103.99.149.94 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: None

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
103.99.149.134	attackspambots	SSH Brute-Force Attack	2020-06-20 17:59:41
103.99.149.90	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-08-16 19:33:05,742 INFO [amun_request_handler] PortScan Detected on Port: 445 (103.99.149.90)	2019-08-17 08:30:38

Type

Details

Datetime

103.99.149.134

attackspambots

SSH Brute-Force Attack

2020-06-20 17:59:41

103.99.149.90

attack

@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-08-16 19:33:05,742 INFO [amun_request_handler] PortScan Detected on Port: 445 (103.99.149.90)

2019-08-17 08:30:38

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.99.149.94
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 43168
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;103.99.149.94.			IN	A

;; AUTHORITY SECTION:
.			212	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022500 1800 900 604800 86400

;; Query time: 24 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 25 19:14:47 CST 2022
;; MSG SIZE  rcvd: 106

Host info

94.149.99.103.in-addr.arpa domain name pointer as135139-cbe.skylinkfibernet.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
94.149.99.103.in-addr.arpa	name = as135139-cbe.skylinkfibernet.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
5.153.2.228	attackbots	Oct 10 05:56:15 mail kernel: [393021.786106] [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=5.153.2.228 DST=77.73.69.240 LEN=40 TOS=0x08 PREC=0x20 TTL=75 ID=18688 DF PROTO=TCP SPT=63876 DPT=80 WINDOW=29200 RES=0x00 SYN URGP=0 Oct 10 05:56:15 mail kernel: [393021.814395] [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=5.153.2.228 DST=77.73.69.240 LEN=40 TOS=0x08 PREC=0x20 TTL=55 ID=7419 DF PROTO=TCP SPT=61612 DPT=80 WINDOW=29200 RES=0x00 SYN URGP=0 Oct 10 05:56:15 mail kernel: [393021.839230] [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=5.153.2.228 DST=77.73.69.240 LEN=40 TOS=0x08 PREC=0x20 TTL=60 ID=15457 DF PROTO=TCP SPT=62434 DPT=22 WINDOW=29200 RES=0x00 SYN URGP=0 Oct 10 05:56:15 mail kernel: [393021.848170] [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=5.153.2.228 DST=77.73.69.240 LEN=40 TOS=0x08 PREC=0x20 TTL=69 ID=62799 DF PROTO=TCP SPT=56568 DPT=22 WINDOW=29200 RES=0x00 SYN URGP=0 ...	2019-10-10 12:09:23
117.50.94.229	attackspam	Oct 10 06:55:03 server sshd\[4360\]: User root from 117.50.94.229 not allowed because listed in DenyUsers Oct 10 06:55:03 server sshd\[4360\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.94.229 user=root Oct 10 06:55:05 server sshd\[4360\]: Failed password for invalid user root from 117.50.94.229 port 20666 ssh2 Oct 10 06:59:18 server sshd\[17225\]: User root from 117.50.94.229 not allowed because listed in DenyUsers Oct 10 06:59:18 server sshd\[17225\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.94.229 user=root	2019-10-10 12:16:28
81.171.85.146	attackbotsspam	\[2019-10-10 00:16:22\] NOTICE\[1887\] chan_sip.c: Registration from '\' failed for '81.171.85.146:58425' - Wrong password \[2019-10-10 00:16:22\] SECURITY\[1898\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-10-10T00:16:22.874-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="567",SessionID="0x7fc3ac5226d8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/81.171.85.146/58425",Challenge="3b8dd7a0",ReceivedChallenge="3b8dd7a0",ReceivedHash="80b852ea1d34ee1ba624b4dd1166e6cd" \[2019-10-10 00:16:54\] NOTICE\[1887\] chan_sip.c: Registration from '\' failed for '81.171.85.146:50770' - Wrong password \[2019-10-10 00:16:54\] SECURITY\[1898\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-10-10T00:16:54.136-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="2066",SessionID="0x7fc3ac5f2a78",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/81.171.85.1	2019-10-10 12:32:00
