159.89.138.2 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
159.89.138.235	attack	TCP (SYN) 159.89.138.235:57212 -> port 9100, len 44	2020-05-24 19:22:50
159.89.138.85	attack	Unauthorized connection attempt detected from IP address 159.89.138.85 to port 8088	2019-12-17 05:48:02
159.89.138.85	attack	Scanning random ports - tries to find possible vulnerable services	2019-12-02 06:40:33

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 159.89.138.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 15891
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;159.89.138.2.			IN	A

;; AUTHORITY SECTION:
.			162	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021800 1800 900 604800 86400

;; Query time: 19 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 13:42:53 CST 2022
;; MSG SIZE  rcvd: 105

Host info

Host 2.138.89.159.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 2.138.89.159.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
162.243.131.74	attackspam	Port Scan detected from 162.243.131.74 (US/United States/California/San Francisco/zg-0312c-267.stretchoid.com). 4 hits in the last 265 seconds	2020-04-14 12:31:30
140.143.189.177	attackbotsspam	2020-04-13T21:55:27.014527linuxbox-skyline sshd[107541]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.189.177 user=root 2020-04-13T21:55:29.094220linuxbox-skyline sshd[107541]: Failed password for root from 140.143.189.177 port 33588 ssh2 ...	2020-04-14 12:13:36
59.22.233.81	attack	20 attempts against mh-ssh on cloud	2020-04-14 12:51:45
85.186.38.228	attack	Apr 14 05:55:09 vmd48417 sshd[28992]: Failed password for root from 85.186.38.228 port 33824 ssh2	2020-04-14 12:28:18
75.157.110.192	attackspambots	Automated report (2020-04-14T03:55:10+00:00). Faked user agent detected.	2020-04-14 12:28:39
183.49.245.90	attackbots	Fail2Ban Ban Triggered	2020-04-14 12:45:23
134.209.49.6	attackspam	2020-04-14T05:54:35.750231 sshd[28310]: Invalid user serverroot from 134.209.49.6 port 53676 2020-04-14T05:54:35.763883 sshd[28310]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.49.6 2020-04-14T05:54:35.750231 sshd[28310]: Invalid user serverroot from 134.209.49.6 port 53676 2020-04-14T05:54:37.707840 sshd[28310]: Failed password for invalid user serverroot from 134.209.49.6 port 53676 ssh2 ...	2020-04-14 12:48:57
103.217.167.150	attackbotsspam	Fail2Ban Ban Triggered	2020-04-14 12:40:59
123.122.112.134	attack	Apr 14 05:47:55 localhost sshd\[18614\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.122.112.134 user=root Apr 14 05:47:57 localhost sshd\[18614\]: Failed password for root from 123.122.112.134 port 37634 ssh2 Apr 14 05:51:54 localhost sshd\[18902\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.122.112.134 user=root Apr 14 05:51:56 localhost sshd\[18902\]: Failed password for root from 123.122.112.134 port 59192 ssh2 Apr 14 05:55:31 localhost sshd\[19157\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.122.112.134 user=root ...	2020-04-14 12:10:35
192.241.169.184	attackbots	Apr 13 18:19:14 wbs sshd\[14847\]: Invalid user odessie from 192.241.169.184 Apr 13 18:19:14 wbs sshd\[14847\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.241.169.184 Apr 13 18:19:16 wbs sshd\[14847\]: Failed password for invalid user odessie from 192.241.169.184 port 45084 ssh2 Apr 13 18:23:34 wbs sshd\[15207\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.241.169.184 user=root Apr 13 18:23:37 wbs sshd\[15207\]: Failed password for root from 192.241.169.184 port 38216 ssh2	2020-04-14 12:29:36
222.124.16.227	attack	Apr 14 05:50:35 minden010 sshd[15992]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.124.16.227 Apr 14 05:50:37 minden010 sshd[15992]: Failed password for invalid user assayag from 222.124.16.227 port 35136 ssh2 Apr 14 05:55:12 minden010 sshd[17519]: Failed password for root from 222.124.16.227 port 43000 ssh2 ...	2020-04-14 12:25:56
123.207.92.254	attack	Apr 14 05:40:52 ns382633 sshd\[14702\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.92.254 user=root Apr 14 05:40:54 ns382633 sshd\[14702\]: Failed password for root from 123.207.92.254 port 58064 ssh2 Apr 14 05:52:02 ns382633 sshd\[16620\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.92.254 user=root Apr 14 05:52:05 ns382633 sshd\[16620\]: Failed password for root from 123.207.92.254 port 40704 ssh2 Apr 14 05:55:02 ns382633 sshd\[16845\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.92.254 user=root	2020-04-14 12:34:32
162.243.130.205	attack	Port Scan detected from 162.243.130.205 (US/United States/California/San Francisco/zg-0312c-233.stretchoid.com). 4 hits in the last 271 seconds	2020-04-14 12:32:01
189.135.77.202	attack	Apr 13 23:56:34 Tower sshd[44088]: Connection from 189.135.77.202 port 42576 on 192.168.10.220 port 22 rdomain "" Apr 13 23:56:35 Tower sshd[44088]: Invalid user user7 from 189.135.77.202 port 42576 Apr 13 23:56:35 Tower sshd[44088]: error: Could not get shadow information for NOUSER Apr 13 23:56:35 Tower sshd[44088]: Failed password for invalid user user7 from 189.135.77.202 port 42576 ssh2 Apr 13 23:56:35 Tower sshd[44088]: Received disconnect from 189.135.77.202 port 42576:11: Bye Bye [preauth] Apr 13 23:56:35 Tower sshd[44088]: Disconnected from invalid user user7 189.135.77.202 port 42576 [preauth]	2020-04-14 12:53:32
103.219.112.47	attackspam	Apr 13 21:09:03 mockhub sshd[5317]: Failed password for root from 103.219.112.47 port 36494 ssh2 ...	2020-04-14 12:17:35

Recently Reported IPs

159.89.134.120	159.89.129.172	159.89.136.114	159.89.135.10
159.89.138.204	159.89.139.29	159.89.133.221	159.89.143.134
159.89.141.152	159.89.144.159	159.89.139.46	159.89.146.131
159.89.144.252	159.89.144.50	159.89.144.213	159.89.148.163
159.89.147.6	159.89.148.105	159.89.144.229	159.89.148.139