139.199.45.89 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Tencent Cloud Computing (Beijing) Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	2020-06-16 14:22:08,100 fail2ban.actions: WARNING [ssh] Ban 139.199.45.89	2020-06-16 22:53:09
attackbotsspam	Invalid user admin from 139.199.45.89 port 44510	2020-06-13 16:14:07
attack	Jun 4 13:55:16 ourumov-web sshd\[677\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.45.89 user=root Jun 4 13:55:18 ourumov-web sshd\[677\]: Failed password for root from 139.199.45.89 port 45332 ssh2 Jun 4 14:05:43 ourumov-web sshd\[1389\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.45.89 user=root ...	2020-06-05 00:05:33
attackbotsspam	(sshd) Failed SSH login from 139.199.45.89 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: May 24 14:54:14 srv sshd[32584]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.45.89 user=root May 24 14:54:16 srv sshd[32584]: Failed password for root from 139.199.45.89 port 57340 ssh2 May 24 15:08:31 srv sshd[586]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.45.89 user=root May 24 15:08:33 srv sshd[586]: Failed password for root from 139.199.45.89 port 33864 ssh2 May 24 15:11:31 srv sshd[671]: Invalid user lizette from 139.199.45.89 port 38856	2020-05-25 00:14:43
attack	342. On May 23 2020 experienced a Brute Force SSH login attempt -> 46 unique times by 139.199.45.89.	2020-05-24 06:37:19
attack	May 11 05:55:00 vpn01 sshd[24927]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.45.89 May 11 05:55:02 vpn01 sshd[24927]: Failed password for invalid user sol from 139.199.45.89 port 38592 ssh2 ...	2020-05-11 13:38:17
attack	SSH brute-force attempt	2020-04-14 15:22:53
attack	Apr 13 06:29:36 mout sshd[18856]: Connection closed by 139.199.45.89 port 36368 [preauth]	2020-04-13 14:30:40
attackspam	Mar 31 07:16:37 [HOSTNAME] sshd[23000]: User removed from 139.199.45.89 not allowed because not listed in AllowUsers Mar 31 07:16:37 [HOSTNAME] sshd[23000]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.45.89 user=removed Mar 31 07:16:39 [HOSTNAME] sshd[23000]: Failed password for invalid user removed from 139.199.45.89 port 38820 ssh2 ...	2020-03-31 18:20:10
attackspambots	Invalid user ivan from 139.199.45.89 port 44210	2020-03-25 08:59:44
attack	Invalid user dev from 139.199.45.89 port 55222	2020-03-21 18:10:09
attackbots	suspicious action Tue, 25 Feb 2020 13:36:46 -0300	2020-02-26 03:43:33
attackspam	Feb 5 18:27:13 silence02 sshd[22486]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.45.89 Feb 5 18:27:15 silence02 sshd[22486]: Failed password for invalid user rueppel from 139.199.45.89 port 40890 ssh2 Feb 5 18:30:20 silence02 sshd[22848]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.45.89	2020-02-06 01:37:46
attackspam	Unauthorized connection attempt detected from IP address 139.199.45.89 to port 2220 [J]	2020-01-29 08:14:34
