5.58.85.66 - IPInfo

Basic Info

City: Ternopil

Region: Ternopil's'ka Oblast'

Country: Ukraine

Internet Service Provider: Lanet Network Ltd

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt detected from IP address 5.58.85.66 to port 8080 [J]	2020-02-01 00:13:41

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 5.58.85.66
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 47438
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;5.58.85.66.			IN	A

;; AUTHORITY SECTION:
.			415	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020012901 1800 900 604800 86400

;; Query time: 62 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jan 30 05:16:46 CST 2020
;; MSG SIZE  rcvd: 114

Host info

66.85.58.5.in-addr.arpa domain name pointer host-5-58-85-66.bitternet.ua.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
66.85.58.5.in-addr.arpa	name = host-5-58-85-66.bitternet.ua.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
104.200.110.191	attackspambots	Apr 8 07:45:02 *** sshd[24268]: Invalid user admin from 104.200.110.191	2020-04-08 17:45:39
49.51.137.222	attack	Apr 7 15:29:20 server sshd\[7193\]: Failed password for invalid user ubuntu from 49.51.137.222 port 50830 ssh2 Apr 8 08:38:50 server sshd\[6708\]: Invalid user admin from 49.51.137.222 Apr 8 08:38:50 server sshd\[6708\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.51.137.222 Apr 8 08:38:52 server sshd\[6708\]: Failed password for invalid user admin from 49.51.137.222 port 43782 ssh2 Apr 8 08:50:30 server sshd\[9773\]: Invalid user testuser from 49.51.137.222 Apr 8 08:50:30 server sshd\[9773\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.51.137.222 ...	2020-04-08 17:48:02
130.89.160.147	attack	Apr 7 23:15:45 mockhub sshd[21117]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=130.89.160.147 Apr 7 23:15:47 mockhub sshd[21117]: Failed password for invalid user test from 130.89.160.147 port 51738 ssh2 ...	2020-04-08 18:00:50
45.64.161.65	attackspambots	Lines containing failures of 45.64.161.65 Apr 8 05:48:36 linuxrulz sshd[14199]: Invalid user operator from 45.64.161.65 port 7352 Apr 8 05:48:36 linuxrulz sshd[14199]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.64.161.65 Apr 8 05:48:38 linuxrulz sshd[14199]: Failed password for invalid user operator from 45.64.161.65 port 7352 ssh2 Apr 8 05:48:38 linuxrulz sshd[14199]: Connection closed by invalid user operator 45.64.161.65 port 7352 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=45.64.161.65	2020-04-08 18:01:39
121.11.100.183	attack	(sshd) Failed SSH login from 121.11.100.183 (CN/China/-): 5 in the last 3600 secs	2020-04-08 17:37:31
185.53.88.39	attack	SIP Server BruteForce Attack	2020-04-08 17:47:17
62.122.156.74	attackbotsspam	ssh intrusion attempt	2020-04-08 17:57:03
113.161.85.81	attack	Apr 8 08:15:40 sshd[29885]: Failed password for invalid user test from 113.161.85.81 port 38464 ssh2	2020-04-08 17:43:17
49.234.12.123	attackspambots	Apr 8 12:05:19 pkdns2 sshd\[18305\]: Invalid user ts3server from 49.234.12.123Apr 8 12:05:20 pkdns2 sshd\[18305\]: Failed password for invalid user ts3server from 49.234.12.123 port 40870 ssh2Apr 8 12:08:40 pkdns2 sshd\[18404\]: Failed password for root from 49.234.12.123 port 49212 ssh2Apr 8 12:11:44 pkdns2 sshd\[18550\]: Invalid user ts3sleep from 49.234.12.123Apr 8 12:11:45 pkdns2 sshd\[18550\]: Failed password for invalid user ts3sleep from 49.234.12.123 port 57554 ssh2Apr 8 12:14:58 pkdns2 sshd\[18657\]: Invalid user ns2 from 49.234.12.123 ...	2020-04-08 17:53:51
192.241.238.242	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-04-08 18:05:51
185.79.61.254	attackspam	Apr 8 11:46:09 host01 sshd[27582]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.79.61.254 Apr 8 11:46:10 host01 sshd[27582]: Failed password for invalid user user5 from 185.79.61.254 port 50822 ssh2 Apr 8 11:50:04 host01 sshd[28297]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.79.61.254 ...	2020-04-08 17:53:09
123.206.90.149	attackbotsspam	leo_www	2020-04-08 17:55:55
163.172.230.4	attackbots	[2020-04-08 05:36:34] NOTICE[12114][C-00002c80] chan_sip.c: Call from '' (163.172.230.4:53422) to extension '999998011972592277524' rejected because extension not found in context 'public'. [2020-04-08 05:36:34] SECURITY[12128] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-04-08T05:36:34.021-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="999998011972592277524",SessionID="0x7f020c04b958",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/163.172.230.4/53422",ACLName="no_extension_match" [2020-04-08 05:40:45] NOTICE[12114][C-00002c84] chan_sip.c: Call from '' (163.172.230.4:59285) to extension '' rejected because extension not found in context 'public'. ...	2020-04-08 17:42:14
54.190.176.173	attack	Automated report (2020-04-08T03:54:16+00:00). Scraper detected at this address.	2020-04-08 17:39:36
178.62.79.227	attackspam	sshd jail - ssh hack attempt	2020-04-08 18:00:00

Recently Reported IPs

54.183.53.9	32.116.170.33	54.219.161.38	79.136.126.118
54.233.166.155	80.76.247.253	62.237.178.97	89.29.23.27
81.30.216.94	41.33.9.3	146.187.189.37	84.237.160.187
87.197.116.111	197.184.22.197	73.150.187.173	94.143.241.161
73.40.205.104	56.214.41.142	95.83.38.11	85.23.100.123