116.234.92.99 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Shanghai Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-02-12 13:17:23

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 116.234.92.99
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 12178
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;116.234.92.99.			IN	A

;; AUTHORITY SECTION:
.			206	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020021103 1800 900 604800 86400

;; Query time: 33 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Feb 12 13:17:16 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 99.92.234.116.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 99.92.234.116.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
37.187.54.67	attackbotsspam	2019-11-29T08:32:21.852199scmdmz1 sshd\[32222\]: Invalid user pass123 from 37.187.54.67 port 39042 2019-11-29T08:32:21.855378scmdmz1 sshd\[32222\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=67.ip-37-187-54.eu 2019-11-29T08:32:24.414079scmdmz1 sshd\[32222\]: Failed password for invalid user pass123 from 37.187.54.67 port 39042 ssh2 ...	2019-11-29 22:09:32
51.15.190.180	attackbots	Nov 29 14:29:32 venus sshd\[20210\]: Invalid user snyderman from 51.15.190.180 port 54976 Nov 29 14:29:32 venus sshd\[20210\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.15.190.180 Nov 29 14:29:34 venus sshd\[20210\]: Failed password for invalid user snyderman from 51.15.190.180 port 54976 ssh2 ...	2019-11-29 22:35:54
59.115.126.105	attackspambots	Port 22 Scan, PTR: 59-115-126-105.dynamic-ip.hinet.net.	2019-11-29 22:30:19
129.211.41.162	attack	Nov 29 10:22:44 vpn01 sshd[29434]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.41.162 Nov 29 10:22:46 vpn01 sshd[29434]: Failed password for invalid user bruce from 129.211.41.162 port 43890 ssh2 ...	2019-11-29 22:26:40
109.194.54.126	attack	Nov 29 20:50:10 webhost01 sshd[20150]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.194.54.126 Nov 29 20:50:12 webhost01 sshd[20150]: Failed password for invalid user oracle from 109.194.54.126 port 44526 ssh2 ...	2019-11-29 22:13:12
51.38.71.36	attackspambots	Nov 29 19:29:28 gw1 sshd[28152]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.71.36 Nov 29 19:29:30 gw1 sshd[28152]: Failed password for invalid user food from 51.38.71.36 port 37098 ssh2 ...	2019-11-29 22:39:36
106.13.203.62	attackbotsspam	Nov 29 15:29:30 nextcloud sshd\[1363\]: Invalid user siler from 106.13.203.62 Nov 29 15:29:30 nextcloud sshd\[1363\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.203.62 Nov 29 15:29:32 nextcloud sshd\[1363\]: Failed password for invalid user siler from 106.13.203.62 port 51028 ssh2 ...	2019-11-29 22:38:05
14.175.244.151	attackspambots	Unauthorized connection attempt from IP address 14.175.244.151 on Port 445(SMB)	2019-11-29 22:16:23
115.148.80.93	attackspambots	Unauthorised access (Nov 29) SRC=115.148.80.93 LEN=40 TTL=49 ID=21839 TCP DPT=8080 WINDOW=13715 SYN Unauthorised access (Nov 29) SRC=115.148.80.93 LEN=40 TTL=49 ID=31507 TCP DPT=8080 WINDOW=64866 SYN Unauthorised access (Nov 29) SRC=115.148.80.93 LEN=40 TTL=49 ID=572 TCP DPT=8080 WINDOW=34244 SYN Unauthorised access (Nov 28) SRC=115.148.80.93 LEN=40 TTL=52 ID=10004 TCP DPT=8080 WINDOW=64866 SYN Unauthorised access (Nov 27) SRC=115.148.80.93 LEN=40 TTL=49 ID=28577 TCP DPT=8080 WINDOW=64866 SYN Unauthorised access (Nov 26) SRC=115.148.80.93 LEN=40 TTL=49 ID=48110 TCP DPT=8080 WINDOW=13715 SYN Unauthorised access (Nov 26) SRC=115.148.80.93 LEN=40 TTL=49 ID=6660 TCP DPT=8080 WINDOW=34244 SYN Unauthorised access (Nov 25) SRC=115.148.80.93 LEN=40 TTL=49 ID=5693 TCP DPT=8080 WINDOW=34244 SYN Unauthorised access (Nov 25) SRC=115.148.80.93 LEN=40 TTL=49 ID=51934 TCP DPT=8080 WINDOW=13715 SYN	2019-11-29 22:42:22
104.42.158.117	attackbotsspam	Nov 29 04:26:12 wbs sshd\[21913\]: Invalid user kromer from 104.42.158.117 Nov 29 04:26:12 wbs sshd\[21913\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.42.158.117 Nov 29 04:26:15 wbs sshd\[21913\]: Failed password for invalid user kromer from 104.42.158.117 port 13312 ssh2 Nov 29 04:29:38 wbs sshd\[22227\]: Invalid user lab from 104.42.158.117 Nov 29 04:29:38 wbs sshd\[22227\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.42.158.117	2019-11-29 22:34:03
82.138.29.174	attackspam	Unauthorized connection attempt from IP address 82.138.29.174 on Port 445(SMB)	2019-11-29 22:10:47
115.23.68.239	attackbotsspam	FW Port Scan Detected; High activity of unallowed access from 115.23.68.239: 11 in 60secs;limit is 10	2019-11-29 22:44:18
185.170.210.24	attack	FW Port Scan Detected; High activity of unallowed access from 185.170.210.24: 10 in 60secs;limit is 10	2019-11-29 22:43:18
180.76.53.114	attack	Automatic report - Banned IP Access	2019-11-29 22:15:21
188.131.172.142	attackspambots	Port scan detected on ports: 65530[TCP], 65530[TCP], 65530[TCP]	2019-11-29 22:18:10

Recently Reported IPs

182.253.86.10	200.222.64.138	47.94.102.174	14.167.184.96
109.207.201.101	67.176.183.132	58.187.68.88	110.78.146.69
12.218.98.8	141.8.80.172	66.179.208.146	159.8.44.245
195.251.201.49	249.97.77.25	153.156.68.175	14.229.249.158
188.129.30.51	163.206.143.114	176.59.225.147	47.155.10.47