113.98.58.42 - IPInfo

Basic Info

City: Shenzhen

Region: Guangdong

Country: China

Internet Service Provider: ChinaNet Guangdong Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Mar 22 23:05:28 debian-2gb-nbg1-2 kernel: \[7173819.575760\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=113.98.58.42 DST=195.201.40.59 LEN=60 TOS=0x00 PREC=0x00 TTL=48 ID=36727 DF PROTO=TCP SPT=28655 DPT=5432 WINDOW=29200 RES=0x00 SYN URGP=0	2020-03-23 06:53:35

Type

Details

Datetime

attackspam

Mar 22 23:05:28 debian-2gb-nbg1-2 kernel: \[7173819.575760\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=113.98.58.42 DST=195.201.40.59 LEN=60 TOS=0x00 PREC=0x00 TTL=48 ID=36727 DF PROTO=TCP SPT=28655 DPT=5432 WINDOW=29200 RES=0x00 SYN URGP=0

2020-03-23 06:53:35

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 113.98.58.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2079
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;113.98.58.42.			IN	A

;; AUTHORITY SECTION:
.			333	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020032201 1800 900 604800 86400

;; Query time: 189 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Mar 23 06:53:31 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 42.58.98.113.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 42.58.98.113.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
124.204.36.138	attackbotsspam	$f2bV_matches_ltvn	2019-08-15 06:40:47
79.137.4.24	attackspam	$f2bV_matches	2019-08-15 06:29:46
59.28.91.30	attackspam	Aug 14 19:35:24 XXX sshd[21818]: Invalid user odoo from 59.28.91.30 port 42872	2019-08-15 07:08:05
171.247.68.251	attackbots	port scan and connect, tcp 22 (ssh)	2019-08-15 06:34:14
104.131.46.166	attackbots	Aug 14 23:24:52 [munged] sshd[5208]: Invalid user ky from 104.131.46.166 port 59236 Aug 14 23:24:52 [munged] sshd[5208]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.46.166	2019-08-15 06:50:37
109.87.115.220	attack	Aug 14 19:29:09 XXX sshd[21669]: Invalid user ofsaa from 109.87.115.220 port 50139	2019-08-15 07:00:44
148.204.211.136	attackbots	Automatic report - Banned IP Access	2019-08-15 06:46:27
85.216.49.226	attackspam	85.216.49.226 - - [14/Aug/2019:15:03:59 +0200] "GET /mysql/admin/index.php?lang=en HTTP/1.1" 404 394 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36" 85.216.49.226 - - [14/Aug/2019:15:03:59 +0200] "GET /mysql/dbadmin/index.php?lang=en HTTP/1.1" 404 396 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36" 85.216.49.226 - - [14/Aug/2019:15:04:00 +0200] "GET /mysql/sqlmanager/index.php?lang=en HTTP/1.1" 404 399 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36" 85.216.49.226 - - [14/Aug/2019:15:04:01 +0200] "GET /mysql/mysqlmanager/index.php?lang=en HTTP/1.1" 404 401 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/53 ...	2019-08-15 06:41:15
51.144.160.217	attack	Aug 15 00:45:34 meumeu sshd[14530]: Failed password for invalid user blue from 51.144.160.217 port 57242 ssh2 Aug 15 00:55:03 meumeu sshd[15498]: Failed password for invalid user sinusbot from 51.144.160.217 port 45776 ssh2 ...	2019-08-15 07:03:08
79.137.87.44	attackbots	Invalid user git from 79.137.87.44 port 45385	2019-08-15 06:50:10
175.124.43.123	attack	Aug 14 23:43:55 [munged] sshd[9544]: Invalid user activemq from 175.124.43.123 port 52960 Aug 14 23:43:55 [munged] sshd[9544]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.124.43.123	2019-08-15 07:09:59
49.88.112.60	attackspambots	Aug 14 16:04:56 rpi sshd[7623]: Failed password for root from 49.88.112.60 port 24143 ssh2 Aug 14 16:05:00 rpi sshd[7623]: Failed password for root from 49.88.112.60 port 24143 ssh2	2019-08-15 06:36:23
112.186.77.90	attack	Automatic report - Banned IP Access	2019-08-15 06:47:52
12.199.28.175	attack	Aug 14 20:09:25 XXX sshd[24675]: Invalid user mehdi from 12.199.28.175 port 59636	2019-08-15 06:55:47
14.229.207.160	attackspam	Unauthorized connection attempt from IP address 14.229.207.160 on Port 445(SMB)	2019-08-15 07:01:48

Recently Reported IPs

181.59.66.12	46.131.34.69	186.215.94.65	182.55.20.72
67.243.88.12	67.214.122.214	196.157.214.59	177.38.19.70
175.138.179.204	177.71.54.159	51.83.71.201	107.3.36.11
121.202.90.149	174.146.29.134	152.192.241.196	181.129.108.129
124.155.47.136	129.79.248.58	46.137.53.67	201.110.187.115