159.89.2.194 - IPInfo

Basic Info

City: Frankfurt am Main

Region: Hessen

Country: Germany

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
159.89.29.253	attack	Sep 30 16:27:21 host sshd[7815]: Invalid user ubuntu from 159.89.29.253 port 60962 Sep 30 16:27:21 host sshd[7814]: Invalid user ubuntu from 159.89.29.253 port 60984 Sep 30 16:27:22 host sshd[7818]: Invalid user ubuntu from 159.89.29.253 port 60978	2022-10-01 20:13:41
159.89.24.95	attack	Invalid user oracle from 159.89.24.95 port 45560	2020-10-11 04:22:41
159.89.24.73	attack	Invalid user oracle from 159.89.24.73 port 44172	2020-10-11 03:38:37
159.89.24.95	attackspam	2020-10-09T02:14:59.610930morrigan.ad5gb.com sshd[3321539]: Disconnected from authenticating user root 159.89.24.95 port 38458 [preauth]	2020-10-10 20:18:06
159.89.24.73	attackspambots	2020-10-09T09:38:55.637125morrigan.ad5gb.com sshd[3450588]: Disconnected from authenticating user root 159.89.24.73 port 50844 [preauth]	2020-10-10 19:31:28
159.89.237.235	attackspam	159.89.237.235 - - [09/Oct/2020:16:24:43 +0100] "POST /wp-login.php HTTP/1.1" 200 1908 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.89.237.235 - - [09/Oct/2020:16:24:45 +0100] "POST /wp-login.php HTTP/1.1" 200 1903 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.89.237.235 - - [09/Oct/2020:16:24:46 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-10 01:13:54
159.89.237.235	attackbotsspam	Oct 9 10:48:55 b-vps wordpress(www.gpfans.cz)[31645]: Authentication attempt for unknown user buchtic from 159.89.237.235 ...	2020-10-09 17:00:22
159.89.237.235	attack	159.89.237.235 - - [07/Oct/2020:05:52:13 +0200] "POST /wp-login.php HTTP/1.0" 200 4794 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-08 02:21:05
159.89.237.235	attackbots	159.89.237.235 - - [07/Oct/2020:05:52:13 +0200] "POST /wp-login.php HTTP/1.0" 200 4794 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-07 18:31:37
159.89.236.71	attackspam	2020-10-03T20:20:31.588351yoshi.linuxbox.ninja sshd[3599189]: Invalid user noc from 159.89.236.71 port 50260 2020-10-03T20:20:33.393717yoshi.linuxbox.ninja sshd[3599189]: Failed password for invalid user noc from 159.89.236.71 port 50260 ssh2 2020-10-03T20:24:29.307842yoshi.linuxbox.ninja sshd[3601862]: Invalid user rose from 159.89.236.71 port 52306 ...	2020-10-04 09:30:01
159.89.236.71	attack	" "	2020-10-04 02:08:03
159.89.236.71	attackspambots	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-10-03T09:27:32Z and 2020-10-03T09:33:40Z	2020-10-03 17:53:47
159.89.236.71	attackbotsspam	Fail2Ban Ban Triggered	2020-09-27 17:03:08
159.89.236.71	attackspam	Sep 26 20:36:22 scw-focused-cartwright sshd[1832]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.236.71 Sep 26 20:36:25 scw-focused-cartwright sshd[1832]: Failed password for invalid user test from 159.89.236.71 port 40398 ssh2	2020-09-27 04:43:23
159.89.236.71	attack	" "	2020-09-26 20:53:28

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 159.89.2.194
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21933
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;159.89.2.194.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2026031102 1800 900 604800 86400

;; Query time: 5 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Mar 12 13:30:03 CST 2026
;; MSG SIZE  rcvd: 105

