89.14.80.9 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Germany

Internet Service Provider: Telefonica Germany GmbH & Co. OHG

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/89.14.80.9/ DE - 1H : (71) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : DE NAME ASN : ASN6805 IP : 89.14.80.9 CIDR : 89.14.0.0/16 PREFIX COUNT : 42 UNIQUE IP COUNT : 7555584 ATTACKS DETECTED ASN6805 : 1H - 1 3H - 2 6H - 2 12H - 6 24H - 11 DateTime : 2019-11-13 00:21:26 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-11-13 08:36:13

Type

Details

Datetime

attack

IP Ban Report :  
 https://help-dysk.pl/wordpress-firewall-plugins/ip/89.14.80.9/ 
 
 DE - 1H : (71)  
 Protection Against DDoS WordPress plugin :  
 "odzyskiwanie danych help-dysk" 
 IP Address Ranges by Country : DE 
 NAME ASN : ASN6805 
 
 IP : 89.14.80.9 
 
 CIDR : 89.14.0.0/16 
 
 PREFIX COUNT : 42 
 
 UNIQUE IP COUNT : 7555584 
 
 
 ATTACKS DETECTED ASN6805 :  
  1H - 1 
  3H - 2 
  6H - 2 
 12H - 6 
 24H - 11 
 
 DateTime : 2019-11-13 00:21:26 
 
 INFO : Port Scan TELNET Detected and Blocked by ADMIN  - data recovery

2019-11-13 08:36:13

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 89.14.80.9
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38617
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;89.14.80.9.			IN	A

;; AUTHORITY SECTION:
.			502	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019111201 1800 900 604800 86400

;; Query time: 109 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Nov 13 08:36:09 CST 2019
;; MSG SIZE  rcvd: 114

Host info

9.80.14.89.in-addr.arpa domain name pointer x590e5009.dyn.telefonica.de.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
9.80.14.89.in-addr.arpa	name = x590e5009.dyn.telefonica.de.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
148.70.191.149	attack	May 15 21:20:48 ns382633 sshd\[3542\]: Invalid user user from 148.70.191.149 port 44280 May 15 21:20:48 ns382633 sshd\[3542\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.191.149 May 15 21:20:50 ns382633 sshd\[3542\]: Failed password for invalid user user from 148.70.191.149 port 44280 ssh2 May 15 21:35:24 ns382633 sshd\[6146\]: Invalid user claudia from 148.70.191.149 port 41084 May 15 21:35:24 ns382633 sshd\[6146\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.191.149	2020-05-16 03:55:37
122.238.31.167	attack	20/5/15@08:20:04: FAIL: Alarm-Intrusion address from=122.238.31.167 ...	2020-05-16 03:41:15
106.54.245.12	attack	Invalid user postgres from 106.54.245.12 port 52178	2020-05-16 03:56:23
164.132.42.32	attack	May 15 21:22:04 plex sshd[24657]: Invalid user newuser from 164.132.42.32 port 51862	2020-05-16 03:42:35
150.109.82.109	attackbotsspam	SSH Brute Force	2020-05-16 03:38:48
193.150.88.173	attackspam	"Account brute force using dictionary attack against Exchange Online"	2020-05-16 04:07:19
221.214.74.10	attackbots	SSH invalid-user multiple login try	2020-05-16 04:01:44
103.253.42.59	attackspam	[2020-05-15 15:36:59] NOTICE[1157][C-00005064] chan_sip.c: Call from '' (103.253.42.59:54907) to extension '001146462607642' rejected because extension not found in context 'public'. [2020-05-15 15:36:59] SECURITY[1173] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-05-15T15:36:59.886-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="001146462607642",SessionID="0x7f5f102df088",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/103.253.42.59/54907",ACLName="no_extension_match" [2020-05-15 15:38:21] NOTICE[1157][C-00005065] chan_sip.c: Call from '' (103.253.42.59:61055) to extension '0001146462607642' rejected because extension not found in context 'public'. [2020-05-15 15:38:21] SECURITY[1173] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-05-15T15:38:21.238-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="0001146462607642",SessionID="0x7f5f102df088",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UD ...	2020-05-16 03:39:53
195.69.222.71	attack	DATE:2020-05-15 20:30:58, IP:195.69.222.71, PORT:ssh SSH brute force auth (docker-dc)	2020-05-16 04:12:54
118.140.183.42	attackspam	SSH Brute-Forcing (server1)	2020-05-16 03:44:29
187.133.229.89	attack	Unauthorised access (May 15) SRC=187.133.229.89 LEN=52 TTL=111 ID=11423 DF TCP DPT=445 WINDOW=8192 SYN	2020-05-16 04:13:55
64.145.79.212	attackspambots	[2020-05-15 15:51:27] NOTICE[1157] chan_sip.c: Registration from '' failed for '64.145.79.212:64324' - Wrong password [2020-05-15 15:51:27] SECURITY[1173] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-05-15T15:51:27.158-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="1725",SessionID="0x7f5f102df088",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/64.145.79.212/64324",Challenge="75bd7f0f",ReceivedChallenge="75bd7f0f",ReceivedHash="dcaea253de9309536204bf08a15fe2c5" [2020-05-15 15:51:41] NOTICE[1157] chan_sip.c: Registration from '' failed for '64.145.79.212:56270' - Wrong password [2020-05-15 15:51:41] SECURITY[1173] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-05-15T15:51:41.540-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="1126",SessionID="0x7f5f10b1c8b8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/64.145.79.212 ...	2020-05-16 04:01:11
2a02:c7f:2269:3d00:1b4:a64d:ed0b:8a24	attack	C2,WP GET /wp-login.php	2020-05-16 03:52:00
190.193.177.22	attackspam	Invalid user user from 190.193.177.22 port 33848	2020-05-16 03:40:15
222.186.175.217	attackspam	May 15 21:31:36 ArkNodeAT sshd\[7606\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.217 user=root May 15 21:31:38 ArkNodeAT sshd\[7606\]: Failed password for root from 222.186.175.217 port 51034 ssh2 May 15 21:31:55 ArkNodeAT sshd\[7608\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.217 user=root	2020-05-16 03:48:30

Recently Reported IPs

42.231.93.199	222.141.89.160	175.29.127.11	183.177.205.196
182.126.73.34	177.86.151.18	177.10.148.53	185.3.251.126
78.171.96.161	46.167.110.240	45.95.32.72	63.88.23.211
122.107.68.4	45.125.65.63	46.29.255.100	12.143.91.206
251.80.150.156	44.151.208.108	247.213.252.104	117.139.199.186