159.192.99.3 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Thailand

Internet Service Provider: CAT Telecom Public Company Ltd

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	SSH brute force	2020-04-15 07:59:45
attack	Mar 23 20:40:30 work-partkepr sshd\[16394\]: Invalid user readonly from 159.192.99.3 port 50530 Mar 23 20:40:30 work-partkepr sshd\[16394\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.192.99.3 ...	2020-03-24 05:40:44
attackspambots	Mar 6 17:27:15 server sshd\[31967\]: Invalid user test from 159.192.99.3 Mar 6 17:27:15 server sshd\[31967\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.192.99.3 Mar 6 17:27:17 server sshd\[31967\]: Failed password for invalid user test from 159.192.99.3 port 49022 ssh2 Mar 6 18:13:36 server sshd\[8197\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.192.99.3 user=root Mar 6 18:13:39 server sshd\[8197\]: Failed password for root from 159.192.99.3 port 55934 ssh2 ...	2020-03-07 00:00:51
attack	Jan 23 16:50:26 hcbbdb sshd\[5140\]: Invalid user rafaela from 159.192.99.3 Jan 23 16:50:26 hcbbdb sshd\[5140\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.192.99.3 Jan 23 16:50:29 hcbbdb sshd\[5140\]: Failed password for invalid user rafaela from 159.192.99.3 port 41928 ssh2 Jan 23 16:58:54 hcbbdb sshd\[6264\]: Invalid user upload from 159.192.99.3 Jan 23 16:58:54 hcbbdb sshd\[6264\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.192.99.3	2020-01-24 01:37:21
attackspam	Automatic report - Banned IP Access	2020-01-08 05:29:30
attack	Nov 27 06:25:11 l02a sshd[19071]: Invalid user backup from 159.192.99.3 Nov 27 06:25:11 l02a sshd[19071]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.192.99.3 Nov 27 06:25:11 l02a sshd[19071]: Invalid user backup from 159.192.99.3 Nov 27 06:25:13 l02a sshd[19071]: Failed password for invalid user backup from 159.192.99.3 port 37788 ssh2	2019-11-27 18:48:34
attack	Sep 28 14:09:30 auw2 sshd\[17968\]: Invalid user testuser from 159.192.99.3 Sep 28 14:09:30 auw2 sshd\[17968\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.192.99.3 Sep 28 14:09:32 auw2 sshd\[17968\]: Failed password for invalid user testuser from 159.192.99.3 port 60918 ssh2 Sep 28 14:14:16 auw2 sshd\[18404\]: Invalid user katrina from 159.192.99.3 Sep 28 14:14:16 auw2 sshd\[18404\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.192.99.3	2019-09-29 08:46:32
attack	Sep 11 03:33:27 thevastnessof sshd[24540]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.192.99.3 ...	2019-09-11 11:56:46
attackspambots	$f2bV_matches	2019-09-03 14:19:54
attack	vps1:pam-generic	2019-08-25 03:19:07
attackbotsspam	Aug 22 12:56:23 localhost sshd\[457\]: Invalid user daniel from 159.192.99.3 port 37530 Aug 22 12:56:23 localhost sshd\[457\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.192.99.3 Aug 22 12:56:25 localhost sshd\[457\]: Failed password for invalid user daniel from 159.192.99.3 port 37530 ssh2	2019-08-22 19:11:53

Comments on same subnet:

