139.199.89.117

Basic Info

City: Beijing

Region: Beijing

Country: China

Internet Service Provider: Tencent Cloud Computing (Beijing) Co. Ltd.

Hostname: unknown

Organization: Shenzhen Tencent Computer Systems Company Limited

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Sep 16 21:53:19 auw2 sshd\[15818\]: Invalid user achour from 139.199.89.117 Sep 16 21:53:19 auw2 sshd\[15818\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.89.117 Sep 16 21:53:21 auw2 sshd\[15818\]: Failed password for invalid user achour from 139.199.89.117 port 39960 ssh2 Sep 16 21:57:59 auw2 sshd\[16204\]: Invalid user user from 139.199.89.117 Sep 16 21:57:59 auw2 sshd\[16204\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.89.117	2019-09-17 16:59:49
attackbotsspam	Sep 12 15:48:25 MK-Soft-VM5 sshd\[17622\]: Invalid user test123 from 139.199.89.117 port 50234 Sep 12 15:48:25 MK-Soft-VM5 sshd\[17622\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.89.117 Sep 12 15:48:27 MK-Soft-VM5 sshd\[17622\]: Failed password for invalid user test123 from 139.199.89.117 port 50234 ssh2 ...	2019-09-13 07:56:29
attackbotsspam	Aug 30 05:48:40 *** sshd[8926]: User root from 139.199.89.117 not allowed because not listed in AllowUsers	2019-08-30 15:01:00
attackbotsspam	Aug 28 07:25:49 srv-4 sshd\[16316\]: Invalid user jboss from 139.199.89.117 Aug 28 07:25:49 srv-4 sshd\[16316\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.89.117 Aug 28 07:25:50 srv-4 sshd\[16316\]: Failed password for invalid user jboss from 139.199.89.117 port 52468 ssh2 ...	2019-08-28 15:54:12
attack	Automatic report - Banned IP Access	2019-08-15 06:24:42
attack	Jul 28 08:15:05 vps200512 sshd\[10784\]: Invalid user novem from 139.199.89.117 Jul 28 08:15:05 vps200512 sshd\[10784\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.89.117 Jul 28 08:15:07 vps200512 sshd\[10784\]: Failed password for invalid user novem from 139.199.89.117 port 52800 ssh2 Jul 28 08:19:15 vps200512 sshd\[10833\]: Invalid user reframe from 139.199.89.117 Jul 28 08:19:15 vps200512 sshd\[10833\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.89.117	2019-07-28 21:09:22
attack	May 29 11:31:19 server sshd\[126462\]: Invalid user linux from 139.199.89.117 May 29 11:31:19 server sshd\[126462\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.89.117 May 29 11:31:20 server sshd\[126462\]: Failed password for invalid user linux from 139.199.89.117 port 47922 ssh2 ...	2019-07-12 07:46:39
attack	Jun 23 02:35:18 ncomp sshd[1693]: Invalid user ftpuser from 139.199.89.117 Jun 23 02:35:18 ncomp sshd[1693]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.89.117 Jun 23 02:35:18 ncomp sshd[1693]: Invalid user ftpuser from 139.199.89.117 Jun 23 02:35:20 ncomp sshd[1693]: Failed password for invalid user ftpuser from 139.199.89.117 port 59844 ssh2	2019-06-23 17:58:14

Comments on same subnet:

