139.199.89.157

Basic Info

City: Beijing

Region: Beijing

Country: China

Internet Service Provider: V6Yun (Beijing) Network Co. Ltd

Hostname: unknown

Organization: unknown

Usage Type: Search Engine Spider

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Jul 17 23:34:03 haigwepa sshd[8959]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.89.157 Jul 17 23:34:05 haigwepa sshd[8959]: Failed password for invalid user scp from 139.199.89.157 port 52880 ssh2 ...	2020-07-18 05:35:35
attack	Jul 7 21:54:44 nas sshd[21097]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.89.157 Jul 7 21:54:46 nas sshd[21097]: Failed password for invalid user sofronio from 139.199.89.157 port 59344 ssh2 Jul 7 22:12:12 nas sshd[21914]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.89.157 ...	2020-07-08 07:08:09
attack	Jun 17 09:19:31 srv sshd[17950]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.89.157	2020-06-17 18:42:23
attack	2020-06-10T19:41:34.745510shield sshd\[1502\]: Invalid user elk from 139.199.89.157 port 33560 2020-06-10T19:41:34.749154shield sshd\[1502\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.89.157 2020-06-10T19:41:36.549349shield sshd\[1502\]: Failed password for invalid user elk from 139.199.89.157 port 33560 ssh2 2020-06-10T19:43:57.079266shield sshd\[2028\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.89.157 user=root 2020-06-10T19:43:58.844343shield sshd\[2028\]: Failed password for root from 139.199.89.157 port 33170 ssh2	2020-06-11 03:47:25
attackspam	May 29 14:16:42 pve1 sshd[21420]: Failed password for root from 139.199.89.157 port 39702 ssh2 ...	2020-05-29 21:11:26
attackbots	May 27 14:39:19 OPSO sshd\[17079\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.89.157 user=root May 27 14:39:21 OPSO sshd\[17079\]: Failed password for root from 139.199.89.157 port 37880 ssh2 May 27 14:43:50 OPSO sshd\[17909\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.89.157 user=root May 27 14:43:52 OPSO sshd\[17909\]: Failed password for root from 139.199.89.157 port 56470 ssh2 May 27 14:48:14 OPSO sshd\[18926\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.89.157 user=root	2020-05-28 00:31:43
attackbotsspam	May 13 14:36:06 mout sshd[22614]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.89.157 user=root May 13 14:36:08 mout sshd[22614]: Failed password for root from 139.199.89.157 port 45764 ssh2	2020-05-14 00:16:26
attackbotsspam	May 7 16:31:38 web1 sshd[32400]: Invalid user gg from 139.199.89.157 port 59386 May 7 16:31:38 web1 sshd[32400]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.89.157 May 7 16:31:38 web1 sshd[32400]: Invalid user gg from 139.199.89.157 port 59386 May 7 16:31:40 web1 sshd[32400]: Failed password for invalid user gg from 139.199.89.157 port 59386 ssh2 May 7 16:52:21 web1 sshd[5088]: Invalid user rails from 139.199.89.157 port 50278 May 7 16:52:21 web1 sshd[5088]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.89.157 May 7 16:52:21 web1 sshd[5088]: Invalid user rails from 139.199.89.157 port 50278 May 7 16:52:23 web1 sshd[5088]: Failed password for invalid user rails from 139.199.89.157 port 50278 ssh2 May 7 16:55:18 web1 sshd[5831]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.89.157 user=root May 7 16:55:20 web1 sshd[5831]: Faile ...	2020-05-07 18:11:31
attackspambots	20 attempts against mh-ssh on echoip	2020-04-22 05:33:43
attackspambots	Brute-force attempt banned	2020-03-18 15:13:23
attackspambots	SSH Authentication Attempts Exceeded	2020-03-17 04:17:01
attackspam	Mar 9 13:37:02 vps691689 sshd[11891]: Failed password for root from 139.199.89.157 port 52340 ssh2 Mar 9 13:39:32 vps691689 sshd[11928]: Failed password for root from 139.199.89.157 port 50132 ssh2 ...	2020-03-09 21:04:02
attack	Feb 20 10:16:57 silence02 sshd[24013]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.89.157 Feb 20 10:16:59 silence02 sshd[24013]: Failed password for invalid user xautomation from 139.199.89.157 port 52160 ssh2 Feb 20 10:19:35 silence02 sshd[24212]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.89.157	2020-02-20 17:32:55
attack	2020-02-15T23:14:07.739013scmdmz1 sshd[24554]: Invalid user sys from 139.199.89.157 port 54394 2020-02-15T23:14:07.742164scmdmz1 sshd[24554]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.89.157 2020-02-15T23:14:07.739013scmdmz1 sshd[24554]: Invalid user sys from 139.199.89.157 port 54394 2020-02-15T23:14:09.459910scmdmz1 sshd[24554]: Failed password for invalid user sys from 139.199.89.157 port 54394 ssh2 2020-02-15T23:17:19.114328scmdmz1 sshd[24896]: Invalid user bcd from 139.199.89.157 port 44990 ...	2020-02-16 09:20:31
attackspam	Feb 7 02:02:03 lock-38 sshd[8247]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.89.157 Feb 7 02:02:05 lock-38 sshd[8247]: Failed password for invalid user yzj from 139.199.89.157 port 55096 ssh2 ...	2020-02-12 20:53:32
attack	Unauthorized connection attempt detected from IP address 139.199.89.157 to port 2220 [J]	2020-02-04 04:33:24

