58.217.249.142

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Jiangsu Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	[N10.H1.VM1] Port Scanner Detected Blocked by UFW	2020-08-15 19:58:49

Comments on same subnet:

IP	Type	Details	Datetime
58.217.249.155	attack	[N10.H1.VM1] Port Scanner Detected Blocked by UFW	2020-08-15 20:02:23

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 58.217.249.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17464
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;58.217.249.142.			IN	A

;; AUTHORITY SECTION:
.			191	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020081500 1800 900 604800 86400

;; Query time: 25 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Aug 15 19:58:44 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 142.249.217.58.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 142.249.217.58.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
212.83.191.99	attackspam	SMTP PORT:25, HELO:mail.betrty.com, FROM:Electricity Saving Box" \n Subject:Nejjednodu??? zp?sob	2019-07-24 20:28:51
46.22.249.81	attackspam	Telnetd brute force attack detected by fail2ban	2019-07-24 20:27:30
200.127.33.2	attackbotsspam	Jul 24 13:08:49 eventyay sshd[14304]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.127.33.2 Jul 24 13:08:51 eventyay sshd[14304]: Failed password for invalid user mine from 200.127.33.2 port 47300 ssh2 Jul 24 13:18:33 eventyay sshd[16621]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.127.33.2 ...	2019-07-24 19:42:14
125.18.118.208	attackspambots	Scanning random ports - tries to find possible vulnerable services	2019-07-24 20:26:43
188.35.187.50	attack	Jul 24 13:58:05 s64-1 sshd[20694]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.35.187.50 Jul 24 13:58:07 s64-1 sshd[20694]: Failed password for invalid user mirror from 188.35.187.50 port 42194 ssh2 Jul 24 14:02:40 s64-1 sshd[20735]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.35.187.50 ...	2019-07-24 20:19:54
201.245.191.102	attackspambots	Jul 24 13:33:26 mail sshd\[1116\]: Failed password for invalid user vbox from 201.245.191.102 port 54850 ssh2 Jul 24 13:38:18 mail sshd\[2105\]: Invalid user oracle from 201.245.191.102 port 48952 Jul 24 13:38:18 mail sshd\[2105\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.245.191.102 Jul 24 13:38:20 mail sshd\[2105\]: Failed password for invalid user oracle from 201.245.191.102 port 48952 ssh2 Jul 24 13:43:11 mail sshd\[2923\]: Invalid user dev from 201.245.191.102 port 43062 Jul 24 13:43:11 mail sshd\[2923\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.245.191.102	2019-07-24 19:51:01
183.131.82.99	attack	Jul 24 14:23:56 minden010 sshd[28747]: Failed password for root from 183.131.82.99 port 34672 ssh2 Jul 24 14:24:04 minden010 sshd[28794]: Failed password for root from 183.131.82.99 port 27011 ssh2 ...	2019-07-24 20:25:34
31.208.26.13	attackbotsspam	Port Scan detected from 31.208.26.13 (SE/Sweden/31-208-26-13.cust.bredband2.com). 4 hits in the last 30 seconds	2019-07-24 19:57:54
46.105.54.20	attackspam	Jul 24 11:49:00 SilenceServices sshd[28138]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.105.54.20 Jul 24 11:49:03 SilenceServices sshd[28138]: Failed password for invalid user chen from 46.105.54.20 port 56820 ssh2 Jul 24 11:53:20 SilenceServices sshd[31337]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.105.54.20	2019-07-24 20:36:59
37.45.66.13	attackspambots	Jul 24 07:24:39 [munged] sshd[3933]: Invalid user admin from 37.45.66.13 port 38354 Jul 24 07:24:39 [munged] sshd[3933]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.45.66.13	2019-07-24 20:14:36
178.62.118.53	attackbotsspam	2019-07-24T18:38:48.245018enmeeting.mahidol.ac.th sshd\[1302\]: Invalid user mathew from 178.62.118.53 port 54356 2019-07-24T18:38:48.259547enmeeting.mahidol.ac.th sshd\[1302\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.118.53 2019-07-24T18:38:49.905622enmeeting.mahidol.ac.th sshd\[1302\]: Failed password for invalid user mathew from 178.62.118.53 port 54356 ssh2 ...	2019-07-24 20:13:31
172.104.242.173	attack	3389BruteforceFW21	2019-07-24 20:22:43
5.196.88.110	attack	Jul 24 14:08:12 SilenceServices sshd[1118]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.196.88.110 Jul 24 14:08:14 SilenceServices sshd[1118]: Failed password for invalid user testuser from 5.196.88.110 port 50626 ssh2 Jul 24 14:13:23 SilenceServices sshd[5174]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.196.88.110	2019-07-24 20:16:02
128.199.233.57	attack	Jul 24 09:06:43 MK-Soft-VM3 sshd\[4841\]: Invalid user hadoop from 128.199.233.57 port 53340 Jul 24 09:06:43 MK-Soft-VM3 sshd\[4841\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.233.57 Jul 24 09:06:45 MK-Soft-VM3 sshd\[4841\]: Failed password for invalid user hadoop from 128.199.233.57 port 53340 ssh2 ...	2019-07-24 19:47:18
200.165.49.202	attackspam	Jul 24 17:32:09 areeb-Workstation sshd\[8563\]: Invalid user celery from 200.165.49.202 Jul 24 17:32:09 areeb-Workstation sshd\[8563\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.165.49.202 Jul 24 17:32:12 areeb-Workstation sshd\[8563\]: Failed password for invalid user celery from 200.165.49.202 port 41759 ssh2 ...	2019-07-24 20:12:59

Recently Reported IPs

65.237.72.76	42.148.91.205	78.42.211.229	189.244.87.218
122.54.103.65	95.71.124.178	62.1.90.42	36.82.250.138
110.137.38.136	27.56.206.150	114.75.26.182	173.252.95.112
156.146.58.201	64.145.76.39	1.54.78.148	81.30.156.105
117.241.115.80	49.88.65.83	68.229.241.140	37.195.178.123