attack	"SSH brute force auth login attempt."	2020-01-23 18:51:39
attack	Jan 18 16:45:14 localhost sshd\[8708\]: Invalid user ops from 139.199.45.89 Jan 18 16:45:14 localhost sshd\[8708\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.45.89 Jan 18 16:45:16 localhost sshd\[8708\]: Failed password for invalid user ops from 139.199.45.89 port 38414 ssh2 Jan 18 16:49:04 localhost sshd\[8780\]: Invalid user buntu from 139.199.45.89 Jan 18 16:49:04 localhost sshd\[8780\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.45.89 ...	2020-01-19 00:03:47
attack	SSH Brute-Force reported by Fail2Ban	2020-01-18 03:00:16
attack	Jan 11 14:56:12 vps670341 sshd[25441]: Invalid user charity from 139.199.45.89 port 35660	2020-01-12 00:15:23
attackspam	Dec 8 07:22:28 v22018086721571380 sshd[14066]: Failed password for invalid user asterisk from 139.199.45.89 port 48622 ssh2 Dec 8 07:29:41 v22018086721571380 sshd[14521]: Failed password for invalid user test from 139.199.45.89 port 51824 ssh2	2019-12-08 15:32:22
attack	Dec 4 11:02:57 zimbra sshd[29088]: Invalid user sischka from 139.199.45.89 Dec 4 11:02:57 zimbra sshd[29088]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.45.89 Dec 4 11:02:59 zimbra sshd[29088]: Failed password for invalid user sischka from 139.199.45.89 port 46818 ssh2 Dec 4 11:02:59 zimbra sshd[29088]: Received disconnect from 139.199.45.89 port 46818:11: Bye Bye [preauth] Dec 4 11:02:59 zimbra sshd[29088]: Disconnected from 139.199.45.89 port 46818 [preauth] Dec 4 11:19:13 zimbra sshd[10657]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.45.89 user=r.r Dec 4 11:19:15 zimbra sshd[10657]: Failed password for r.r from 139.199.45.89 port 45202 ssh2 Dec 4 11:19:16 zimbra sshd[10657]: Received disconnect from 139.199.45.89 port 45202:11: Bye Bye [preauth] Dec 4 11:19:16 zimbra sshd[10657]: Disconnected from 139.199.45.89 port 45202 [preauth] Dec 4 11:26:15 zimbr........ -------------------------------	2019-12-06 17:01:29
attackbots	Dec 4 11:02:57 zimbra sshd[29088]: Invalid user sischka from 139.199.45.89 Dec 4 11:02:57 zimbra sshd[29088]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.45.89 Dec 4 11:02:59 zimbra sshd[29088]: Failed password for invalid user sischka from 139.199.45.89 port 46818 ssh2 Dec 4 11:02:59 zimbra sshd[29088]: Received disconnect from 139.199.45.89 port 46818:11: Bye Bye [preauth] Dec 4 11:02:59 zimbra sshd[29088]: Disconnected from 139.199.45.89 port 46818 [preauth] Dec 4 11:19:13 zimbra sshd[10657]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.45.89 user=r.r Dec 4 11:19:15 zimbra sshd[10657]: Failed password for r.r from 139.199.45.89 port 45202 ssh2 Dec 4 11:19:16 zimbra sshd[10657]: Received disconnect from 139.199.45.89 port 45202:11: Bye Bye [preauth] Dec 4 11:19:16 zimbra sshd[10657]: Disconnected from 139.199.45.89 port 45202 [preauth] Dec 4 11:26:15 zimbr........ -------------------------------	2019-12-04 20:20:09

