99.43.13.104 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: AT&T Corp.

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Unauthorized connection attempt detected from IP address 99.43.13.104 to port 23 [J]	2020-02-05 18:17:34

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 99.43.13.104
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 34461
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;99.43.13.104.			IN	A

;; AUTHORITY SECTION:
.			140	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020020401 1800 900 604800 86400

;; Query time: 112 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Feb 05 18:17:26 CST 2020
;; MSG SIZE  rcvd: 116

Host info

104.13.43.99.in-addr.arpa domain name pointer 99-43-13-104.lightspeed.mtryca.sbcglobal.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
104.13.43.99.in-addr.arpa	name = 99-43-13-104.lightspeed.mtryca.sbcglobal.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
70.183.194.35	attackspam	firewall-block, port(s): 81/tcp	2020-06-17 18:05:21
78.128.113.107	attack	Jun 17 11:29:39 mail.srvfarm.net postfix/smtps/smtpd[888862]: lost connection after CONNECT from unknown[78.128.113.107] Jun 17 11:29:43 mail.srvfarm.net postfix/smtps/smtpd[889051]: lost connection after CONNECT from unknown[78.128.113.107] Jun 17 11:29:44 mail.srvfarm.net postfix/smtps/smtpd[889160]: lost connection after CONNECT from unknown[78.128.113.107] Jun 17 11:29:48 mail.srvfarm.net postfix/smtps/smtpd[888862]: lost connection after CONNECT from unknown[78.128.113.107] Jun 17 11:29:58 mail.srvfarm.net postfix/smtps/smtpd[889051]: warning: unknown[78.128.113.107]: SASL PLAIN authentication failed:	2020-06-17 18:04:18
106.12.192.10	attackspambots	Jun 17 07:17:31 vps687878 sshd\[22703\]: Failed password for invalid user arash from 106.12.192.10 port 37444 ssh2 Jun 17 07:21:53 vps687878 sshd\[23144\]: Invalid user cok from 106.12.192.10 port 58098 Jun 17 07:21:53 vps687878 sshd\[23144\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.192.10 Jun 17 07:21:55 vps687878 sshd\[23144\]: Failed password for invalid user cok from 106.12.192.10 port 58098 ssh2 Jun 17 07:26:21 vps687878 sshd\[23606\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.192.10 user=root ...	2020-06-17 18:13:45
103.145.12.176	attackspambots	[2020-06-17 05:44:36] NOTICE[1273] chan_sip.c: Registration from '"515" ' failed for '103.145.12.176:5226' - Wrong password [2020-06-17 05:44:36] SECURITY[1288] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-06-17T05:44:36.389-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="515",SessionID="0x7f31c02ff098",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/103.145.12.176/5226",Challenge="48fb8749",ReceivedChallenge="48fb8749",ReceivedHash="79418fc4d53acce777604fffbbc753ca" [2020-06-17 05:44:36] NOTICE[1273] chan_sip.c: Registration from '"515" ' failed for '103.145.12.176:5226' - Wrong password [2020-06-17 05:44:36] SECURITY[1288] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-06-17T05:44:36.403-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="515",SessionID="0x7f31c00226f8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/103.1 ...	2020-06-17 18:14:28
61.177.172.102	attackspambots	Jun 17 12:06:18 home sshd[2073]: Failed password for root from 61.177.172.102 port 28253 ssh2 Jun 17 12:06:26 home sshd[2088]: Failed password for root from 61.177.172.102 port 51828 ssh2 Jun 17 12:06:28 home sshd[2088]: Failed password for root from 61.177.172.102 port 51828 ssh2 ...	2020-06-17 18:11:50
138.185.245.45	attackbots	W 31101,/var/log/nginx/access.log,-,-	2020-06-17 18:16:11
167.71.86.88	attackbotsspam	(sshd) Failed SSH login from 167.71.86.88 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jun 17 10:14:33 rainbow sshd[2487]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.86.88 user=root Jun 17 10:14:35 rainbow sshd[2487]: Failed password for root from 167.71.86.88 port 46254 ssh2 Jun 17 10:29:32 rainbow sshd[3898]: Invalid user jx from 167.71.86.88 port 52038 Jun 17 10:29:34 rainbow sshd[3898]: Failed password for invalid user jx from 167.71.86.88 port 52038 ssh2 Jun 17 10:35:19 rainbow sshd[4462]: Invalid user mauro from 167.71.86.88 port 53982	2020-06-17 18:13:24
103.140.39.64	attackbots	SMTP/25/465/587 Probe, BadAuth, SPAM, Hack -	2020-06-17 18:09:51
118.24.5.125	attackspambots	Jun 16 19:00:13 hpm sshd\[18422\]: Invalid user shekhar from 118.24.5.125 Jun 16 19:00:13 hpm sshd\[18422\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.5.125 Jun 16 19:00:15 hpm sshd\[18422\]: Failed password for invalid user shekhar from 118.24.5.125 port 59904 ssh2 Jun 16 19:04:12 hpm sshd\[18749\]: Invalid user appman from 118.24.5.125 Jun 16 19:04:12 hpm sshd\[18749\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.5.125	2020-06-17 18:20:31
128.199.177.16	attackspam	SSH Honeypot -> SSH Bruteforce / Login	2020-06-17 17:43:51
217.112.142.74	attackbots	Jun 17 05:44:19 mail.srvfarm.net postfix/smtpd[778034]: NOQUEUE: reject: RCPT from unknown[217.112.142.74]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Jun 17 05:44:52 mail.srvfarm.net postfix/smtpd[778674]: NOQUEUE: reject: RCPT from unknown[217.112.142.74]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Jun 17 05:47:38 mail.srvfarm.net postfix/smtpd[778133]: NOQUEUE: reject: RCPT from unknown[217.112.142.74]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Jun 17 05:51:05 mail.srvfarm.net postfix/smtpd[778674]: NOQUEUE: reject: RCPT from unknown[217.112.142.74]: 4	2020-06-17 17:54:45
113.59.224.45	attack	Invalid user tempuser from 113.59.224.45 port 42078	2020-06-17 18:10:48
138.197.171.66	attack	xmlrpc attack	2020-06-17 18:09:27
103.4.217.139	attack	Invalid user ftp from 103.4.217.139 port 58131	2020-06-17 18:10:09
106.13.93.60	attackspam	DATE:2020-06-17 11:44:03, IP:106.13.93.60, PORT:ssh SSH brute force auth (docker-dc)	2020-06-17 18:05:06

Recently Reported IPs

186.235.136.26	185.49.105.173	181.57.97.87	177.141.136.209
177.86.206.237	171.213.46.33	165.16.37.161	164.163.224.159
156.155.214.15	124.156.50.108	120.71.145.209	114.34.225.36
113.25.183.17	112.241.140.35	112.118.152.202	110.172.188.58
36.45.58.85	103.245.33.179	103.112.213.176	142.79.149.204