Comments on same subnet:

IP	Type	Details	Datetime
139.199.89.117	attack	Sep 16 21:53:19 auw2 sshd\[15818\]: Invalid user achour from 139.199.89.117 Sep 16 21:53:19 auw2 sshd\[15818\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.89.117 Sep 16 21:53:21 auw2 sshd\[15818\]: Failed password for invalid user achour from 139.199.89.117 port 39960 ssh2 Sep 16 21:57:59 auw2 sshd\[16204\]: Invalid user user from 139.199.89.117 Sep 16 21:57:59 auw2 sshd\[16204\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.89.117	2019-09-17 16:59:49
139.199.89.117	attackbotsspam	Sep 12 15:48:25 MK-Soft-VM5 sshd\[17622\]: Invalid user test123 from 139.199.89.117 port 50234 Sep 12 15:48:25 MK-Soft-VM5 sshd\[17622\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.89.117 Sep 12 15:48:27 MK-Soft-VM5 sshd\[17622\]: Failed password for invalid user test123 from 139.199.89.117 port 50234 ssh2 ...	2019-09-13 07:56:29
139.199.89.117	attackbotsspam	Aug 30 05:48:40 *** sshd[8926]: User root from 139.199.89.117 not allowed because not listed in AllowUsers	2019-08-30 15:01:00
139.199.89.117	attackbotsspam	Aug 28 07:25:49 srv-4 sshd\[16316\]: Invalid user jboss from 139.199.89.117 Aug 28 07:25:49 srv-4 sshd\[16316\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.89.117 Aug 28 07:25:50 srv-4 sshd\[16316\]: Failed password for invalid user jboss from 139.199.89.117 port 52468 ssh2 ...	2019-08-28 15:54:12
139.199.89.117	attack	Automatic report - Banned IP Access	2019-08-15 06:24:42
139.199.89.117	attack	Jul 28 08:15:05 vps200512 sshd\[10784\]: Invalid user novem from 139.199.89.117 Jul 28 08:15:05 vps200512 sshd\[10784\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.89.117 Jul 28 08:15:07 vps200512 sshd\[10784\]: Failed password for invalid user novem from 139.199.89.117 port 52800 ssh2 Jul 28 08:19:15 vps200512 sshd\[10833\]: Invalid user reframe from 139.199.89.117 Jul 28 08:19:15 vps200512 sshd\[10833\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.89.117	2019-07-28 21:09:22
139.199.89.117	attack	May 29 11:31:19 server sshd\[126462\]: Invalid user linux from 139.199.89.117 May 29 11:31:19 server sshd\[126462\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.89.117 May 29 11:31:20 server sshd\[126462\]: Failed password for invalid user linux from 139.199.89.117 port 47922 ssh2 ...	2019-07-12 07:46:39
139.199.89.117	attack	Jun 23 02:35:18 ncomp sshd[1693]: Invalid user ftpuser from 139.199.89.117 Jun 23 02:35:18 ncomp sshd[1693]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.89.117 Jun 23 02:35:18 ncomp sshd[1693]: Invalid user ftpuser from 139.199.89.117 Jun 23 02:35:20 ncomp sshd[1693]: Failed password for invalid user ftpuser from 139.199.89.117 port 59844 ssh2	2019-06-23 17:58:14

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.199.89.157
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 19949
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;139.199.89.157.			IN	A

