114.89.144.85 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Shanghai Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-03-06 07:13:05
attackspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-01-12 06:21:15

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 114.89.144.85
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58627
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;114.89.144.85.			IN	A

;; AUTHORITY SECTION:
.			324	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020011100 1800 900 604800 86400

;; Query time: 40 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jan 12 06:21:12 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 85.144.89.114.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 85.144.89.114.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
94.191.78.128	attackbotsspam	Oct 7 16:32:28 plusreed sshd[12268]: Invalid user P@$$word2017 from 94.191.78.128 ...	2019-10-08 04:38:08
61.139.101.21	attackbots	Oct 5 23:35:34 liveconfig01 sshd[20392]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.139.101.21 user=r.r Oct 5 23:35:36 liveconfig01 sshd[20392]: Failed password for r.r from 61.139.101.21 port 60892 ssh2 Oct 5 23:35:36 liveconfig01 sshd[20392]: Received disconnect from 61.139.101.21 port 60892:11: Bye Bye [preauth] Oct 5 23:35:36 liveconfig01 sshd[20392]: Disconnected from 61.139.101.21 port 60892 [preauth] Oct 5 23:58:09 liveconfig01 sshd[21381]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.139.101.21 user=r.r Oct 5 23:58:11 liveconfig01 sshd[21381]: Failed password for r.r from 61.139.101.21 port 48964 ssh2 Oct 5 23:58:11 liveconfig01 sshd[21381]: Received disconnect from 61.139.101.21 port 48964:11: Bye Bye [preauth] Oct 5 23:58:11 liveconfig01 sshd[21381]: Disconnected from 61.139.101.21 port 48964 [preauth] Oct 6 00:02:06 liveconfig01 sshd[21556]: pam_unix(sshd:........ -------------------------------	2019-10-08 04:42:44
182.148.114.139	attack	Oct 7 22:52:42 MK-Soft-VM3 sshd[22037]: Failed password for root from 182.148.114.139 port 55340 ssh2 ...	2019-10-08 04:59:25
185.176.27.42	attack	10/07/2019-22:15:28.977342 185.176.27.42 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-10-08 05:05:51
104.227.191.170	attack	1,20-05/05 [bc02/m52] concatform PostRequest-Spammer scoring: wien2018	2019-10-08 05:08:02
64.210.149.51	attackbotsspam	Oct 7 19:51:28 DDOS Attack: SRC=64.210.149.51 DST=[Masked] LEN=40 TOS=0x08 PREC=0x20 TTL=50 DF PROTO=TCP SPT=443 DPT=51208 WINDOW=229 RES=0x00 ACK FIN URGP=0	2019-10-08 05:15:10
128.199.79.37	attackspam	web-1 [ssh_2] SSH Attack	2019-10-08 04:41:33
94.177.213.167	attackspambots	Oct 7 22:30:06 ovpn sshd\[3208\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.177.213.167 user=root Oct 7 22:30:08 ovpn sshd\[3208\]: Failed password for root from 94.177.213.167 port 57672 ssh2 Oct 7 22:51:52 ovpn sshd\[7253\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.177.213.167 user=root Oct 7 22:51:54 ovpn sshd\[7253\]: Failed password for root from 94.177.213.167 port 55130 ssh2 Oct 7 22:55:46 ovpn sshd\[8054\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.177.213.167 user=root	2019-10-08 05:04:01
203.125.145.58	attackbotsspam	Oct 5 06:31:27 xb3 sshd[20926]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.125.145.58 user=r.r Oct 5 06:31:29 xb3 sshd[20926]: Failed password for r.r from 203.125.145.58 port 45898 ssh2 Oct 5 06:31:29 xb3 sshd[20926]: Received disconnect from 203.125.145.58: 11: Bye Bye [preauth] Oct 5 06:36:06 xb3 sshd[21157]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.125.145.58 user=r.r Oct 5 06:36:08 xb3 sshd[21157]: Failed password for r.r from 203.125.145.58 port 58332 ssh2 Oct 5 06:36:08 xb3 sshd[21157]: Received disconnect from 203.125.145.58: 11: Bye Bye [preauth] Oct 5 06:40:48 xb3 sshd[21413]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.125.145.58 user=r.r Oct 5 06:40:50 xb3 sshd[21413]: Failed password for r.r from 203.125.145.58 port 42540 ssh2 Oct 5 06:40:50 xb3 sshd[21413]: Received disconnect from 203.125.145.58: 1........ -------------------------------	2019-10-08 05:10:30
158.69.194.115	attackbots	Oct 7 20:38:02 localhost sshd\[129570\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=158.69.194.115 user=root Oct 7 20:38:04 localhost sshd\[129570\]: Failed password for root from 158.69.194.115 port 33786 ssh2 Oct 7 20:42:42 localhost sshd\[129839\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=158.69.194.115 user=root Oct 7 20:42:44 localhost sshd\[129839\]: Failed password for root from 158.69.194.115 port 54340 ssh2 Oct 7 20:47:24 localhost sshd\[129998\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=158.69.194.115 user=root ...	2019-10-08 05:06:20
183.131.82.99	attackbots	07.10.2019 20:39:33 SSH access blocked by firewall	2019-10-08 04:42:22
121.134.159.21	attack	Oct 7 21:52:51 vpn01 sshd[19653]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.134.159.21 Oct 7 21:52:52 vpn01 sshd[19653]: Failed password for invalid user Asd12345 from 121.134.159.21 port 48340 ssh2 ...	2019-10-08 04:43:20
163.172.7.237	attackbots	Bad crawling causing excessive 404 errors	2019-10-08 04:59:38
5.199.139.201	attackspam	Oct 7 22:30:34 ns37 sshd[27019]: Failed password for root from 5.199.139.201 port 50878 ssh2 Oct 7 22:30:34 ns37 sshd[27019]: Failed password for root from 5.199.139.201 port 50878 ssh2	2019-10-08 04:46:31
118.27.13.207	attackspambots	Lines containing failures of 118.27.13.207 Oct 6 23:47:31 shared05 sshd[26703]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.27.13.207 user=r.r Oct 6 23:47:32 shared05 sshd[26703]: Failed password for r.r from 118.27.13.207 port 36102 ssh2 Oct 6 23:47:33 shared05 sshd[26703]: Received disconnect from 118.27.13.207 port 36102:11: Bye Bye [preauth] Oct 6 23:47:33 shared05 sshd[26703]: Disconnected from authenticating user r.r 118.27.13.207 port 36102 [preauth] Oct 6 23:59:46 shared05 sshd[30426]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.27.13.207 user=r.r Oct 6 23:59:48 shared05 sshd[30426]: Failed password for r.r from 118.27.13.207 port 48610 ssh2 Oct 6 23:59:48 shared05 sshd[30426]: Received disconnect from 118.27.13.207 port 48610:11: Bye Bye [preauth] Oct 6 23:59:48 shared05 sshd[30426]: Disconnected from authenticating user r.r 118.27.13.207 port 48610 [preauth........ ------------------------------	2019-10-08 04:56:09

Recently Reported IPs

195.231.1.129	177.22.77.173	74.12.44.116	45.166.212.251
41.32.117.14	101.109.200.193	114.239.105.239	3.111.84.141
77.26.182.202	253.13.253.129	99.172.74.218	95.223.73.170
2.245.133.71	168.90.91.168	210.247.64.32	177.144.135.24
174.4.40.201	87.139.132.68	39.108.233.215	185.9.1.139