104.192.82.99 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: Huang Xudong

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	SSH Brute-Forcing (server2)	2020-08-12 13:50:56
attack	Aug 6 14:23:49 cosmoit sshd[27185]: Failed password for root from 104.192.82.99 port 55218 ssh2	2020-08-06 20:41:07
attackbots	Jul 18 15:26:56 hidden sshd[60375]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.192.82.99 Jul 18 15:26:58 hidden sshd[60375]: Failed password for invalid user fvs from 104.192.82.99 port 34716 ssh2	2020-07-19 03:03:40
attack	2020-07-13T20:29:11.970744+02:00 sshd[8894]: Failed password for invalid user adm02 from 104.192.82.99 port 51824 ssh2	2020-07-14 02:41:52
attackbots	SSH Invalid Login	2020-07-02 03:45:35
attack	Invalid user gen from 104.192.82.99 port 39274	2020-06-27 07:05:33
attackbotsspam	$f2bV_matches	2020-06-26 02:37:01
attackbots	Jun 18 19:34:43 gw1 sshd[13901]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.192.82.99 Jun 18 19:34:45 gw1 sshd[13901]: Failed password for invalid user db2inst1 from 104.192.82.99 port 52718 ssh2 ...	2020-06-18 22:51:40
attack	prod11 ...	2020-06-13 01:00:07
attack	Jun 10 12:57:19 zulu412 sshd\[14590\]: Invalid user lorenzo from 104.192.82.99 port 53392 Jun 10 12:57:19 zulu412 sshd\[14590\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.192.82.99 Jun 10 12:57:21 zulu412 sshd\[14590\]: Failed password for invalid user lorenzo from 104.192.82.99 port 53392 ssh2 ...	2020-06-11 02:15:44
attack	" "	2020-06-09 07:04:58
attackbots	Failed password for root from 104.192.82.99 port 36802 ssh2 pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.192.82.99 user=root Failed password for root from 104.192.82.99 port 58640 ssh2 pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.192.82.99 user=root Failed password for root from 104.192.82.99 port 52238 ssh2	2020-06-01 07:41:16
attack	Invalid user zhaowu from 104.192.82.99 port 58266	2020-05-23 13:16:58
attack	May 3 18:33:41 piServer sshd[25559]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.192.82.99 May 3 18:33:44 piServer sshd[25559]: Failed password for invalid user wesley from 104.192.82.99 port 47060 ssh2 May 3 18:38:37 piServer sshd[25952]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.192.82.99 ...	2020-05-04 01:13:37
attack	$f2bV_matches	2020-05-02 16:36:32
attackbots	Invalid user db2fenc2 from 104.192.82.99 port 43482	2020-05-01 12:36:37
attackspam	Apr 27 14:39:22 legacy sshd[11091]: Failed password for root from 104.192.82.99 port 47566 ssh2 Apr 27 14:41:55 legacy sshd[11169]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.192.82.99 Apr 27 14:41:57 legacy sshd[11169]: Failed password for invalid user anand from 104.192.82.99 port 38168 ssh2 ...	2020-04-27 21:01:13
