102.89.2.20 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Nigeria

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
102.89.2.28	attackbots	Listed on abuseat.org plus zen-spamhaus / proto=6 . srcport=56637 . dstport=445 . (3133)	2020-09-28 05:26:31
102.89.2.28	attack	Listed on abuseat.org plus zen-spamhaus / proto=6 . srcport=56637 . dstport=445 . (3133)	2020-09-27 21:45:27
102.89.2.28	attackspambots	Listed on abuseat.org plus zen-spamhaus / proto=6 . srcport=56637 . dstport=445 . (3133)	2020-09-27 13:30:28
102.89.2.35	attackbotsspam	1596284160 - 08/01/2020 14:16:00 Host: 102.89.2.35/102.89.2.35 Port: 445 TCP Blocked	2020-08-02 04:02:25
102.89.2.40	attackspam	1591388890 - 06/05/2020 22:28:10 Host: 102.89.2.40/102.89.2.40 Port: 445 TCP Blocked	2020-06-06 05:16:05
102.89.2.186	attack	1588507600 - 05/03/2020 14:06:40 Host: 102.89.2.186/102.89.2.186 Port: 445 TCP Blocked	2020-05-04 03:08:15
102.89.2.49	attack	1588507603 - 05/03/2020 14:06:43 Host: 102.89.2.49/102.89.2.49 Port: 445 TCP Blocked	2020-05-04 03:06:54
102.89.2.34	attack	(pop3d) Failed POP3 login from 102.89.2.34 (NG/Nigeria/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Apr 1 02:00:35 ir1 dovecot[566034]: pop3-login: Disconnected (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=102.89.2.34, lip=5.63.12.44, session=	2020-04-01 06:55:48

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 102.89.2.20
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2230
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;102.89.2.20.			IN	A

;; AUTHORITY SECTION:
.			399	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022500 1800 900 604800 86400

;; Query time: 58 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 25 22:46:31 CST 2022
;; MSG SIZE  rcvd: 104

