161.97.69.42 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Germany

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
161.97.69.73	attackspambots	Invalid user admin from 161.97.69.73 port 48338	2020-09-26 05:37:51
161.97.69.73	attack	Sep 24 04:42:59 cumulus sshd[5747]: Invalid user misha from 161.97.69.73 port 34112 Sep 24 04:42:59 cumulus sshd[5747]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=161.97.69.73 Sep 24 04:43:02 cumulus sshd[5747]: Failed password for invalid user misha from 161.97.69.73 port 34112 ssh2 Sep 24 04:43:02 cumulus sshd[5747]: Received disconnect from 161.97.69.73 port 34112:11: Bye Bye [preauth] Sep 24 04:43:02 cumulus sshd[5747]: Disconnected from 161.97.69.73 port 34112 [preauth] Sep 24 04:50:04 cumulus sshd[6276]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=161.97.69.73 user=wiki Sep 24 04:50:05 cumulus sshd[6276]: Failed password for wiki from 161.97.69.73 port 38514 ssh2 Sep 24 04:50:06 cumulus sshd[6276]: Received disconnect from 161.97.69.73 port 38514:11: Bye Bye [preauth] Sep 24 04:50:06 cumulus sshd[6276]: Disconnected from 161.97.69.73 port 38514 [preauth] ........ ----------------------------------------------- ht	2020-09-25 22:36:06
161.97.69.73	attack	Sep 24 04:42:59 cumulus sshd[5747]: Invalid user misha from 161.97.69.73 port 34112 Sep 24 04:42:59 cumulus sshd[5747]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=161.97.69.73 Sep 24 04:43:02 cumulus sshd[5747]: Failed password for invalid user misha from 161.97.69.73 port 34112 ssh2 Sep 24 04:43:02 cumulus sshd[5747]: Received disconnect from 161.97.69.73 port 34112:11: Bye Bye [preauth] Sep 24 04:43:02 cumulus sshd[5747]: Disconnected from 161.97.69.73 port 34112 [preauth] Sep 24 04:50:04 cumulus sshd[6276]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=161.97.69.73 user=wiki Sep 24 04:50:05 cumulus sshd[6276]: Failed password for wiki from 161.97.69.73 port 38514 ssh2 Sep 24 04:50:06 cumulus sshd[6276]: Received disconnect from 161.97.69.73 port 38514:11: Bye Bye [preauth] Sep 24 04:50:06 cumulus sshd[6276]: Disconnected from 161.97.69.73 port 38514 [preauth] ........ ----------------------------------------------- ht	2020-09-25 14:14:37
161.97.69.44	attackbotsspam	Attempted WordPress login: "GET /wp-login.php"	2020-07-25 18:37:49
161.97.69.177	attack	[portscan] Port scan	2020-06-28 04:07:41
161.97.69.252	attackspambots	Attempted to connect 2 times to port 22 TCP	2020-06-19 12:54:01

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 161.97.69.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63028
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;161.97.69.42.			IN	A

;; AUTHORITY SECTION:
.			410	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022100700 1800 900 604800 86400

;; Query time: 186 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Oct 08 00:22:31 CST 2022
;; MSG SIZE  rcvd: 105