IP	Type	Details	Datetime
159.192.99.105	attackbotsspam	1594180026 - 07/08/2020 05:47:06 Host: 159.192.99.105/159.192.99.105 Port: 445 TCP Blocked	2020-07-08 11:57:48
159.192.99.242	attackspambots	20/6/2@06:08:03: FAIL: Alarm-Network address from=159.192.99.242 20/6/2@06:08:03: FAIL: Alarm-Network address from=159.192.99.242 ...	2020-06-02 18:59:07
159.192.99.105	attackspambots	Unauthorized connection attempt from IP address 159.192.99.105 on Port 445(SMB)	2020-02-27 17:05:15
159.192.99.149	attackbots	2019-07-18T06:54:40.295222stt-1.[munged] kernel: [7478899.559821] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:97:36:58:84:78:ac:57:a8:41:08:00 SRC=159.192.99.149 DST=[mungedIP1] LEN=52 TOS=0x00 PREC=0x00 TTL=46 ID=8760 DF PROTO=TCP SPT=62271 DPT=445 WINDOW=8192 RES=0x00 SYN URGP=0 2019-07-18T06:54:43.355428stt-1.[munged] kernel: [7478902.620009] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:97:36:58:84:78:ac:57:a8:41:08:00 SRC=159.192.99.149 DST=[mungedIP1] LEN=52 TOS=0x00 PREC=0x00 TTL=46 ID=9771 DF PROTO=TCP SPT=62271 DPT=445 WINDOW=8192 RES=0x00 SYN URGP=0 2019-07-18T06:54:49.354641stt-1.[munged] kernel: [7478908.619209] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:97:36:58:84:78:ac:57:a8:41:08:00 SRC=159.192.99.149 DST=[mungedIP1] LEN=48 TOS=0x00 PREC=0x00 TTL=46 ID=12327 DF PROTO=TCP SPT=62271 DPT=445 WINDOW=8192 RES=0x00 SYN URGP=0	2019-07-18 23:07:22

