92.43.104.99 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Germany

Internet Service Provider: Core-Backbone GmbH

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Honeypot attack, port: 445, PTR: PTR record not found	2020-06-09 01:57:18
attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-03-03 15:41:55
attackspam	445/tcp 1433/tcp... [2019-12-22/2020-02-17]9pkt,2pt.(tcp)	2020-02-17 23:07:03
attack	10/27/2019-08:06:02.062772 92.43.104.99 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-10-28 00:16:00
attack	Port 1433 Scan	2019-10-16 20:16:44
attack	Unauthorised access (Oct 13) SRC=92.43.104.99 LEN=40 TTL=248 ID=45817 TCP DPT=1433 WINDOW=1024 SYN	2019-10-14 00:03:18
attackspambots	445/tcp 445/tcp 445/tcp... [2019-07-09/08-27]8pkt,1pt.(tcp)	2019-08-28 11:58:21

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 92.43.104.99
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22279
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;92.43.104.99.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019082701 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Aug 28 11:58:15 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 99.104.43.92.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 99.104.43.92.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
112.85.42.229	attackbotsspam	Aug 30 15:25:17 home sshd[3065360]: Failed password for root from 112.85.42.229 port 57196 ssh2 Aug 30 15:25:21 home sshd[3065360]: Failed password for root from 112.85.42.229 port 57196 ssh2 Aug 30 15:25:23 home sshd[3065360]: Failed password for root from 112.85.42.229 port 57196 ssh2 Aug 30 15:26:05 home sshd[3065655]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.229 user=root Aug 30 15:26:07 home sshd[3065655]: Failed password for root from 112.85.42.229 port 17941 ssh2 ...	2020-08-30 21:39:37
212.98.122.91	attackspambots	(imapd) Failed IMAP login from 212.98.122.91 (DK/Denmark/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Aug 30 16:45:14 ir1 dovecot[3110802]: imap-login: Disconnected (auth failed, 1 attempts in 5 secs): user=, method=PLAIN, rip=212.98.122.91, lip=5.63.12.44, TLS: Connection closed, session=	2020-08-30 22:06:04
78.22.162.248	attack	Aug 30 14:01:35 rocket sshd[26430]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=78.22.162.248 Aug 30 14:01:37 rocket sshd[26430]: Failed password for invalid user test from 78.22.162.248 port 46324 ssh2 ...	2020-08-30 22:04:15
187.188.240.7	attackspambots	Aug 30 16:35:12 pkdns2 sshd\[35255\]: Invalid user iaw from 187.188.240.7Aug 30 16:35:14 pkdns2 sshd\[35255\]: Failed password for invalid user iaw from 187.188.240.7 port 52350 ssh2Aug 30 16:38:48 pkdns2 sshd\[35439\]: Invalid user monitoramento from 187.188.240.7Aug 30 16:38:50 pkdns2 sshd\[35439\]: Failed password for invalid user monitoramento from 187.188.240.7 port 57478 ssh2Aug 30 16:42:25 pkdns2 sshd\[35680\]: Invalid user ins from 187.188.240.7Aug 30 16:42:27 pkdns2 sshd\[35680\]: Failed password for invalid user ins from 187.188.240.7 port 34382 ssh2 ...	2020-08-30 22:06:20
222.186.175.150	attackspambots	Aug 30 15:28:04 vps1 sshd[4057]: Failed none for invalid user root from 222.186.175.150 port 5766 ssh2 Aug 30 15:28:05 vps1 sshd[4057]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.150 user=root Aug 30 15:28:06 vps1 sshd[4057]: Failed password for invalid user root from 222.186.175.150 port 5766 ssh2 Aug 30 15:28:10 vps1 sshd[4057]: Failed password for invalid user root from 222.186.175.150 port 5766 ssh2 Aug 30 15:28:13 vps1 sshd[4057]: Failed password for invalid user root from 222.186.175.150 port 5766 ssh2 Aug 30 15:28:17 vps1 sshd[4057]: Failed password for invalid user root from 222.186.175.150 port 5766 ssh2 Aug 30 15:28:22 vps1 sshd[4057]: Failed password for invalid user root from 222.186.175.150 port 5766 ssh2 Aug 30 15:28:22 vps1 sshd[4057]: error: maximum authentication attempts exceeded for invalid user root from 222.186.175.150 port 5766 ssh2 [preauth] ...	2020-08-30 21:42:00
49.234.70.189	attack	Aug 30 14:45:37 mout sshd[23262]: Connection closed by 49.234.70.189 port 49222 [preauth]	2020-08-30 22:00:36
1.64.173.182	attackbotsspam	$f2bV_matches	2020-08-30 22:01:30
120.194.57.163	attack	Unauthorized connection attempt from IP address 120.194.57.163 on Port 25(SMTP)	2020-08-30 21:41:11
45.142.120.36	attack	2020-08-30 16:30:12 SMTP protocol synchronization error $input sent without waiting for greeting$: rejected connection from H=\[45.142.120.36\] input="QUIT "2020-08-30 16:32:57 dovecot_login authenticator failed for $User$ \[45.142.120.36\]: 535 Incorrect authentication data $set_id=newdir@org.ua$2020-08-30 16:34:29 dovecot_login authenticator failed for $User$ \[45.142.120.36\]: 535 Incorrect authentication data $set_id=woofti@org.ua$ ...	2020-08-30 21:41:38
5.156.179.250	attackspam	Unauthorized connection attempt from IP address 5.156.179.250 on Port 445(SMB)	2020-08-30 21:25:57
89.162.170.138	attackbotsspam	Unauthorized connection attempt from IP address 89.162.170.138 on Port 445(SMB)	2020-08-30 21:54:04
103.41.146.199	attack	port scan and connect, tcp 8080 (http-proxy)	2020-08-30 21:56:59
45.129.33.60	attack	scans 14 times in preceeding hours on the ports (in chronological order) 36788 36809 36607 36565 36842 36822 36704 36830 36775 36560 36614 36882 36622 36826 resulting in total of 117 scans from 45.129.33.0/24 block.	2020-08-30 22:07:36
192.95.30.137	attackspam	192.95.30.137 - - [30/Aug/2020:14:31:14 +0100] "POST /wp-login.php HTTP/1.1" 200 6186 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 192.95.30.137 - - [30/Aug/2020:14:32:49 +0100] "POST /wp-login.php HTTP/1.1" 200 6175 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" 192.95.30.137 - - [30/Aug/2020:14:33:57 +0100] "POST /wp-login.php HTTP/1.1" 200 6177 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36" ...	2020-08-30 21:49:37
139.99.238.150	attack	Aug 30 20:20:28 webhost01 sshd[6909]: Failed password for root from 139.99.238.150 port 53538 ssh2 ...	2020-08-30 21:43:40

Recently Reported IPs

69.225.251.176	216.81.172.222	24.24.57.204	206.81.19.96
13.52.88.101	118.163.113.85	198.12.216.107	137.93.194.24
143.197.107.155	95.81.223.66	47.161.58.219	167.71.64.224
201.25.58.33	24.87.186.98	178.27.201.2	157.117.245.183
101.69.186.62	150.75.248.212	63.150.93.243	80.87.199.21