Host info

42.69.97.161.in-addr.arpa domain name pointer vmi403908.contaboserver.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
42.69.97.161.in-addr.arpa	name = vmi403908.contaboserver.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
71.19.250.131	attackbots	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2020-09-07 04:11:03
14.177.219.246	attack	1599324071 - 09/05/2020 18:41:11 Host: 14.177.219.246/14.177.219.246 Port: 445 TCP Blocked	2020-09-07 04:09:46
42.58.138.241	attackspam	Lines containing failures of 42.58.138.241 Sep 5 18:27:09 omfg postfix/smtpd[24734]: connect from unknown[42.58.138.241] Sep 5 18:27:11 omfg postfix/smtpd[24734]: Anonymous TLS connection established from unknown[42.58.138.241]: TLSv1.2 whostnameh cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bhostnames) Sep x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=42.58.138.241	2020-09-07 03:58:37
212.83.163.170	attack	[2020-09-06 15:54:42] NOTICE[1194] chan_sip.c: Registration from '"928"' failed for '212.83.163.170:8064' - Wrong password [2020-09-06 15:54:42] SECURITY[1233] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-09-06T15:54:42.769-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="928",SessionID="0x7f2ddc1b7848",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/212.83.163.170/8064",Challenge="2ca13249",ReceivedChallenge="2ca13249",ReceivedHash="2941ec31ad8934ed170d3d40944aa1c4" [2020-09-06 15:55:01] NOTICE[1194] chan_sip.c: Registration from '"935"' failed for '212.83.163.170:8421' - Wrong password [2020-09-06 15:55:01] SECURITY[1233] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-09-06T15:55:01.862-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="935",SessionID="0x7f2ddc00cc78",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/212.83. ...	2020-09-07 04:07:03
37.187.3.53	attackspam	SSH brute-force attempt	2020-09-07 03:57:38
5.188.86.210	attackbotsspam	Cowrie Honeypot: Unauthorised SSH/Telnet login attempt with user "root" at 2020-09-06T19:50:52Z	2020-09-07 03:58:09
103.131.71.169	attack	(mod_security) mod_security (id:210730) triggered by 103.131.71.169 (VN/Vietnam/bot-103-131-71-169.coccoc.com): 5 in the last 3600 secs	2020-09-07 04:10:48
213.59.135.87	attack	Sep 6 14:26:44 ny01 sshd[5619]: Failed password for root from 213.59.135.87 port 51462 ssh2 Sep 6 14:29:31 ny01 sshd[6106]: Failed password for root from 213.59.135.87 port 44874 ssh2 Sep 6 14:32:12 ny01 sshd[6394]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.59.135.87	2020-09-07 04:14:01
93.43.223.61	attackbots	IP attempted unauthorised action	2020-09-07 04:25:10
51.37.84.31	attack	Sep 5 12:31:02 hurricane sshd[5166]: Invalid user pi from 51.37.84.31 port 45070 Sep 5 12:31:02 hurricane sshd[5167]: Invalid user pi from 51.37.84.31 port 45074 Sep 5 12:31:02 hurricane sshd[5166]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.37.84.31 Sep 5 12:31:02 hurricane sshd[5167]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.37.84.31 Sep 5 12:31:05 hurricane sshd[5166]: Failed password for invalid user pi from 51.37.84.31 port 45070 ssh2 Sep 5 12:31:05 hurricane sshd[5167]: Failed password for invalid user pi from 51.37.84.31 port 45074 ssh2 Sep 5 12:31:05 hurricane sshd[5166]: Connection closed by 51.37.84.31 port 45070 [preauth] Sep 5 12:31:05 hurricane sshd[5167]: Connection closed by 51.37.84.31 port 45074 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=51.37.84.31	2020-09-07 04:00:02
102.68.137.139	attackspambots	TCP (SYN) 102.68.137.139:54121 -> port 20592, len 44	2020-09-07 04:24:54
59.53.45.39	attack	Email rejected due to spam filtering	2020-09-07 04:15:03
162.142.125.30	attackspam	TCP (SYN) 162.142.125.30:64563 -> port 88, len 44	2020-09-07 03:58:53
142.93.127.16	attack	SSH login attempts.	2020-09-07 03:53:05
162.142.125.22	attackbotsspam	TCP (SYN) 162.142.125.22:49867 -> port 8080, len 44	2020-09-07 03:59:43

Recently Reported IPs

182.243.136.95	116.25.47.25	58.153.110.3	106.41.74.56
40.136.254.191	1.14.246.103	211.114.108.6	121.228.85.221
45.9.150.134	23.94.222.182	179.105.28.197	183.22.253.185
183.157.69.243	128.90.156.6	107.173.107.156	154.92.116.106
134.209.184.210	192.241.94.129	104.152.52.221	31.6.58.162