167.99.139.159

Basic Info

City: unknown

Region: unknown

Country: None

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
167.99.139.71	attack	2019-09-13T03:16:09.508505centos sshd\[23808\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.139.71 user=root 2019-09-13T03:16:11.391489centos sshd\[23808\]: Failed password for root from 167.99.139.71 port 34086 ssh2 2019-09-13T03:16:11.695457centos sshd\[23811\]: Invalid user admin from 167.99.139.71 port 41030	2019-09-13 10:16:15

Type

Details

Datetime

167.99.139.71

attack

2019-09-13T03:16:09.508505centos sshd\[23808\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.139.71  user=root
2019-09-13T03:16:11.391489centos sshd\[23808\]: Failed password for root from 167.99.139.71 port 34086 ssh2
2019-09-13T03:16:11.695457centos sshd\[23811\]: Invalid user admin from 167.99.139.71 port 41030

2019-09-13 10:16:15

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 167.99.139.159
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 12215
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;167.99.139.159.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021300 1800 900 604800 86400

;; Query time: 60 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 13 15:00:35 CST 2022
;; MSG SIZE  rcvd: 107

Host info

Host 159.139.99.167.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 159.139.99.167.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
204.156.172.20	attackspambots	CVE-2017-5638: Apache Struts 2 Vulnerability	2020-04-07 04:27:16
222.252.55.183	attack	Unauthorized connection attempt from IP address 222.252.55.183 on Port 445(SMB)	2020-04-07 04:23:30
202.162.19.114	attack	Intensive web app attacks (several per seconds) trying every possibly word.	2020-04-07 04:22:10
118.45.190.167	attackspambots	SSH auth scanning - multiple failed logins	2020-04-07 04:10:06
172.112.22.242	attackspambots	Apr 6 19:38:00 internal-server-tf sshd\[31849\]: Invalid user pi from 172.112.22.242Apr 6 19:38:00 internal-server-tf sshd\[31850\]: Invalid user pi from 172.112.22.242 ...	2020-04-07 04:20:21
154.85.37.20	attackbotsspam	Apr 6 21:51:15 vps sshd[669019]: Failed password for invalid user cba from 154.85.37.20 port 57754 ssh2 Apr 6 21:53:37 vps sshd[679685]: Invalid user eva from 154.85.37.20 port 53580 Apr 6 21:53:37 vps sshd[679685]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.85.37.20 Apr 6 21:53:39 vps sshd[679685]: Failed password for invalid user eva from 154.85.37.20 port 53580 ssh2 Apr 6 21:55:17 vps sshd[691710]: Invalid user hadoop from 154.85.37.20 port 39296 ...	2020-04-07 04:09:25
119.28.21.55	attack	Apr 6 18:04:04 sshgateway sshd\[6782\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.28.21.55 user=root Apr 6 18:04:06 sshgateway sshd\[6782\]: Failed password for root from 119.28.21.55 port 43082 ssh2 Apr 6 18:10:37 sshgateway sshd\[6860\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.28.21.55 user=root	2020-04-07 03:51:45
222.186.173.226	attack	Apr 6 20:12:44 localhost sshd[64271]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.226 user=root Apr 6 20:12:46 localhost sshd[64271]: Failed password for root from 222.186.173.226 port 37032 ssh2 Apr 6 20:12:50 localhost sshd[64271]: Failed password for root from 222.186.173.226 port 37032 ssh2 Apr 6 20:12:44 localhost sshd[64271]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.226 user=root Apr 6 20:12:46 localhost sshd[64271]: Failed password for root from 222.186.173.226 port 37032 ssh2 Apr 6 20:12:50 localhost sshd[64271]: Failed password for root from 222.186.173.226 port 37032 ssh2 Apr 6 20:12:44 localhost sshd[64271]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.226 user=root Apr 6 20:12:46 localhost sshd[64271]: Failed password for root from 222.186.173.226 port 37032 ssh2 Apr 6 20:12:50 localhost sshd[64 ...	2020-04-07 04:21:40
175.155.13.34	attackspam	frenzy	2020-04-07 04:17:38
149.224.106.214	attack	Apr 6 18:49:08 tuotantolaitos sshd[28365]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.224.106.214 Apr 6 18:49:08 tuotantolaitos sshd[28366]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.224.106.214 ...	2020-04-07 04:24:38
49.234.232.46	attackbotsspam	Apr 6 21:51:39 srv01 sshd[14883]: Invalid user ftpuser from 49.234.232.46 port 46596 Apr 6 21:51:39 srv01 sshd[14883]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.232.46 Apr 6 21:51:39 srv01 sshd[14883]: Invalid user ftpuser from 49.234.232.46 port 46596 Apr 6 21:51:41 srv01 sshd[14883]: Failed password for invalid user ftpuser from 49.234.232.46 port 46596 ssh2 Apr 6 21:56:27 srv01 sshd[15141]: Invalid user user from 49.234.232.46 port 48764 ...	2020-04-07 04:03:41
14.48.7.213	attackspambots	Port 4580 scan denied	2020-04-07 04:32:20
35.241.238.69	attackspam	[MonApr0617:33:05.6187912020][:error][pid26379:tid47137766516480][client35.241.238.69:37618][client35.241.238.69]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch"python-requests/"atREQUEST_HEADERS:User-Agent.[file"/usr/local/apache.ea3/conf/modsec_rules/20_asl_useragents.conf"][line"218"][id"332039"][rev"4"][msg"Atomicorp.comWAFRules:SuspiciousUnusualUserAgent\(python-requests\).Disablethisruleifyouusepython-requests/."][severity"CRITICAL"][hostname"bg-sa.ch"][uri"/robots.txt"][unique_id"XotLsbPmHAO-s6HtfVEwzAAAAAc"][MonApr0617:33:05.6984552020][:error][pid19548:tid47137760212736][client35.241.238.69:38334][client35.241.238.69]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch"python-requests/"atREQUEST_HEADERS:User-Agent.[file"/usr/local/apache.ea3/conf/modsec_rules/20_asl_useragents.conf"][line"218"][id"332039"][rev"4"][msg"Atomicorp.comWAFRules:SuspiciousUnusualUserAgent\(python-requests\).Disablethisruleifyouusepython-requests/."][severity"CRITICAL"][hos	2020-04-07 03:57:52
197.232.6.91	attackbots	Microsoft SQL Server User Authentication Brute Force Attempt, PTR: PTR record not found	2020-04-07 03:59:13
92.47.113.116	attack	1586187166 - 04/06/2020 17:32:46 Host: 92.47.113.116/92.47.113.116 Port: 445 TCP Blocked	2020-04-07 04:19:38

Recently Reported IPs

167.99.156.128	167.99.206.6	167.99.136.84	167.99.164.186
167.99.228.174	167.94.138.55	167.99.43.127	167.99.40.144
167.99.219.96	167.99.251.108	167.99.252.226	167.99.44.130
167.99.6.114	168.0.17.102	168.0.113.182	168.0.217.51
168.0.226.83	168.0.198.170	168.0.198.160	168.0.252.103