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 159.192.99.3
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6194
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;159.192.99.3.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019082200 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Aug 22 19:11:47 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 3.99.192.159.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 3.99.192.159.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
157.230.178.211	attackspam	Sep 1 16:47:30 mail1 sshd\[24812\]: Invalid user ftpdata from 157.230.178.211 port 35748 Sep 1 16:47:30 mail1 sshd\[24812\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.178.211 Sep 1 16:47:32 mail1 sshd\[24812\]: Failed password for invalid user ftpdata from 157.230.178.211 port 35748 ssh2 Sep 1 17:00:49 mail1 sshd\[31554\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.178.211 user=root Sep 1 17:00:51 mail1 sshd\[31554\]: Failed password for root from 157.230.178.211 port 49078 ssh2 ...	2019-09-02 00:27:18
201.22.95.52	attack	Sep 1 15:32:17 eventyay sshd[32559]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.22.95.52 Sep 1 15:32:19 eventyay sshd[32559]: Failed password for invalid user herbert from 201.22.95.52 port 45328 ssh2 Sep 1 15:38:06 eventyay sshd[1386]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.22.95.52 ...	2019-09-02 00:38:55
112.85.42.172	attack	$f2bV_matches	2019-09-02 00:44:32
140.143.4.188	attackbotsspam	Sep 1 05:14:14 aat-srv002 sshd[7930]: Failed password for root from 140.143.4.188 port 47094 ssh2 Sep 1 05:19:31 aat-srv002 sshd[8045]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.4.188 Sep 1 05:19:34 aat-srv002 sshd[8045]: Failed password for invalid user udo from 140.143.4.188 port 43102 ssh2 ...	2019-09-02 00:10:28
180.64.71.114	attackbots	Sep 1 17:23:04 [HOSTNAME] sshd[5873]: Invalid user admin from 180.64.71.114 port 44526 Sep 1 17:28:59 [HOSTNAME] sshd[6542]: User removed from 180.64.71.114 not allowed because not listed in AllowUsers Sep 1 17:35:53 [HOSTNAME] sshd[7311]: Invalid user student from 180.64.71.114 port 59870 ...	2019-09-02 01:03:04
67.191.194.94	attackbots	Sep 1 16:47:46 dev0-dcfr-rnet sshd[7614]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=67.191.194.94 Sep 1 16:47:48 dev0-dcfr-rnet sshd[7614]: Failed password for invalid user admin from 67.191.194.94 port 51222 ssh2 Sep 1 16:47:50 dev0-dcfr-rnet sshd[7614]: Failed password for invalid user admin from 67.191.194.94 port 51222 ssh2 Sep 1 16:47:52 dev0-dcfr-rnet sshd[7614]: Failed password for invalid user admin from 67.191.194.94 port 51222 ssh2	2019-09-02 00:11:15
200.194.15.253	attack	Sep 1 17:58:30 ns3367391 sshd\[30734\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.194.15.253 user=root Sep 1 17:58:32 ns3367391 sshd\[30734\]: Failed password for root from 200.194.15.253 port 33660 ssh2 ...	2019-09-02 00:09:28
120.52.152.17	attack	09/01/2019-11:07:21.878109 120.52.152.17 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-09-02 00:39:47
141.98.81.37	attack	Sep 1 15:13:51 vpn01 sshd\[6427\]: Invalid user admin from 141.98.81.37 Sep 1 15:13:51 vpn01 sshd\[6427\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.98.81.37 Sep 1 15:13:54 vpn01 sshd\[6427\]: Failed password for invalid user admin from 141.98.81.37 port 14970 ssh2	2019-09-02 00:56:12
165.22.108.201	attackbotsspam	Aug 31 21:38:47 php2 sshd\[5137\]: Invalid user cyril from 165.22.108.201 Aug 31 21:38:47 php2 sshd\[5137\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.108.201 Aug 31 21:38:48 php2 sshd\[5137\]: Failed password for invalid user cyril from 165.22.108.201 port 45668 ssh2 Aug 31 21:43:37 php2 sshd\[5760\]: Invalid user admin from 165.22.108.201 Aug 31 21:43:37 php2 sshd\[5760\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.108.201	2019-09-02 00:10:02
103.96.75.195	attackbotsspam	Sep 1 03:02:57 localhost kernel: [1059193.516065] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=103.96.75.195 DST=[mungedIP2] LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=54321 PROTO=TCP SPT=54181 DPT=6379 WINDOW=65535 RES=0x00 SYN URGP=0 Sep 1 03:02:57 localhost kernel: [1059193.516091] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=103.96.75.195 DST=[mungedIP2] LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=54321 PROTO=TCP SPT=54181 DPT=6379 SEQ=241547978 ACK=0 WINDOW=65535 RES=0x00 SYN URGP=0 Sep 1 03:04:13 localhost kernel: [1059269.743993] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=103.96.75.195 DST=[mungedIP2] LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=54321 PROTO=TCP SPT=58104 DPT=6380 WINDOW=65535 RES=0x00 SYN URGP=0 Sep 1 03:04:13 localhost kernel: [1059269.744021] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=103.96.75.195 DST=[mungedIP2] LEN=40 TOS=0x00 PR	2019-09-02 01:04:19
123.233.246.52	attack	Brute force SMTP login attempts.	2019-09-02 00:32:50
61.250.138.125	attackbotsspam	Sep 1 19:38:16 itv-usvr-01 sshd[4024]: Invalid user printer from 61.250.138.125 Sep 1 19:38:16 itv-usvr-01 sshd[4024]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.250.138.125 Sep 1 19:38:16 itv-usvr-01 sshd[4024]: Invalid user printer from 61.250.138.125 Sep 1 19:38:19 itv-usvr-01 sshd[4024]: Failed password for invalid user printer from 61.250.138.125 port 35164 ssh2	2019-09-02 00:04:18
217.195.108.61	attack	[portscan] Port scan	2019-09-02 00:15:06
45.55.12.248	attackspambots	Aug 29 13:26:22 itv-usvr-01 sshd[8001]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.12.248 user=mysql Aug 29 13:26:23 itv-usvr-01 sshd[8001]: Failed password for mysql from 45.55.12.248 port 36626 ssh2	2019-09-02 00:53:52

Recently Reported IPs

150.109.63.147	51.77.200.62	156.127.225.249	94.167.123.168
47.124.76.110	169.128.202.36	20.128.194.157	5.224.220.251
55.224.13.8	43.140.244.146	253.176.5.196	207.192.231.190
163.53.20.111	143.78.122.83	171.231.244.180	239.218.197.227
105.95.46.211	189.94.146.158	83.178.172.159	158.162.122.96