Host info

Host 194.2.89.159.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 194.2.89.159.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
103.21.228.3	attackbots	Dec 16 19:52:47 kapalua sshd\[4876\]: Invalid user labo from 103.21.228.3 Dec 16 19:52:47 kapalua sshd\[4876\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.21.228.3 Dec 16 19:52:48 kapalua sshd\[4876\]: Failed password for invalid user labo from 103.21.228.3 port 38175 ssh2 Dec 16 19:59:23 kapalua sshd\[5520\]: Invalid user qualmish from 103.21.228.3 Dec 16 19:59:23 kapalua sshd\[5520\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.21.228.3	2019-12-17 14:04:47
185.183.120.29	attack	Dec 17 05:07:42 zeus sshd[5464]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.183.120.29 Dec 17 05:07:44 zeus sshd[5464]: Failed password for invalid user alondra from 185.183.120.29 port 59394 ssh2 Dec 17 05:13:51 zeus sshd[5699]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.183.120.29 Dec 17 05:13:53 zeus sshd[5699]: Failed password for invalid user yardy from 185.183.120.29 port 38656 ssh2	2019-12-17 13:50:42
188.166.247.82	attackspambots	2019-12-17T06:49:13.459633 sshd[24425]: Invalid user server from 188.166.247.82 port 55408 2019-12-17T06:49:13.474457 sshd[24425]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.247.82 2019-12-17T06:49:13.459633 sshd[24425]: Invalid user server from 188.166.247.82 port 55408 2019-12-17T06:49:15.703764 sshd[24425]: Failed password for invalid user server from 188.166.247.82 port 55408 ssh2 2019-12-17T06:55:27.528532 sshd[24565]: Invalid user jenkins from 188.166.247.82 port 34446 ...	2019-12-17 13:56:26
106.12.217.180	attackbotsspam	Invalid user vasintha from 106.12.217.180 port 59426	2019-12-17 14:03:41
106.12.78.199	attackspam	2019-12-17T06:47:38.840517scmdmz1 sshd\[11030\]: Invalid user kolos from 106.12.78.199 port 58380 2019-12-17T06:47:38.843057scmdmz1 sshd\[11030\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.78.199 2019-12-17T06:47:40.696515scmdmz1 sshd\[11030\]: Failed password for invalid user kolos from 106.12.78.199 port 58380 ssh2 ...	2019-12-17 13:59:43
84.48.9.252	attackspambots	Unauthorized connection attempt detected from IP address 84.48.9.252 to port 445	2019-12-17 13:36:14
123.127.45.139	attackspam	Dec 17 05:50:51 dev0-dcde-rnet sshd[10336]: Failed password for root from 123.127.45.139 port 37797 ssh2 Dec 17 05:56:18 dev0-dcde-rnet sshd[10483]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.127.45.139 Dec 17 05:56:20 dev0-dcde-rnet sshd[10483]: Failed password for invalid user guest from 123.127.45.139 port 57330 ssh2	2019-12-17 13:32:10
119.29.15.120	attackbotsspam	Dec 17 00:45:53 linuxvps sshd\[20552\]: Invalid user jariah from 119.29.15.120 Dec 17 00:45:53 linuxvps sshd\[20552\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.15.120 Dec 17 00:45:55 linuxvps sshd\[20552\]: Failed password for invalid user jariah from 119.29.15.120 port 39374 ssh2 Dec 17 00:51:54 linuxvps sshd\[24406\]: Invalid user burega from 119.29.15.120 Dec 17 00:51:54 linuxvps sshd\[24406\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.15.120	2019-12-17 13:52:32
40.92.65.74	attackspam	Dec 17 08:45:24 debian-2gb-vpn-nbg1-1 kernel: [939891.789391] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:38:96:44:d2:74:7f:6e:37:e3:08:00 SRC=40.92.65.74 DST=78.46.192.101 LEN=40 TOS=0x00 PREC=0x00 TTL=239 ID=52068 DF PROTO=TCP SPT=26948 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0	2019-12-17 13:59:18
85.99.97.62	attackspam	Fail2Ban Ban Triggered	2019-12-17 13:40:45
74.82.215.70	attack	$f2bV_matches	2019-12-17 13:33:21
131.0.8.49	attackbots	Dec 17 06:44:02 vps647732 sshd[19681]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=131.0.8.49 Dec 17 06:44:04 vps647732 sshd[19681]: Failed password for invalid user pascal from 131.0.8.49 port 34245 ssh2 ...	2019-12-17 13:55:15
162.243.59.16	attackspambots	Dec 17 07:00:09 jane sshd[13700]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.59.16 Dec 17 07:00:11 jane sshd[13700]: Failed password for invalid user jahlin from 162.243.59.16 port 40198 ssh2 ...	2019-12-17 14:12:18
106.124.131.70	attack	2019-12-17T00:51:37.752062homeassistant sshd[3036]: Failed password for invalid user home from 106.124.131.70 port 53449 ssh2 2019-12-17T05:59:38.560586homeassistant sshd[11592]: Invalid user server from 106.124.131.70 port 50418 2019-12-17T05:59:38.567221homeassistant sshd[11592]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.124.131.70 ...	2019-12-17 14:09:17
217.112.128.144	attackspambots	2019-12-17 H=thread.beautisleeprh.com $thread.modernistoki.com$ \[217.112.128.144\] F=\ rejected RCPT \<REMOVEDREMOVEDperl@REMOVED.de\>: recipient blacklisted 2019-12-17 H=thread.beautisleeprh.com $thread.modernistoki.com$ \[217.112.128.144\] F=\ rejected RCPT \<REMOVED_schlund@REMOVED.de\>: Mail not accepted. 217.112.128.144 is listed at a DNSBL. 2019-12-17 H=thread.beautisleeprh.com $thread.modernistoki.com$ \[217.112.128.144\] F=\ rejected RCPT \<REMOVED_last.fm@REMOVED.de\>: Mail not accepted. 217.112.128.144 is listed at a DNSBL.	2019-12-17 13:57:31

Recently Reported IPs

152.89.218.84	240e:47e:9400:6fe2:c45d:aeff:feae:1d49	240e:47c:9440:117b:a0fc:12ff:fe7f:1eb4	183.46.161.117
240e:47f:9448:4731:88e2:68ff:fe35:e197	14.24.242.115	110.249.201.115	52.210.101.244
218.241.116.180	53.94.190.57	167.99.137.21	167.172.164.64
165.22.20.104	152.32.146.202	182.32.248.137	123.162.189.89
119.143.9.26	2600:140e:6::6854:969c	2409:8c54:871:2006::df	2.249.142.165