91.243.89.142 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Russian Federation

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
91.243.89.80	attack	suspicious query, attemp SQL injection log:/aero/meteo_aero.php?lang=en&recherche=ENBN%27%29+AND+1%3D1+UNION+ALL+SELECT+1%2CNULL%2C%27%3Cscript%3Ealert%28%22XSS%22%29%3C%2Fscript%3E%27%2Ctable_name+FROM+information_schema.tables+WHERE+2%3E1--%2F%2A%2A%2F%3B+EXEC+xp_cmdshell%28%27cat+..%2F..%2F..%2Fetc%2Fpasswd%27%29%23	2020-10-08 01:33:52
91.243.89.80	attackspam	suspicious query, attemp SQL injection log:/aero/meteo_aero.php?lang=en&recherche=ENBN%27%29+AND+1%3D1+UNION+ALL+SELECT+1%2CNULL%2C%27%3Cscript%3Ealert%28%22XSS%22%29%3C%2Fscript%3E%27%2Ctable_name+FROM+information_schema.tables+WHERE+2%3E1--%2F%2A%2A%2F%3B+EXEC+xp_cmdshell%28%27cat+..%2F..%2F..%2Fetc%2Fpasswd%27%29%23	2020-10-07 17:41:57

Type

Details

Datetime

91.243.89.80

attack

suspicious query, attemp SQL injection log:/aero/meteo_aero.php?lang=en&recherche=ENBN%27%29+AND+1%3D1+UNION+ALL+SELECT+1%2CNULL%2C%27%3Cscript%3Ealert%28%22XSS%22%29%3C%2Fscript%3E%27%2Ctable_name+FROM+information_schema.tables+WHERE+2%3E1--%2F%2A%2A%2F%3B+EXEC+xp_cmdshell%28%27cat+..%2F..%2F..%2Fetc%2Fpasswd%27%29%23

2020-10-08 01:33:52

91.243.89.80

attackspam

suspicious query, attemp SQL injection log:/aero/meteo_aero.php?lang=en&recherche=ENBN%27%29+AND+1%3D1+UNION+ALL+SELECT+1%2CNULL%2C%27%3Cscript%3Ealert%28%22XSS%22%29%3C%2Fscript%3E%27%2Ctable_name+FROM+information_schema.tables+WHERE+2%3E1--%2F%2A%2A%2F%3B+EXEC+xp_cmdshell%28%27cat+..%2F..%2F..%2Fetc%2Fpasswd%27%29%23

2020-10-07 17:41:57

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 91.243.89.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 14913
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;91.243.89.142.			IN	A

;; AUTHORITY SECTION:
.			599	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022100602 1800 900 604800 86400

;; Query time: 19 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Oct 07 04:58:38 CST 2022
;; MSG SIZE  rcvd: 106

Host info

Host 142.89.243.91.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 142.89.243.91.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
46.101.223.54	attackbotsspam	Unauthorized connection attempt detected from IP address 46.101.223.54 to port 4366	2020-04-18 04:00:24
222.186.175.183	attackbotsspam	Apr 17 22:58:32 ift sshd\[7886\]: Failed password for root from 222.186.175.183 port 24272 ssh2Apr 17 22:58:42 ift sshd\[7886\]: Failed password for root from 222.186.175.183 port 24272 ssh2Apr 17 22:58:45 ift sshd\[7886\]: Failed password for root from 222.186.175.183 port 24272 ssh2Apr 17 22:58:51 ift sshd\[7906\]: Failed password for root from 222.186.175.183 port 12046 ssh2Apr 17 22:58:54 ift sshd\[7906\]: Failed password for root from 222.186.175.183 port 12046 ssh2 ...	2020-04-18 04:07:03
62.234.161.249	attack	Apr 17 21:10:22 ovpn sshd\[6832\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.161.249 user=root Apr 17 21:10:24 ovpn sshd\[6832\]: Failed password for root from 62.234.161.249 port 51424 ssh2 Apr 17 21:23:27 ovpn sshd\[9873\]: Invalid user admin from 62.234.161.249 Apr 17 21:23:27 ovpn sshd\[9873\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.161.249 Apr 17 21:23:29 ovpn sshd\[9873\]: Failed password for invalid user admin from 62.234.161.249 port 37954 ssh2	2020-04-18 04:14:06
123.122.110.79	attack	SSH Brute-Force reported by Fail2Ban	2020-04-18 04:06:07
2.80.168.28	attackbots	Apr 17 13:16:26 server1 sshd\[25781\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.80.168.28 user=root Apr 17 13:16:29 server1 sshd\[25781\]: Failed password for root from 2.80.168.28 port 49446 ssh2 Apr 17 13:20:06 server1 sshd\[26810\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.80.168.28 user=root Apr 17 13:20:08 server1 sshd\[26810\]: Failed password for root from 2.80.168.28 port 57078 ssh2 Apr 17 13:23:55 server1 sshd\[27860\]: Invalid user test from 2.80.168.28 ...	2020-04-18 03:46:15
80.211.241.29	attack	Found by fail2ban	2020-04-18 03:55:18
103.101.52.43	attackbots	Wordpress Admin Login attack	2020-04-18 03:39:55
124.88.37.161	attackbotsspam	Apr 17 21:41:16 mout sshd[30503]: Invalid user vcsa from 124.88.37.161 port 3412	2020-04-18 04:11:28
167.71.217.92	attack	Unauthorized connection attempt detected from IP address 167.71.217.92 to port 2222	2020-04-18 04:08:33
139.59.9.28	attack	Unauthorized connection attempt detected from IP address 139.59.9.28 to port 6000	2020-04-18 03:50:31
222.186.180.17	attackbotsspam	Apr 17 22:12:41 eventyay sshd[31713]: Failed password for root from 222.186.180.17 port 44566 ssh2 Apr 17 22:12:44 eventyay sshd[31713]: Failed password for root from 222.186.180.17 port 44566 ssh2 Apr 17 22:12:47 eventyay sshd[31713]: Failed password for root from 222.186.180.17 port 44566 ssh2 Apr 17 22:12:54 eventyay sshd[31713]: error: maximum authentication attempts exceeded for root from 222.186.180.17 port 44566 ssh2 [preauth] ...	2020-04-18 04:13:16
193.112.16.245	attackbots	SSH brute-force attempt	2020-04-18 03:45:07
106.12.20.3	attackbotsspam	Apr 17 22:41:44 tuotantolaitos sshd[1390]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.20.3 Apr 17 22:41:45 tuotantolaitos sshd[1390]: Failed password for invalid user ubuntu from 106.12.20.3 port 42248 ssh2 ...	2020-04-18 03:58:48
159.203.36.154	attack	Fail2Ban Ban Triggered (2)	2020-04-18 03:42:22
116.255.213.176	attackspam	SSH Brute-Force reported by Fail2Ban	2020-04-18 03:56:24

Recently Reported IPs

185.88.36.222	154.118.242.86	102.23.252.189	34.168.46.104
144.168.253.73	68.183.3.226	194.213.69.99	45.86.244.141
23.229.126.199	103.17.198.95	128.90.60.92	128.90.102.85
190.39.153.176	154.29.64.22	161.129.155.43	23.250.41.64
172.241.137.57	211.207.170.169	186.70.226.157	95.50.53.211