159.89.142.14 - IPInfo

Basic Info

City: Santa Clara

Region: California

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: DigitalOcean, LLC

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
159.89.142.25	attackbots	(sshd) Failed SSH login from 159.89.142.25 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: May 25 20:42:48 amsweb01 sshd[2973]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.142.25 user=root May 25 20:42:50 amsweb01 sshd[2973]: Failed password for root from 159.89.142.25 port 36610 ssh2 May 25 20:53:44 amsweb01 sshd[4210]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.142.25 user=root May 25 20:53:46 amsweb01 sshd[4210]: Failed password for root from 159.89.142.25 port 40932 ssh2 May 25 20:57:01 amsweb01 sshd[4492]: Invalid user farand from 159.89.142.25 port 45614	2020-05-26 03:08:10
159.89.142.25	attack	May 22 23:30:28 vps687878 sshd\[30342\]: Failed password for invalid user sox from 159.89.142.25 port 43964 ssh2 May 22 23:33:46 vps687878 sshd\[30597\]: Invalid user fgq from 159.89.142.25 port 49584 May 22 23:33:46 vps687878 sshd\[30597\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.142.25 May 22 23:33:48 vps687878 sshd\[30597\]: Failed password for invalid user fgq from 159.89.142.25 port 49584 ssh2 May 22 23:37:10 vps687878 sshd\[30990\]: Invalid user arz from 159.89.142.25 port 55206 May 22 23:37:10 vps687878 sshd\[30990\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.142.25 ...	2020-05-23 05:38:44
159.89.142.25	attackbotsspam	May 22 07:08:59 cdc sshd[14217]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.142.25 May 22 07:09:00 cdc sshd[14217]: Failed password for invalid user tfe from 159.89.142.25 port 42166 ssh2	2020-05-22 15:06:26
159.89.142.25	attackspambots	Repeated brute force against a port	2020-05-16 05:31:46
159.89.142.25	attackspam	May 13 01:21:56 ip-172-31-61-156 sshd[9218]: Failed password for invalid user cloud from 159.89.142.25 port 52936 ssh2 May 13 01:21:54 ip-172-31-61-156 sshd[9218]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.142.25 May 13 01:21:54 ip-172-31-61-156 sshd[9218]: Invalid user cloud from 159.89.142.25 May 13 01:21:56 ip-172-31-61-156 sshd[9218]: Failed password for invalid user cloud from 159.89.142.25 port 52936 ssh2 May 13 01:24:59 ip-172-31-61-156 sshd[9352]: Invalid user moo from 159.89.142.25 ...	2020-05-13 09:40:37
159.89.142.25	attackbots	Lines containing failures of 159.89.142.25 May 11 13:26:38 shared01 sshd[4080]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.142.25 user=admin May 11 13:26:39 shared01 sshd[4080]: Failed password for admin from 159.89.142.25 port 48062 ssh2 May 11 13:26:40 shared01 sshd[4080]: Received disconnect from 159.89.142.25 port 48062:11: Bye Bye [preauth] May 11 13:26:40 shared01 sshd[4080]: Disconnected from authenticating user admin 159.89.142.25 port 48062 [preauth] May 11 14:00:32 shared01 sshd[17275]: Invalid user applprod from 159.89.142.25 port 60250 May 11 14:00:32 shared01 sshd[17275]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.142.25 May 11 14:00:33 shared01 sshd[17275]: Failed password for invalid user applprod from 159.89.142.25 port 60250 ssh2 May 11 14:00:34 shared01 sshd[17275]: Received disconnect from 159.89.142.25 port 60250:11: Bye Bye [preauth] May 11 14:00:........ ------------------------------	2020-05-12 02:17:48
159.89.142.222	attackbotsspam	MVPower DVR TV Shell Unauthenticated Command Execution Vulnerability	2020-05-10 21:07:25
159.89.142.33	attack	Invalid user admin from 159.89.142.33 port 60394	2019-07-13 18:18:03
159.89.142.3	attack	23/tcp 23/tcp 23/tcp... [2019-06-23/07-02]29pkt,1pt.(tcp)	2019-07-02 14:40:16

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 159.89.142.14
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1967
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;159.89.142.14.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019041800 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Thu Apr 18 21:32:10 +08 2019
;; MSG SIZE  rcvd: 117

