116.58.242.97 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: None

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
116.58.242.174	attack	1433/tcp [2019-10-31]1pkt	2019-10-31 18:02:39
116.58.242.150	attackbots	Port Scan	2019-10-29 21:18:48
116.58.242.13	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-11 02:26:28,328 INFO [amun_request_handler] PortScan Detected on Port: 445 (116.58.242.13)	2019-07-11 16:43:25

Type

Details

Datetime

116.58.242.174

attack

1433/tcp
[2019-10-31]1pkt

2019-10-31 18:02:39

116.58.242.150

attackbots

Port Scan

2019-10-29 21:18:48

116.58.242.13

attack

@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-11 02:26:28,328 INFO [amun_request_handler] PortScan Detected on Port: 445 (116.58.242.13)

2019-07-11 16:43:25

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.58.242.97
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 5426
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;116.58.242.97.			IN	A

;; AUTHORITY SECTION:
.			269	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022030400 1800 900 604800 86400

;; Query time: 56 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Mar 05 05:09:34 CST 2022
;; MSG SIZE  rcvd: 106

Host info

Host 97.242.58.116.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 97.242.58.116.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
218.90.212.130	attackbotsspam	Nov 19 15:05:08 vpn01 sshd[31817]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.90.212.130 Nov 19 15:05:10 vpn01 sshd[31817]: Failed password for invalid user lynnel from 218.90.212.130 port 54031 ssh2 ...	2019-11-19 23:07:44
125.212.201.7	attackbotsspam	$f2bV_matches	2019-11-19 22:56:24
41.33.205.10	attackspambots	IMAP brute force ...	2019-11-19 23:19:58
203.195.235.135	attackspambots	Nov 19 15:28:42 vps666546 sshd\[27774\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.195.235.135 user=games Nov 19 15:28:43 vps666546 sshd\[27774\]: Failed password for games from 203.195.235.135 port 46906 ssh2 Nov 19 15:34:18 vps666546 sshd\[27921\]: Invalid user asterisk from 203.195.235.135 port 57976 Nov 19 15:34:18 vps666546 sshd\[27921\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.195.235.135 Nov 19 15:34:20 vps666546 sshd\[27921\]: Failed password for invalid user asterisk from 203.195.235.135 port 57976 ssh2 ...	2019-11-19 23:21:27
129.213.105.207	attackbots	Nov 19 15:33:42 legacy sshd[19918]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.105.207 Nov 19 15:33:43 legacy sshd[19918]: Failed password for invalid user james from 129.213.105.207 port 43575 ssh2 Nov 19 15:37:52 legacy sshd[20025]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.105.207 ...	2019-11-19 22:51:25
185.92.247.200	attackspambots	185.92.247.200 - - \[19/Nov/2019:13:03:26 +0000\] "POST /wp-login.php HTTP/1.1" 200 4358 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 185.92.247.200 - - \[19/Nov/2019:13:03:27 +0000\] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" ...	2019-11-19 23:00:44
51.254.210.53	attackbots	Nov 19 15:40:41 server sshd\[11258\]: Invalid user hosting from 51.254.210.53 Nov 19 15:40:41 server sshd\[11258\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=53.ip-51-254-210.eu Nov 19 15:40:43 server sshd\[11258\]: Failed password for invalid user hosting from 51.254.210.53 port 56142 ssh2 Nov 19 16:03:24 server sshd\[16713\]: Invalid user server from 51.254.210.53 Nov 19 16:03:24 server sshd\[16713\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=53.ip-51-254-210.eu ...	2019-11-19 23:04:22
185.156.73.3	attackbots	9278/tcp 9279/tcp 9277/tcp... [2019-10-17/11-19]1762pkt,550pt.(tcp)	2019-11-19 23:22:35
202.51.74.64	attackspam	Nov 19 13:02:51 localhost sshd\[76263\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.51.74.64 user=root Nov 19 13:02:53 localhost sshd\[76263\]: Failed password for root from 202.51.74.64 port 33892 ssh2 Nov 19 13:02:54 localhost sshd\[76265\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.51.74.64 user=root Nov 19 13:02:57 localhost sshd\[76265\]: Failed password for root from 202.51.74.64 port 34030 ssh2 Nov 19 13:02:58 localhost sshd\[76268\]: Invalid user pi from 202.51.74.64 port 34161 ...	2019-11-19 23:24:00
