158.97.29.115 - IPInfo

Basic Info

City: Ensenada

Region: Baja California

Country: Mexico

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#


NetRange:       158.97.0.0 - 158.97.255.255
CIDR:           158.97.0.0/16
NetName:        LACNIC-ERX-158-97-0-0
NetHandle:      NET-158-97-0-0-1
Parent:         NET158 (NET-158-0-0-0-0)
NetType:        Transferred to LACNIC
OriginAS:       
Organization:   Latin American and Caribbean IP address Regional Registry (LACNIC)
RegDate:        2003-10-15
Updated:        2007-12-17
Comment:        This IP address range is under LACNIC responsibility
Comment:        for further allocations to users in LACNIC region.
Comment:        Please see http://www.lacnic.net/ for further details,
Comment:        or check the WHOIS server located at http://whois.lacnic.net
Ref:            https://rdap.arin.net/registry/ip/158.97.0.0

ResourceLink:  http://lacnic.net/cgi-bin/lacnic/whois
ResourceLink:  whois.lacnic.net


OrgName:        Latin American and Caribbean IP address Regional Registry
OrgId:          LACNIC
Address:        Rambla Republica de Mexico 6125
City:           Montevideo
StateProv:      
PostalCode:     11400
Country:        UY
RegDate:        2002-07-27
Updated:        2018-03-15
Ref:            https://rdap.arin.net/registry/entity/LACNIC

ReferralServer:  whois://whois.lacnic.net
ResourceLink:  http://lacnic.net/cgi-bin/lacnic/whois

OrgTechHandle: LACNIC-ARIN
OrgTechName:   LACNIC Whois Info
OrgTechPhone:  +598-2604-2222 
OrgTechEmail:  whois-contact@lacnic.net
OrgTechRef:    https://rdap.arin.net/registry/entity/LACNIC-ARIN

OrgAbuseHandle: LWI100-ARIN
OrgAbuseName:   LACNIC Whois Info
OrgAbusePhone:  +598-2604-2222 
OrgAbuseEmail:  abuse@lacnic.net
OrgAbuseRef:    https://rdap.arin.net/registry/entity/LWI100-ARIN


#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#



Found a referral to whois.lacnic.net.

% IP Client: 124.223.158.242
 
% Joint Whois - whois.lacnic.net
%  This server accepts single ASN, IPv4 or IPv6 queries

% LACNIC resource: whois.lacnic.net


% Copyright LACNIC lacnic.net
%  The data below is provided for information purposes
%  and to assist persons in obtaining information about or
%  related to AS and IP numbers registrations
%  By submitting a whois query, you agree to use this data
%  only for lawful purposes.
%  2026-04-26 13:47:40 (-03 -03:00)

inetnum:     158.97.0.0/16
status:      assigned
aut-num:     N/A
owner:       C I C E S E
ownerid:     MX-CICE-LACNIC
responsible: David Covarrubias Rosales
address:     Km. 107, Carretera Tijuana-Ensenada, 3918, Zona Playitas
address:     22860 - Ensenada - BC
country:     MX
phone:       +52  6461750500
owner-c:     EDM126
tech-c:      NOH13
abuse-c:     EDM126
inetrev:     158.97.0.0/16
nserver:     ZEUS.CICESE.MX
nsstat:      20260426 AA
nslastaa:    20260426
created:     19920220
changed:     20250620

nic-hdl:     EDM126
person:      Edwin Martinez
e-mail:      jefred@cicese.edu.mx
address:     Carretera Ensenada - Tijuana, 3918, Zona Playitas
address:     22860 - Ensenada - BC
country:     MX
phone:       +52  6461750586
created:     20210819
changed:     20250124

nic-hdl:     NOH13
person:      Norma Herrera
e-mail:      heespi@cicese.mx
address:     Carretera Ensenada Tijuana, 3918, Zona Playitas
address:     22860 - Ensenada - BC
country:     MX
phone:       +52  6461750500 [23222]
created:     20250508
changed:     20250508

% whois.lacnic.net accepts only direct match queries.
% Types of queries are: POCs, ownerid, CIDR blocks, IP
% and AS numbers.

