99.139.160.36 - IPInfo

Basic Info

City: Milwaukee

Region: Wisconsin

Country: United States

Internet Service Provider: AT&T

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 99.139.160.36
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 51156
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;99.139.160.36.			IN	A

;; AUTHORITY SECTION:
.			368	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020050602 1800 900 604800 86400

;; Query time: 98 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu May 07 05:43:06 CST 2020
;; MSG SIZE  rcvd: 117

Host info

36.160.139.99.in-addr.arpa domain name pointer 99-139-160-36.lightspeed.milwwi.sbcglobal.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
36.160.139.99.in-addr.arpa	name = 99-139-160-36.lightspeed.milwwi.sbcglobal.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
62.4.55.67	attack	TCP (SYN) 62.4.55.67:20834 -> port 60001, len 44	2020-10-05 20:25:00
112.85.42.13	attackbots	Oct 5 14:18:56 vps1 sshd[11183]: Failed none for invalid user root from 112.85.42.13 port 17348 ssh2 Oct 5 14:18:56 vps1 sshd[11183]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.13 user=root Oct 5 14:18:58 vps1 sshd[11183]: Failed password for invalid user root from 112.85.42.13 port 17348 ssh2 Oct 5 14:19:02 vps1 sshd[11183]: Failed password for invalid user root from 112.85.42.13 port 17348 ssh2 Oct 5 14:19:08 vps1 sshd[11183]: Failed password for invalid user root from 112.85.42.13 port 17348 ssh2 Oct 5 14:19:14 vps1 sshd[11183]: Failed password for invalid user root from 112.85.42.13 port 17348 ssh2 Oct 5 14:19:19 vps1 sshd[11183]: Failed password for invalid user root from 112.85.42.13 port 17348 ssh2 Oct 5 14:19:21 vps1 sshd[11183]: error: maximum authentication attempts exceeded for invalid user root from 112.85.42.13 port 17348 ssh2 [preauth] Oct 5 14:19:27 vps1 sshd[11191]: pam_unix(sshd:auth): authentication fail ...	2020-10-05 20:24:44
159.89.115.126	attack	Oct 5 10:43:48 sip sshd[1822675]: Failed password for root from 159.89.115.126 port 59322 ssh2 Oct 5 10:47:23 sip sshd[1822722]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.115.126 user=root Oct 5 10:47:25 sip sshd[1822722]: Failed password for root from 159.89.115.126 port 36834 ssh2 ...	2020-10-05 19:59:28
68.175.89.61	attackspam	TCP (SYN) 68.175.89.61:50516 -> port 8080, len 44	2020-10-05 20:00:14
190.85.163.46	attack	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-10-05T02:26:20Z and 2020-10-05T02:33:23Z	2020-10-05 19:43:45
106.52.47.236	attack	Oct 5 10:20:33 ns3033917 sshd[20456]: Failed password for root from 106.52.47.236 port 37074 ssh2 Oct 5 10:26:20 ns3033917 sshd[20532]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.47.236 user=root Oct 5 10:26:22 ns3033917 sshd[20532]: Failed password for root from 106.52.47.236 port 40074 ssh2 ...	2020-10-05 20:15:59
184.75.235.204	attackspam	Oct 4 22:26:03 CT721 sshd[32094]: Invalid user admin from 184.75.235.204 port 51982 Oct 4 22:26:04 CT721 sshd[32094]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=184.75.235.204 Oct 4 22:26:06 CT721 sshd[32094]: Failed password for invalid user admin from 184.75.235.204 port 51982 ssh2 Oct 4 22:26:06 CT721 sshd[32094]: Connection closed by 184.75.235.204 port 51982 [preauth] Oct 4 22:26:08 CT721 sshd[32096]: Invalid user admin from 184.75.235.204 port 51987 Oct 4 22:26:08 CT721 sshd[32096]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=184.75.235.204 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=184.75.235.204	2020-10-05 20:15:32
175.198.80.24	attackbots	Oct 5 13:22:20 Ubuntu-1404-trusty-64-minimal sshd\[20445\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.198.80.24 user=root Oct 5 13:22:21 Ubuntu-1404-trusty-64-minimal sshd\[20445\]: Failed password for root from 175.198.80.24 port 34438 ssh2 Oct 5 13:38:58 Ubuntu-1404-trusty-64-minimal sshd\[8762\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.198.80.24 user=root Oct 5 13:39:00 Ubuntu-1404-trusty-64-minimal sshd\[8762\]: Failed password for root from 175.198.80.24 port 56008 ssh2 Oct 5 13:43:06 Ubuntu-1404-trusty-64-minimal sshd\[13091\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.198.80.24 user=root	2020-10-05 20:26:36
68.183.236.92	attackspambots	Oct 5 04:02:57 mockhub sshd[533560]: Failed password for root from 68.183.236.92 port 47874 ssh2 Oct 5 04:06:52 mockhub sshd[533678]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.236.92 user=root Oct 5 04:06:54 mockhub sshd[533678]: Failed password for root from 68.183.236.92 port 53896 ssh2 ...	2020-10-05 19:45:19
218.92.0.165	attack	detected by Fail2Ban	2020-10-05 20:05:10
115.48.233.172	attackspambots	Listed on abuseat.org plus zen-spamhaus / proto=6 . srcport=37769 . dstport=8443 . (3485)	2020-10-05 19:55:37
36.156.138.33	attackbotsspam	Unauthorized SSH login attempts	2020-10-05 19:47:13
68.38.175.3	attackspam	SSH/22 MH Probe, BF, Hack -	2020-10-05 19:53:11
161.8.18.218	attack	srvr3: (mod_security) mod_security (id:920350) triggered by 161.8.18.218 (US/-/-): 1 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/10/05 13:26:14 [error] 253312#0: 1012 [client 161.8.18.218] ModSecurity: Access denied with code 406 (phase 2). Matched "Operator `Rx' with parameter `^[\d.:]+$' against variable `REQUEST_HEADERS:Host' [redacted] [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "718"] [id "920350"] [rev ""] [msg "Host header is a numeric IP address"] [redacted] [severity "4"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [redacted] [uri "/"] [unique_id "160189717425.582943"] [ref "o0,11v21,11"], client: 161.8.18.218, [redacted] request: "GET / HTTP/1.1" [redacted]	2020-10-05 20:01:50
104.206.128.74	attackspambots	TCP (SYN) 104.206.128.74:55896 -> port 3389, len 44	2020-10-05 20:11:31

Recently Reported IPs

154.54.109.24	87.242.249.45	15.107.159.120	62.240.13.58
171.60.117.211	193.80.171.2	97.12.203.77	173.49.160.55
142.93.104.131	10.53.110.34	202.23.171.158	24.63.85.207
221.191.42.254	61.7.54.190	156.208.233.52	45.197.117.146
84.98.6.113	90.112.243.172	161.251.155.125	5.0.134.137