167.99.14.39 - IPInfo

Basic Info

City: North Bergen

Region: New Jersey

Country: United States

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	[portscan] Port scan	2020-08-29 08:32:12
attackspambots	[portscan] Port scan	2020-05-01 07:36:40

Comments on same subnet:

IP	Type	Details	Datetime
167.99.149.11	attack	Automatic report generated by Wazuh	2020-10-10 03:56:19
167.99.149.11	attack	can 167.99.149.11 [09/Oct/2020:18:09:47 "-" "POST /wp-login.php 200 5780 167.99.149.11 [09/Oct/2020:18:42:33 "-" "GET /wp-login.php 200 9378 167.99.149.11 [09/Oct/2020:18:42:40 "-" "POST /wp-login.php 200 9495	2020-10-09 19:52:36
167.99.144.50	attackspambots	Port scan denied	2020-09-01 16:42:05
167.99.144.50	attackspambots	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-08-27 21:02:32
167.99.146.47	attackspam	" "	2020-08-21 06:12:52
167.99.144.50	attackbotsspam	firewall-block, port(s): 18510/tcp	2020-08-14 17:18:27
167.99.146.47	attackspam	scans once in preceeding hours on the ports (in chronological order) 1070 resulting in total of 2 scans from 167.99.0.0/16 block.	2020-08-14 00:03:52
167.99.146.47	attackspam	Unauthorized connection attempt detected from IP address 167.99.146.47 to port 1880	2020-08-01 17:32:11
167.99.144.50	attackbots	TCP (SYN) 167.99.144.50:58852 -> port 62209, len 44	2020-07-31 02:52:48
167.99.146.47	attackbotsspam	TCP (SYN) 167.99.146.47:43381 -> port 1080, len 44	2020-07-30 21:51:54
167.99.144.50	attackbots	Jul 26 22:14:26 debian-2gb-nbg1-2 kernel: \[18052974.720600\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=167.99.144.50 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=8273 PROTO=TCP SPT=58852 DPT=60265 WINDOW=1024 RES=0x00 SYN URGP=0	2020-07-27 06:15:46
167.99.146.47	attack	" "	2020-07-22 00:29:16
167.99.144.50	attackbotsspam	Port Scan detected from 167.99.144.50 (US/United States/New Jersey/North Bergen/-). 4 hits in the last -14053 seconds	2020-07-18 13:35:27
167.99.144.50	attack	trying to access non-authorized port	2020-07-08 08:30:42
167.99.146.47	attackspambots	scans 2 times in preceeding hours on the ports (in chronological order) 64222 64322 resulting in total of 7 scans from 167.99.0.0/16 block.	2020-07-07 21:04:38

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 167.99.14.39
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32620
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;167.99.14.39.			IN	A

;; AUTHORITY SECTION:
.			330	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020043001 1800 900 604800 86400

