159.192.99.3 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Thailand

Internet Service Provider: CAT Telecom Public Company Ltd

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	SSH brute force	2020-04-15 07:59:45
attack	Mar 23 20:40:30 work-partkepr sshd\[16394\]: Invalid user readonly from 159.192.99.3 port 50530 Mar 23 20:40:30 work-partkepr sshd\[16394\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.192.99.3 ...	2020-03-24 05:40:44
attackspambots	Mar 6 17:27:15 server sshd\[31967\]: Invalid user test from 159.192.99.3 Mar 6 17:27:15 server sshd\[31967\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.192.99.3 Mar 6 17:27:17 server sshd\[31967\]: Failed password for invalid user test from 159.192.99.3 port 49022 ssh2 Mar 6 18:13:36 server sshd\[8197\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.192.99.3 user=root Mar 6 18:13:39 server sshd\[8197\]: Failed password for root from 159.192.99.3 port 55934 ssh2 ...	2020-03-07 00:00:51
attack	Jan 23 16:50:26 hcbbdb sshd\[5140\]: Invalid user rafaela from 159.192.99.3 Jan 23 16:50:26 hcbbdb sshd\[5140\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.192.99.3 Jan 23 16:50:29 hcbbdb sshd\[5140\]: Failed password for invalid user rafaela from 159.192.99.3 port 41928 ssh2 Jan 23 16:58:54 hcbbdb sshd\[6264\]: Invalid user upload from 159.192.99.3 Jan 23 16:58:54 hcbbdb sshd\[6264\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.192.99.3	2020-01-24 01:37:21
attackspam	Automatic report - Banned IP Access	2020-01-08 05:29:30
attack	Nov 27 06:25:11 l02a sshd[19071]: Invalid user backup from 159.192.99.3 Nov 27 06:25:11 l02a sshd[19071]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.192.99.3 Nov 27 06:25:11 l02a sshd[19071]: Invalid user backup from 159.192.99.3 Nov 27 06:25:13 l02a sshd[19071]: Failed password for invalid user backup from 159.192.99.3 port 37788 ssh2	2019-11-27 18:48:34
attack	Sep 28 14:09:30 auw2 sshd\[17968\]: Invalid user testuser from 159.192.99.3 Sep 28 14:09:30 auw2 sshd\[17968\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.192.99.3 Sep 28 14:09:32 auw2 sshd\[17968\]: Failed password for invalid user testuser from 159.192.99.3 port 60918 ssh2 Sep 28 14:14:16 auw2 sshd\[18404\]: Invalid user katrina from 159.192.99.3 Sep 28 14:14:16 auw2 sshd\[18404\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.192.99.3	2019-09-29 08:46:32
attack	Sep 11 03:33:27 thevastnessof sshd[24540]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.192.99.3 ...	2019-09-11 11:56:46
attackspambots	$f2bV_matches	2019-09-03 14:19:54
attack	vps1:pam-generic	2019-08-25 03:19:07
attackbotsspam	Aug 22 12:56:23 localhost sshd\[457\]: Invalid user daniel from 159.192.99.3 port 37530 Aug 22 12:56:23 localhost sshd\[457\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.192.99.3 Aug 22 12:56:25 localhost sshd\[457\]: Failed password for invalid user daniel from 159.192.99.3 port 37530 ssh2	2019-08-22 19:11:53

Comments on same subnet:

IP	Type	Details	Datetime
159.192.99.105	attackbotsspam	1594180026 - 07/08/2020 05:47:06 Host: 159.192.99.105/159.192.99.105 Port: 445 TCP Blocked	2020-07-08 11:57:48
159.192.99.242	attackspambots	20/6/2@06:08:03: FAIL: Alarm-Network address from=159.192.99.242 20/6/2@06:08:03: FAIL: Alarm-Network address from=159.192.99.242 ...	2020-06-02 18:59:07
159.192.99.105	attackspambots	Unauthorized connection attempt from IP address 159.192.99.105 on Port 445(SMB)	2020-02-27 17:05:15
159.192.99.149	attackbots	2019-07-18T06:54:40.295222stt-1.[munged] kernel: [7478899.559821] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:97:36:58:84:78:ac:57:a8:41:08:00 SRC=159.192.99.149 DST=[mungedIP1] LEN=52 TOS=0x00 PREC=0x00 TTL=46 ID=8760 DF PROTO=TCP SPT=62271 DPT=445 WINDOW=8192 RES=0x00 SYN URGP=0 2019-07-18T06:54:43.355428stt-1.[munged] kernel: [7478902.620009] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:97:36:58:84:78:ac:57:a8:41:08:00 SRC=159.192.99.149 DST=[mungedIP1] LEN=52 TOS=0x00 PREC=0x00 TTL=46 ID=9771 DF PROTO=TCP SPT=62271 DPT=445 WINDOW=8192 RES=0x00 SYN URGP=0 2019-07-18T06:54:49.354641stt-1.[munged] kernel: [7478908.619209] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:97:36:58:84:78:ac:57:a8:41:08:00 SRC=159.192.99.149 DST=[mungedIP1] LEN=48 TOS=0x00 PREC=0x00 TTL=46 ID=12327 DF PROTO=TCP SPT=62271 DPT=445 WINDOW=8192 RES=0x00 SYN URGP=0	2019-07-18 23:07:22