114.232.204.161	attackbotsspam	Unauthorised access (Oct 10) SRC=114.232.204.161 LEN=40 TOS=0x10 PREC=0x40 TTL=49 ID=10985 TCP DPT=8080 WINDOW=37170 SYN	2019-10-10 12:24:38
62.234.144.135	attack	Oct 10 05:55:22 mail sshd\[28719\]: Invalid user 123Boutique from 62.234.144.135 Oct 10 05:55:22 mail sshd\[28719\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.144.135 Oct 10 05:55:23 mail sshd\[28719\]: Failed password for invalid user 123Boutique from 62.234.144.135 port 32972 ssh2 ...	2019-10-10 12:31:09
36.65.78.138	attackbotsspam	Attempt to attack host OS, exploiting network vulnerabilities, on 10-10-2019 04:55:19.	2019-10-10 12:36:35
36.70.133.217	attackbotsspam	Attempt to attack host OS, exploiting network vulnerabilities, on 10-10-2019 04:55:20.	2019-10-10 12:34:59
170.210.214.50	attack	Oct 10 06:51:26 www sshd\[58072\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=170.210.214.50 user=root Oct 10 06:51:29 www sshd\[58072\]: Failed password for root from 170.210.214.50 port 45480 ssh2 Oct 10 06:55:26 www sshd\[58152\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=170.210.214.50 user=root ...	2019-10-10 12:29:17
46.38.144.17	attackbotsspam	Oct 10 04:09:05 heicom postfix/smtpd\[523\]: warning: unknown\[46.38.144.17\]: SASL LOGIN authentication failed: authentication failure Oct 10 04:10:20 heicom postfix/smtpd\[626\]: warning: unknown\[46.38.144.17\]: SASL LOGIN authentication failed: authentication failure Oct 10 04:11:38 heicom postfix/smtpd\[626\]: warning: unknown\[46.38.144.17\]: SASL LOGIN authentication failed: authentication failure Oct 10 04:12:54 heicom postfix/smtpd\[473\]: warning: unknown\[46.38.144.17\]: SASL LOGIN authentication failed: authentication failure Oct 10 04:14:10 heicom postfix/smtpd\[523\]: warning: unknown\[46.38.144.17\]: SASL LOGIN authentication failed: authentication failure ...	2019-10-10 12:16:14
158.69.121.179	attackspam	Joomla User : try to access forms...	2019-10-10 12:28:52
103.139.12.24	attackbotsspam	Oct 10 06:09:14 vps647732 sshd[26398]: Failed password for root from 103.139.12.24 port 55319 ssh2 ...	2019-10-10 12:16:57
125.227.62.145	attack	Oct 10 05:51:36 ns381471 sshd[32123]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.227.62.145 Oct 10 05:51:38 ns381471 sshd[32123]: Failed password for invalid user Sound@2017 from 125.227.62.145 port 42509 ssh2 Oct 10 05:56:18 ns381471 sshd[32288]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.227.62.145	2019-10-10 12:07:09
180.162.68.111	attackbotsspam	Attempt to attack host OS, exploiting network vulnerabilities, on 10-10-2019 04:55:18.	2019-10-10 12:38:32
47.180.89.23	attackbotsspam	Oct 10 03:52:31 www_kotimaassa_fi sshd[32095]: Failed password for root from 47.180.89.23 port 60162 ssh2 ...	2019-10-10 12:15:16
202.142.180.74	attackbots	Attempt to attack host OS, exploiting network vulnerabilities, on 10-10-2019 04:55:19.	2019-10-10 12:35:39

Recently Reported IPs

103.99.15.141	103.99.149.66	103.99.15.65	103.99.15.158
103.99.15.168	103.99.15.70	103.99.160.3	103.99.160.1
101.109.135.254	103.99.151.2	103.99.161.1	103.99.160.69
103.99.160.65	103.99.161.13	103.99.161.17	103.99.161.129
103.99.161.65	103.99.161.5	101.109.135.5	103.99.162.1