IP	Type	Details	Datetime
139.199.89.157	attackspam	Jul 17 23:34:03 haigwepa sshd[8959]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.89.157 Jul 17 23:34:05 haigwepa sshd[8959]: Failed password for invalid user scp from 139.199.89.157 port 52880 ssh2 ...	2020-07-18 05:35:35
139.199.89.157	attack	Jul 7 21:54:44 nas sshd[21097]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.89.157 Jul 7 21:54:46 nas sshd[21097]: Failed password for invalid user sofronio from 139.199.89.157 port 59344 ssh2 Jul 7 22:12:12 nas sshd[21914]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.89.157 ...	2020-07-08 07:08:09
139.199.89.157	attack	Jun 17 09:19:31 srv sshd[17950]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.89.157	2020-06-17 18:42:23
139.199.89.157	attack	2020-06-10T19:41:34.745510shield sshd\[1502\]: Invalid user elk from 139.199.89.157 port 33560 2020-06-10T19:41:34.749154shield sshd\[1502\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.89.157 2020-06-10T19:41:36.549349shield sshd\[1502\]: Failed password for invalid user elk from 139.199.89.157 port 33560 ssh2 2020-06-10T19:43:57.079266shield sshd\[2028\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.89.157 user=root 2020-06-10T19:43:58.844343shield sshd\[2028\]: Failed password for root from 139.199.89.157 port 33170 ssh2	2020-06-11 03:47:25
139.199.89.157	attackspam	May 29 14:16:42 pve1 sshd[21420]: Failed password for root from 139.199.89.157 port 39702 ssh2 ...	2020-05-29 21:11:26
139.199.89.157	attackbots	May 27 14:39:19 OPSO sshd\[17079\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.89.157 user=root May 27 14:39:21 OPSO sshd\[17079\]: Failed password for root from 139.199.89.157 port 37880 ssh2 May 27 14:43:50 OPSO sshd\[17909\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.89.157 user=root May 27 14:43:52 OPSO sshd\[17909\]: Failed password for root from 139.199.89.157 port 56470 ssh2 May 27 14:48:14 OPSO sshd\[18926\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.89.157 user=root	2020-05-28 00:31:43
139.199.89.157	attackbotsspam	May 13 14:36:06 mout sshd[22614]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.89.157 user=root May 13 14:36:08 mout sshd[22614]: Failed password for root from 139.199.89.157 port 45764 ssh2	2020-05-14 00:16:26
139.199.89.157	attackbotsspam	May 7 16:31:38 web1 sshd[32400]: Invalid user gg from 139.199.89.157 port 59386 May 7 16:31:38 web1 sshd[32400]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.89.157 May 7 16:31:38 web1 sshd[32400]: Invalid user gg from 139.199.89.157 port 59386 May 7 16:31:40 web1 sshd[32400]: Failed password for invalid user gg from 139.199.89.157 port 59386 ssh2 May 7 16:52:21 web1 sshd[5088]: Invalid user rails from 139.199.89.157 port 50278 May 7 16:52:21 web1 sshd[5088]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.89.157 May 7 16:52:21 web1 sshd[5088]: Invalid user rails from 139.199.89.157 port 50278 May 7 16:52:23 web1 sshd[5088]: Failed password for invalid user rails from 139.199.89.157 port 50278 ssh2 May 7 16:55:18 web1 sshd[5831]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.89.157 user=root May 7 16:55:20 web1 sshd[5831]: Faile ...	2020-05-07 18:11:31
139.199.89.157	attackspambots	20 attempts against mh-ssh on echoip	2020-04-22 05:33:43
139.199.89.157	attackspambots	Brute-force attempt banned	2020-03-18 15:13:23
139.199.89.157	attackspambots	SSH Authentication Attempts Exceeded	2020-03-17 04:17:01
139.199.89.157	attackspam	Mar 9 13:37:02 vps691689 sshd[11891]: Failed password for root from 139.199.89.157 port 52340 ssh2 Mar 9 13:39:32 vps691689 sshd[11928]: Failed password for root from 139.199.89.157 port 50132 ssh2 ...	2020-03-09 21:04:02
139.199.89.157	attack	Feb 20 10:16:57 silence02 sshd[24013]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.89.157 Feb 20 10:16:59 silence02 sshd[24013]: Failed password for invalid user xautomation from 139.199.89.157 port 52160 ssh2 Feb 20 10:19:35 silence02 sshd[24212]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.89.157	2020-02-20 17:32:55
139.199.89.157	attack	2020-02-15T23:14:07.739013scmdmz1 sshd[24554]: Invalid user sys from 139.199.89.157 port 54394 2020-02-15T23:14:07.742164scmdmz1 sshd[24554]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.89.157 2020-02-15T23:14:07.739013scmdmz1 sshd[24554]: Invalid user sys from 139.199.89.157 port 54394 2020-02-15T23:14:09.459910scmdmz1 sshd[24554]: Failed password for invalid user sys from 139.199.89.157 port 54394 ssh2 2020-02-15T23:17:19.114328scmdmz1 sshd[24896]: Invalid user bcd from 139.199.89.157 port 44990 ...	2020-02-16 09:20:31
139.199.89.157	attackspam	Feb 7 02:02:03 lock-38 sshd[8247]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.89.157 Feb 7 02:02:05 lock-38 sshd[8247]: Failed password for invalid user yzj from 139.199.89.157 port 55096 ssh2 ...	2020-02-12 20:53:32

