202.149.89.70 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Indonesia

Internet Service Provider: PT. Satata Neka Tama

Hostname: unknown

Organization: Jl. Raya Pasar Minggu no 99D

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	445/tcp 445/tcp 445/tcp... [2019-04-28/06-26]7pkt,1pt.(tcp)	2019-06-27 00:10:28

Comments on same subnet:

IP	Type	Details	Datetime
202.149.89.84	attack	$f2bV_matches	2020-06-07 21:29:50
202.149.89.84	attack	May 29 07:39:43 tuxlinux sshd[56748]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.149.89.84 user=root May 29 07:39:45 tuxlinux sshd[56748]: Failed password for root from 202.149.89.84 port 37739 ssh2 May 29 07:39:43 tuxlinux sshd[56748]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.149.89.84 user=root May 29 07:39:45 tuxlinux sshd[56748]: Failed password for root from 202.149.89.84 port 37739 ssh2 May 29 07:50:12 tuxlinux sshd[56982]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.149.89.84 user=root ...	2020-05-29 14:39:28
202.149.89.84	attackbotsspam	SSH login attempts.	2020-05-28 12:55:02
202.149.89.84	attack	May 24 14:10:40 melroy-server sshd[15746]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.149.89.84 May 24 14:10:42 melroy-server sshd[15746]: Failed password for invalid user brayden from 202.149.89.84 port 35168 ssh2 ...	2020-05-25 01:03:35
202.149.89.84	attack	May 20 04:00:04 ny01 sshd[13073]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.149.89.84 May 20 04:00:06 ny01 sshd[13073]: Failed password for invalid user par from 202.149.89.84 port 56824 ssh2 May 20 04:04:38 ny01 sshd[13677]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.149.89.84	2020-05-20 19:52:56
202.149.89.84	attackbotsspam	May 20 02:10:15 server sshd[4868]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.149.89.84 May 20 02:10:17 server sshd[4868]: Failed password for invalid user ndq from 202.149.89.84 port 42663 ssh2 May 20 02:14:11 server sshd[5180]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.149.89.84 ...	2020-05-20 08:28:25
202.149.89.84	attackspambots	$f2bV_matches	2020-05-12 00:29:38
202.149.89.84	attackbots	SSH Invalid Login	2020-05-10 06:13:38
202.149.89.84	attackspam	$f2bV_matches	2020-05-07 18:16:15
202.149.89.84	attack	May 3 22:57:00 eventyay sshd[31635]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.149.89.84 May 3 22:57:01 eventyay sshd[31635]: Failed password for invalid user mark from 202.149.89.84 port 46843 ssh2 May 3 23:01:28 eventyay sshd[31887]: Failed password for root from 202.149.89.84 port 52483 ssh2 ...	2020-05-04 05:04:15
202.149.89.84	attackspambots	May 2 05:44:05 ip-172-31-61-156 sshd[4377]: Invalid user shyam from 202.149.89.84 May 2 05:44:07 ip-172-31-61-156 sshd[4377]: Failed password for invalid user shyam from 202.149.89.84 port 37678 ssh2 May 2 05:44:05 ip-172-31-61-156 sshd[4377]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.149.89.84 May 2 05:44:05 ip-172-31-61-156 sshd[4377]: Invalid user shyam from 202.149.89.84 May 2 05:44:07 ip-172-31-61-156 sshd[4377]: Failed password for invalid user shyam from 202.149.89.84 port 37678 ssh2 ...	2020-05-02 14:40:46
202.149.89.84	attack	Invalid user loya from 202.149.89.84 port 43505	2020-05-01 13:25:48

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 202.149.89.70
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57932
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;202.149.89.70.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019041800 1800 900 604800 86400

;; Query time: 148 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Fri Apr 19 01:30:27 +08 2019
;; MSG SIZE  rcvd: 117