Comments on same subnet:

IP	Type	Details	Datetime
139.199.45.83	attack	Oct 12 17:30:43 minden010 sshd[13193]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.45.83 Oct 12 17:30:45 minden010 sshd[13193]: Failed password for invalid user celina from 139.199.45.83 port 45008 ssh2 Oct 12 17:35:20 minden010 sshd[14132]: Failed password for root from 139.199.45.83 port 39056 ssh2 ...	2020-10-13 04:07:27
139.199.45.83	attack	$f2bV_matches	2020-10-12 19:44:20
139.199.45.83	attack	(sshd) Failed SSH login from 139.199.45.83 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 24 09:32:37 server4 sshd[28535]: Invalid user office from 139.199.45.83 Sep 24 09:32:37 server4 sshd[28535]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.45.83 Sep 24 09:32:39 server4 sshd[28535]: Failed password for invalid user office from 139.199.45.83 port 56518 ssh2 Sep 24 09:41:23 server4 sshd[1121]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.45.83 user=root Sep 24 09:41:25 server4 sshd[1121]: Failed password for root from 139.199.45.83 port 50346 ssh2	2020-09-24 23:46:16
139.199.45.83	attackspam	Invalid user test from 139.199.45.83 port 43226	2020-09-24 15:32:43
139.199.45.83	attackspambots	(sshd) Failed SSH login from 139.199.45.83 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 23 15:37:10 server5 sshd[20109]: Invalid user apps from 139.199.45.83 Sep 23 15:37:10 server5 sshd[20109]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.45.83 Sep 23 15:37:12 server5 sshd[20109]: Failed password for invalid user apps from 139.199.45.83 port 51344 ssh2 Sep 23 15:49:28 server5 sshd[25497]: Invalid user ts3user from 139.199.45.83 Sep 23 15:49:28 server5 sshd[25497]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.45.83	2020-09-24 06:58:39
139.199.45.83	attack	Aug 30 17:22:52 h2646465 sshd[22610]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.45.83 user=root Aug 30 17:22:54 h2646465 sshd[22610]: Failed password for root from 139.199.45.83 port 40330 ssh2 Aug 30 17:49:21 h2646465 sshd[25856]: Invalid user hosts from 139.199.45.83 Aug 30 17:49:21 h2646465 sshd[25856]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.45.83 Aug 30 17:49:21 h2646465 sshd[25856]: Invalid user hosts from 139.199.45.83 Aug 30 17:49:23 h2646465 sshd[25856]: Failed password for invalid user hosts from 139.199.45.83 port 45484 ssh2 Aug 30 17:53:23 h2646465 sshd[26459]: Invalid user user1 from 139.199.45.83 Aug 30 17:53:23 h2646465 sshd[26459]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.45.83 Aug 30 17:53:23 h2646465 sshd[26459]: Invalid user user1 from 139.199.45.83 Aug 30 17:53:25 h2646465 sshd[26459]: Failed password for invalid user user1 fr	2020-08-31 00:25:06
139.199.45.83	attackbotsspam	Invalid user big from 139.199.45.83 port 52174	2020-08-19 13:01:32
139.199.45.83	attack	Aug 12 08:06:13 cosmoit sshd[9920]: Failed password for root from 139.199.45.83 port 55750 ssh2	2020-08-12 14:12:20
139.199.45.83	attack	Aug 5 23:14:00 dignus sshd[29884]: Failed password for root from 139.199.45.83 port 40906 ssh2 Aug 5 23:15:51 dignus sshd[30126]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.45.83 user=root Aug 5 23:15:52 dignus sshd[30126]: Failed password for root from 139.199.45.83 port 59928 ssh2 Aug 5 23:17:32 dignus sshd[30351]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.45.83 user=root Aug 5 23:17:34 dignus sshd[30351]: Failed password for root from 139.199.45.83 port 50740 ssh2 ...	2020-08-06 14:20:32
139.199.45.83	attack	Aug 2 19:00:49 ns382633 sshd\[24403\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.45.83 user=root Aug 2 19:00:51 ns382633 sshd\[24403\]: Failed password for root from 139.199.45.83 port 35718 ssh2 Aug 2 19:14:46 ns382633 sshd\[27434\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.45.83 user=root Aug 2 19:14:48 ns382633 sshd\[27434\]: Failed password for root from 139.199.45.83 port 39696 ssh2 Aug 2 19:19:35 ns382633 sshd\[28325\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.45.83 user=root	2020-08-03 03:08:15
139.199.45.83	attackbots	Jul 29 07:57:56 * sshd[27400]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.45.83 Jul 29 07:57:58 * sshd[27400]: Failed password for invalid user shifeng from 139.199.45.83 port 37558 ssh2	2020-07-29 17:43:26
139.199.45.83	attack	Connection to SSH Honeypot - Detected by HoneypotDB	2020-07-28 16:58:54
139.199.45.83	attack	Invalid user qxl from 139.199.45.83 port 34370	2020-07-25 13:01:03
139.199.45.83	attackbots	Jul 17 14:33:44 ns382633 sshd\[5772\]: Invalid user tm from 139.199.45.83 port 54098 Jul 17 14:33:44 ns382633 sshd\[5772\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.45.83 Jul 17 14:33:46 ns382633 sshd\[5772\]: Failed password for invalid user tm from 139.199.45.83 port 54098 ssh2 Jul 17 14:47:27 ns382633 sshd\[8401\]: Invalid user alibaba from 139.199.45.83 port 59346 Jul 17 14:47:27 ns382633 sshd\[8401\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.45.83	2020-07-18 00:10:19
139.199.45.83	attackbotsspam	$f2bV_matches	2020-07-17 01:00:13

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.199.45.89
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55362
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.199.45.89.			IN	A

;; AUTHORITY SECTION:
.			450	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019120401 1800 900 604800 86400