Host info

Host 14.142.89.159.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 14.142.89.159.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
52.249.218.234	attack	Jul 14 15:48:43 eventyay sshd[7440]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.249.218.234 Jul 14 15:48:43 eventyay sshd[7439]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.249.218.234 Jul 14 15:48:45 eventyay sshd[7440]: Failed password for invalid user eventyay.com from 52.249.218.234 port 10339 ssh2 Jul 14 15:48:45 eventyay sshd[7439]: Failed password for invalid user eventyay from 52.249.218.234 port 10338 ssh2 ...	2020-07-15 00:22:45
81.68.97.184	attack	Jul 14 18:06:37 raspberrypi sshd[24263]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.68.97.184 Jul 14 18:06:39 raspberrypi sshd[24263]: Failed password for invalid user service from 81.68.97.184 port 53990 ssh2 ...	2020-07-15 00:18:05
188.166.208.131	attackspambots	"fail2ban match"	2020-07-15 00:23:12
20.185.69.153	attack	[Tue Jul 14 13:53:44 2020] Failed password for invalid user ispgateway from 20.185.69.153 port 19773 ssh2 [Tue Jul 14 13:53:44 2020] Failed password for invalid user webserver from 20.185.69.153 port 19770 ssh2 [Tue Jul 14 13:53:44 2020] Failed password for invalid user webserver from 20.185.69.153 port 19771 ssh2 [Tue Jul 14 13:53:44 2020] Failed password for invalid user webserver from 20.185.69.153 port 19766 ssh2 [Tue Jul 14 13:53:44 2020] Failed password for r.r from 20.185.69.153 port 19791 ssh2 [Tue Jul 14 13:53:44 2020] Failed password for r.r from 20.185.69.153 port 19789 ssh2 [Tue Jul 14 13:53:44 2020] Failed password for invalid user ispgateway from 20.185.69.153 port 19775 ssh2 [Tue Jul 14 13:53:44 2020] Failed password for r.r from 20.185.69.153 port 19792 ssh2 [Tue Jul 14 13:53:44 2020] Failed password for r.r from 20.185.69.153 port 19787 ssh2 [Tue Jul 14 13:53:44 2020] Failed password for invalid user webserver from 20.185.69.153 port 19767 ssh2 [Tue Jul........ -------------------------------	2020-07-15 00:03:26
13.82.128.249	attackbots	Jul 14 16:53:26 hosting sshd[20061]: Invalid user remuar.ru from 13.82.128.249 port 47076 Jul 14 16:53:26 hosting sshd[20060]: Invalid user remuar from 13.82.128.249 port 47075 Jul 14 16:53:26 hosting sshd[20060]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.82.128.249 Jul 14 16:53:26 hosting sshd[20060]: Invalid user remuar from 13.82.128.249 port 47075 Jul 14 16:53:27 hosting sshd[20060]: Failed password for invalid user remuar from 13.82.128.249 port 47075 ssh2 Jul 14 16:53:26 hosting sshd[20061]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.82.128.249 Jul 14 16:53:26 hosting sshd[20061]: Invalid user remuar.ru from 13.82.128.249 port 47076 Jul 14 16:53:27 hosting sshd[20061]: Failed password for invalid user remuar.ru from 13.82.128.249 port 47076 ssh2 ...	2020-07-15 00:15:14
83.110.220.32	attack	SSH Brute-Force Attack	2020-07-15 00:11:07
223.71.167.163	attackspam	Unauthorized connection attempt detected from IP address 223.71.167.163 to port 1863	2020-07-14 23:55:43
104.41.48.168	attackspambots	2020-07-14 12:29:51,207 fail2ban.filter [2207]: INFO [ssh] Found 104.41.48.168 - 2020-07-14 12:29:51 2020-07-14 12:29:51,218 fail2ban.filter [2207]: INFO [ssh] Found 104.41.48.168 - 2020-07-14 12:29:51 2020-07-14 12:29:51,219 fail2ban.filter [2207]: INFO [ssh] Found 104.41.48.168 - 2020-07-14 12:29:51 2020-07-14 12:29:51,221 fail2ban.filter [2207]: INFO [ssh] Found 104.41.48.168 - 2020-07-14 12:29:51 2020-07-14 12:29:51,222 fail2ban.filter [2207]: INFO [ssh] Found 104.41.48.168 - 2020-07-14 12:29:51 2020-07-14 12:29:51,225 fail2ban.filter [2207]: INFO [ssh] Found 104.41.48.168 - 2020-07-14 12:29:51 2020-07-14 12:29:51,234 fail2ban.filter [2207]: INFO [ssh] Found 104.41.48.168 - 2020-07-14 12:29:51 2020-07-14 12:29:51,261 fail2ban.filter [2207]: INFO [ssh] Found 104.41.48.168 - 2020-07-14 12:29:51 2020-07-14 12:29:51,265 fail2ban.filter [2207]: INFO [ssh] Found 104.41.48.16........ -------------------------------	2020-07-15 00:00:15