attack	20 attempts against mh-ssh on cloud	2020-04-09 20:58:09
attack	Apr 7 20:09:28 php1 sshd\[7020\]: Invalid user gpadmin from 104.192.82.99 Apr 7 20:09:28 php1 sshd\[7020\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.192.82.99 Apr 7 20:09:30 php1 sshd\[7020\]: Failed password for invalid user gpadmin from 104.192.82.99 port 55974 ssh2 Apr 7 20:15:03 php1 sshd\[7560\]: Invalid user admin1 from 104.192.82.99 Apr 7 20:15:03 php1 sshd\[7560\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.192.82.99	2020-04-08 14:36:27
attackbots	(sshd) Failed SSH login from 104.192.82.99 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 7 23:29:43 amsweb01 sshd[13430]: Invalid user tab from 104.192.82.99 port 43720 Apr 7 23:29:45 amsweb01 sshd[13430]: Failed password for invalid user tab from 104.192.82.99 port 43720 ssh2 Apr 7 23:38:30 amsweb01 sshd[14579]: Invalid user mta from 104.192.82.99 port 55228 Apr 7 23:38:32 amsweb01 sshd[14579]: Failed password for invalid user mta from 104.192.82.99 port 55228 ssh2 Apr 7 23:45:44 amsweb01 sshd[15717]: Invalid user upload from 104.192.82.99 port 49816	2020-04-08 06:37:48
attackspam	Lines containing failures of 104.192.82.99 Mar 30 13:04:53 neweola sshd[17050]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.192.82.99 user=r.r Mar 30 13:04:55 neweola sshd[17050]: Failed password for r.r from 104.192.82.99 port 57506 ssh2 Mar 30 13:04:57 neweola sshd[17050]: Received disconnect from 104.192.82.99 port 57506:11: Bye Bye [preauth] Mar 30 13:04:57 neweola sshd[17050]: Disconnected from authenticating user r.r 104.192.82.99 port 57506 [preauth] Mar 30 13:20:22 neweola sshd[17885]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.192.82.99 user=r.r Mar 30 13:20:25 neweola sshd[17885]: Failed password for r.r from 104.192.82.99 port 53584 ssh2 Mar 30 13:20:27 neweola sshd[17885]: Received disconnect from 104.192.82.99 port 53584:11: Bye Bye [preauth] Mar 30 13:20:27 neweola sshd[17885]: Disconnected from authenticating user r.r 104.192.82.99 port 53584 [preauth] Mar 30........ ------------------------------	2020-04-02 05:15:11
attackspambots	Apr 1 12:42:46 lukav-desktop sshd\[10864\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.192.82.99 user=root Apr 1 12:42:49 lukav-desktop sshd\[10864\]: Failed password for root from 104.192.82.99 port 43342 ssh2 Apr 1 12:46:16 lukav-desktop sshd\[10928\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.192.82.99 user=root Apr 1 12:46:18 lukav-desktop sshd\[10928\]: Failed password for root from 104.192.82.99 port 41796 ssh2 Apr 1 12:49:55 lukav-desktop sshd\[10958\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.192.82.99 user=root	2020-04-01 18:39:50

