159.89.172.42 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
159.89.172.219	attack	windhundgang.de 159.89.172.219 [02/Aug/2020:22:25:39 +0200] "POST /wp-login.php HTTP/1.1" 200 8455 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" windhundgang.de 159.89.172.219 [02/Aug/2020:22:25:41 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4186 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-03 04:29:40
159.89.172.219	attack	WordPress logging hack	2020-07-16 23:55:52
159.89.172.219	attackbots	Automatic report - Banned IP Access	2020-07-16 04:51:49
159.89.172.219	attackbots	Flask-IPban - exploit URL requested:/wp-login.php	2020-07-10 23:21:22
159.89.172.133	attack	Invalid user wp from 159.89.172.133 port 46158	2020-03-21 05:35:17
159.89.172.178	attackbots	Unauthorized connection attempt detected from IP address 159.89.172.178 to port 2220 [J]	2020-01-22 05:07:37
159.89.172.178	attackspambots	Jan 18 14:43:09 vpn01 sshd[19811]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.172.178 Jan 18 14:43:11 vpn01 sshd[19811]: Failed password for invalid user quincy from 159.89.172.178 port 43162 ssh2 ...	2020-01-18 22:31:22
159.89.172.215	attackspam	Sep 20 00:39:03 meumeu sshd[2368]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.172.215 Sep 20 00:39:05 meumeu sshd[2368]: Failed password for invalid user khelms from 159.89.172.215 port 51471 ssh2 Sep 20 00:43:23 meumeu sshd[2963]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.172.215 ...	2019-09-20 06:44:37
159.89.172.215	attackspambots	Sep 17 02:14:20 vps200512 sshd\[27077\]: Invalid user mine from 159.89.172.215 Sep 17 02:14:20 vps200512 sshd\[27077\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.172.215 Sep 17 02:14:23 vps200512 sshd\[27077\]: Failed password for invalid user mine from 159.89.172.215 port 30006 ssh2 Sep 17 02:18:49 vps200512 sshd\[27172\]: Invalid user agneta from 159.89.172.215 Sep 17 02:18:49 vps200512 sshd\[27172\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.172.215	2019-09-17 14:19:37
159.89.172.215	attackspam	Automated report - ssh fail2ban: Sep 13 14:20:43 wrong password, user=mysql, port=17464, ssh2 Sep 13 14:25:12 authentication failure Sep 13 14:25:14 wrong password, user=debian, port=59322, ssh2	2019-09-13 21:03:10
159.89.172.215	attack	2019-09-08T21:44:28.907561abusebot-7.cloudsearch.cf sshd\[28250\]: Invalid user password from 159.89.172.215 port 10547	2019-09-09 05:55:37
159.89.172.215	attackbotsspam	Aug 28 20:53:12 eventyay sshd[22107]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.172.215 Aug 28 20:53:14 eventyay sshd[22107]: Failed password for invalid user video from 159.89.172.215 port 55678 ssh2 Aug 28 20:57:56 eventyay sshd[23236]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.172.215 ...	2019-08-29 03:09:25
159.89.172.215	attackbots	Aug 23 01:35:20 herz-der-gamer sshd[20915]: Invalid user dbus from 159.89.172.215 port 17233 ...	2019-08-23 07:36:17
159.89.172.215	attackbots	Aug 22 12:28:05 meumeu sshd[27785]: Failed password for invalid user upload from 159.89.172.215 port 47365 ssh2 Aug 22 12:32:54 meumeu sshd[28356]: Failed password for invalid user mysql from 159.89.172.215 port 35712 ssh2 Aug 22 12:37:39 meumeu sshd[28850]: Failed password for invalid user george from 159.89.172.215 port 24051 ssh2 ...	2019-08-23 02:25:43
159.89.172.215	attackspam	Aug 17 12:02:23 eddieflores sshd\[16931\]: Invalid user hp from 159.89.172.215 Aug 17 12:02:23 eddieflores sshd\[16931\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.172.215 Aug 17 12:02:24 eddieflores sshd\[16931\]: Failed password for invalid user hp from 159.89.172.215 port 38299 ssh2 Aug 17 12:07:07 eddieflores sshd\[17413\]: Invalid user ns from 159.89.172.215 Aug 17 12:07:07 eddieflores sshd\[17413\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.172.215	2019-08-18 06:09:00

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 159.89.172.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 59867
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;159.89.172.42.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021800 1800 900 604800 86400

;; Query time: 59 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 13:43:15 CST 2022
;; MSG SIZE  rcvd: 106