;; Query time: 78 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Dec 04 20:20:04 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 89.45.199.139.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 89.45.199.139.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
106.13.199.71	attackbots	Dec 17 20:20:51 hanapaa sshd\[4660\]: Invalid user peregrino from 106.13.199.71 Dec 17 20:20:51 hanapaa sshd\[4660\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.199.71 Dec 17 20:20:53 hanapaa sshd\[4660\]: Failed password for invalid user peregrino from 106.13.199.71 port 51324 ssh2 Dec 17 20:26:50 hanapaa sshd\[5185\]: Invalid user ENGFO from 106.13.199.71 Dec 17 20:26:50 hanapaa sshd\[5185\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.199.71	2019-12-18 19:01:28
185.176.27.6	attackbotsspam	Dec 18 11:42:01 debian-2gb-nbg1-2 kernel: \[318495.771669\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=185.176.27.6 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=27122 PROTO=TCP SPT=49644 DPT=21882 WINDOW=1024 RES=0x00 SYN URGP=0	2019-12-18 18:47:37
89.205.126.245	attack	Honeypot attack, port: 23, PTR: 89.205.126.245.robi.com.mk.	2019-12-18 18:56:53
106.13.105.77	attackbots	Invalid user tangalong from 106.13.105.77 port 37156	2019-12-18 18:37:14
49.147.173.121	attackspambots	1576650425 - 12/18/2019 07:27:05 Host: 49.147.173.121/49.147.173.121 Port: 445 TCP Blocked	2019-12-18 18:47:16
139.199.88.93	attackspam	ssh intrusion attempt	2019-12-18 18:55:59
203.187.169.101	attack	Host Scan	2019-12-18 18:51:01
138.197.131.127	attack	Honeypot attack, port: 135, PTR: min-extra-scan-108-ca-prod.binaryedge.ninja.	2019-12-18 18:35:09
81.4.150.134	attack	SSH bruteforce	2019-12-18 18:39:10
40.92.68.52	attack	Dec 18 09:26:46 debian-2gb-vpn-nbg1-1 kernel: [1028771.729239] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:38:96:44:d2:74:7f:6e:37:e3:08:00 SRC=40.92.68.52 DST=78.46.192.101 LEN=40 TOS=0x00 PREC=0x00 TTL=239 ID=32307 DF PROTO=TCP SPT=52671 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0	2019-12-18 19:06:46
218.225.137.87	attackbotsspam	Honeypot attack, port: 23, PTR: g87.218-225-137.ppp.wakwak.ne.jp.	2019-12-18 18:48:48
46.26.8.33	attackbotsspam	Dec 18 05:51:15 ws12vmsma01 sshd[32842]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=static-33-8-26-46.ipcom.comunitel.net Dec 18 05:51:15 ws12vmsma01 sshd[32842]: Invalid user dayaneni from 46.26.8.33 Dec 18 05:51:16 ws12vmsma01 sshd[32842]: Failed password for invalid user dayaneni from 46.26.8.33 port 4153 ssh2 ...	2019-12-18 19:02:50
157.230.129.73	attackbotsspam	$f2bV_matches	2019-12-18 18:29:59
54.39.191.188	attackbotsspam	Dec 18 00:24:11 wbs sshd\[17722\]: Invalid user javi from 54.39.191.188 Dec 18 00:24:11 wbs sshd\[17722\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.191.188 Dec 18 00:24:13 wbs sshd\[17722\]: Failed password for invalid user javi from 54.39.191.188 port 56420 ssh2 Dec 18 00:29:13 wbs sshd\[18177\]: Invalid user harbans from 54.39.191.188 Dec 18 00:29:13 wbs sshd\[18177\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.191.188	2019-12-18 18:39:39
40.92.74.38	attack	Dec 18 13:46:07 debian-2gb-vpn-nbg1-1 kernel: [1044331.965718] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:38:96:44:d2:74:7f:6e:37:e3:08:00 SRC=40.92.74.38 DST=78.46.192.101 LEN=40 TOS=0x00 PREC=0x00 TTL=238 ID=14314 DF PROTO=TCP SPT=12857 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0	2019-12-18 18:48:13

Recently Reported IPs

160.61.97.172	206.157.250.255	106.187.34.106	107.160.23.33
151.196.70.76	78.24.223.141	212.64.252.243	216.132.251.210
118.156.225.26	160.190.163.163	185.125.33.203	37.191.24.193
76.74.173.211	35.240.234.6	121.126.211.108	5.239.66.180
170.245.5.50	76.223.140.172	177.137.93.162	218.163.210.36