Comments on same subnet:

IP	Type	Details	Datetime
104.192.82.140	attack	Unauthorized connection attempt detected from IP address 104.192.82.140 to port 1433 [J]	2020-03-03 01:49:37
104.192.82.178	attackspam	Unauthorized connection attempt detected from IP address 104.192.82.178 to port 1433 [J]	2020-03-03 00:42:57
104.192.82.140	attack	02/29/2020-23:55:37.582280 104.192.82.140 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2020-03-01 16:22:22
104.192.82.178	attack	Fail2Ban Ban Triggered	2020-02-22 09:39:46

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.192.82.99
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57365
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.192.82.99.			IN	A

;; AUTHORITY SECTION:
.			515	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020033102 1800 900 604800 86400

;; Query time: 50 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Apr 01 18:39:47 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 99.82.192.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
*** Can't find 99.82.192.104.in-addr.arpa.: No answer

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
186.209.74.197	attackspam	May 23 23:25:58 ift sshd\[33928\]: Invalid user atd from 186.209.74.197May 23 23:26:00 ift sshd\[33928\]: Failed password for invalid user atd from 186.209.74.197 port 37378 ssh2May 23 23:30:09 ift sshd\[34396\]: Invalid user slp from 186.209.74.197May 23 23:30:11 ift sshd\[34396\]: Failed password for invalid user slp from 186.209.74.197 port 40083 ssh2May 23 23:34:09 ift sshd\[34858\]: Invalid user atl from 186.209.74.197 ...	2020-05-24 04:56:58
190.55.215.209	attackbots	WordPress brute force	2020-05-24 05:22:30
103.207.39.104	attackbotsspam	May 23 22:35:49 srv01 postfix/smtpd\[28626\]: warning: unknown\[103.207.39.104\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 23 22:35:49 srv01 postfix/smtpd\[2162\]: warning: unknown\[103.207.39.104\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 23 22:35:49 srv01 postfix/smtpd\[2164\]: warning: unknown\[103.207.39.104\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 23 22:35:52 srv01 postfix/smtpd\[28626\]: warning: unknown\[103.207.39.104\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 23 22:35:52 srv01 postfix/smtpd\[2162\]: warning: unknown\[103.207.39.104\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 23 22:35:52 srv01 postfix/smtpd\[2164\]: warning: unknown\[103.207.39.104\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-05-24 04:55:23
220.250.0.252	attack	May 23 22:36:54 lnxded63 sshd[22738]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.250.0.252 May 23 22:36:54 lnxded63 sshd[22738]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.250.0.252	2020-05-24 05:00:51
5.25.186.181	attack	Unauthorized connection attempt from IP address 5.25.186.181 on Port 445(SMB)	2020-05-24 05:18:57
177.200.148.103	attackbotsspam	SMB Server BruteForce Attack	2020-05-24 05:14:42
196.158.129.38	attackspam	Unauthorized connection attempt from IP address 196.158.129.38 on Port 445(SMB)	2020-05-24 04:50:44
222.82.253.106	attackspambots	May 23 17:12:54 NPSTNNYC01T sshd[15424]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.82.253.106 May 23 17:12:57 NPSTNNYC01T sshd[15424]: Failed password for invalid user rox from 222.82.253.106 port 14410 ssh2 May 23 17:16:51 NPSTNNYC01T sshd[15868]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.82.253.106 ...	2020-05-24 05:23:39
223.83.159.194	attack	SSH brute force attempt	2020-05-24 04:55:06
103.89.176.74	attackspambots	May 23 21:15:21 ip-172-31-61-156 sshd[19665]: Invalid user dwz from 103.89.176.74 May 23 21:15:23 ip-172-31-61-156 sshd[19665]: Failed password for invalid user dwz from 103.89.176.74 port 40726 ssh2 May 23 21:15:21 ip-172-31-61-156 sshd[19665]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.89.176.74 May 23 21:15:21 ip-172-31-61-156 sshd[19665]: Invalid user dwz from 103.89.176.74 May 23 21:15:23 ip-172-31-61-156 sshd[19665]: Failed password for invalid user dwz from 103.89.176.74 port 40726 ssh2 ...	2020-05-24 05:16:26
196.219.61.97	attackspambots	Unauthorized connection attempt from IP address 196.219.61.97 on Port 445(SMB)	2020-05-24 05:13:26
45.143.223.153	attackbotsspam	2020-05-23T05:32:52.685815productionscape.com postfix/smtpd[3871]: NOQUEUE: reject: RCPT from unknown[45.143.223.153]: 454 4.7.1 : Relay access denied; from= to= proto=ESMTP helo= 2020-05-23T20:15:17.607161productionscape.com postfix/smtpd[14242]: NOQUEUE: reject: RCPT from unknown[45.143.223.153]: 454 4.7.1 : Relay access denied; from= to= proto=ESMTP helo= ...	2020-05-24 05:11:35
190.63.191.171	attackspam	Unauthorized connection attempt from IP address 190.63.191.171 on Port 445(SMB)	2020-05-24 05:19:33
142.44.242.38	attack	SSH Brute-Force reported by Fail2Ban	2020-05-24 05:00:27
187.189.241.135	attackbots	May 23 20:15:23 *** sshd[3425]: Invalid user hqk from 187.189.241.135	2020-05-24 04:55:37

Recently Reported IPs

148.153.62.105	200.5.181.31	79.143.30.77	159.12.17.100
161.230.179.68	160.67.151.8	129.21.252.75	141.120.38.161
139.235.241.81	201.163.181.137	223.205.248.96	106.189.165.160
120.227.190.175	32.152.23.242	139.223.103.22	54.0.33.182
141.106.133.0	35.230.114.199	79.149.252.153	136.26.197.85