159.89.139.50 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
159.89.139.110	attackspam	159.89.139.110 - - [05/Sep/2020:15:10:24 +0200] "GET /wp-login.php HTTP/1.1" 200 8796 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.89.139.110 - - [05/Sep/2020:15:10:25 +0200] "POST /wp-login.php HTTP/1.1" 200 9047 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.89.139.110 - - [05/Sep/2020:15:10:26 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-05 22:31:57
159.89.139.110	attackbotsspam	159.89.139.110 - - [04/Sep/2020:17:50:59 +0100] "POST /wp-login.php HTTP/1.1" 200 1948 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.89.139.110 - - [04/Sep/2020:17:51:00 +0100] "POST /wp-login.php HTTP/1.1" 200 1954 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.89.139.110 - - [04/Sep/2020:17:51:07 +0100] "POST /wp-login.php HTTP/1.1" 200 1949 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-05 14:09:05
159.89.139.110	attackbots	159.89.139.110 - - [04/Sep/2020:17:50:59 +0100] "POST /wp-login.php HTTP/1.1" 200 1948 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.89.139.110 - - [04/Sep/2020:17:51:00 +0100] "POST /wp-login.php HTTP/1.1" 200 1954 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.89.139.110 - - [04/Sep/2020:17:51:07 +0100] "POST /wp-login.php HTTP/1.1" 200 1949 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-05 06:52:10
159.89.139.110	attackbotsspam	159.89.139.110 - - [31/Aug/2020:09:41:41 +0200] "GET /wp-login.php HTTP/1.1" 200 8537 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.89.139.110 - - [31/Aug/2020:09:41:44 +0200] "POST /wp-login.php HTTP/1.1" 200 8788 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.89.139.110 - - [31/Aug/2020:09:41:45 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-31 18:11:40
159.89.139.110	attack	159.89.139.110 - - [25/Jul/2020:05:00:08 +0100] "POST /wp-login.php HTTP/1.1" 200 1967 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.89.139.110 - - [25/Jul/2020:05:00:10 +0100] "POST /wp-login.php HTTP/1.1" 200 1994 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.89.139.110 - - [25/Jul/2020:05:00:10 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-07-25 12:26:34
159.89.139.110	attackspam	159.89.139.110 - - [24/Jul/2020:07:36:57 +0100] "POST /wp-login.php HTTP/1.1" 200 4437 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.89.139.110 - - [24/Jul/2020:07:36:58 +0100] "POST /xmlrpc.php HTTP/1.1" 200 271 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.89.139.110 - - [24/Jul/2020:07:53:08 +0100] "POST /wp-login.php HTTP/1.1" 200 4475 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-07-24 19:16:29
159.89.139.149	attackspam	Attacks websites by trying to access known vulnerables of plugins, brute-force of backends or probing of administrative tools	2020-06-14 22:35:15
159.89.139.149	attackspam	C1,WP GET /conni-club/home/wp-includes/wlwmanifest.xml GET /kramkiste/home/wp-includes/wlwmanifest.xml	2020-06-08 22:49:30
159.89.139.220	attack	firewall-block, port(s): 22703/tcp	2020-04-19 05:19:25
159.89.139.228	attackspambots	Mar 10 05:56:07 * sshd[32388]: Failed password for root from 159.89.139.228 port 38032 ssh2	2020-03-10 13:50:11
159.89.139.220	attackbotsspam	Jan 23 13:55:23 odroid64 sshd\[4802\]: Invalid user tester from 159.89.139.220 Jan 23 13:55:23 odroid64 sshd\[4802\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.139.220 ...	2020-03-06 05:54:58
159.89.139.228	attack	2020-03-01T14:22:42.769477shield sshd\[25151\]: Invalid user test from 159.89.139.228 port 58302 2020-03-01T14:22:42.774383shield sshd\[25151\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.139.228 2020-03-01T14:22:45.350259shield sshd\[25151\]: Failed password for invalid user test from 159.89.139.228 port 58302 ssh2 2020-03-01T14:28:00.054019shield sshd\[26046\]: Invalid user sinus from 159.89.139.228 port 54494 2020-03-01T14:28:00.057971shield sshd\[26046\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.139.228	2020-03-01 22:38:19
159.89.139.228	attackspambots	DATE:2020-02-29 01:06:10, IP:159.89.139.228, PORT:ssh SSH brute force auth (docker-dc)	2020-02-29 08:51:20
159.89.139.228	attack	Feb 20 13:30:37 ws26vmsma01 sshd[8080]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.139.228 Feb 20 13:30:39 ws26vmsma01 sshd[8080]: Failed password for invalid user ftp from 159.89.139.228 port 59200 ssh2 ...	2020-02-20 21:33:38
159.89.139.149	attack	Automatic report - XMLRPC Attack	2020-02-19 00:02:10

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 159.89.139.50
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 50329
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;159.89.139.50.			IN	A

;; AUTHORITY SECTION:
.			568	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022701 1800 900 604800 86400

;; Query time: 18 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 28 05:14:41 CST 2022
;; MSG SIZE  rcvd: 106

