58.248.2.49 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: CS-Air-Ltd Guangzhou Guangdong Province

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Excessive Port-Scanning	2019-09-21 20:06:31

Comments on same subnet:

IP	Type	Details	Datetime
58.248.203.203	attackbotsspam	Unauthorized connection attempt detected from IP address 58.248.203.203 to port 123	2020-06-13 08:29:04
58.248.200.119	attackbots	Unauthorized connection attempt detected from IP address 58.248.200.119 to port 999	2020-05-30 03:58:04
58.248.226.198	attack	May 27 10:54:59 itv-usvr-01 sshd[20483]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.248.226.198 user=root May 27 10:55:01 itv-usvr-01 sshd[20483]: Failed password for root from 58.248.226.198 port 38310 ssh2 May 27 10:57:55 itv-usvr-01 sshd[20603]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.248.226.198 user=root May 27 10:57:57 itv-usvr-01 sshd[20603]: Failed password for root from 58.248.226.198 port 57080 ssh2 May 27 11:00:46 itv-usvr-01 sshd[20727]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.248.226.198 user=root May 27 11:00:48 itv-usvr-01 sshd[20727]: Failed password for root from 58.248.226.198 port 47622 ssh2	2020-05-27 17:42:18
58.248.226.198	attackspam	May 25 14:37:36 ip-172-31-62-245 sshd\[4351\]: Invalid user cs from 58.248.226.198\ May 25 14:37:39 ip-172-31-62-245 sshd\[4351\]: Failed password for invalid user cs from 58.248.226.198 port 57016 ssh2\ May 25 14:41:08 ip-172-31-62-245 sshd\[4465\]: Failed password for root from 58.248.226.198 port 48816 ssh2\ May 25 14:44:36 ip-172-31-62-245 sshd\[4494\]: Invalid user sll from 58.248.226.198\ May 25 14:44:38 ip-172-31-62-245 sshd\[4494\]: Failed password for invalid user sll from 58.248.226.198 port 40626 ssh2\	2020-05-25 22:46:39
58.248.203.26	attackspam	Web Server Scan. RayID: 590c5d1e7de7e4c0, UA: Mozilla/5.096783921 Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko, Country: CN	2020-05-21 04:24:18
58.248.201.177	attackspambots	400 BAD REQUEST	2020-02-28 01:13:23
58.248.202.186	attack	Unauthorized connection attempt detected from IP address 58.248.202.186 to port 8888 [J]	2020-01-29 09:50:47
58.248.201.77	attackbots	Unauthorized connection attempt detected from IP address 58.248.201.77 to port 8118 [J]	2020-01-26 03:12:32
58.248.201.104	attackspam	Unauthorized connection attempt detected from IP address 58.248.201.104 to port 8443 [J]	2020-01-22 07:29:52
58.248.200.209	attackbotsspam	Unauthorized connection attempt detected from IP address 58.248.200.209 to port 80 [J]	2020-01-19 15:44:47
58.248.203.151	attackspam	Unauthorized connection attempt detected from IP address 58.248.203.151 to port 808 [T]	2020-01-17 08:35:48
58.248.200.68	attackspam	Unauthorized connection attempt detected from IP address 58.248.200.68 to port 801 [T]	2020-01-10 09:27:08
58.248.203.97	attack	Unauthorized connection attempt detected from IP address 58.248.203.97 to port 9999 [T]	2020-01-10 09:02:00
58.248.200.202	attack	Unauthorized connection attempt detected from IP address 58.248.200.202 to port 8118	2020-01-04 09:08:34
58.248.201.7	attack	Unauthorized connection attempt detected from IP address 58.248.201.7 to port 8090	2020-01-01 21:39:06

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 58.248.2.49
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 62673
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;58.248.2.49.			IN	A

;; AUTHORITY SECTION:
.			456	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019092100 1800 900 604800 86400

;; Query time: 882 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Sep 21 20:06:28 CST 2019
;; MSG SIZE  rcvd: 115