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 159.192.99.3
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6194
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;159.192.99.3.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019082200 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Aug 22 19:11:47 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 3.99.192.159.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 3.99.192.159.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
31.222.83.157	attack	Honeypot attack, port: 5555, PTR: static.masmovil.com.	2020-01-31 08:54:54
192.228.100.249	attack	Jan 31 02:06:43 server2 sshd\[5643\]: User root from 192.228.100.249 not allowed because not listed in AllowUsers Jan 31 02:06:50 server2 sshd\[5649\]: Invalid user DUP from 192.228.100.249 Jan 31 02:06:55 server2 sshd\[5651\]: User root from 192.228.100.249 not allowed because not listed in AllowUsers Jan 31 02:06:59 server2 sshd\[5655\]: User root from 192.228.100.249 not allowed because not listed in AllowUsers Jan 31 02:07:09 server2 sshd\[5659\]: User root from 192.228.100.249 not allowed because not listed in AllowUsers Jan 31 02:07:14 server2 sshd\[5682\]: User root from 192.228.100.249 not allowed because not listed in AllowUsers	2020-01-31 08:36:44
122.165.207.151	attackspambots	Jan 31 00:18:41 game-panel sshd[14829]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.165.207.151 Jan 31 00:18:43 game-panel sshd[14829]: Failed password for invalid user shweta from 122.165.207.151 port 57762 ssh2 Jan 31 00:22:33 game-panel sshd[14970]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.165.207.151	2020-01-31 08:51:44
197.241.12.75	attackbotsspam	Chat Spam	2020-01-31 08:35:11
49.88.112.113	attackbots	Jan 30 19:28:27 plusreed sshd[27363]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.113 user=root Jan 30 19:28:29 plusreed sshd[27363]: Failed password for root from 49.88.112.113 port 29362 ssh2 ...	2020-01-31 08:31:30
190.73.41.30	attackspam	Honeypot attack, port: 445, PTR: 190.73-41-30.dyn.dsl.cantv.net.	2020-01-31 08:44:44
51.15.4.86	attackbots	Jan 30 14:43:24 eddieflores sshd\[25719\]: Invalid user aman from 51.15.4.86 Jan 30 14:43:24 eddieflores sshd\[25719\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.15.4.86 Jan 30 14:43:26 eddieflores sshd\[25719\]: Failed password for invalid user aman from 51.15.4.86 port 39154 ssh2 Jan 30 14:46:07 eddieflores sshd\[25993\]: Invalid user eshana from 51.15.4.86 Jan 30 14:46:07 eddieflores sshd\[25993\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.15.4.86	2020-01-31 08:54:35
148.66.132.190	attackbotsspam	SSH Login Bruteforce	2020-01-31 08:59:26
112.196.8.234	attackbotsspam	Jan 30 21:36:13 prox sshd[8696]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.196.8.234 Jan 30 21:36:16 prox sshd[8696]: Failed password for invalid user admina from 112.196.8.234 port 55671 ssh2	2020-01-31 08:53:24
176.31.244.63	attack	Jan 31 01:21:54 lnxded63 sshd[16714]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.31.244.63	2020-01-31 08:41:44
77.85.25.226	attackspam	Honeypot attack, port: 5555, PTR: 77-85-25-226.ip.btc-net.bg.	2020-01-31 08:51:29
5.15.141.120	attackspam	Honeypot attack, port: 4567, PTR: 5-15-141-120.residential.rdsnet.ro.	2020-01-31 08:57:41
190.77.126.54	attackspam	Honeypot attack, port: 445, PTR: 190-77-126-54.dyn.dsl.cantv.net.	2020-01-31 08:58:01
34.80.177.141	attackbotsspam	Unauthorized connection attempt detected from IP address 34.80.177.141 to port 2220 [J]	2020-01-31 08:42:56
118.24.99.161	attackspam	Unauthorized connection attempt detected from IP address 118.24.99.161 to port 2220 [J]	2020-01-31 08:31:11

Recently Reported IPs

150.109.63.147	51.77.200.62	156.127.225.249	94.167.123.168
47.124.76.110	169.128.202.36	20.128.194.157	5.224.220.251
55.224.13.8	43.140.244.146	253.176.5.196	207.192.231.190
163.53.20.111	143.78.122.83	171.231.244.180	239.218.197.227
105.95.46.211	189.94.146.158	83.178.172.159	158.162.122.96