Host info

50.139.89.159.in-addr.arpa domain name pointer crmb.io.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
50.139.89.159.in-addr.arpa	name = crmb.io.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
195.117.101.79	attack	Feb 18 01:43:27 plusreed sshd[2462]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.117.101.79 user=root Feb 18 01:43:29 plusreed sshd[2462]: Failed password for root from 195.117.101.79 port 53181 ssh2 ...	2020-02-18 16:42:04
106.12.217.180	attackspam	Invalid user jesus from 106.12.217.180 port 52820	2020-02-18 16:44:15
139.99.236.133	attackspam	Feb 18 05:53:33 ns381471 sshd[13908]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.236.133 Feb 18 05:53:35 ns381471 sshd[13908]: Failed password for invalid user oracle from 139.99.236.133 port 57396 ssh2	2020-02-18 17:02:22
222.186.175.151	attackbotsspam	Feb 18 09:54:37 sso sshd[8013]: Failed password for root from 222.186.175.151 port 28908 ssh2 Feb 18 09:54:40 sso sshd[8013]: Failed password for root from 222.186.175.151 port 28908 ssh2 ...	2020-02-18 16:58:51
123.51.162.52	attackspam	Feb 18 06:34:37 lnxmysql61 sshd[17975]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.51.162.52	2020-02-18 17:14:59
121.254.133.205	attackbotsspam	$f2bV_matches \| Triggered by Fail2Ban at Vostok web server	2020-02-18 17:12:25
180.250.162.9	attack	Feb 18 08:45:34 OPSO sshd\[824\]: Invalid user oracle from 180.250.162.9 port 28768 Feb 18 08:45:34 OPSO sshd\[824\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.250.162.9 Feb 18 08:45:37 OPSO sshd\[824\]: Failed password for invalid user oracle from 180.250.162.9 port 28768 ssh2 Feb 18 08:49:49 OPSO sshd\[969\]: Invalid user ubuntu from 180.250.162.9 port 58770 Feb 18 08:49:49 OPSO sshd\[969\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.250.162.9	2020-02-18 16:37:52
200.86.228.10	attackbots	invalid login attempt (test1)	2020-02-18 17:06:32
113.190.242.53	attackspambots	1582001636 - 02/18/2020 05:53:56 Host: 113.190.242.53/113.190.242.53 Port: 445 TCP Blocked	2020-02-18 16:46:23
42.200.206.225	attackspam	Feb 18 03:43:32 vmd17057 sshd[3901]: Invalid user PS from 42.200.206.225 port 60376 Feb 18 03:43:32 vmd17057 sshd[3901]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.200.206.225 Feb 18 03:43:34 vmd17057 sshd[3901]: Failed password for invalid user PS from 42.200.206.225 port 60376 ssh2 ...	2020-02-18 17:10:56
159.203.66.129	attack	Feb 18 11:17:27 pkdns2 sshd\[8031\]: Failed password for root from 159.203.66.129 port 55308 ssh2Feb 18 11:17:27 pkdns2 sshd\[8033\]: Invalid user admin from 159.203.66.129Feb 18 11:17:29 pkdns2 sshd\[8033\]: Failed password for invalid user admin from 159.203.66.129 port 58186 ssh2Feb 18 11:17:30 pkdns2 sshd\[8035\]: Invalid user ubnt from 159.203.66.129Feb 18 11:17:31 pkdns2 sshd\[8035\]: Failed password for invalid user ubnt from 159.203.66.129 port 32786 ssh2Feb 18 11:17:33 pkdns2 sshd\[8037\]: Failed password for root from 159.203.66.129 port 35176 ssh2Feb 18 11:17:34 pkdns2 sshd\[8039\]: Invalid user support from 159.203.66.129 ...	2020-02-18 17:20:14
122.152.220.161	attack	Feb 18 08:55:22 MK-Soft-Root2 sshd[32105]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.152.220.161 Feb 18 08:55:23 MK-Soft-Root2 sshd[32105]: Failed password for invalid user 112233 from 122.152.220.161 port 35000 ssh2 ...	2020-02-18 17:10:17
59.89.216.123	attack	20/2/17@23:53:35: FAIL: Alarm-Network address from=59.89.216.123 ...	2020-02-18 17:03:15
49.244.159.26	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-18 17:07:11
60.250.147.218	attackbots	Feb 18 09:17:57 vpn01 sshd[18280]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.250.147.218 Feb 18 09:17:59 vpn01 sshd[18280]: Failed password for invalid user pegasus from 60.250.147.218 port 58346 ssh2 ...	2020-02-18 16:51:09

Recently Reported IPs

159.89.138.121	159.89.143.172	159.89.142.12	159.89.144.197
159.89.146.235	159.89.156.213	159.89.160.74	159.89.162.208
159.89.168.215	159.89.165.84	159.89.162.124	159.89.166.99
159.89.169.162	159.89.167.131	159.89.168.7	159.89.168.58
159.89.170.13	159.89.170.138	159.89.170.234	159.89.171.131