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.199.89.117
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 53227
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.199.89.117.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019042001 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sun Apr 21 12:22:57 +08 2019
;; MSG SIZE  rcvd: 118

Host info

Host 117.89.199.139.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 117.89.199.139.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
74.96.248.127	attackspam	Feb 17 07:38:56 sticky sshd\[30775\]: Invalid user test from 74.96.248.127 port 37176 Feb 17 07:38:56 sticky sshd\[30775\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=74.96.248.127 Feb 17 07:38:58 sticky sshd\[30775\]: Failed password for invalid user test from 74.96.248.127 port 37176 ssh2 Feb 17 07:46:12 sticky sshd\[30862\]: Invalid user coduoserver from 74.96.248.127 port 44445 Feb 17 07:46:12 sticky sshd\[30862\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=74.96.248.127 ...	2020-02-17 15:32:05
222.186.15.33	attackspambots	Feb 17 04:10:43 firewall sshd[9328]: Failed password for root from 222.186.15.33 port 23790 ssh2 Feb 17 04:10:45 firewall sshd[9328]: Failed password for root from 222.186.15.33 port 23790 ssh2 Feb 17 04:10:48 firewall sshd[9328]: Failed password for root from 222.186.15.33 port 23790 ssh2 ...	2020-02-17 15:24:44
222.186.175.23	attackspam	Feb 17 07:47:59 v22018076622670303 sshd\[28591\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.23 user=root Feb 17 07:48:01 v22018076622670303 sshd\[28591\]: Failed password for root from 222.186.175.23 port 52495 ssh2 Feb 17 07:48:03 v22018076622670303 sshd\[28591\]: Failed password for root from 222.186.175.23 port 52495 ssh2 ...	2020-02-17 15:04:48
217.31.62.15	attack	SSH login attempts.	2020-02-17 15:15:19
187.163.120.5	attackbotsspam	Automatic report - Port Scan Attack	2020-02-17 15:37:50
92.121.34.23	attackspam	SSH login attempts.	2020-02-17 15:16:18
196.218.9.125	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-17 15:21:22
54.203.167.158	attackspambots	SSH login attempts.	2020-02-17 15:29:53
196.218.57.248	attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-17 15:47:38
185.202.1.164	attackspambots	Feb 17 07:02:41 ip-172-31-62-245 sshd\[27726\]: Invalid user cfaniger from 185.202.1.164\ Feb 17 07:02:43 ip-172-31-62-245 sshd\[27726\]: Failed password for invalid user cfaniger from 185.202.1.164 port 56520 ssh2\ Feb 17 07:02:44 ip-172-31-62-245 sshd\[27733\]: Invalid user cpe from 185.202.1.164\ Feb 17 07:02:46 ip-172-31-62-245 sshd\[27733\]: Failed password for invalid user cpe from 185.202.1.164 port 3614 ssh2\ Feb 17 07:02:47 ip-172-31-62-245 sshd\[27735\]: Invalid user cubie from 185.202.1.164\	2020-02-17 15:12:14
54.235.203.7	attack	SSH login attempts.	2020-02-17 15:37:12
89.163.216.147	attack	SSH login attempts.	2020-02-17 15:44:48
211.231.108.46	attackspam	SSH login attempts.	2020-02-17 15:20:40
121.42.49.168	attackbotsspam	WordPress login Brute force / Web App Attack on client site.	2020-02-17 15:21:00
181.118.2.68	attack	Automatic report - Port Scan Attack	2020-02-17 15:07:58

Recently Reported IPs

165.144.156.172	155.75.139.109	189.161.111.215	193.150.101.6
193.141.22.183	80.234.231.95	97.157.43.89	106.51.5.83
67.163.26.168	168.177.13.35	44.11.249.66	111.230.212.81
32.191.245.141	137.104.235.30	92.114.194.160	35.186.13.12
93.183.126.44	211.107.220.68	1.239.217.33	166.209.79.165