167.99.14.39 - IPInfo

Basic Info

City: North Bergen

Region: New Jersey

Country: United States

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	[portscan] Port scan	2020-08-29 08:32:12
attackspambots	[portscan] Port scan	2020-05-01 07:36:40

Comments on same subnet:

IP	Type	Details	Datetime
167.99.149.11	attack	Automatic report generated by Wazuh	2020-10-10 03:56:19
167.99.149.11	attack	can 167.99.149.11 [09/Oct/2020:18:09:47 "-" "POST /wp-login.php 200 5780 167.99.149.11 [09/Oct/2020:18:42:33 "-" "GET /wp-login.php 200 9378 167.99.149.11 [09/Oct/2020:18:42:40 "-" "POST /wp-login.php 200 9495	2020-10-09 19:52:36
167.99.144.50	attackspambots	Port scan denied	2020-09-01 16:42:05
167.99.144.50	attackspambots	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-08-27 21:02:32
167.99.146.47	attackspam	" "	2020-08-21 06:12:52
167.99.144.50	attackbotsspam	firewall-block, port(s): 18510/tcp	2020-08-14 17:18:27
167.99.146.47	attackspam	scans once in preceeding hours on the ports (in chronological order) 1070 resulting in total of 2 scans from 167.99.0.0/16 block.	2020-08-14 00:03:52
167.99.146.47	attackspam	Unauthorized connection attempt detected from IP address 167.99.146.47 to port 1880	2020-08-01 17:32:11
167.99.144.50	attackbots	TCP (SYN) 167.99.144.50:58852 -> port 62209, len 44	2020-07-31 02:52:48
167.99.146.47	attackbotsspam	TCP (SYN) 167.99.146.47:43381 -> port 1080, len 44	2020-07-30 21:51:54
167.99.144.50	attackbots	Jul 26 22:14:26 debian-2gb-nbg1-2 kernel: \[18052974.720600\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=167.99.144.50 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=8273 PROTO=TCP SPT=58852 DPT=60265 WINDOW=1024 RES=0x00 SYN URGP=0	2020-07-27 06:15:46
167.99.146.47	attack	" "	2020-07-22 00:29:16
167.99.144.50	attackbotsspam	Port Scan detected from 167.99.144.50 (US/United States/New Jersey/North Bergen/-). 4 hits in the last -14053 seconds	2020-07-18 13:35:27
167.99.144.50	attack	trying to access non-authorized port	2020-07-08 08:30:42
167.99.146.47	attackspambots	scans 2 times in preceeding hours on the ports (in chronological order) 64222 64322 resulting in total of 7 scans from 167.99.0.0/16 block.	2020-07-07 21:04:38

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 167.99.14.39
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32620
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;167.99.14.39.			IN	A

;; AUTHORITY SECTION:
.			330	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020043001 1800 900 604800 86400

