49.89.217.54 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Jiangsu Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Brute force blocker - service: proftpd1 - aantal: 155 - Thu Jun 28 04:55:16 2018	2020-02-23 22:05:25

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 49.89.217.54
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 48677
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;49.89.217.54.			IN	A

;; AUTHORITY SECTION:
.			135	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020022300 1800 900 604800 86400

;; Query time: 150 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 23 22:05:20 CST 2020
;; MSG SIZE  rcvd: 116

Host info

54.217.89.49.in-addr.arpa domain name pointer 54.217.89.49.broad.sz.js.dynamic.163data.com.cn.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
54.217.89.49.in-addr.arpa	name = 54.217.89.49.broad.sz.js.dynamic.163data.com.cn.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
167.71.128.184	attackspam	Aug 2 15:03:28 debian-2gb-nbg1-2 kernel: \[18631883.797408\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=167.71.128.184 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=29551 PROTO=TCP SPT=32767 DPT=10332 WINDOW=1024 RES=0x00 SYN URGP=0	2020-08-03 00:42:07
113.91.34.215	attack	Aug 2 14:04:51 marvibiene sshd[16029]: Failed password for root from 113.91.34.215 port 19667 ssh2	2020-08-03 01:09:18
209.126.124.203	attackbots	$f2bV_matches	2020-08-03 00:46:16
104.248.29.200	attack	wp-login.php	2020-08-03 01:07:43
115.236.100.36	attackspam	$f2bV_matches	2020-08-03 01:00:44
172.73.162.115	attackspambots	ICMP MH Probe, Scan /Distributed -	2020-08-03 00:28:30
123.5.54.185	attackspam	Aug 2 09:49:59 r.ca sshd[21456]: Failed password for root from 123.5.54.185 port 37516 ssh2	2020-08-03 00:44:58
182.183.209.177	attackspam	php WP PHPmyadamin ABUSE blocked for 12h	2020-08-03 01:02:46
106.12.86.205	attackbotsspam	Aug 2 14:59:55 ift sshd\[1002\]: Failed password for root from 106.12.86.205 port 51958 ssh2Aug 2 15:02:10 ift sshd\[1571\]: Failed password for root from 106.12.86.205 port 47146 ssh2Aug 2 15:04:19 ift sshd\[1847\]: Failed password for root from 106.12.86.205 port 42320 ssh2Aug 2 15:06:29 ift sshd\[2201\]: Failed password for root from 106.12.86.205 port 37500 ssh2Aug 2 15:08:40 ift sshd\[2342\]: Failed password for root from 106.12.86.205 port 60922 ssh2 ...	2020-08-03 00:43:03
46.9.167.197	attackbotsspam	Aug 2 05:08:31 propaganda sshd[58761]: Connection from 46.9.167.197 port 50337 on 10.0.0.160 port 22 rdomain "" Aug 2 05:08:31 propaganda sshd[58761]: Connection closed by 46.9.167.197 port 50337 [preauth]	2020-08-03 00:49:49
118.27.14.123	attackspam	2020-08-02T16:20:14.726112n23.at sshd[3980606]: Failed password for root from 118.27.14.123 port 54878 ssh2 2020-08-02T16:24:47.755360n23.at sshd[3983726]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.27.14.123 user=root 2020-08-02T16:24:49.965372n23.at sshd[3983726]: Failed password for root from 118.27.14.123 port 40224 ssh2 ...	2020-08-03 01:00:29
18.216.105.55	attack	Aug 2 14:36:13 buvik sshd[11275]: Failed password for root from 18.216.105.55 port 41604 ssh2 Aug 2 14:38:53 buvik sshd[11569]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=18.216.105.55 user=root Aug 2 14:38:55 buvik sshd[11569]: Failed password for root from 18.216.105.55 port 46200 ssh2 ...	2020-08-03 00:45:43
87.190.16.229	attack	SSH invalid-user multiple login try	2020-08-03 00:31:09
5.199.133.47	attackspambots	Jul 30 21:27:19 mxgate1 postfix/postscreen[29132]: CONNECT from [5.199.133.47]:55698 to [176.31.12.44]:25 Jul 30 21:27:25 mxgate1 postfix/postscreen[29132]: PASS NEW [5.199.133.47]:55698 Jul 30 21:27:25 mxgate1 postfix/smtpd[29139]: connect from de133.co47.decobertores.com[5.199.133.47] Jul x@x Jul 30 21:27:29 mxgate1 postfix/smtpd[29139]: disconnect from de133.co47.decobertores.com[5.199.133.47] ehlo=2 starttls=1 mail=1 rcpt=0/1 quhostname=1 commands=5/6 Jul 30 21:30:49 mxgate1 postfix/anvil[29141]: statistics: max connection rate 1/60s for (smtpd:5.199.133.47) at Jul 30 21:27:25 Jul 30 21:30:49 mxgate1 postfix/anvil[29141]: statistics: max connection count 1 for (smtpd:5.199.133.47) at Jul 30 21:27:25 Jul 30 21:30:49 mxgate1 postfix/anvil[29141]: statistics: max message rate 1/60s for (smtpd:5.199.133.47) at Jul 30 21:27:25 Jul 30 22:27:28 mxgate1 postfix/postscreen[30741]: CONNECT from [5.199.133.47]:38934 to [176.31.12.44]:25 Jul 30 22:27:28 mxgate1 postfix/postscre........ -------------------------------	2020-08-03 00:42:40
192.35.169.32	attack	Port scanning [3 denied]	2020-08-03 01:09:43

Recently Reported IPs

180.115.154.73	118.79.208.185	112.84.212.36	49.88.89.213
216.202.151.155	23.12.181.225	89.155.191.177	117.66.8.15
115.204.7.172	208.103.71.106	61.144.116.147	59.127.65.116
93.174.93.251	66.70.173.25	220.132.235.152	183.187.31.25
5.38.151.48	121.131.107.129	36.82.98.10	35.240.193.194