Host info

Host 42.172.89.159.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 42.172.89.159.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
200.87.95.35	attackbots	2019-07-27 08:49:44 server sshd[11945]: Failed password for root from 200.87.95.35 port 54373 ssh2	2019-07-29 11:41:34
184.82.9.233	attackspam	Jul 28 23:17:41 km20725 sshd\[23820\]: Address 184.82.9.233 maps to 184-82-9-0.24.public.erhq-mser.myaisfibre.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Jul 28 23:17:43 km20725 sshd\[23820\]: Failed password for root from 184.82.9.233 port 50240 ssh2Jul 28 23:23:11 km20725 sshd\[24170\]: Address 184.82.9.233 maps to 184-82-9-0.24.public.erhq-mser.myaisfibre.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Jul 28 23:23:13 km20725 sshd\[24170\]: Failed password for root from 184.82.9.233 port 45964 ssh2 ...	2019-07-29 11:23:04
198.27.70.174	attackbotsspam	Jul 29 02:49:52 vibhu-HP-Z238-Microtower-Workstation sshd\[10401\]: Invalid user ybm from 198.27.70.174 Jul 29 02:49:52 vibhu-HP-Z238-Microtower-Workstation sshd\[10401\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.27.70.174 Jul 29 02:49:55 vibhu-HP-Z238-Microtower-Workstation sshd\[10401\]: Failed password for invalid user ybm from 198.27.70.174 port 40294 ssh2 Jul 29 02:53:58 vibhu-HP-Z238-Microtower-Workstation sshd\[10472\]: Invalid user putter from 198.27.70.174 Jul 29 02:53:58 vibhu-HP-Z238-Microtower-Workstation sshd\[10472\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.27.70.174 ...	2019-07-29 11:04:51
157.32.146.127	attackspam	Chat Spam	2019-07-29 11:09:15
185.176.27.34	attack	29.07.2019 03:24:00 Connection to port 23587 blocked by firewall	2019-07-29 11:40:34
139.59.78.236	attack	Jul 29 04:54:09 ncomp sshd[30683]: Invalid user guest from 139.59.78.236 Jul 29 04:54:09 ncomp sshd[30683]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.78.236 Jul 29 04:54:09 ncomp sshd[30683]: Invalid user guest from 139.59.78.236 Jul 29 04:54:11 ncomp sshd[30683]: Failed password for invalid user guest from 139.59.78.236 port 37578 ssh2	2019-07-29 11:12:44
3.90.242.179	attack	SSH/22 MH Probe, BF, Hack -	2019-07-29 11:27:33
185.220.101.27	attackbotsspam	pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.220.101.27 user=root Failed password for root from 185.220.101.27 port 42117 ssh2 Failed password for root from 185.220.101.27 port 42117 ssh2 Failed password for root from 185.220.101.27 port 42117 ssh2 Failed password for root from 185.220.101.27 port 42117 ssh2	2019-07-29 11:35:29
171.125.48.184	attackbotsspam	Honeypot attack, port: 23, PTR: PTR record not found	2019-07-29 10:51:11
36.72.218.155	attackspambots	SSH Bruteforce	2019-07-29 11:46:44
27.191.209.93	attack	2019-07-29T03:20:07.199103abusebot-2.cloudsearch.cf sshd\[30961\]: Invalid user Exigen from 27.191.209.93 port 52082	2019-07-29 11:23:28
45.73.12.218	attackbots	Jul 29 05:17:56 s64-1 sshd[24725]: Failed password for root from 45.73.12.218 port 38250 ssh2 Jul 29 05:22:39 s64-1 sshd[24754]: Failed password for root from 45.73.12.218 port 33080 ssh2 Jul 29 05:27:23 s64-1 sshd[24838]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.73.12.218 ...	2019-07-29 11:45:38
104.248.8.60	attackspam	Jul 29 05:28:01 server2 sshd\[29805\]: User root from 104.248.8.60 not allowed because not listed in AllowUsers Jul 29 05:28:02 server2 sshd\[29821\]: Invalid user admin from 104.248.8.60 Jul 29 05:28:03 server2 sshd\[29832\]: Invalid user admin from 104.248.8.60 Jul 29 05:28:04 server2 sshd\[29834\]: Invalid user user from 104.248.8.60 Jul 29 05:28:05 server2 sshd\[29836\]: Invalid user ubnt from 104.248.8.60 Jul 29 05:28:05 server2 sshd\[29838\]: Invalid user admin from 104.248.8.60	2019-07-29 11:15:33
157.55.39.22	attack	Automatic report - Banned IP Access	2019-07-29 11:08:44
114.116.17.83	attackspam	scan z	2019-07-29 11:25:20

Recently Reported IPs

159.89.173.19	159.89.180.34	159.89.188.84	159.89.188.8
159.89.175.192	159.89.191.2	159.89.183.156	159.89.191.173
159.89.182.73	159.89.176.121	159.89.191.84	159.89.175.19
159.89.192.173	159.89.192.52	159.89.195.141	159.89.175.225
159.89.196.94	159.89.20.181	159.89.2.14	159.89.198.111