Host info

Host 70.89.149.202.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 70.89.149.202.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
91.108.156.30	attackspam	Automatic report - Port Scan Attack	2019-10-11 07:12:58
221.4.137.85	attack	[munged]::443 221.4.137.85 - - [10/Oct/2019:22:05:14 +0200] "POST /[munged]: HTTP/1.1" 200 8165 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 221.4.137.85 - - [10/Oct/2019:22:05:15 +0200] "POST /[munged]: HTTP/1.1" 200 4388 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 221.4.137.85 - - [10/Oct/2019:22:05:16 +0200] "POST /[munged]: HTTP/1.1" 200 4388 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 221.4.137.85 - - [10/Oct/2019:22:05:18 +0200] "POST /[munged]: HTTP/1.1" 200 4388 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 221.4.137.85 - - [10/Oct/2019:22:05:19 +0200] "POST /[munged]: HTTP/1.1" 200 4388 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 221.4.137.85 - - [10/Oct/2019:22:05:20 +0200]	2019-10-11 07:45:10
201.47.158.130	attackbots	Oct 11 00:53:51 cvbnet sshd[29523]: Failed password for root from 201.47.158.130 port 35866 ssh2 ...	2019-10-11 07:42:39
178.33.49.21	attack	$f2bV_matches	2019-10-11 07:50:13
94.250.250.111	attack	xmlrpc attack	2019-10-11 07:21:03
82.131.160.70	attackbotsspam	82.131.160.70 - - [10/Oct/2019:21:57:34 +0200] "POST /wp-login.php HTTP/1.1" 200 2111 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 82.131.160.70 - - [10/Oct/2019:21:57:34 +0200] "POST /wp-login.php HTTP/1.1" 200 2092 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-10-11 07:14:13
222.222.156.146	attackspambots	Honeypot hit.	2019-10-11 07:37:53
114.237.109.117	attackbots	Brute force attempt	2019-10-11 07:18:29
127.0.0.1	attackbotsspam	Test Connectivity	2019-10-11 07:25:52
117.158.82.21	attackbotsspam	Fail2Ban - FTP Abuse Attempt	2019-10-11 07:47:16
120.78.79.206	attackspam	xmlrpc attack	2019-10-11 07:50:33
79.137.44.202	attackspambots	Oct 10 23:32:55 mail postfix/smtpd[31667]: warning: ip202.ip-79-137-44.eu[79.137.44.202]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 10 23:33:01 mail postfix/smtpd[30620]: warning: ip202.ip-79-137-44.eu[79.137.44.202]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 10 23:33:11 mail postfix/smtpd[24079]: warning: ip202.ip-79-137-44.eu[79.137.44.202]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-10-11 07:45:29
123.31.31.47	attackspam	POST /wp-login.php HTTP/1.1 POST /wp-login.php HTTP/1.1 POST /wp-login.php HTTP/1.1 POST /wp-login.php HTTP/1.1	2019-10-11 07:16:22
139.59.190.69	attackbots	Oct 10 22:02:20 vmd17057 sshd\[10419\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.190.69 user=root Oct 10 22:02:22 vmd17057 sshd\[10419\]: Failed password for root from 139.59.190.69 port 53795 ssh2 Oct 10 22:05:43 vmd17057 sshd\[10627\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.190.69 user=root ...	2019-10-11 07:33:34
94.176.128.165	attackspambots	(Oct 11) LEN=48 PREC=0x20 TTL=115 ID=29053 DF TCP DPT=1433 WINDOW=8192 SYN (Oct 10) LEN=48 PREC=0x20 TTL=115 ID=4550 DF TCP DPT=1433 WINDOW=8192 SYN (Oct 10) LEN=48 PREC=0x20 TTL=115 ID=1633 DF TCP DPT=1433 WINDOW=8192 SYN (Oct 10) LEN=52 PREC=0x20 TTL=115 ID=22785 DF TCP DPT=1433 WINDOW=8192 SYN (Oct 10) LEN=52 PREC=0x20 TTL=115 ID=30820 DF TCP DPT=1433 WINDOW=8192 SYN (Oct 10) LEN=52 PREC=0x20 TTL=115 ID=12788 DF TCP DPT=1433 WINDOW=8192 SYN (Oct 10) LEN=48 PREC=0x20 TTL=115 ID=25915 DF TCP DPT=1433 WINDOW=8192 SYN (Oct 10) LEN=48 PREC=0x20 TTL=115 ID=24259 DF TCP DPT=1433 WINDOW=8192 SYN (Oct 10) LEN=48 PREC=0x20 TTL=115 ID=6750 DF TCP DPT=1433 WINDOW=8192 SYN (Oct 10) LEN=52 PREC=0x20 TTL=115 ID=2658 DF TCP DPT=1433 WINDOW=8192 SYN (Oct 9) LEN=52 PREC=0x20 TTL=115 ID=26887 DF TCP DPT=1433 WINDOW=8192 SYN (Oct 9) LEN=52 PREC=0x20 TTL=115 ID=2377 DF TCP DPT=1433 WINDOW=8192 SYN (Oct 9) LEN=52 PREC=0x20 TTL=115 ID=979 DF TCP DPT=1433 WINDOW=819...	2019-10-11 07:43:45

Recently Reported IPs

36.91.183.202	183.39.152.238	212.129.36.127	111.206.52.81
198.108.66.32	185.149.233.76	176.63.79.10	129.204.121.60
118.24.58.170	112.245.40.76	78.171.98.199	74.208.253.231
70.24.191.57	69.136.137.30	39.37.185.112	189.206.136.85
78.142.209.30	163.172.17.51	180.109.32.71	175.158.201.32