;; Query time: 96 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri May 01 07:36:37 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 39.14.99.167.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 39.14.99.167.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
49.234.115.143	attack	Invalid user mizumura from 49.234.115.143 port 60974	2019-12-13 19:57:55
160.153.245.134	attackspam	<6 unauthorized SSH connections	2019-12-13 19:34:30
193.32.163.123	attackspam	Dec 13 06:14:56 Tower sshd[18795]: Connection from 193.32.163.123 port 44035 on 192.168.10.220 port 22 Dec 13 06:14:57 Tower sshd[18795]: Invalid user admin from 193.32.163.123 port 44035 Dec 13 06:14:57 Tower sshd[18795]: error: Could not get shadow information for NOUSER Dec 13 06:14:57 Tower sshd[18795]: Failed password for invalid user admin from 193.32.163.123 port 44035 ssh2 Dec 13 06:14:57 Tower sshd[18795]: Disconnecting invalid user admin 193.32.163.123 port 44035: Change of username or service not allowed: (admin,ssh-connection) -> (user,ssh-connection) [preauth]	2019-12-13 20:16:44
49.235.240.21	attack	Dec 12 23:32:40 kapalua sshd\[31753\]: Invalid user pfau from 49.235.240.21 Dec 12 23:32:40 kapalua sshd\[31753\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.240.21 Dec 12 23:32:42 kapalua sshd\[31753\]: Failed password for invalid user pfau from 49.235.240.21 port 36282 ssh2 Dec 12 23:40:10 kapalua sshd\[32663\]: Invalid user ozhogin_o from 49.235.240.21 Dec 12 23:40:10 kapalua sshd\[32663\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.240.21	2019-12-13 20:01:38
106.38.112.62	attack	Dec 13 12:35:43 mail sshd\[27628\]: Invalid user ramamurthy from 106.38.112.62 Dec 13 12:35:43 mail sshd\[27628\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.38.112.62 Dec 13 12:35:45 mail sshd\[27628\]: Failed password for invalid user ramamurthy from 106.38.112.62 port 46172 ssh2 ...	2019-12-13 19:56:31
206.189.133.82	attackbotsspam	Dec 13 11:43:55 h2177944 sshd\[9952\]: Invalid user brindle from 206.189.133.82 port 59368 Dec 13 11:43:55 h2177944 sshd\[9952\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.133.82 Dec 13 11:43:57 h2177944 sshd\[9952\]: Failed password for invalid user brindle from 206.189.133.82 port 59368 ssh2 Dec 13 11:54:59 h2177944 sshd\[10288\]: Invalid user ujs from 206.189.133.82 port 11932 ...	2019-12-13 19:52:42
222.186.180.41	attackbots	detected by Fail2Ban	2019-12-13 20:15:08
36.92.67.237	attackbotsspam	Attempt to attack host OS, exploiting network vulnerabilities, on 13-12-2019 07:45:11.	2019-12-13 19:37:09
139.59.38.169	attackbotsspam	$f2bV_matches	2019-12-13 19:59:12
106.13.131.4	attackbots	Dec 13 08:44:46 MK-Soft-Root1 sshd[29125]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.131.4 Dec 13 08:44:48 MK-Soft-Root1 sshd[29125]: Failed password for invalid user koson from 106.13.131.4 port 57852 ssh2 ...	2019-12-13 20:11:00
82.151.113.8	attackbotsspam	Dec 13 10:18:42 mail sshd\[24615\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.151.113.8 user=root Dec 13 10:18:44 mail sshd\[24615\]: Failed password for root from 82.151.113.8 port 53848 ssh2 Dec 13 10:24:19 mail sshd\[24719\]: Invalid user info from 82.151.113.8 Dec 13 10:24:19 mail sshd\[24719\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.151.113.8 ...	2019-12-13 20:10:02
182.53.73.182	attack	Unauthorized connection attempt from IP address 182.53.73.182 on Port 445(SMB)	2019-12-13 19:49:57
195.224.138.61	attack	2019-12-13T09:47:27.052039homeassistant sshd[31593]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.224.138.61 user=root 2019-12-13T09:47:29.072131homeassistant sshd[31593]: Failed password for root from 195.224.138.61 port 33336 ssh2 ...	2019-12-13 20:15:20
217.182.79.245	attackbotsspam	SSH Bruteforce attempt	2019-12-13 19:52:24
194.208.88.128	attackspambots	1576223097 - 12/13/2019 08:44:57 Host: 194.208.88.128/194.208.88.128 Port: 6001 TCP Blocked	2019-12-13 19:56:00

Recently Reported IPs

113.175.85.108	91.82.61.167	55.82.232.231	201.82.16.101
124.195.164.186	164.147.196.137	110.171.101.168	200.72.48.37
173.112.75.194	173.95.8.250	42.153.178.238	4.78.179.98
72.187.148.123	82.75.26.9	63.61.111.77	218.180.227.125
97.136.217.67	211.151.23.219	115.126.250.30	155.230.84.247