94.132.98.59	attack	Lines containing failures of 94.132.98.59 Nov 19 13:51:25 server01 postfix/smtpd[27684]: connect from a94-132-98-59.cpe.netcabo.pt[94.132.98.59] Nov x@x Nov x@x Nov 19 13:51:25 server01 postfix/policy-spf[27781]: : Policy action=550 Please see hxxp://www.openspf.org/Why?s=mfrom;id=e704c6e16%40orisline.es;ip=94.132.98.59;r=server01.2800km.de Nov x@x Nov 19 13:51:25 server01 postfix/smtpd[27684]: lost connection after DATA from a94-132-98-59.cpe.netcabo.pt[94.132.98.59] Nov 19 13:51:25 server01 postfix/smtpd[27684]: disconnect from a94-132-98-59.cpe.netcabo.pt[94.132.98.59] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=94.132.98.59	2019-11-19 23:05:14
104.236.112.52	attack	2019-11-19T13:47:51.925284host3.slimhost.com.ua sshd[401264]: Invalid user farthing from 104.236.112.52 port 55164 2019-11-19T13:47:51.934292host3.slimhost.com.ua sshd[401264]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.112.52 2019-11-19T13:47:51.925284host3.slimhost.com.ua sshd[401264]: Invalid user farthing from 104.236.112.52 port 55164 2019-11-19T13:47:54.070054host3.slimhost.com.ua sshd[401264]: Failed password for invalid user farthing from 104.236.112.52 port 55164 ssh2 2019-11-19T13:58:12.883321host3.slimhost.com.ua sshd[409342]: Invalid user tl from 104.236.112.52 port 60256 2019-11-19T13:58:12.911729host3.slimhost.com.ua sshd[409342]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.112.52 2019-11-19T13:58:12.883321host3.slimhost.com.ua sshd[409342]: Invalid user tl from 104.236.112.52 port 60256 2019-11-19T13:58:14.632113host3.slimhost.com.ua sshd[409342]: Failed password for ...	2019-11-19 22:53:29
104.148.21.248	attack	Nov 19 13:47:22 mxgate1 postfix/postscreen[7608]: CONNECT from [104.148.21.248]:33592 to [176.31.12.44]:25 Nov 19 13:47:22 mxgate1 postfix/dnsblog[7610]: addr 104.148.21.248 listed by domain zen.spamhaus.org as 127.0.0.3 Nov 19 13:47:22 mxgate1 postfix/dnsblog[7609]: addr 104.148.21.248 listed by domain b.barracudacentral.org as 127.0.0.2 Nov 19 13:47:28 mxgate1 postfix/postscreen[7608]: DNSBL rank 3 for [104.148.21.248]:33592 Nov x@x Nov 19 13:47:29 mxgate1 postfix/postscreen[7608]: DISCONNECT [104.148.21.248]:33592 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=104.148.21.248	2019-11-19 22:51:50
151.53.216.115	attackbotsspam	Automatic report - Port Scan Attack	2019-11-19 23:25:14
159.89.129.55	attack	Nov 19 13:55:49 mxgate1 postfix/postscreen[7608]: CONNECT from [159.89.129.55]:32822 to [176.31.12.44]:25 Nov 19 13:55:49 mxgate1 postfix/dnsblog[7610]: addr 159.89.129.55 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2 Nov 19 13:55:49 mxgate1 postfix/dnsblog[7612]: addr 159.89.129.55 listed by domain b.barracudacentral.org as 127.0.0.2 Nov 19 13:55:55 mxgate1 postfix/postscreen[7608]: DNSBL rank 2 for [159.89.129.55]:32822 Nov x@x Nov 19 13:55:56 mxgate1 postfix/postscreen[7608]: DISCONNECT [159.89.129.55]:32822 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=159.89.129.55	2019-11-19 23:12:22
68.183.160.63	attack	2019-11-19T15:06:26.583052shield sshd\[31374\]: Invalid user localhost from 68.183.160.63 port 60982 2019-11-19T15:06:26.587237shield sshd\[31374\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.160.63 2019-11-19T15:06:28.226192shield sshd\[31374\]: Failed password for invalid user localhost from 68.183.160.63 port 60982 ssh2 2019-11-19T15:10:29.203806shield sshd\[31693\]: Invalid user huangkun from 68.183.160.63 port 48918 2019-11-19T15:10:29.208273shield sshd\[31693\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.160.63	2019-11-19 23:22:05

Recently Reported IPs

117.196.238.112	116.58.243.117	116.58.243.181	116.58.243.161
116.58.243.186	116.58.243.199	116.58.243.43	116.58.243.32
116.58.243.74	116.58.244.106	116.58.243.89	116.58.244.109
117.196.238.114	116.58.244.11	116.58.244.116	117.196.238.118
117.196.238.121	55.102.36.68	117.196.238.122	117.196.238.124