Host info

Host 20.2.89.102.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 20.2.89.102.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
201.49.110.210	attackspam	Dec 4 18:02:12 eventyay sshd[20569]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.49.110.210 Dec 4 18:02:13 eventyay sshd[20569]: Failed password for invalid user prokes from 201.49.110.210 port 60758 ssh2 Dec 4 18:08:52 eventyay sshd[20800]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.49.110.210 ...	2019-12-05 01:27:01
181.41.216.130	attack	Dec 4 17:35:05 relay postfix/smtpd\[4794\]: NOQUEUE: reject: RCPT from unknown\[181.41.216.130\]: 554 5.7.1 \: Relay access denied\; from=\ to=\ proto=ESMTP helo=\<\[181.41.216.131\]\> Dec 4 17:35:05 relay postfix/smtpd\[4794\]: NOQUEUE: reject: RCPT from unknown\[181.41.216.130\]: 554 5.7.1 \: Relay access denied\; from=\ to=\ proto=ESMTP helo=\<\[181.41.216.131\]\> Dec 4 17:35:05 relay postfix/smtpd\[4794\]: NOQUEUE: reject: RCPT from unknown\[181.41.216.130\]: 554 5.7.1 \: Relay access denied\; from=\ to=\ proto=ESMTP helo=\<\[181.41.216.131\]\> Dec 4 17:35:05 relay postfix/smtpd\[4794\]: NOQUEUE: reject: RCPT from unknown\[181.41.216.130\]: 554 5.7.1 \: Relay access denied\; from=\ to=\	2019-12-05 01:46:58
218.92.0.134	attackbotsspam	Dec 4 17:59:24 minden010 sshd[31001]: Failed password for root from 218.92.0.134 port 7792 ssh2 Dec 4 17:59:28 minden010 sshd[31001]: Failed password for root from 218.92.0.134 port 7792 ssh2 Dec 4 17:59:31 minden010 sshd[31001]: Failed password for root from 218.92.0.134 port 7792 ssh2 Dec 4 17:59:36 minden010 sshd[31001]: error: maximum authentication attempts exceeded for root from 218.92.0.134 port 7792 ssh2 [preauth] ...	2019-12-05 01:08:19
148.245.128.105	attack	Automatic report - Port Scan Attack	2019-12-05 01:48:37
202.67.46.18	attackspam	Unauthorized connection attempt from IP address 202.67.46.18 on Port 445(SMB)	2019-12-05 01:07:22
49.234.206.45	attack	SSH Brute Force	2019-12-05 01:12:10
88.250.2.223	attackspambots	Unauthorized connection attempt from IP address 88.250.2.223 on Port 445(SMB)	2019-12-05 01:16:25
125.162.27.220	attackspam	Unauthorized connection attempt from IP address 125.162.27.220 on Port 445(SMB)	2019-12-05 01:34:26
59.10.5.156	attack	Dec 4 17:12:00 web8 sshd\[29529\]: Invalid user ident from 59.10.5.156 Dec 4 17:12:00 web8 sshd\[29529\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.10.5.156 Dec 4 17:12:01 web8 sshd\[29529\]: Failed password for invalid user ident from 59.10.5.156 port 46518 ssh2 Dec 4 17:19:04 web8 sshd\[417\]: Invalid user crp from 59.10.5.156 Dec 4 17:19:04 web8 sshd\[417\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.10.5.156	2019-12-05 01:25:42
46.217.119.3	attack	Unauthorized connection attempt from IP address 46.217.119.3 on Port 445(SMB)	2019-12-05 01:18:28
131.161.50.10	attack	Honeypot attack, port: 23, PTR: 131-161-50-10.A.L.A.com.br.	2019-12-05 01:22:48
68.183.181.251	attackspam	Dec 2 17:11:46 lvps92-51-164-246 sshd[8656]: Invalid user web from 68.183.181.251 Dec 2 17:11:46 lvps92-51-164-246 sshd[8656]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.181.251 Dec 2 17:11:48 lvps92-51-164-246 sshd[8656]: Failed password for invalid user web from 68.183.181.251 port 42528 ssh2 Dec 2 17:11:48 lvps92-51-164-246 sshd[8656]: Received disconnect from 68.183.181.251: 11: Bye Bye [preauth] Dec 2 17:20:25 lvps92-51-164-246 sshd[8735]: Invalid user nec from 68.183.181.251 Dec 2 17:20:25 lvps92-51-164-246 sshd[8735]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.181.251 Dec 2 17:20:27 lvps92-51-164-246 sshd[8735]: Failed password for invalid user nec from 68.183.181.251 port 58604 ssh2 Dec 2 17:20:27 lvps92-51-164-246 sshd[8735]: Received disconnect from 68.183.181.251: 11: Bye Bye [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=68	2019-12-05 01:13:49
37.59.51.51	attack	SSH Bruteforce attempt	2019-12-05 01:15:26
218.64.34.64	attack	2019-12-04 05:15:38 dovecot_login authenticator failed for (fuxyosh.com) [218.64.34.64]:65409 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=ler@lerctr.org) 2019-12-04 05:15:45 dovecot_login authenticator failed for (fuxyosh.com) [218.64.34.64]:49616 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=ler@lerctr.org) 2019-12-04 05:15:57 dovecot_login authenticator failed for (fuxyosh.com) [218.64.34.64]:50085 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=ler@lerctr.org) ...	2019-12-05 01:18:42
49.145.206.153	attack	Unauthorized connection attempt from IP address 49.145.206.153 on Port 445(SMB)	2019-12-05 01:30:37

Recently Reported IPs

102.89.2.222	102.89.16.21	102.89.6.52	102.89.3.188
102.90.5.138	102.89.16.30	102.90.9.2	102.90.9.158
102.91.17.154	102.91.4.97	102.91.14.118	102.91.5.63
102.91.17.18	102.91.5.19	102.91.6.10	103.0.137.2
103.0.145.211	102.91.5.65	103.1.103.145	103.0.44.45