80.158.16.16 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Germany

Internet Service Provider: T-Systems International GmbH

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	SSH Brute-Force reported by Fail2Ban	2019-10-03 00:31:17

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 80.158.16.16
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52017
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;80.158.16.16.			IN	A

;; AUTHORITY SECTION:
.			381	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019100200 1800 900 604800 86400

;; Query time: 52 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Oct 03 00:31:12 CST 2019
;; MSG SIZE  rcvd: 116

Host info

16.16.158.80.in-addr.arpa domain name pointer ecs-80-158-16-16.reverse.open-telekom-cloud.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
16.16.158.80.in-addr.arpa	name = ecs-80-158-16-16.reverse.open-telekom-cloud.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
124.42.99.11	attackspambots	Oct 24 06:51:21 server sshd\[17631\]: Invalid user admin from 124.42.99.11 port 55690 Oct 24 06:51:21 server sshd\[17631\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.42.99.11 Oct 24 06:51:23 server sshd\[17631\]: Failed password for invalid user admin from 124.42.99.11 port 55690 ssh2 Oct 24 06:56:00 server sshd\[2323\]: Invalid user patrick from 124.42.99.11 port 34490 Oct 24 06:56:00 server sshd\[2323\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.42.99.11	2019-10-24 12:05:00
113.109.247.37	attack	2019-10-24T03:55:54.267436abusebot-5.cloudsearch.cf sshd\[14058\]: Invalid user mailer from 113.109.247.37 port 17998	2019-10-24 12:09:57
85.202.13.254	attackbotsspam	[portscan] Port scan	2019-10-24 12:31:11
163.172.61.214	attack	Oct 24 10:51:54 webhost01 sshd[2672]: Failed password for root from 163.172.61.214 port 51446 ssh2 ...	2019-10-24 12:27:51
61.148.29.198	attack	dovecot jail - smtp auth [ma]	2019-10-24 12:16:43
128.199.162.2	attackbots	Automatic report - Banned IP Access	2019-10-24 08:20:58
147.135.133.29	attack	Oct 24 03:52:17 localhost sshd\[113631\]: Invalid user lithium from 147.135.133.29 port 48192 Oct 24 03:52:17 localhost sshd\[113631\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.135.133.29 Oct 24 03:52:19 localhost sshd\[113631\]: Failed password for invalid user lithium from 147.135.133.29 port 48192 ssh2 Oct 24 03:55:58 localhost sshd\[113746\]: Invalid user shanghaitan from 147.135.133.29 port 59392 Oct 24 03:55:58 localhost sshd\[113746\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.135.133.29 ...	2019-10-24 12:07:14
216.218.206.70	attackbots	50070/tcp 3389/tcp 8080/tcp... [2019-08-26/10-23]29pkt,13pt.(tcp),1pt.(udp)	2019-10-24 12:04:33
148.66.142.161	attack	148.66.142.161 - - [23/Oct/2019:23:26:16 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 148.66.142.161 - - [23/Oct/2019:23:26:19 +0200] "POST /wp-login.php HTTP/1.1" 200 1503 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 148.66.142.161 - - [23/Oct/2019:23:26:19 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 148.66.142.161 - - [23/Oct/2019:23:26:20 +0200] "POST /wp-login.php HTTP/1.1" 200 1489 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 148.66.142.161 - - [23/Oct/2019:23:26:21 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 148.66.142.161 - - [23/Oct/2019:23:26:22 +0200] "POST /wp-login.php HTTP/1.1" 200 1491 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-10-24 08:24:57
138.68.57.207	attack	Automatic report - XMLRPC Attack	2019-10-24 12:23:20
118.89.48.251	attackbotsspam	2019-10-23T23:33:10.2024411495-001 sshd\[47700\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.89.48.251 user=root 2019-10-23T23:33:12.5080471495-001 sshd\[47700\]: Failed password for root from 118.89.48.251 port 39608 ssh2 2019-10-23T23:48:09.5659821495-001 sshd\[48303\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.89.48.251 user=root 2019-10-23T23:48:10.9535841495-001 sshd\[48303\]: Failed password for root from 118.89.48.251 port 43124 ssh2 2019-10-23T23:52:50.0385151495-001 sshd\[48466\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.89.48.251 user=root 2019-10-23T23:52:51.3357681495-001 sshd\[48466\]: Failed password for root from 118.89.48.251 port 52812 ssh2 ...	2019-10-24 12:12:24
222.186.175.154	attackbots	Oct 20 22:07:05 microserver sshd[4198]: Failed none for root from 222.186.175.154 port 39728 ssh2 Oct 20 22:07:06 microserver sshd[4198]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.154 user=root Oct 20 22:07:08 microserver sshd[4198]: Failed password for root from 222.186.175.154 port 39728 ssh2 Oct 20 22:07:11 microserver sshd[4198]: Failed password for root from 222.186.175.154 port 39728 ssh2 Oct 20 22:07:16 microserver sshd[4198]: Failed password for root from 222.186.175.154 port 39728 ssh2 Oct 21 10:39:46 microserver sshd[40362]: Failed none for root from 222.186.175.154 port 24722 ssh2 Oct 21 10:39:47 microserver sshd[40362]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.154 user=root Oct 21 10:39:49 microserver sshd[40362]: Failed password for root from 222.186.175.154 port 24722 ssh2 Oct 21 10:39:53 microserver sshd[40362]: Failed password for root from 222.186.175.154 port 24722 ssh2 Oct	2019-10-24 12:32:09
186.122.147.189	attackspambots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/186.122.147.189/ UY - 1H : (1) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : UY NAME ASN : ASN11664 IP : 186.122.147.189 CIDR : 186.122.144.0/20 PREFIX COUNT : 803 UNIQUE IP COUNT : 811776 ATTACKS DETECTED ASN11664 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 DateTime : 2019-10-24 05:55:38 INFO : Port SSH 22 Scan Detected and Blocked by ADMIN - data recovery	2019-10-24 12:22:53
119.29.242.84	attack	Oct 24 06:15:57 localhost sshd\[1469\]: Invalid user ntadmin123 from 119.29.242.84 port 45218 Oct 24 06:15:57 localhost sshd\[1469\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.242.84 Oct 24 06:15:59 localhost sshd\[1469\]: Failed password for invalid user ntadmin123 from 119.29.242.84 port 45218 ssh2	2019-10-24 12:18:56
45.82.153.76	attackbotsspam	Brute Force attack - banned by Fail2Ban	2019-10-24 12:29:20

Recently Reported IPs

96.178.227.16	208.6.60.15	16.147.216.37	182.101.5.225
136.182.119.110	168.174.18.126	177.159.29.136	113.132.180.219
101.108.1.75	27.118.67.224	42.115.165.170	169.197.216.103
119.69.10.65	157.42.62.37	122.211.12.75	89.235.113.120
83.120.101.139	92.61.85.165	92.246.55.173	208.135.76.30