;; Query time: 96 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri May 01 07:36:37 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 39.14.99.167.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 39.14.99.167.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
218.23.26.50	attack	'IP reached maximum auth failures for a one day block'	2019-11-10 18:03:33
23.126.140.33	attack	2019-11-10T10:07:18.764747abusebot-4.cloudsearch.cf sshd\[14768\]: Invalid user kayalvili from 23.126.140.33 port 38608	2019-11-10 18:18:54
49.88.112.110	attackbots	Nov 10 10:47:39 mail sshd[19002]: Failed password for root from 49.88.112.110 port 24322 ssh2 Nov 10 10:47:42 mail sshd[19002]: Failed password for root from 49.88.112.110 port 24322 ssh2 Nov 10 10:47:45 mail sshd[19002]: Failed password for root from 49.88.112.110 port 24322 ssh2	2019-11-10 17:55:56
5.2.158.227	attackbotsspam	Nov 10 09:50:56 web8 sshd\[26110\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.2.158.227 user=root Nov 10 09:50:59 web8 sshd\[26110\]: Failed password for root from 5.2.158.227 port 43555 ssh2 Nov 10 09:55:57 web8 sshd\[28645\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.2.158.227 user=root Nov 10 09:55:59 web8 sshd\[28645\]: Failed password for root from 5.2.158.227 port 19554 ssh2 Nov 10 10:00:50 web8 sshd\[30873\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.2.158.227 user=root	2019-11-10 18:07:23
139.59.41.154	attack	Nov 10 10:37:40 SilenceServices sshd[18969]: Failed password for root from 139.59.41.154 port 60920 ssh2 Nov 10 10:41:47 SilenceServices sshd[20316]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.41.154 Nov 10 10:41:49 SilenceServices sshd[20316]: Failed password for invalid user kaushik from 139.59.41.154 port 49814 ssh2	2019-11-10 17:48:48
134.175.133.74	attackbotsspam	2019-11-10T09:44:37.265257abusebot-7.cloudsearch.cf sshd\[11404\]: Invalid user guest from 134.175.133.74 port 53782	2019-11-10 18:16:12
106.13.39.207	attack	Nov 10 07:22:36 vps01 sshd[12239]: Failed password for root from 106.13.39.207 port 52212 ssh2	2019-11-10 18:02:03
106.13.58.170	attackbotsspam	Nov 10 05:57:41 firewall sshd[5218]: Failed password for invalid user teampspeak from 106.13.58.170 port 50586 ssh2 Nov 10 06:02:45 firewall sshd[5399]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.58.170 user=root Nov 10 06:02:47 firewall sshd[5399]: Failed password for root from 106.13.58.170 port 57800 ssh2 ...	2019-11-10 17:41:23
115.186.148.38	attack	Triggered by Fail2Ban at Ares web server	2019-11-10 17:47:36
103.26.43.202	attackspam	Nov 10 11:00:17 [host] sshd[31260]: Invalid user Wachtwoord1234 from 103.26.43.202 Nov 10 11:00:17 [host] sshd[31260]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.26.43.202 Nov 10 11:00:19 [host] sshd[31260]: Failed password for invalid user Wachtwoord1234 from 103.26.43.202 port 35959 ssh2	2019-11-10 18:09:41
51.158.67.13	attackbotsspam	Nov 10 09:38:40 localhost sshd\[32621\]: Invalid user testing from 51.158.67.13 port 38264 Nov 10 09:38:40 localhost sshd\[32621\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.158.67.13 Nov 10 09:38:42 localhost sshd\[32621\]: Failed password for invalid user testing from 51.158.67.13 port 38264 ssh2 ...	2019-11-10 18:04:09
185.176.27.54	attack	11/10/2019-04:57:59.768630 185.176.27.54 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-11-10 18:03:57
106.12.199.98	attackspambots	Nov 10 09:57:23 microserver sshd[65242]: Failed password for root from 106.12.199.98 port 35732 ssh2 Nov 10 10:02:06 microserver sshd[685]: Invalid user odoo from 106.12.199.98 port 41360 Nov 10 10:02:06 microserver sshd[685]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.199.98 Nov 10 10:02:08 microserver sshd[685]: Failed password for invalid user odoo from 106.12.199.98 port 41360 ssh2 Nov 10 10:15:47 microserver sshd[2738]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.199.98 user=root Nov 10 10:15:49 microserver sshd[2738]: Failed password for root from 106.12.199.98 port 58150 ssh2 Nov 10 10:20:31 microserver sshd[3396]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.199.98 user=root Nov 10 10:20:34 microserver sshd[3396]: Failed password for root from 106.12.199.98 port 35534 ssh2 Nov 10 10:25:14 microserver sshd[3976]: Invalid user ot from 106.12.199.98 po	2019-11-10 17:52:29
220.135.92.82	attackbotsspam	Nov 10 11:31:14 server sshd\[25591\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220-135-92-82.hinet-ip.hinet.net user=root Nov 10 11:31:17 server sshd\[25591\]: Failed password for root from 220.135.92.82 port 27198 ssh2 Nov 10 11:41:16 server sshd\[28315\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220-135-92-82.hinet-ip.hinet.net user=root Nov 10 11:41:19 server sshd\[28315\]: Failed password for root from 220.135.92.82 port 18463 ssh2 Nov 10 11:45:36 server sshd\[29502\]: Invalid user student from 220.135.92.82 ...	2019-11-10 17:41:05
142.93.174.47	attackspambots	Nov 10 09:29:39 MainVPS sshd[4111]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.174.47 user=root Nov 10 09:29:40 MainVPS sshd[4111]: Failed password for root from 142.93.174.47 port 59926 ssh2 Nov 10 09:33:00 MainVPS sshd[10339]: Invalid user operator from 142.93.174.47 port 40486 Nov 10 09:33:00 MainVPS sshd[10339]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.174.47 Nov 10 09:33:00 MainVPS sshd[10339]: Invalid user operator from 142.93.174.47 port 40486 Nov 10 09:33:03 MainVPS sshd[10339]: Failed password for invalid user operator from 142.93.174.47 port 40486 ssh2 ...	2019-11-10 17:56:42

Recently Reported IPs

113.175.85.108	91.82.61.167	55.82.232.231	201.82.16.101
124.195.164.186	164.147.196.137	110.171.101.168	200.72.48.37
173.112.75.194	173.95.8.250	42.153.178.238	4.78.179.98
72.187.148.123	82.75.26.9	63.61.111.77	218.180.227.125
97.136.217.67	211.151.23.219	115.126.250.30	155.230.84.247