45.252.104.89 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Nangjing Sichongzou Kemao Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	[portscan] tcp/1433 [MsSQL] in spfbl.net:'listed' *(RWIN=1024)(10151156)	2019-10-16 03:17:37

Comments on same subnet:

IP	Type	Details	Datetime
45.252.104.90	attack	unauthorized connection attempt	2020-01-17 15:13:31

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.252.104.89
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 40041
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.252.104.89.			IN	A

;; AUTHORITY SECTION:
.			196	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019101501 1800 900 604800 86400

;; Query time: 115 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Oct 16 03:17:35 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 89.104.252.45.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 89.104.252.45.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
118.25.127.248	attackbots	Oct 18 02:10:38 hanapaa sshd\[13090\]: Invalid user test from 118.25.127.248 Oct 18 02:10:38 hanapaa sshd\[13090\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.127.248 Oct 18 02:10:40 hanapaa sshd\[13090\]: Failed password for invalid user test from 118.25.127.248 port 54334 ssh2 Oct 18 02:15:43 hanapaa sshd\[13512\]: Invalid user 123Restaurant from 118.25.127.248 Oct 18 02:15:43 hanapaa sshd\[13512\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.127.248	2019-10-18 20:21:08
124.47.14.14	attackbots	2019-10-18T12:19:47.233999abusebot-5.cloudsearch.cf sshd\[19891\]: Invalid user ucpss from 124.47.14.14 port 49424	2019-10-18 20:23:41
36.103.228.38	attackspambots	Oct 18 13:44:22 vmanager6029 sshd\[30150\]: Invalid user sklopaketboss from 36.103.228.38 port 49100 Oct 18 13:44:22 vmanager6029 sshd\[30150\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.103.228.38 Oct 18 13:44:24 vmanager6029 sshd\[30150\]: Failed password for invalid user sklopaketboss from 36.103.228.38 port 49100 ssh2	2019-10-18 20:34:34
217.182.79.245	attackbotsspam	Oct 18 12:03:47 localhost sshd\[116812\]: Invalid user nutmeg from 217.182.79.245 port 38692 Oct 18 12:03:47 localhost sshd\[116812\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.182.79.245 Oct 18 12:03:49 localhost sshd\[116812\]: Failed password for invalid user nutmeg from 217.182.79.245 port 38692 ssh2 Oct 18 12:07:42 localhost sshd\[116927\]: Invalid user dallas from 217.182.79.245 port 48664 Oct 18 12:07:42 localhost sshd\[116927\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.182.79.245 ...	2019-10-18 20:22:45
91.243.167.84	attackspambots	Automatic report - Port Scan Attack	2019-10-18 20:44:41
123.31.31.68	attackspam	Oct 18 02:13:32 tdfoods sshd\[20957\]: Invalid user postgres from 123.31.31.68 Oct 18 02:13:32 tdfoods sshd\[20957\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.31.31.68 Oct 18 02:13:34 tdfoods sshd\[20957\]: Failed password for invalid user postgres from 123.31.31.68 port 52782 ssh2 Oct 18 02:17:53 tdfoods sshd\[21333\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.31.31.68 user=root Oct 18 02:17:54 tdfoods sshd\[21333\]: Failed password for root from 123.31.31.68 port 36306 ssh2	2019-10-18 20:28:42
123.22.138.101	attackbots	TCP Port: 25 _ invalid blocked dnsbl-sorbs also abuseat-org _ _ _ _ (421)	2019-10-18 20:25:07
82.117.190.170	attackbots	2019-10-18T12:19:08.739625shield sshd\[25174\]: Invalid user javi from 82.117.190.170 port 43081 2019-10-18T12:19:08.743643shield sshd\[25174\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=82-117-190-170.mynts.ru 2019-10-18T12:19:10.791207shield sshd\[25174\]: Failed password for invalid user javi from 82.117.190.170 port 43081 ssh2 2019-10-18T12:23:40.500948shield sshd\[26396\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=82-117-190-170.mynts.ru user=root 2019-10-18T12:23:42.888424shield sshd\[26396\]: Failed password for root from 82.117.190.170 port 34263 ssh2	2019-10-18 20:40:09
109.86.108.114	attackspambots	(mod_security) mod_security (id:218500) triggered by 109.86.108.114 (UA/Ukraine/114.108.86.109.triolan.net): 5 in the last 3600 secs	2019-10-18 20:19:30
103.117.180.2	attackspam	masters-of-media.de 103.117.180.2 \[18/Oct/2019:13:45:08 +0200\] "POST /wp-login.php HTTP/1.1" 200 5855 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" masters-of-media.de 103.117.180.2 \[18/Oct/2019:13:45:10 +0200\] "POST /wp-login.php HTTP/1.1" 200 5811 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-10-18 20:08:43
159.203.201.183	attackspambots	" "	2019-10-18 20:38:20
210.51.161.210	attackspambots	Oct 18 13:44:07 sso sshd[18254]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.51.161.210 Oct 18 13:44:09 sso sshd[18254]: Failed password for invalid user com from 210.51.161.210 port 37848 ssh2 ...	2019-10-18 20:44:58
177.184.179.88	attack	Oct 18 01:44:01 web9 sshd\[30456\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.184.179.88 user=root Oct 18 01:44:03 web9 sshd\[30456\]: Failed password for root from 177.184.179.88 port 42321 ssh2 Oct 18 01:44:06 web9 sshd\[30456\]: Failed password for root from 177.184.179.88 port 42321 ssh2 Oct 18 01:44:08 web9 sshd\[30456\]: Failed password for root from 177.184.179.88 port 42321 ssh2 Oct 18 01:44:24 web9 sshd\[30514\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.184.179.88 user=root	2019-10-18 20:32:29
80.255.130.197	attackspam	Oct 18 13:45:12 lnxded64 sshd[18979]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.255.130.197	2019-10-18 20:07:19
139.59.41.154	attackbots	Oct 18 13:56:48 MK-Soft-VM7 sshd[17510]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.41.154 Oct 18 13:56:50 MK-Soft-VM7 sshd[17510]: Failed password for invalid user nazrul from 139.59.41.154 port 41890 ssh2 ...	2019-10-18 20:07:49

Recently Reported IPs

27.8.69.86	51.37.138.24	56.88.218.18	223.190.29.237
90.79.163.14	51.141.156.33	213.133.243.8	220.134.8.111
189.193.118.242	61.83.80.229	191.164.108.212	71.204.24.193
128.112.118.222	196.92.3.21	97.201.14.81	195.1.150.195
74.70.49.45	112.242.123.149	176.49.98.131	109.57.195.118