;; AUTHORITY SECTION:
.			400	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020020301 1800 900 604800 86400

;; Query time: 97 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 04 04:33:21 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 157.89.199.139.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 157.89.199.139.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
181.57.153.190	attackspam	Feb 25 09:50:27 webhost01 sshd[2269]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.57.153.190 Feb 25 09:50:29 webhost01 sshd[2269]: Failed password for invalid user edward from 181.57.153.190 port 59620 ssh2 ...	2020-02-25 10:56:41
106.13.219.171	attack	2019-12-05T03:37:01.077199suse-nuc sshd[30302]: Invalid user test from 106.13.219.171 port 54420 ...	2020-02-25 10:34:36
117.34.118.44	attackspambots	Icarus honeypot on github	2020-02-25 10:50:19
113.23.11.59	attackbotsspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-02-25 11:06:34
222.186.175.150	attackbots	v+ssh-bruteforce	2020-02-25 11:06:02
43.226.144.111	attackbotsspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-02-25 10:52:14
156.200.110.74	attackspam	Honeypot attack, port: 445, PTR: host-156.200.110.74.tedata.net.	2020-02-25 10:45:04
209.17.97.98	attackspam	Automatic report - Banned IP Access	2020-02-25 10:53:23
112.196.97.85	attack	Feb 24 21:44:33 plusreed sshd[29178]: Invalid user oraprod from 112.196.97.85 ...	2020-02-25 10:51:43
113.110.54.226	attack	2020-02-25T00:22:50.099038 X postfix/smtpd[5329]: lost connection after AUTH from unknown[113.110.54.226] 2020-02-25T00:22:50.980665 X postfix/smtpd[5329]: lost connection after AUTH from unknown[113.110.54.226] 2020-02-25T00:22:51.868237 X postfix/smtpd[5329]: lost connection after AUTH from unknown[113.110.54.226]	2020-02-25 10:26:36
106.54.52.35	attack	2020-02-25T02:34:29.224537shield sshd\[20550\]: Invalid user dba from 106.54.52.35 port 57776 2020-02-25T02:34:29.228569shield sshd\[20550\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.52.35 2020-02-25T02:34:31.511498shield sshd\[20550\]: Failed password for invalid user dba from 106.54.52.35 port 57776 ssh2 2020-02-25T02:37:47.514191shield sshd\[21139\]: Invalid user zhangzhitong from 106.54.52.35 port 37670 2020-02-25T02:37:47.518044shield sshd\[21139\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.52.35	2020-02-25 10:46:32
61.160.245.87	attackspam	$f2bV_matches	2020-02-25 10:29:15
176.109.171.217	attackbots	" "	2020-02-25 10:33:58
222.186.15.10	attackspambots	Feb 25 02:35:39 h2646465 sshd[10453]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.10 user=root Feb 25 02:35:41 h2646465 sshd[10453]: Failed password for root from 222.186.15.10 port 59355 ssh2 Feb 25 02:35:43 h2646465 sshd[10453]: Failed password for root from 222.186.15.10 port 59355 ssh2 Feb 25 02:35:39 h2646465 sshd[10453]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.10 user=root Feb 25 02:35:41 h2646465 sshd[10453]: Failed password for root from 222.186.15.10 port 59355 ssh2 Feb 25 02:35:43 h2646465 sshd[10453]: Failed password for root from 222.186.15.10 port 59355 ssh2 Feb 25 02:35:39 h2646465 sshd[10453]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.10 user=root Feb 25 02:35:41 h2646465 sshd[10453]: Failed password for root from 222.186.15.10 port 59355 ssh2 Feb 25 02:35:43 h2646465 sshd[10453]: Failed password for root from 222.186.15.10	2020-02-25 10:46:15
207.107.67.67	attack	Feb 25 03:15:38 vps691689 sshd[24619]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.107.67.67 Feb 25 03:15:40 vps691689 sshd[24619]: Failed password for invalid user eric from 207.107.67.67 port 46160 ssh2 ...	2020-02-25 10:41:28

Recently Reported IPs

92.140.94.61	122.51.116.103	187.96.188.0	121.164.127.133
222.67.36.175	67.76.165.186	121.148.72.160	27.136.66.17
110.137.66.64	109.191.20.232	74.41.107.191	62.85.89.116
115.55.31.28	104.38.194.132	219.134.48.20	110.249.183.3
132.214.8.199	84.204.109.191	106.12.120.207	128.82.11.19