49.88.64.0 - IPInfo

Basic Info

City: Shanghai

Region: Shanghai

Country: China

Internet Service Provider: ChinaNet Jiangsu Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Dec 24 16:31:15 icecube postfix/smtpd[2532]: NOQUEUE: reject: RCPT from unknown[49.88.64.0]: 554 5.7.1 Service unavailable; Client host [49.88.64.0] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/49.88.64.0; from= to= proto=ESMTP helo=	2019-12-25 03:48:02

Type

Details

Datetime

attack

Dec 24 16:31:15 icecube postfix/smtpd[2532]: NOQUEUE: reject: RCPT from unknown[49.88.64.0]: 554 5.7.1 Service unavailable; Client host [49.88.64.0] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/49.88.64.0; from= to= proto=ESMTP helo=

2019-12-25 03:48:02

Comments on same subnet:

IP	Type	Details	Datetime
49.88.64.121	attackbots	Email rejected due to spam filtering	2020-06-24 16:43:50
49.88.64.137	attack	Email rejected due to spam filtering	2020-04-10 18:53:41
49.88.64.108	attackspam	Jan 2 15:53:23 grey postfix/smtpd\[17754\]: NOQUEUE: reject: RCPT from unknown\[49.88.64.108\]: 554 5.7.1 Service unavailable\; Client host \[49.88.64.108\] blocked using cbl.abuseat.org\; Blocked - see http://www.abuseat.org/lookup.cgi\?ip=49.88.64.108\; from=\ to=\ proto=ESMTP helo=\ ...	2020-01-03 04:30:45
49.88.64.193	attackbotsspam	IP: 49.88.64.193 ASN: AS4134 No.31 Jin-rong Street Port: Simple Mail Transfer 25 Found in one or more Blacklists Date: 16/12/2019 6:57:21 AM UTC	2019-12-16 17:30:18
49.88.64.49	attackbots	SpamReport	2019-11-15 15:24:34
49.88.64.18	attack	Lines containing failures of 49.88.64.18 Sep 7 10:31:20 expertgeeks postfix/smtpd[21639]: connect from unknown[49.88.64.18] Sep 7 10:31:21 expertgeeks policyd-spf[21643]: None; identhostnamey=helo; client-ip=49.88.64.18; helo=vrfan.com; envelope-from=x@x Sep 7 10:31:21 expertgeeks policyd-spf[21643]: None; identhostnamey=mailfrom; client-ip=49.88.64.18; helo=vrfan.com; envelope-from=x@x Sep 7 10:31:21 expertgeeks sqlgrey: grey: new: 49.88.64(49.88.64.18), x@x -> x@x Sep 7 10:31:21 expertgeeks sqlgrey: grey: early reconnect: 49.88.64(49.88.64.18), x@x -> x@x Sep x@x Sep 7 10:31:22 expertgeeks postfix/smtpd[21639]: disconnect from unknown[49.88.64.18] ehlo=1 mail=1 rcpt=0/1 quhostname=1 commands=3/4 Sep 7 10:31:28 expertgeeks postfix/smtpd[21639]: connect from unknown[49.88.64.18] Sep 7 10:31:28 expertgeeks policyd-spf[21643]: None; identhostnamey=helo; client-ip=49.88.64.18; helo=vrfan.com; envelope-from=x@x Sep 7 10:31:28 expertgeeks policyd-spf[21643]: None; id........ ------------------------------	2019-09-07 22:33:52
49.88.64.158	attackbots	Brute force SMTP login attempts.	2019-08-22 04:30:40

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 49.88.64.0
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 25114
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;49.88.64.0.			IN	A

;; AUTHORITY SECTION:
.			435	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019122401 1800 900 604800 86400

;; Query time: 102 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Dec 25 03:48:00 CST 2019
;; MSG SIZE  rcvd: 114

Host info

Host 0.64.88.49.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 0.64.88.49.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
179.111.204.53	attack	Unauthorized connection attempt from IP address 179.111.204.53 on Port 445(SMB)	2020-05-30 08:12:16
51.79.66.198	attackspam	May 30 00:37:47 ns381471 sshd[19731]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.79.66.198 May 30 00:37:49 ns381471 sshd[19731]: Failed password for invalid user packer from 51.79.66.198 port 46038 ssh2	2020-05-30 08:21:26
49.235.153.220	attack	Invalid user st from 49.235.153.220 port 45826	2020-05-30 08:38:10
122.51.69.116	attackbotsspam	Invalid user erik from 122.51.69.116 port 58016	2020-05-30 08:08:33
181.121.0.82	attack	Unauthorized connection attempt from IP address 181.121.0.82 on Port 445(SMB)	2020-05-30 08:22:54
93.174.93.195	attackbots	ET CINS Active Threat Intelligence Poor Reputation IP group 89 - port: 41064 proto: UDP cat: Misc Attack	2020-05-30 08:10:24
68.183.137.173	attackspam	May 29 20:27:53 vps46666688 sshd[26552]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.137.173 May 29 20:27:55 vps46666688 sshd[26552]: Failed password for invalid user kei from 68.183.137.173 port 42734 ssh2 ...	2020-05-30 08:21:07
118.26.173.184	attackbotsspam	May 29 23:43:58 legacy sshd[26001]: Failed password for root from 118.26.173.184 port 56090 ssh2 May 29 23:44:29 legacy sshd[26047]: Failed password for root from 118.26.173.184 port 33028 ssh2 ...	2020-05-30 08:37:14
118.171.135.158	attack	Attempted connection to port 445.	2020-05-30 08:41:14
142.93.165.102	attackspam	Invalid user alexandria from 142.93.165.102 port 55298	2020-05-30 08:11:29
155.94.156.84	attack	May 29 22:37:03 vserver sshd\[2845\]: Invalid user ftpuser from 155.94.156.84May 29 22:37:05 vserver sshd\[2845\]: Failed password for invalid user ftpuser from 155.94.156.84 port 41784 ssh2May 29 22:41:52 vserver sshd\[2927\]: Failed password for root from 155.94.156.84 port 39760 ssh2May 29 22:46:52 vserver sshd\[2963\]: Failed password for root from 155.94.156.84 port 37696 ssh2 ...	2020-05-30 08:27:28
159.65.144.36	attackbots	Invalid user neh from 159.65.144.36 port 51710	2020-05-30 08:14:52
141.98.9.157	attackbots	May 29 07:06:58 XXX sshd[11561]: Invalid user admin from 141.98.9.157 port 38927	2020-05-30 08:09:49
113.142.58.155	attackspambots	Invalid user vtj from 113.142.58.155 port 50180	2020-05-30 08:04:41
190.202.18.190	attackbots	Unauthorized connection attempt from IP address 190.202.18.190 on Port 445(SMB)	2020-05-30 08:16:14

Recently Reported IPs

94.219.75.129	132.165.73.104	201.30.8.69	49.158.46.214
190.207.247.83	64.214.135.72	142.183.244.17	221.152.107.16
201.233.152.87	128.187.237.73	104.45.226.37	60.53.118.219
86.19.47.120	63.32.217.9	66.3.208.128	1.156.200.56
156.217.225.237	121.163.185.103	39.176.4.123	182.167.136.101