49.89.74.8 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Jiangsu Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Caught in portsentry honeypot	2019-07-12 07:16:45

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 49.89.74.8
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 19145
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;49.89.74.8.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071101 1800 900 604800 86400

;; Query time: 31 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Jul 12 07:16:40 CST 2019
;; MSG SIZE  rcvd: 114

Host info

8.74.89.49.in-addr.arpa domain name pointer 8.74.89.49.broad.sz.js.dynamic.163data.com.cn.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
8.74.89.49.in-addr.arpa	name = 8.74.89.49.broad.sz.js.dynamic.163data.com.cn.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
216.218.206.70	attackbots	50070/tcp 3389/tcp 8080/tcp... [2019-08-26/10-23]29pkt,13pt.(tcp),1pt.(udp)	2019-10-24 12:04:33
198.108.67.96	attackbots	10/24/2019-06:00:46.843720 198.108.67.96 Protocol: 6 ET SCAN Suspicious inbound to PostgreSQL port 5432	2019-10-24 12:10:29
106.13.5.233	attack	2019-10-24T06:50:14.985516tmaserv sshd\[26767\]: Invalid user 12345 from 106.13.5.233 port 43570 2019-10-24T06:50:14.990961tmaserv sshd\[26767\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.5.233 2019-10-24T06:50:17.205832tmaserv sshd\[26767\]: Failed password for invalid user 12345 from 106.13.5.233 port 43570 ssh2 2019-10-24T06:55:05.713424tmaserv sshd\[26986\]: Invalid user zliang from 106.13.5.233 port 53024 2019-10-24T06:55:05.719370tmaserv sshd\[26986\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.5.233 2019-10-24T06:55:07.884292tmaserv sshd\[26986\]: Failed password for invalid user zliang from 106.13.5.233 port 53024 ssh2 ...	2019-10-24 12:06:52
51.83.106.0	attack	Oct 22 21:00:02 odroid64 sshd\[32358\]: Invalid user HoloBot from 51.83.106.0 Oct 22 21:00:02 odroid64 sshd\[32358\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.106.0 Oct 22 21:00:02 odroid64 sshd\[32358\]: Invalid user HoloBot from 51.83.106.0 Oct 22 21:00:02 odroid64 sshd\[32358\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.106.0 Oct 22 21:00:04 odroid64 sshd\[32358\]: Failed password for invalid user HoloBot from 51.83.106.0 port 42654 ssh2 ...	2019-10-24 08:06:39
118.89.48.251	attackbotsspam	2019-10-23T23:33:10.2024411495-001 sshd\[47700\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.89.48.251 user=root 2019-10-23T23:33:12.5080471495-001 sshd\[47700\]: Failed password for root from 118.89.48.251 port 39608 ssh2 2019-10-23T23:48:09.5659821495-001 sshd\[48303\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.89.48.251 user=root 2019-10-23T23:48:10.9535841495-001 sshd\[48303\]: Failed password for root from 118.89.48.251 port 43124 ssh2 2019-10-23T23:52:50.0385151495-001 sshd\[48466\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.89.48.251 user=root 2019-10-23T23:52:51.3357681495-001 sshd\[48466\]: Failed password for root from 118.89.48.251 port 52812 ssh2 ...	2019-10-24 12:12:24
45.141.84.28	attackbotsspam	Oct 24 05:23:02 h2177944 kernel: \[4763226.319218\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.141.84.28 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=28509 PROTO=TCP SPT=49549 DPT=6921 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 24 05:23:03 h2177944 kernel: \[4763226.703180\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.141.84.28 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=20598 PROTO=TCP SPT=49549 DPT=6968 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 24 05:25:50 h2177944 kernel: \[4763394.138573\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.141.84.28 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=49044 PROTO=TCP SPT=49549 DPT=6562 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 24 05:53:39 h2177944 kernel: \[4765062.743078\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.141.84.28 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=20742 PROTO=TCP SPT=49549 DPT=6677 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 24 05:56:02 h2177944 kernel: \[4765205.370993\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.141.84.28 DST=85.214.117.9 LEN=	2019-10-24 12:04:07