Host info

Host 49.2.248.58.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 49.2.248.58.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
9.9.9.10	attackspambots	Aug 6 23:44:12 hidden kernel: [UFW BLOCK] IN=ens192 OUT= MAC=00:50:56:bc:13:b8:30:e4:db:97:3e:3f:08:00 SRC=9.9.9.10 DST=217.198.117.163 LEN=40 TOS=0x00 PREC=0x00 TTL=58 ID=17425 DF PROTO=TCP SPT=853 DPT=32792 WINDOW=0 RES=0x00 RST URGP=0 Aug 6 23:44:12 hidden kernel: [UFW BLOCK] IN=ens192 OUT= MAC=00:50:56:bc:13:b8:30:e4:db:97:3e:3f:08:00 SRC=9.9.9.10 DST=217.198.117.163 LEN=40 TOS=0x00 PREC=0x00 TTL=58 ID=17426 DF PROTO=TCP SPT=853 DPT=32792 WINDOW=0 RES=0x00 RST URGP=0 Aug 6 23:44:53 hidden kernel: [UFW BLOCK] IN=ens192 OUT= MAC=00:50:56:bc:13:b8:30:e4:db:97:3e:3f:08:00 SRC=9.9.9.10 DST=217.198.117.163 LEN=40 TOS=0x00 PREC=0x00 TTL=58 ID=42839 DF PROTO=TCP SPT=853 DPT=32804 WINDOW=0 RES=0x00 RST URGP=0 Aug 6 23:46:37 hidden kernel: [UFW BLOCK] IN=ens192 OUT= MAC=00:50:56:bc:13:b8:30:e4:db:97:3e:3f:08:00 SRC=9.9.9.10 DST=217.198.117.163 LEN=40 TOS=0x00 PREC=0x00 TTL=58 ID=11251 DF PROTO=TCP SPT=853 DPT=32830 WINDOW=0 RES=0x00 RST URGP=0 Aug 6 23:52:04 hidden kernel: [UFW BLO ...	2020-08-07 08:28:59
188.163.74.34	attackbotsspam	1596750707 - 08/06/2020 23:51:47 Host: 188.163.74.34/188.163.74.34 Port: 445 TCP Blocked	2020-08-07 08:40:44
95.178.158.71	attack	Telnetd brute force attack detected by fail2ban	2020-08-07 08:34:14
188.127.226.196	attackbotsspam	Hit honeypot r.	2020-08-07 08:16:10
188.166.185.236	attack	2020-08-05 12:03:29 server sshd[27169]: Failed password for invalid user root from 188.166.185.236 port 36521 ssh2	2020-08-07 08:43:02
137.74.199.180	attackbots	2020-08-06T17:23:24.5394141495-001 sshd[51053]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.ip-137-74-199.eu user=root 2020-08-06T17:23:26.5140911495-001 sshd[51053]: Failed password for root from 137.74.199.180 port 60036 ssh2 2020-08-06T17:27:20.4742591495-001 sshd[51237]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.ip-137-74-199.eu user=root 2020-08-06T17:27:22.0720061495-001 sshd[51237]: Failed password for root from 137.74.199.180 port 41978 ssh2 2020-08-06T17:31:12.8434491495-001 sshd[51412]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.ip-137-74-199.eu user=root 2020-08-06T17:31:15.0661931495-001 sshd[51412]: Failed password for root from 137.74.199.180 port 52156 ssh2 ...	2020-08-07 08:21:43
51.195.166.192	attackspam	Attempt to log in with non-existing username: admin	2020-08-07 08:20:31
173.208.200.34	attackbotsspam	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: protores.org.	2020-08-07 08:33:15
151.84.84.100	attack	Hit honeypot r.	2020-08-07 08:28:29
92.63.197.71	attackspam	ET DROP Dshield Block Listed Source group 1 - port: 39000 proto: tcp cat: Misc Attackbytes: 60	2020-08-07 08:12:19
111.229.194.130	attackbots	Scanned 3 times in the last 24 hours on port 22	2020-08-07 08:30:26
118.24.2.59	attackbotsspam	2020-08-06T21:48:42.252484shield sshd\[5897\]: Invalid user Passwordasd from 118.24.2.59 port 40902 2020-08-06T21:48:42.260144shield sshd\[5897\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.2.59 2020-08-06T21:48:43.852526shield sshd\[5897\]: Failed password for invalid user Passwordasd from 118.24.2.59 port 40902 ssh2 2020-08-06T21:51:45.199280shield sshd\[6116\]: Invalid user 1qaz1qaz1qaz from 118.24.2.59 port 46910 2020-08-06T21:51:45.206084shield sshd\[6116\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.2.59	2020-08-07 08:41:33
45.136.109.219	attackbots	TCP (SYN) 45.136.109.219:50230 -> port 53, len 44	2020-08-07 08:11:38
81.96.53.106	attack	Automatic report - Port Scan Attack	2020-08-07 08:44:08
169.159.130.225	attackspambots	Ssh brute force	2020-08-07 08:11:18

Recently Reported IPs

231.203.187.65	89.140.52.222	204.159.246.65	192.29.6.180
139.155.71.154	82.24.159.204	189.224.209.178	158.109.192.123
52.47.135.101	165.255.36.66	18.12.243.27	241.232.15.98
14.47.241.66	18.220.105.221	6.134.94.64	234.218.240.71
35.138.89.178	147.8.235.91	238.32.1.75	133.174.75.236