98.159.99.58 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: IDC Inc.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Connection to SSH Honeypot - Detected by HoneypotDB	2020-09-06 21:58:27
attackbotsspam	Connection to SSH Honeypot - Detected by HoneypotDB	2020-09-06 13:33:53
attackspam	Cowrie Honeypot: Unauthorised SSH/Telnet login attempt with user "root" at 2020-09-05T17:55:46Z	2020-09-06 05:48:46

Comments on same subnet:

IP	Type	Details	Datetime
98.159.99.217	attack	Brute force attempt	2020-08-19 18:53:37
98.159.99.46	attackbots	" "	2020-08-19 03:30:23
98.159.99.46	attackspambots	TCP (SYN) 98.159.99.46:6000 -> port 3306, len 40	2020-08-18 17:48:43
98.159.99.230	attack	Connection to SSH Honeypot - Detected by HoneypotDB	2020-08-04 03:50:51
98.159.99.227	attackspam	SSH Bruteforce Attempt on Honeypot	2020-08-03 13:57:15
98.159.99.22	attackspambots	Received: from [98.159.99.22] (port=4194 helo=a.km77.top) by sg3plcpnl0224.prod.sin3.secureserver.net with smtp (Exim 4.92) (envelope-from ) id 1jUFnU-002wJ6-Uz	2020-05-04 15:20:06
98.159.99.11	attack	SSH login attempts.	2020-03-19 12:15:30

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 98.159.99.58
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38829
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;98.159.99.58.			IN	A

;; AUTHORITY SECTION:
.			272	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020090501 1800 900 604800 86400

;; Query time: 17 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Sep 06 05:48:43 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 58.99.159.98.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 58.99.159.98.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
132.255.29.228	attack	Jul 15 01:24:39 * sshd[30981]: Failed password for invalid user cristian from 132.255.29.228 port 48446 ssh2 Jul 17 09:40:38 * sshd[13720]: Failed password for invalid user hank from 132.255.29.228 port 44984 ssh2	2019-07-18 04:38:35
121.201.33.222	attack	[SMB remote code execution attempt: port tcp/445] *(RWIN=1024)(07172048)	2019-07-18 04:41:41
118.163.178.146	attackbotsspam	Jul 17 22:03:10 jane sshd\[4686\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.163.178.146 user=root Jul 17 22:03:11 jane sshd\[4686\]: Failed password for root from 118.163.178.146 port 47109 ssh2 Jul 17 22:10:54 jane sshd\[12602\]: Invalid user web from 118.163.178.146 port 53362 ...	2019-07-18 04:32:42
87.57.191.65	attackspam	Automatic report - Port Scan Attack	2019-07-18 04:19:58
193.201.224.214	attackspambots	Jul 17 21:20:55 nextcloud sshd\[9302\]: Invalid user 0 from 193.201.224.214 Jul 17 21:20:55 nextcloud sshd\[9302\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.201.224.214 Jul 17 21:20:57 nextcloud sshd\[9302\]: Failed password for invalid user 0 from 193.201.224.214 port 37894 ssh2 ...	2019-07-18 04:39:39
185.220.101.65	attack	Jul 17 21:11:22 ns37 sshd[30295]: Failed password for root from 185.220.101.65 port 42473 ssh2 Jul 17 21:11:24 ns37 sshd[30295]: Failed password for root from 185.220.101.65 port 42473 ssh2 Jul 17 21:11:27 ns37 sshd[30295]: Failed password for root from 185.220.101.65 port 42473 ssh2 Jul 17 21:11:28 ns37 sshd[30295]: Failed password for root from 185.220.101.65 port 42473 ssh2	2019-07-18 04:15:00
70.45.243.146	attack	Jul 17 16:31:37 sshgateway sshd\[21344\]: Invalid user srvadmin from 70.45.243.146 Jul 17 16:31:37 sshgateway sshd\[21344\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=70.45.243.146 Jul 17 16:31:39 sshgateway sshd\[21344\]: Failed password for invalid user srvadmin from 70.45.243.146 port 40958 ssh2	2019-07-18 04:36:18
36.250.234.33	attackbotsspam	Jul 17 20:42:08 localhost sshd\[6424\]: Invalid user yd from 36.250.234.33 Jul 17 20:42:08 localhost sshd\[6424\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.250.234.33 Jul 17 20:42:10 localhost sshd\[6424\]: Failed password for invalid user yd from 36.250.234.33 port 57455 ssh2 Jul 17 20:48:45 localhost sshd\[6680\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.250.234.33 user=root Jul 17 20:48:47 localhost sshd\[6680\]: Failed password for root from 36.250.234.33 port 53871 ssh2 ...	2019-07-18 04:08:32
208.102.113.11	attack	Jul 17 19:03:33 thevastnessof sshd[24314]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=208.102.113.11 ...	2019-07-18 04:14:32
62.14.178.216	attack	Jul 17 15:36:08 our-server-hostname postfix/smtpd[7159]: connect from unknown[62.14.178.216] Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul 17 15:36:22 our-server-hostname postfix/smtpd[7159]: too many errors after RCPT from unknown[62.14.178.216] Jul 17 15:36:22 our-server-hostname postfix/smtpd[7159]: disconnect from unknown[62.14.178.216] Jul 17 17:29:22 our-server-hostname postfix/smtpd[11978]: connect from unknown[62.14.178.216] Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul 17 17:29:36 our-server-hostname postfix/smtpd[11978]: too many errors after RCPT from unknown[62.14.178.216] Jul 17 17:29:36 our-server-hostname postfix/smtpd[11978]: disconnect from unknown[62.14.178.216] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=62.14.1	2019-07-18 04:17:54
218.38.28.210	attack	firewall-block, port(s): 445/tcp	2019-07-18 04:36:55
172.104.242.173	attackbotsspam	Scanning random ports - tries to find possible vulnerable services	2019-07-18 04:38:18
118.69.66.93	attack	Honeypot attack, port: 445, PTR: PTR record not found	2019-07-18 04:43:29
90.17.170.194	attackspambots	firewall-block, port(s): 81/tcp	2019-07-18 04:45:36
162.243.142.228	attack	firewall-block, port(s): 623/udp	2019-07-18 04:39:07

Recently Reported IPs

160.155.57.79	190.24.69.160	213.4.21.37	165.22.182.34
200.76.202.183	103.111.69.237	192.241.231.91	112.202.3.55
218.35.219.79	49.83.169.24	138.238.205.236	51.91.132.52
206.46.23.185	227.32.196.71	92.26.219.95	238.107.89.101
71.218.254.16	80.170.176.14	48.104.151.147	127.126.112.250