113.89.52.48 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
113.89.52.115	attack	Unauthorized connection attempt from IP address 113.89.52.115 on Port 445(SMB)	2019-10-26 02:06:26

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 113.89.52.48
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 50038
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;113.89.52.48.			IN	A

;; AUTHORITY SECTION:
.			599	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022040103 1800 900 604800 86400

;; Query time: 69 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Apr 02 03:29:05 CST 2022
;; MSG SIZE  rcvd: 105

Host info

Host 48.52.89.113.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 48.52.89.113.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
91.228.217.17	attackbots	abasicmove.de 91.228.217.17 [17/Jul/2020:14:13:42 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4317 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.109 Safari/537.36" abasicmove.de 91.228.217.17 [17/Jul/2020:14:13:46 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4319 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.109 Safari/537.36"	2020-07-17 21:56:41
183.66.65.203	attackspam	SSH BruteForce Attack	2020-07-17 21:55:12
103.92.24.252	attack	Jul 17 08:13:58 lanister sshd[16114]: Invalid user ander from 103.92.24.252 Jul 17 08:13:58 lanister sshd[16114]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.92.24.252 Jul 17 08:13:58 lanister sshd[16114]: Invalid user ander from 103.92.24.252 Jul 17 08:14:00 lanister sshd[16114]: Failed password for invalid user ander from 103.92.24.252 port 46416 ssh2	2020-07-17 21:39:46
183.134.89.199	attack	TCP (SYN) 183.134.89.199:55270 -> port 15492, len 44	2020-07-17 22:09:36
222.186.180.8	attackbots	2020-07-17T16:07:04.199077vps751288.ovh.net sshd\[32469\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.8 user=root 2020-07-17T16:07:06.036256vps751288.ovh.net sshd\[32469\]: Failed password for root from 222.186.180.8 port 65000 ssh2 2020-07-17T16:07:10.580135vps751288.ovh.net sshd\[32469\]: Failed password for root from 222.186.180.8 port 65000 ssh2 2020-07-17T16:07:14.272971vps751288.ovh.net sshd\[32469\]: Failed password for root from 222.186.180.8 port 65000 ssh2 2020-07-17T16:07:18.333564vps751288.ovh.net sshd\[32469\]: Failed password for root from 222.186.180.8 port 65000 ssh2	2020-07-17 22:08:49
91.121.65.15	attackspambots	Tried sshing with brute force.	2020-07-17 21:40:51
222.186.52.39	attackbotsspam	Fail2Ban Ban Triggered (2)	2020-07-17 21:57:07
51.255.77.78	attack	WordPress brute-force	2020-07-17 22:04:50
176.123.7.145	attackspambots	DATE:2020-07-17 14:13:52, IP:176.123.7.145, PORT:5900 VNC brute force auth on honeypot server (epe-honey1-hq)	2020-07-17 21:36:31
202.137.134.50	attack	(imapd) Failed IMAP login from 202.137.134.50 (LA/Laos/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Jul 17 16:43:29 ir1 dovecot[2885757]: imap-login: Disconnected (auth failed, 1 attempts in 10 secs): user=, method=PLAIN, rip=202.137.134.50, lip=5.63.12.44, TLS, session=	2020-07-17 22:11:17
95.111.247.235	attack	DDoS, Port Scanning & attempted Ransomware delivery	2020-07-17 22:07:08
193.122.163.81	attackspam	Jul 17 14:55:23 vps sshd[791485]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.122.163.81 Jul 17 14:55:25 vps sshd[791485]: Failed password for invalid user taiga from 193.122.163.81 port 46942 ssh2 Jul 17 15:01:11 vps sshd[819087]: Invalid user administrador from 193.122.163.81 port 34784 Jul 17 15:01:11 vps sshd[819087]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.122.163.81 Jul 17 15:01:14 vps sshd[819087]: Failed password for invalid user administrador from 193.122.163.81 port 34784 ssh2 ...	2020-07-17 22:10:14
222.186.175.163	attackspam	2020-07-17T15:43:46.439407vps751288.ovh.net sshd\[32337\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.163 user=root 2020-07-17T15:43:48.352595vps751288.ovh.net sshd\[32337\]: Failed password for root from 222.186.175.163 port 56764 ssh2 2020-07-17T15:43:52.999835vps751288.ovh.net sshd\[32337\]: Failed password for root from 222.186.175.163 port 56764 ssh2 2020-07-17T15:43:56.899039vps751288.ovh.net sshd\[32337\]: Failed password for root from 222.186.175.163 port 56764 ssh2 2020-07-17T15:44:00.428661vps751288.ovh.net sshd\[32337\]: Failed password for root from 222.186.175.163 port 56764 ssh2	2020-07-17 21:46:22
51.91.247.125	attackbots	Unauthorized connection attempt from IP address 51.91.247.125 on Port 587(SMTP-MSA)	2020-07-17 22:17:41
52.170.207.205	attackbotsspam	Jul 17 14:13:28 vps647732 sshd[2090]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.170.207.205 Jul 17 14:13:30 vps647732 sshd[2090]: Failed password for invalid user skynet from 52.170.207.205 port 54128 ssh2 ...	2020-07-17 22:16:53

Recently Reported IPs

113.89.52.124	113.89.53.118	113.89.53.71	113.89.53.95
113.89.7.68	113.89.80.144	113.89.88.164	113.89.89.201
113.89.91.71	113.89.94.176	113.89.95.176	113.89.97.65
113.9.127.243	113.9.211.23	113.9.82.47	113.90.104.80
113.90.12.176	113.90.13.71	113.90.130.131	113.90.135.189