59.48.117.70 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Shanxi Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt detected from IP address 59.48.117.70 to port 445	2019-12-31 02:12:34
attackbots	12/25/2019-01:28:56.265888 59.48.117.70 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-12-25 15:36:06
attackbots	Port 1433 Scan	2019-11-03 22:06:31

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 59.48.117.70
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 28360
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;59.48.117.70.			IN	A

;; AUTHORITY SECTION:
.			235	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019110300 1800 900 604800 86400

;; Query time: 220 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Nov 03 22:06:27 CST 2019
;; MSG SIZE  rcvd: 116

Host info

70.117.48.59.in-addr.arpa domain name pointer 70.117.48.59.broad.lf.sx.dynamic.163data.com.cn.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
70.117.48.59.in-addr.arpa	name = 70.117.48.59.broad.lf.sx.dynamic.163data.com.cn.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
217.131.77.8	attackbots	Trying to access wordpress plugins	2020-09-17 12:03:36
179.56.60.248	attack	Unauthorized connection attempt from IP address 179.56.60.248 on Port 445(SMB)	2020-09-17 12:04:59
222.179.205.14	attackspam	SSH / Telnet Brute Force Attempts on Honeypot	2020-09-17 09:58:35
222.173.38.41	attack	Icarus honeypot on github	2020-09-17 12:03:14
170.130.187.10	attack	TCP (SYN) 170.130.187.10:61604 -> port 23, len 44	2020-09-17 10:25:40
106.13.90.78	attackspambots	DATE:2020-09-17 03:23:40, IP:106.13.90.78, PORT:ssh SSH brute force auth (docker-dc)	2020-09-17 10:00:19
222.186.175.212	attackbotsspam	Sep 16 21:50:40 plusreed sshd[29541]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.212 user=root Sep 16 21:50:42 plusreed sshd[29541]: Failed password for root from 222.186.175.212 port 12136 ssh2 ...	2020-09-17 09:53:20
115.231.0.56	attackbots	2020-09-16T20:37:56+0000 Failed SSH Authentication/Brute Force Attack. (Server 6)	2020-09-17 12:02:07
69.55.54.65	attack	Sep 17 03:21:54 pornomens sshd\[14942\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=69.55.54.65 user=root Sep 17 03:21:56 pornomens sshd\[14942\]: Failed password for root from 69.55.54.65 port 42652 ssh2 Sep 17 03:27:33 pornomens sshd\[14987\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=69.55.54.65 user=root ...	2020-09-17 09:52:29
113.160.54.78	attackspam	WordPress wp-login brute force :: 113.160.54.78 0.228 BYPASS [16/Sep/2020:16:57:56 0000] [censored_2] "POST /wp-login.php HTTP/1.1" 200 2577 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-17 09:49:02
49.235.132.88	attack	Sep 17 03:29:40 cho sshd[3087366]: Failed password for invalid user elasearch from 49.235.132.88 port 32856 ssh2 Sep 17 03:33:28 cho sshd[3087524]: Invalid user deploy from 49.235.132.88 port 46508 Sep 17 03:33:28 cho sshd[3087524]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.132.88 Sep 17 03:33:28 cho sshd[3087524]: Invalid user deploy from 49.235.132.88 port 46508 Sep 17 03:33:30 cho sshd[3087524]: Failed password for invalid user deploy from 49.235.132.88 port 46508 ssh2 ...	2020-09-17 12:10:00
1.55.52.132	attackbots	Unauthorized connection attempt from IP address 1.55.52.132 on Port 445(SMB)	2020-09-17 12:08:46
46.101.19.133	attackspam	Sep 17 01:40:57 ns382633 sshd\[21537\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.19.133 user=root Sep 17 01:40:59 ns382633 sshd\[21537\]: Failed password for root from 46.101.19.133 port 49535 ssh2 Sep 17 01:48:38 ns382633 sshd\[22755\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.19.133 user=root Sep 17 01:48:41 ns382633 sshd\[22755\]: Failed password for root from 46.101.19.133 port 54856 ssh2 Sep 17 01:55:22 ns382633 sshd\[24190\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.19.133 user=root	2020-09-17 10:29:13
178.62.103.92	attackbots	DATE:2020-09-16 18:57:21, IP:178.62.103.92, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2020-09-17 10:23:22
176.31.162.82	attackbotsspam	Sep 16 17:58:20 ip-172-31-16-56 sshd\[12711\]: Invalid user ts from 176.31.162.82\ Sep 16 17:58:23 ip-172-31-16-56 sshd\[12711\]: Failed password for invalid user ts from 176.31.162.82 port 42686 ssh2\ Sep 16 18:01:20 ip-172-31-16-56 sshd\[12736\]: Failed password for root from 176.31.162.82 port 41168 ssh2\ Sep 16 18:04:20 ip-172-31-16-56 sshd\[12772\]: Failed password for root from 176.31.162.82 port 39638 ssh2\ Sep 16 18:07:17 ip-172-31-16-56 sshd\[12802\]: Failed password for root from 176.31.162.82 port 38108 ssh2\	2020-09-17 09:54:39

Recently Reported IPs

116.12.187.246	156.223.38.22	58.205.69.30	198.160.19.101
177.73.35.191	158.82.202.151	96.158.193.227	117.245.14.164
41.64.42.196	177.93.67.252	182.61.178.45	118.182.65.82
54.36.164.157	60.26.201.215	117.41.182.135	58.65.171.112
132.195.135.49	68.56.92.126	68.117.218.119	46.14.64.44