49.234.44.48	attack	Oct 24 00:55:09 icinga sshd[9996]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.44.48 Oct 24 00:55:11 icinga sshd[9996]: Failed password for invalid user mcollins from 49.234.44.48 port 55983 ssh2 Oct 24 00:59:41 icinga sshd[13229]: Failed password for root from 49.234.44.48 port 46281 ssh2 ...	2019-10-24 08:15:17
45.55.158.8	attackspam	Oct 22 08:18:15 odroid64 sshd\[1604\]: User root from 45.55.158.8 not allowed because not listed in AllowUsers Oct 22 08:18:15 odroid64 sshd\[1604\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.158.8 user=root Oct 22 08:18:17 odroid64 sshd\[1604\]: Failed password for invalid user root from 45.55.158.8 port 50934 ssh2 Oct 22 08:18:15 odroid64 sshd\[1604\]: User root from 45.55.158.8 not allowed because not listed in AllowUsers Oct 22 08:18:15 odroid64 sshd\[1604\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.158.8 user=root Oct 22 08:18:17 odroid64 sshd\[1604\]: Failed password for invalid user root from 45.55.158.8 port 50934 ssh2 Oct 22 08:18:15 odroid64 sshd\[1604\]: User root from 45.55.158.8 not allowed because not listed in AllowUsers Oct 22 08:18:15 odroid64 sshd\[1604\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.158.8 ...	2019-10-24 08:23:45
116.7.176.146	attack	Oct 24 05:55:50 jane sshd[16705]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.7.176.146 Oct 24 05:55:52 jane sshd[16705]: Failed password for invalid user adm from 116.7.176.146 port 53334 ssh2 ...	2019-10-24 12:11:55
164.132.111.76	attackspam	2019-10-24T03:52:10.834819shield sshd\[7424\]: Invalid user aliba from 164.132.111.76 port 46206 2019-10-24T03:52:10.838838shield sshd\[7424\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=76.ip-164-132-111.eu 2019-10-24T03:52:12.986765shield sshd\[7424\]: Failed password for invalid user aliba from 164.132.111.76 port 46206 ssh2 2019-10-24T03:55:59.406729shield sshd\[8511\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=76.ip-164-132-111.eu user=root 2019-10-24T03:56:01.660064shield sshd\[8511\]: Failed password for root from 164.132.111.76 port 57300 ssh2	2019-10-24 12:02:55
110.18.243.70	attack	2019-10-24T10:55:59.524727enmeeting.mahidol.ac.th sshd\[8138\]: User root from 110.18.243.70 not allowed because not listed in AllowUsers 2019-10-24T10:55:59.651670enmeeting.mahidol.ac.th sshd\[8138\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.18.243.70 user=root 2019-10-24T10:56:01.897498enmeeting.mahidol.ac.th sshd\[8138\]: Failed password for invalid user root from 110.18.243.70 port 42310 ssh2 ...	2019-10-24 12:03:24
54.38.73.86	attackspam	Unauthorized connection attempt from IP address 54.38.73.86 on Port 3389(RDP)	2019-10-24 08:11:56
110.35.173.2	attack	2019-10-24T03:47:00.067491hub.schaetter.us sshd\[16661\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.35.173.2 user=root 2019-10-24T03:47:02.985471hub.schaetter.us sshd\[16661\]: Failed password for root from 110.35.173.2 port 32836 ssh2 2019-10-24T03:51:28.360981hub.schaetter.us sshd\[16701\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.35.173.2 user=root 2019-10-24T03:51:30.401002hub.schaetter.us sshd\[16701\]: Failed password for root from 110.35.173.2 port 22328 ssh2 2019-10-24T03:55:49.016091hub.schaetter.us sshd\[16748\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.35.173.2 user=root ...	2019-10-24 12:14:24
218.88.164.159	attack	Oct 24 05:55:47 legacy sshd[22953]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.88.164.159 Oct 24 05:55:49 legacy sshd[22953]: Failed password for invalid user mhkim from 218.88.164.159 port 55999 ssh2 Oct 24 05:55:51 legacy sshd[22955]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.88.164.159 ...	2019-10-24 12:11:39
51.38.51.200	attackbots	Repeated brute force against a port	2019-10-24 08:10:06

Recently Reported IPs

156.0.68.79	12.8.7.205	125.99.189.158	91.102.167.183
129.22.59.161	191.240.70.79	243.91.198.6	101.79.0.58
85.14.245.156	14.207.197.107	121.51.205.210	200.140.250.150
88.247.2.132	212.14.22.107	139.204.71.218	7.119.31.101
182.75.246.242	200.24.16.149	49.144.10.219	176.126.162.236