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 158.97.29.115
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31329
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;158.97.29.115.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2026042600 1800 900 604800 86400

;; Query time: 9 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Apr 27 00:47:40 CST 2026
;; MSG SIZE  rcvd: 106

Host info

Host 115.29.97.158.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 115.29.97.158.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
14.255.101.220	attackspam	Unauthorized connection attempt from IP address 14.255.101.220 on Port 445(SMB)	2020-02-09 11:01:23
188.27.47.151	attackspambots	Telnet Server BruteForce Attack	2020-02-09 10:31:38
35.178.138.60	attack	Feb 3 14:34:51 pl1server sshd[24143]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=em3-35-178-138-60.eu-west-2.compute.amazonaws.com user=r.r Feb 3 14:34:53 pl1server sshd[24143]: Failed password for r.r from 35.178.138.60 port 40996 ssh2 Feb 3 14:34:53 pl1server sshd[24143]: Received disconnect from 35.178.138.60: 11: Bye Bye [preauth] Feb 3 14:59:04 pl1server sshd[29077]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=em3-35-178-138-60.eu-west-2.compute.amazonaws.com user=r.r Feb 3 14:59:06 pl1server sshd[29077]: Failed password for r.r from 35.178.138.60 port 51510 ssh2 Feb 3 14:59:08 pl1server sshd[29077]: Received disconnect from 35.178.138.60: 11: Bye Bye [preauth] Feb 3 15:09:29 pl1server sshd[31195]: Invalid user teste from 35.178.138.60 Feb 3 15:09:29 pl1server sshd[31195]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=em3-35-1........ -------------------------------	2020-02-09 10:45:21
61.160.82.82	attackspam	Feb 9 00:43:09 yesfletchmain sshd\[4238\]: Invalid user uxu from 61.160.82.82 port 15773 Feb 9 00:43:09 yesfletchmain sshd\[4238\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.160.82.82 Feb 9 00:43:11 yesfletchmain sshd\[4238\]: Failed password for invalid user uxu from 61.160.82.82 port 15773 ssh2 Feb 9 00:45:40 yesfletchmain sshd\[4270\]: Invalid user lla from 61.160.82.82 port 31896 Feb 9 00:45:40 yesfletchmain sshd\[4270\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.160.82.82 ...	2020-02-09 10:40:07
94.21.200.172	attackbotsspam	Feb 3 12:38:18 penfold sshd[30027]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.21.200.172 user=r.r Feb 3 12:38:21 penfold sshd[30027]: Failed password for r.r from 94.21.200.172 port 58164 ssh2 Feb 3 12:38:21 penfold sshd[30027]: Received disconnect from 94.21.200.172 port 58164:11: Bye Bye [preauth] Feb 3 12:38:21 penfold sshd[30027]: Disconnected from 94.21.200.172 port 58164 [preauth] Feb 3 12:56:31 penfold sshd[31361]: Invalid user tie from 94.21.200.172 port 47050 Feb 3 12:56:31 penfold sshd[31361]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.21.200.172 Feb 3 12:56:33 penfold sshd[31361]: Failed password for invalid user tie from 94.21.200.172 port 47050 ssh2 Feb 3 12:56:33 penfold sshd[31361]: Received disconnect from 94.21.200.172 port 47050:11: Bye Bye [preauth] Feb 3 12:56:33 penfold sshd[31361]: Disconnected from 94.21.200.172 port 47050 [preauth] Feb 3 1........ -------------------------------	2020-02-09 10:57:41
fe80::42:acff:fe11:2b	attack	Port scan	2020-02-09 10:38:24
62.150.192.1	attackbots	Honeypot attack, port: 445, PTR: PTR record not found	2020-02-09 11:02:22
