5.096783921 Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 06:13:53
222.79.48.199	attackspam	The IP has triggered Cloudflare WAF. CF-Ray: 5435e737bc76e7dd \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: ping.skk.moe \| User-Agent: Mozilla/5.067805899 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 02:53:45
222.79.48.170	attackspam	The IP has triggered Cloudflare WAF. CF-Ray: 54341a79d861eb69 \| WAF_Rule_ID: 1122843 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: theme-suka.skk.moe \| User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 9_1 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Version/9.0 Mobile/13B143 Safari/601.1 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 01:42:02
222.79.48.201	attack	The IP has triggered Cloudflare WAF. CF-Ray: 543406eae9d3eaf4 \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: blog.skk.moe \| User-Agent: Mozilla/5.081397758 Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0) \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 00:55:29
222.79.48.54	attack	The IP has triggered Cloudflare WAF. CF-Ray: 54138ca5bca59893 \| WAF_Rule_ID: 53b8357af6d244d3a132bcf913c3a388 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: img.skk.moe \| User-Agent: Mozilla/4.054101423 Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1) \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 07:01:12
222.79.48.132	attack	The IP has triggered Cloudflare WAF. CF-Ray: 54156096fd43e80d \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: img.skk.moe \| User-Agent: Mozilla/5.064213590 Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 05:58:46

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 222.79.48.48
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10244
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;222.79.48.48.			IN	A

;; AUTHORITY SECTION:
.			509	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020042800 1800 900 604800 86400

;; Query time: 55 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Apr 28 14:48:21 CST 2020
;; MSG SIZE  rcvd: 116

Host info

48.48.79.222.in-addr.arpa domain name pointer 48.48.79.222.broad.fz.fj.dynamic.163data.com.cn.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
48.48.79.222.in-addr.arpa	name = 48.48.79.222.broad.fz.fj.dynamic.163data.com.cn.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
109.99.228.142	attackspam	Automatic report - Banned IP Access	2020-04-13 22:45:58
162.243.129.158	attackspam	5269/tcp 22/tcp 3979/tcp... [2020-02-13/04-13]32pkt,26pt.(tcp),3pt.(udp)	2020-04-13 22:18:47
111.229.161.106	attackspam	Apr 13 10:41:13 host sshd[15182]: Invalid user papoose from 111.229.161.106 port 39370 ...	2020-04-13 22:45:44
103.130.192.135	attackspam	Apr 13 10:30:54 Ubuntu-1404-trusty-64-minimal sshd\[8036\]: Invalid user damnpoet from 103.130.192.135 Apr 13 10:30:54 Ubuntu-1404-trusty-64-minimal sshd\[8036\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.130.192.135 Apr 13 10:30:55 Ubuntu-1404-trusty-64-minimal sshd\[8036\]: Failed password for invalid user damnpoet from 103.130.192.135 port 52280 ssh2 Apr 13 10:41:31 Ubuntu-1404-trusty-64-minimal sshd\[12331\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.130.192.135 user=root Apr 13 10:41:33 Ubuntu-1404-trusty-64-minimal sshd\[12331\]: Failed password for root from 103.130.192.135 port 51876 ssh2	2020-04-13 22:19:02
148.255.211.8	attackbotsspam	Honeypot attack, port: 445, PTR: 8.211.255.148.d.dyn.claro.net.do.	2020-04-13 22:16:13
180.101.221.152	attackbots	5x Failed Password	2020-04-13 22:37:58
216.218.206.79	attackbotsspam	Report Port Scan: Events[1] countPorts[1]: 111 ..	2020-04-13 22:14:36
190.40.157.78	attackbots	Apr 13 13:34:07 gw1 sshd[7398]: Failed password for root from 190.40.157.78 port 59298 ssh2 ...	2020-04-13 22:27:49
65.19.174.198	attackspambots	20000/tcp 5522/tcp 20006/tcp... [2020-02-13/04-13]209pkt,124pt.(tcp)	2020-04-13 22:50:25
192.241.237.202	attack	47808/tcp 138/tcp 27758/tcp... [2020-02-13/04-13]29pkt,27pt.(tcp),1pt.(udp)	2020-04-13 22:15:46
198.108.67.63	attackspambots	04/13/2020-09:12:40.919884 198.108.67.63 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-04-13 22:44:09
106.12.70.115	attackspambots	Apr 13 12:58:58 cdc sshd[15104]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.70.115 user=root Apr 13 12:58:59 cdc sshd[15104]: Failed password for invalid user root from 106.12.70.115 port 35014 ssh2	2020-04-13 22:30:36
66.171.122.3	attackspam	Apr 13 04:23:34 cumulus sshd[19090]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.171.122.3 user=r.r Apr 13 04:23:36 cumulus sshd[19090]: Failed password for r.r from 66.171.122.3 port 50450 ssh2 Apr 13 04:23:36 cumulus sshd[19090]: Received disconnect from 66.171.122.3 port 50450:11: Bye Bye [preauth] Apr 13 04:23:36 cumulus sshd[19090]: Disconnected from 66.171.122.3 port 50450 [preauth] Apr 13 04:34:07 cumulus sshd[19687]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.171.122.3 user=r.r Apr 13 04:34:10 cumulus sshd[19687]: Failed password for r.r from 66.171.122.3 port 58514 ssh2 Apr 13 04:34:10 cumulus sshd[19687]: Received disconnect from 66.171.122.3 port 58514:11: Bye Bye [preauth] Apr 13 04:34:10 cumulus sshd[19687]: Disconnected from 66.171.122.3 port 58514 [preauth] Apr 13 04:37:55 cumulus sshd[19847]: Invalid user teste from 66.171.122.3 port 42052 Apr 13 04:37:55 cum........ -------------------------------	2020-04-13 22:08:31
167.114.210.127	attackspambots	Automatic report - XMLRPC Attack	2020-04-13 22:20:25
106.13.175.211	attack	3x Failed Password	2020-04-13 22:28:30

Recently Reported IPs

18.201.27.173	173.11.18.248	56.81.137.75	217.215.3.13
19.184.42.82	224.236.185.208	241.142.9.98	227.238.45.38
109.250.93.149	198.12.126.211	183.54.208.212	114.35.118.115
49.235.186.109	13.127.86.117	194.26.29.203	34.217.11.201
195.54.160.254	103.139.43.198	52.156.33.141	187.21.107.60