49.89.248.28 - IPInfo

Basic Info

City: Suqian

Region: Jiangsu

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: No.31,Jin-rong Street

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
49.89.248.71	attackspambots	ET WEB_SPECIFIC_APPS ECSHOP user.php SQL INJECTION via Referer	2020-02-06 21:42:25
49.89.248.90	attackspambots	2019-12-24T07:12:05.974882beta postfix/smtpd[8500]: warning: unknown[49.89.248.90]: SASL LOGIN authentication failed: authentication failure 2019-12-24T07:12:10.053652beta postfix/smtpd[8513]: warning: unknown[49.89.248.90]: SASL LOGIN authentication failed: authentication failure 2019-12-24T07:12:14.059124beta postfix/smtpd[8500]: warning: unknown[49.89.248.90]: SASL LOGIN authentication failed: authentication failure ...	2019-12-24 23:03:53

Type

Details

Datetime

49.89.248.71

attackspambots

ET WEB_SPECIFIC_APPS ECSHOP user.php SQL INJECTION via Referer

2020-02-06 21:42:25

49.89.248.90

attackspambots

2019-12-24T07:12:05.974882beta postfix/smtpd[8500]: warning: unknown[49.89.248.90]: SASL LOGIN authentication failed: authentication failure
2019-12-24T07:12:10.053652beta postfix/smtpd[8513]: warning: unknown[49.89.248.90]: SASL LOGIN authentication failed: authentication failure
2019-12-24T07:12:14.059124beta postfix/smtpd[8500]: warning: unknown[49.89.248.90]: SASL LOGIN authentication failed: authentication failure
...

2019-12-24 23:03:53

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 49.89.248.28
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55064
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;49.89.248.28.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071801 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Jul 19 03:19:30 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 28.248.89.49.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 28.248.89.49.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
88.156.122.72	attackspambots	SSH invalid-user multiple login attempts	2020-03-26 00:38:16
106.13.175.210	attack	Mar 25 14:07:30 OPSO sshd\[19859\]: Invalid user system from 106.13.175.210 port 52118 Mar 25 14:07:30 OPSO sshd\[19859\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.175.210 Mar 25 14:07:33 OPSO sshd\[19859\]: Failed password for invalid user system from 106.13.175.210 port 52118 ssh2 Mar 25 14:12:19 OPSO sshd\[20712\]: Invalid user xv from 106.13.175.210 port 56786 Mar 25 14:12:19 OPSO sshd\[20712\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.175.210	2020-03-26 00:06:47
175.6.102.248	attack	B: ssh repeated attack for invalid user	2020-03-26 00:34:28
85.143.219.197	attackbotsspam	Unauthorised access (Mar 25) SRC=85.143.219.197 LEN=40 TTL=247 ID=43862 TCP DPT=445 WINDOW=1024 SYN Unauthorised access (Mar 24) SRC=85.143.219.197 LEN=40 TTL=247 ID=52476 TCP DPT=445 WINDOW=1024 SYN	2020-03-26 00:41:50
51.89.57.123	attack	2020-03-23 22:47:43 server sshd[50850]: Failed password for invalid user adm from 51.89.57.123 port 34172 ssh2	2020-03-26 00:17:46
196.223.156.192	attackbotsspam	20/3/25@08:48:28: FAIL: Alarm-Network address from=196.223.156.192 20/3/25@08:48:28: FAIL: Alarm-Network address from=196.223.156.192 ...	2020-03-26 00:20:55
213.87.101.176	attack	(sshd) Failed SSH login from 213.87.101.176 (RU/Russia/-): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Mar 25 17:19:31 ubnt-55d23 sshd[12329]: Invalid user sandra from 213.87.101.176 port 43978 Mar 25 17:19:34 ubnt-55d23 sshd[12329]: Failed password for invalid user sandra from 213.87.101.176 port 43978 ssh2	2020-03-26 00:50:03
123.51.172.4	attackbotsspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-03-26 00:23:25
52.157.110.87	attack	2020-03-24 15:34:08 server sshd[88810]: Failed password for invalid user kura from 52.157.110.87 port 54876 ssh2	2020-03-26 00:29:02
122.51.163.237	attack	Mar 25 09:42:06 firewall sshd[8286]: Invalid user sshishido from 122.51.163.237 Mar 25 09:42:08 firewall sshd[8286]: Failed password for invalid user sshishido from 122.51.163.237 port 58192 ssh2 Mar 25 09:48:24 firewall sshd[8516]: Invalid user ui from 122.51.163.237 ...	2020-03-26 00:23:48
49.49.242.130	attackbotsspam	Honeypot attack, port: 445, PTR: mx-ll-49.49.242-130.dynamic.3bb.in.th.	2020-03-26 00:27:19
181.171.59.25	attack	Honeypot attack, port: 81, PTR: 25-59-171-181.fibertel.com.ar.	2020-03-26 00:40:31
93.148.127.233	attackbots	Fail2Ban Ban Triggered	2020-03-26 00:58:15
187.60.35.234	attackspambots	Automatic report - Port Scan Attack	2020-03-26 00:07:46
67.205.135.65	attackbotsspam	Mar 25 21:12:15 gw1 sshd[7465]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=67.205.135.65 Mar 25 21:12:16 gw1 sshd[7465]: Failed password for invalid user hw from 67.205.135.65 port 33996 ssh2 ...	2020-03-26 00:19:14

Recently Reported IPs

47.132.49.243	72.61.95.104	86.108.94.0	169.130.83.7
116.112.137.217	15.213.88.123	54.184.29.29	174.215.83.60
144.85.66.140	41.41.43.231	125.16.39.104	5.200.163.241
83.161.186.120	145.152.63.129	44.36.89.231	125.167.76.147
31.223.78.173	183.199.169.216	61.159.169.207	141.16.249.9