75.99.13.123 - IPInfo

Basic Info

City: Riverhead

Region: New York

Country: United States

Internet Service Provider: Levenson Keith

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	[FriNov0815:31:20.9334962019][:error][pid12021:tid139667689133824][client75.99.13.123:47089][client75.99.13.123]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch"\(\?:\$mozilla\^\\|mozilla/[45]\\\\\\\\.[1-9]\\|\^mozilla/4\\\\\\\\.0\$\)"atREQUEST_HEADERS:User-Agent.[file"/usr/local/apache.ea3/conf/modsec_rules/20_asl_useragents.conf"][line"419"][id"330131"][rev"3"][msg"Atomicorp.comWAFRules:MaliciousBotBlocked\(FakeMozillaUserAgentStringDetected\)"][severity"CRITICAL"][hostname"saloneuomo.ch"][uri"/mysql-adminer.php"][unique_id"XcV8OAHFhFw2sXbAmNH7kgAAAIs"]\,referer:saloneuomo.ch[FriNov0815:34:01.4293402019][:error][pid12095:tid139667647170304][client75.99.13.123:50005][client75.99.13.123]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch"\(\?:\$mozilla\^\\|mozilla/[45]\\\\\\\\.[1-9]\\|\^mozilla/4\\\\\\\\.0\$\)"atREQUEST_HEADERS:User-Agent.[file"/usr/local/apache.ea3/conf/modsec_rules/20_asl_useragents.conf"][line"419"][id"330131"][rev"3"][msg"Atomicorp.comWAFRules:M	2019-11-09 03:47:26

Type

Details

Datetime

attackspam

[FriNov0815:31:20.9334962019][:error][pid12021:tid139667689133824][client75.99.13.123:47089][client75.99.13.123]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch"\(\?:\$mozilla\^\|mozilla/[45]\\\\\\\\.[1-9]\|\^mozilla/4\\\\\\\\.0\$\)"atREQUEST_HEADERS:User-Agent.[file"/usr/local/apache.ea3/conf/modsec_rules/20_asl_useragents.conf"][line"419"][id"330131"][rev"3"][msg"Atomicorp.comWAFRules:MaliciousBotBlocked\(FakeMozillaUserAgentStringDetected\)"][severity"CRITICAL"][hostname"saloneuomo.ch"][uri"/mysql-adminer.php"][unique_id"XcV8OAHFhFw2sXbAmNH7kgAAAIs"]\,referer:saloneuomo.ch[FriNov0815:34:01.4293402019][:error][pid12095:tid139667647170304][client75.99.13.123:50005][client75.99.13.123]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch"\(\?:\$mozilla\^\|mozilla/[45]\\\\\\\\.[1-9]\|\^mozilla/4\\\\\\\\.0\$\)"atREQUEST_HEADERS:User-Agent.[file"/usr/local/apache.ea3/conf/modsec_rules/20_asl_useragents.conf"][line"419"][id"330131"][rev"3"][msg"Atomicorp.comWAFRules:M

2019-11-09 03:47:26

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 75.99.13.123
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 925
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;75.99.13.123.			IN	A

;; AUTHORITY SECTION:
.			599	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019110801 1800 900 604800 86400

;; Query time: 63 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Nov 09 03:47:23 CST 2019
;; MSG SIZE  rcvd: 116

Host info

123.13.99.75.in-addr.arpa domain name pointer ool-4b630d7b.static.optonline.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
123.13.99.75.in-addr.arpa	name = ool-4b630d7b.static.optonline.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
27.78.100.224	attackbotsspam	Automatic report - Port Scan Attack	2020-03-19 00:41:42
196.1.213.122	attackbotsspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-03-19 01:06:47
91.212.38.226	attackbots	91.212.38.226 was recorded 5 times by 5 hosts attempting to connect to the following ports: 5060. Incident counter (4h, 24h, all-time): 5, 32, 329	2020-03-19 00:50:57
58.186.60.91	attack	Unauthorized connection attempt detected from IP address 58.186.60.91 to port 445	2020-03-19 00:39:01
176.50.197.97	attackbots	Honeypot attack, port: 445, PTR: PTR record not found	2020-03-19 00:31:24
183.237.191.186	attack	Mar 18 14:09:57 santamaria sshd\[18669\]: Invalid user hfbx from 183.237.191.186 Mar 18 14:09:57 santamaria sshd\[18669\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.237.191.186 Mar 18 14:09:59 santamaria sshd\[18669\]: Failed password for invalid user hfbx from 183.237.191.186 port 54714 ssh2 ...	2020-03-19 00:28:04
112.85.42.174	attackspam	Mar 18 21:12:21 gw1 sshd[32403]: Failed password for root from 112.85.42.174 port 23560 ssh2 Mar 18 21:12:36 gw1 sshd[32403]: error: maximum authentication attempts exceeded for root from 112.85.42.174 port 23560 ssh2 [preauth] ...	2020-03-19 00:35:28
91.126.217.116	attackbots	Automatic report - XMLRPC Attack	2020-03-19 01:19:54
213.93.74.125	attackspam	TCP port 1824: Scan and connection	2020-03-19 01:09:22
115.149.129.60	attack	Unauthorized connection attempt detected from IP address 115.149.129.60 to port 445 [T]	2020-03-19 00:37:31
202.131.152.2	attackbotsspam	SSH invalid-user multiple login try	2020-03-19 00:27:01
45.55.210.248	attack	SSH Brute-Force attacks	2020-03-19 00:40:07
68.64.228.251	attack	Honeypot attack, port: 445, PTR: 68-64-228-251.static-transtelco.net.	2020-03-19 00:55:40
167.71.128.144	attack	k+ssh-bruteforce	2020-03-19 01:25:45
45.143.220.99	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-03-19 00:30:58

Recently Reported IPs

41.90.105.94	121.43.176.58	202.108.140.114	117.50.21.68
123.110.117.246	45.146.203.200	51.83.41.48	87.70.6.119
85.115.60.201	61.5.57.147	94.176.154.125	94.51.77.209
190.187.111.87	176.32.30.223	91.195.254.205	103.46.201.168
220.141.68.96	195.192.229.19	13.230.230.46	115.214.252.25