198.23.192.74	attack	[2020-02-08 19:44:20] NOTICE[1148][C-00007243] chan_sip.c: Call from '' (198.23.192.74:60993) to extension '40046510420904' rejected because extension not found in context 'public'. [2020-02-08 19:44:20] SECURITY[1163] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-02-08T19:44:20.932-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="40046510420904",SessionID="0x7fd82c31abc8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/198.23.192.74/60993",ACLName="no_extension_match" [2020-02-08 19:45:38] NOTICE[1148][C-00007244] chan_sip.c: Call from '' (198.23.192.74:62916) to extension '50046510420904' rejected because extension not found in context 'public'. [2020-02-08 19:45:38] SECURITY[1163] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-02-08T19:45:38.752-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="50046510420904",SessionID="0x7fd82cfcf5b8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/198. ...	2020-02-09 10:40:50
145.239.82.11	attackbots	Feb 9 03:44:59 mout sshd[9769]: Invalid user xhe from 145.239.82.11 port 53836	2020-02-09 10:46:53
139.226.78.111	attack	Feb 3 17:36:26 hostnameghostname sshd[7857]: Invalid user db from 139.226.78.111 Feb 3 17:36:28 hostnameghostname sshd[7857]: Failed password for invalid user db from 139.226.78.111 port 44714 ssh2 Feb 3 17:38:53 hostnameghostname sshd[8310]: Invalid user whoopsie from 139.226.78.111 Feb 3 17:38:55 hostnameghostname sshd[8310]: Failed password for invalid user whoopsie from 139.226.78.111 port 35390 ssh2 Feb 3 17:41:19 hostnameghostname sshd[8741]: Invalid user wangwi from 139.226.78.111 Feb 3 17:41:20 hostnameghostname sshd[8741]: Failed password for invalid user wangwi from 139.226.78.111 port 54268 ssh2 Feb 3 17:43:49 hostnameghostname sshd[9222]: Invalid user doudou from 139.226.78.111 Feb 3 17:43:51 hostnameghostname sshd[9222]: Failed password for invalid user doudou from 139.226.78.111 port 44938 ssh2 Feb 3 17:46:05 hostnameghostname sshd[9635]: Invalid user rgakii from 139.226.78.111 Feb 3 17:46:07 hostnameghostname sshd[9635]: Failed password for inval........ ------------------------------	2020-02-09 10:53:25
167.71.223.191	attackspambots	Feb 8 21:12:44 plusreed sshd[10315]: Invalid user osg from 167.71.223.191 ...	2020-02-09 10:26:26
128.199.166.224	attackspambots	Feb 8 22:48:06 firewall sshd[19551]: Invalid user mbi from 128.199.166.224 Feb 8 22:48:09 firewall sshd[19551]: Failed password for invalid user mbi from 128.199.166.224 port 42812 ssh2 Feb 8 22:51:08 firewall sshd[19754]: Invalid user fjt from 128.199.166.224 ...	2020-02-09 10:39:30
112.85.42.172	attack	Feb 8 23:16:53 server sshd\[21550\]: Failed password for root from 112.85.42.172 port 26097 ssh2 Feb 8 23:16:53 server sshd\[21544\]: Failed password for root from 112.85.42.172 port 7485 ssh2 Feb 9 06:01:22 server sshd\[22174\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.172 user=root Feb 9 06:01:24 server sshd\[22174\]: Failed password for root from 112.85.42.172 port 1950 ssh2 Feb 9 06:01:27 server sshd\[22174\]: Failed password for root from 112.85.42.172 port 1950 ssh2 ...	2020-02-09 11:01:40
62.148.143.182	attackspambots	RDP Brute-Force (honeypot 7)	2020-02-09 10:44:52
54.250.87.247	attack	54.250.87.247 - - \[09/Feb/2020:03:34:57 +0100\] "POST /wp-login.php HTTP/2.0" 200 1611 "-" "-"	2020-02-09 10:48:21

Recently Reported IPs

103.25.103.252	175.150.7.80	20.111.57.15	203.88.204.212
38.248.95.254	104.236.111.168	2606:4700:10::6814:7181	66.132.172.34
66.132.195.32	2606:4700:10::6816:4323	64.89.160.132	165.227.34.92
64.83.37.245	49.128.204.83	2606:4700:10::6814:7134	211.63.128.185
147.185.132.110	2606:4700:10::6814:9191	107.120.35.147	142.181.200.48