89.45.228.149 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Romania

Internet Service Provider: IPv4 Management SRL

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Mar 1 14:22:20 debian-2gb-nbg1-2 kernel: \[5328126.659840\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=89.45.228.149 DST=195.201.40.59 LEN=44 TOS=0x00 PREC=0x00 TTL=238 ID=23083 DF PROTO=TCP SPT=26618 DPT=81 WINDOW=14600 RES=0x00 SYN URGP=0	2020-03-02 01:47:37

Type

Details

Datetime

attack

Mar  1 14:22:20 debian-2gb-nbg1-2 kernel: \[5328126.659840\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=89.45.228.149 DST=195.201.40.59 LEN=44 TOS=0x00 PREC=0x00 TTL=238 ID=23083 DF PROTO=TCP SPT=26618 DPT=81 WINDOW=14600 RES=0x00 SYN URGP=0

2020-03-02 01:47:37

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 89.45.228.149
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 888
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;89.45.228.149.			IN	A

;; AUTHORITY SECTION:
.			595	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020030101 1800 900 604800 86400

;; Query time: 111 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Mar 02 01:47:34 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 149.228.45.89.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 149.228.45.89.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
51.83.138.87	attack	Feb 19 22:56:31 SilenceServices sshd[25921]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.138.87 Feb 19 22:56:33 SilenceServices sshd[25921]: Failed password for invalid user roger from 51.83.138.87 port 55802 ssh2 Feb 19 22:57:38 SilenceServices sshd[27237]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.138.87	2020-02-20 06:53:56
183.7.35.161	attackspam	Automatic report - Port Scan Attack	2020-02-20 07:22:00
41.203.156.254	attackbotsspam	Feb 20 01:47:12 server sshd\[20412\]: Invalid user elc_admin from 41.203.156.254 Feb 20 01:47:12 server sshd\[20412\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.203.156.254 Feb 20 01:47:14 server sshd\[20412\]: Failed password for invalid user elc_admin from 41.203.156.254 port 32924 ssh2 Feb 20 01:59:06 server sshd\[22418\]: Invalid user tomcat from 41.203.156.254 Feb 20 01:59:06 server sshd\[22418\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.203.156.254 ...	2020-02-20 07:29:42
14.231.183.71	attack	Feb 19 12:58:15 hanapaa sshd\[20713\]: Invalid user stats from 14.231.183.71 Feb 19 12:58:15 hanapaa sshd\[20713\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.231.183.71 Feb 19 12:58:17 hanapaa sshd\[20713\]: Failed password for invalid user stats from 14.231.183.71 port 55416 ssh2 Feb 19 12:58:18 hanapaa sshd\[20717\]: Invalid user stats from 14.231.183.71 Feb 19 12:58:19 hanapaa sshd\[20717\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.231.183.71	2020-02-20 06:59:39
174.0.13.138	attack	/asset-manifest.json	2020-02-20 07:25:00
122.224.131.116	attackbotsspam	Feb 19 23:55:42 markkoudstaal sshd[9114]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.224.131.116 Feb 19 23:55:44 markkoudstaal sshd[9114]: Failed password for invalid user jenkins from 122.224.131.116 port 35528 ssh2 Feb 19 23:58:50 markkoudstaal sshd[9683]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.224.131.116	2020-02-20 07:06:07
42.115.53.222	attack	port scan and connect, tcp 23 (telnet)	2020-02-20 07:22:59
14.56.180.103	attack	Feb 19 13:10:56 kapalua sshd\[29032\]: Invalid user zhangjg from 14.56.180.103 Feb 19 13:10:56 kapalua sshd\[29032\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.56.180.103 Feb 19 13:10:59 kapalua sshd\[29032\]: Failed password for invalid user zhangjg from 14.56.180.103 port 35792 ssh2 Feb 19 13:13:32 kapalua sshd\[29248\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.56.180.103 user=man Feb 19 13:13:34 kapalua sshd\[29248\]: Failed password for man from 14.56.180.103 port 57000 ssh2	2020-02-20 07:26:29
81.169.144.135	attackbots	81.169.144.135 - - \[19/Feb/2020:22:56:39 +0100\] "GET /90-tage-challenge/90-tage.html/robots.txt HTTP/1.1" 301 887 "-" "Mozilla/5.0 \(compatible\; Googlebot/2.1\; +http://www.google.com/bot.html\)" ...	2020-02-20 07:29:23
217.128.74.29	attackspambots	5x Failed Password	2020-02-20 07:14:49
125.17.156.139	attack	firewall-block, port(s): 1433/tcp	2020-02-20 07:20:32
150.109.181.27	attackbotsspam	Port probing on unauthorized port 8082	2020-02-20 07:12:01
170.81.148.7	attackbotsspam	Feb 20 00:00:15 ns381471 sshd[29131]: Failed password for postgres from 170.81.148.7 port 40340 ssh2	2020-02-20 07:16:51
124.205.67.186	attackspam	Invalid user oracle from 124.205.67.186 port 34714	2020-02-20 07:18:42
106.75.77.87	attack	Feb 19 23:59:43 vps647732 sshd[7624]: Failed password for ubuntu from 106.75.77.87 port 32964 ssh2 ...	2020-02-20 07:10:27

Recently Reported IPs

63.133.186.112	223.16.185.72	36.247.49.66	149.136.211.106
65.38.145.181	54.197.244.56	218.162.149.240	206.121.95.243
148.20.180.205	194.240.246.172	70.123.203.172	31.220.48.56
14.143.137.26	63.82.49.26	114.124.229.231	106.160.214.94
37.239.51.3	188.50.225.117	65.187.186.24	55.175.217.154