45.252.104.89 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Nangjing Sichongzou Kemao Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	[portscan] tcp/1433 [MsSQL] in spfbl.net:'listed' *(RWIN=1024)(10151156)	2019-10-16 03:17:37

Comments on same subnet:

IP	Type	Details	Datetime
45.252.104.90	attack	unauthorized connection attempt	2020-01-17 15:13:31

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.252.104.89
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 40041
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.252.104.89.			IN	A

;; AUTHORITY SECTION:
.			196	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019101501 1800 900 604800 86400

;; Query time: 115 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Oct 16 03:17:35 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 89.104.252.45.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 89.104.252.45.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
112.85.42.181	attackbots	Aug 23 07:42:20 marvibiene sshd[32716]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.181 user=root Aug 23 07:42:22 marvibiene sshd[32716]: Failed password for root from 112.85.42.181 port 22482 ssh2 Aug 23 07:42:25 marvibiene sshd[32716]: Failed password for root from 112.85.42.181 port 22482 ssh2 Aug 23 07:42:20 marvibiene sshd[32716]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.181 user=root Aug 23 07:42:22 marvibiene sshd[32716]: Failed password for root from 112.85.42.181 port 22482 ssh2 Aug 23 07:42:25 marvibiene sshd[32716]: Failed password for root from 112.85.42.181 port 22482 ssh2	2020-08-23 15:51:45
130.185.155.34	attackbotsspam	Aug 23 07:28:27 scw-6657dc sshd[12769]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=130.185.155.34 Aug 23 07:28:27 scw-6657dc sshd[12769]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=130.185.155.34 Aug 23 07:28:29 scw-6657dc sshd[12769]: Failed password for invalid user eko from 130.185.155.34 port 36566 ssh2 ...	2020-08-23 16:05:25
45.119.82.251	attackbotsspam	Failed password for invalid user jack from 45.119.82.251 port 44916 ssh2	2020-08-23 16:09:44
185.210.218.206	attackbotsspam	[2020-08-23 03:25:16] NOTICE[1185] chan_sip.c: Registration from '' failed for '185.210.218.206:49811' - Wrong password [2020-08-23 03:25:16] SECURITY[1203] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-08-23T03:25:16.786-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="7584",SessionID="0x7f10c43e3a48",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.210.218.206/49811",Challenge="73b6e9fb",ReceivedChallenge="73b6e9fb",ReceivedHash="a13da78c01042cdd27a9b4e474a75062" [2020-08-23 03:25:45] NOTICE[1185] chan_sip.c: Registration from '' failed for '185.210.218.206:62002' - Wrong password [2020-08-23 03:25:45] SECURITY[1203] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-08-23T03:25:45.340-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="3633",SessionID="0x7f10c43add48",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.210 ...	2020-08-23 15:42:05
120.4.144.98	attackspambots	Port Scan ...	2020-08-23 15:44:56
54.36.180.236	attack	Aug 23 05:52:46 ajax sshd[23587]: Failed password for root from 54.36.180.236 port 48503 ssh2	2020-08-23 15:50:29
86.14.34.182	attack	php WP PHPmyadamin ABUSE blocked for 12h	2020-08-23 16:01:22
49.83.187.187	attackspambots	20 attempts against mh-ssh on ice	2020-08-23 16:08:59
162.214.14.226	attackbots	www.geburtshaus-fulda.de 162.214.14.226 [23/Aug/2020:06:58:30 +0200] "POST /wp-login.php HTTP/1.1" 200 6749 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" www.geburtshaus-fulda.de 162.214.14.226 [23/Aug/2020:06:58:35 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4073 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-23 15:26:07
121.46.26.126	attack	Aug 23 09:18:31 vmd36147 sshd[23048]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.46.26.126 Aug 23 09:18:33 vmd36147 sshd[23048]: Failed password for invalid user cal from 121.46.26.126 port 44666 ssh2 ...	2020-08-23 15:30:49
192.241.175.48	attackspam	Aug 23 09:35:15 [host] sshd[16277]: pam_unix(sshd: Aug 23 09:35:18 [host] sshd[16277]: Failed passwor Aug 23 09:36:49 [host] sshd[16335]: pam_unix(sshd:	2020-08-23 16:04:55
161.35.127.35	attack	Auto Fail2Ban report, multiple SSH login attempts.	2020-08-23 15:53:19
45.152.120.2	attackbotsspam	45.152.120.2 - - [23/Aug/2020:08:21:28 +0100] "POST /wp-login.php HTTP/1.1" 200 2046 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 45.152.120.2 - - [23/Aug/2020:08:21:29 +0100] "POST /wp-login.php HTTP/1.1" 200 2020 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 45.152.120.2 - - [23/Aug/2020:08:21:31 +0100] "POST /wp-login.php HTTP/1.1" 200 2019 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-23 15:45:22
190.151.143.140	attack	spam	2020-08-23 16:00:52
83.149.99.8	attackbotsspam	1598169135 - 08/23/2020 09:52:15 Host: 83.149.99.8/83.149.99.8 Port: 22 TCP Blocked	2020-08-23 15:54:50

Recently Reported IPs

27.8.69.86	51.37.138.24	56.88.218.18	223.190.29.237
90.79.163.14	51.141.156.33	213.133.243.8	220.134.8.111
189.193.118.242	61.83.80.229	191.164.108.212	71.204.24.193
128.112.118.222	196.92.3.21	97.201.14.81	195.1.150.195
74.70.49.45	112.242.123.149	176.49.98.131	109.57.195.118