52.250.10.51	attackbotsspam	[Tue Jul 14 12:25:41 2020] Failed password for invalid user ispgateway from 52.250.10.51 port 7619 ssh2 [Tue Jul 14 12:25:41 2020] Failed password for invalid user ispgateway from 52.250.10.51 port 7620 ssh2 [Tue Jul 14 12:25:41 2020] Failed password for r.r from 52.250.10.51 port 7637 ssh2 [Tue Jul 14 12:25:41 2020] Failed password for invalid user ispgateway from 52.250.10.51 port 7621 ssh2 [Tue Jul 14 12:25:41 2020] Failed password for r.r from 52.250.10.51 port 7638 ssh2 [Tue Jul 14 12:25:41 2020] Failed password for r.r from 52.250.10.51 port 7635 ssh2 [Tue Jul 14 12:25:41 2020] Failed password for invalid user webserver.iddos-domain.tld from 52.250.10.51 port 7626 ssh2 [Tue Jul 14 12:25:41 2020] Failed password for r.r from 52.250.10.51 port 7634 ssh2 [Tue Jul 14 12:25:41 2020] Failed password for invalid user webserver.iddos-domain.tld from 52.250.10.51 port 7627 ssh2 [Tue Jul 14 12:25:41 2020] Failed password for invalid user webserver.iddos-domain.tld from 52.2........ -------------------------------	2020-07-14 23:51:53
149.56.12.88	attack	Jul 14 16:14:33 ArkNodeAT sshd\[21620\]: Invalid user node from 149.56.12.88 Jul 14 16:14:33 ArkNodeAT sshd\[21620\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.12.88 Jul 14 16:14:36 ArkNodeAT sshd\[21620\]: Failed password for invalid user node from 149.56.12.88 port 57626 ssh2	2020-07-15 00:21:45
189.209.174.212	attack	Automatic report - Port Scan Attack	2020-07-15 00:27:21
52.233.227.83	attackspam	Jul 14 15:50:23 amit sshd\[551\]: Invalid user systems from 52.233.227.83 Jul 14 15:50:23 amit sshd\[552\]: Invalid user hodl.amit.systems from 52.233.227.83 Jul 14 15:50:23 amit sshd\[551\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.233.227.83 Jul 14 15:50:23 amit sshd\[552\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.233.227.83 Jul 14 15:50:23 amit sshd\[553\]: Invalid user hodl from 52.233.227.83 Jul 14 15:50:23 amit sshd\[553\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.233.227.83 Jul 14 15:50:23 amit sshd\[554\]: Invalid user amit from 52.233.227.83 Jul 14 15:50:23 amit sshd\[554\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.233.227.83 ...	2020-07-15 00:24:37
104.227.121.35	attack	(From bassler.christina@msn.com) Hi there, Read this if you haven’t made your first $100 from burnschiropractic.com online yet... I've heard it a million times... I'm going to quit my job, I'm going to start my own business, I'm going to live where I want, and I'm going to live the dream... Enough talk. Everyone's got a vision. Fine. What exactly have you done lately to make it come true? Not much, you say? If everyone suddenly got injected with the truth serum, you'd hear people talk a different game: I've got huge dreams. But I'm a failure, because I did nothing to make these dreams come true. I'm too afraid to start. I procrastinate about taking action. I will probably never do anything or amount to anything in my life, because I choose to stay in my comfort zone. Incidentally, the first step to changing your life is to be honest about how you feel. Are you afraid? Fine. Are you anxious? Fine. Do you procrastinate? Great. This means you have to start	2020-07-14 23:58:50
199.19.224.78	attackbots	UDP 199.19.224.78:45769 -> port 123, len 36	2020-07-15 00:17:14
72.167.190.198	attackspambots	Automatic report - XMLRPC Attack	2020-07-15 00:09:05

Recently Reported IPs

36.76.106.237	113.176.99.161	78.110.157.219	84.201.155.60
43.246.143.70	176.59.67.115	49.149.247.113	77.69.181.58
178.128.248.43	168.0.148.174	156.223.85.77	91.66.143.50
202.62.111.174	178.128.152.65	179.228.65.252	171.8.149.229
168.62.9.70	103.217.84.218	23.89.101.82	123.17.24.234