192.99.116.11 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Canada

Internet Service Provider: Private Customer

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	CloudCIX Reconnaissance Scan Detected, PTR: ip11.ip-192-99-116.net.	2019-07-30 05:22:22
attackspam	Unauthorized connection attempt from IP address 192.99.116.11 on Port 3389(RDP)	2019-07-07 04:37:29
attackbotsspam	CloudCIX Reconnaissance Scan Detected, PTR: ip11.ip-192-99-116.net.	2019-07-05 05:52:34

Type

Details

Datetime

attackspambots

CloudCIX Reconnaissance Scan Detected, PTR: ip11.ip-192-99-116.net.

2019-07-30 05:22:22

attackspam

Unauthorized connection attempt from IP address 192.99.116.11 on Port 3389(RDP)

2019-07-07 04:37:29

attackbotsspam

CloudCIX Reconnaissance Scan Detected, PTR: ip11.ip-192-99-116.net.

2019-07-05 05:52:34

Comments on same subnet:

IP	Type	Details	Datetime
192.99.116.132	attack	Jun 2 22:22:06 localhost sshd\[19341\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.99.116.132 user=root Jun 2 22:22:08 localhost sshd\[19341\]: Failed password for root from 192.99.116.132 port 55086 ssh2 Jun 2 22:25:19 localhost sshd\[19629\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.99.116.132 user=root Jun 2 22:25:21 localhost sshd\[19629\]: Failed password for root from 192.99.116.132 port 60218 ssh2 Jun 2 22:28:42 localhost sshd\[19730\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.99.116.132 user=root ...	2020-06-03 04:44:32
192.99.116.132	attackbots	May 31 22:23:23 mail sshd\[18467\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.99.116.132 user=root May 31 22:23:24 mail sshd\[18467\]: Failed password for root from 192.99.116.132 port 41536 ssh2 May 31 22:26:26 mail sshd\[18477\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.99.116.132 user=root ...	2020-06-01 04:57:09

Type

Details

Datetime

192.99.116.132

attack

Jun  2 22:22:06 localhost sshd\[19341\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.99.116.132  user=root
Jun  2 22:22:08 localhost sshd\[19341\]: Failed password for root from 192.99.116.132 port 55086 ssh2
Jun  2 22:25:19 localhost sshd\[19629\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.99.116.132  user=root
Jun  2 22:25:21 localhost sshd\[19629\]: Failed password for root from 192.99.116.132 port 60218 ssh2
Jun  2 22:28:42 localhost sshd\[19730\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.99.116.132  user=root
...

2020-06-03 04:44:32

192.99.116.132

attackbots

May 31 22:23:23 mail sshd\[18467\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.99.116.132  user=root
May 31 22:23:24 mail sshd\[18467\]: Failed password for root from 192.99.116.132 port 41536 ssh2
May 31 22:26:26 mail sshd\[18477\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.99.116.132  user=root
...

2020-06-01 04:57:09

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 192.99.116.11
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 53332
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;192.99.116.11.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019070401 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Jul 05 05:52:29 CST 2019
;; MSG SIZE  rcvd: 117

Host info

11.116.99.192.in-addr.arpa domain name pointer ip11.ip-192-99-116.net.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
11.116.99.192.in-addr.arpa	name = ip11.ip-192-99-116.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
153.36.236.35	attackspambots	Sep 16 11:26:45 server2 sshd\[8592\]: User root from 153.36.236.35 not allowed because not listed in AllowUsers Sep 16 11:26:48 server2 sshd\[8594\]: User root from 153.36.236.35 not allowed because not listed in AllowUsers Sep 16 11:26:53 server2 sshd\[8598\]: User root from 153.36.236.35 not allowed because not listed in AllowUsers Sep 16 11:36:08 server2 sshd\[9266\]: User root from 153.36.236.35 not allowed because not listed in AllowUsers Sep 16 11:36:08 server2 sshd\[9265\]: User root from 153.36.236.35 not allowed because not listed in AllowUsers Sep 16 11:36:08 server2 sshd\[9271\]: User root from 153.36.236.35 not allowed because not listed in AllowUsers Sep 16 11:36:08 server2 sshd\[9273\]: User root from 153.36.236.35 not allowed because not listed in AllowUsers Sep 16 11:36:08 server2 sshd\[9269\]: User root from 153.36.236.35 not allowed because not listed in AllowUsers	2019-09-16 16:45:36
104.248.148.34	attackspam	Sep 8 18:39:32 vpxxxxxxx22308 sshd[14182]: Invalid user rtest from 104.248.148.34 Sep 8 18:39:32 vpxxxxxxx22308 sshd[14182]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.148.34 Sep 8 18:39:34 vpxxxxxxx22308 sshd[14182]: Failed password for invalid user rtest from 104.248.148.34 port 54336 ssh2 Sep 8 18:49:04 vpxxxxxxx22308 sshd[15625]: Invalid user ts3server from 104.248.148.34 Sep 8 18:49:04 vpxxxxxxx22308 sshd[15625]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.148.34 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=104.248.148.34	2019-09-16 17:22:56
171.224.8.27	attackbotsspam	Sep 16 04:58:29 master sshd[25966]: Failed password for invalid user admin from 171.224.8.27 port 53680 ssh2	2019-09-16 17:10:09
80.70.102.134	attackbotsspam	F2B jail: sshd. Time: 2019-09-16 11:02:54, Reported by: VKReport	2019-09-16 17:08:46
106.12.28.36	attack	Sep 15 22:26:18 tdfoods sshd\[5057\]: Invalid user newadmin from 106.12.28.36 Sep 15 22:26:18 tdfoods sshd\[5057\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.28.36 Sep 15 22:26:20 tdfoods sshd\[5057\]: Failed password for invalid user newadmin from 106.12.28.36 port 54136 ssh2 Sep 15 22:29:29 tdfoods sshd\[5347\]: Invalid user dietpi from 106.12.28.36 Sep 15 22:29:29 tdfoods sshd\[5347\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.28.36	2019-09-16 16:58:20
83.174.223.160	attackbotsspam	Sep 16 15:24:40 itv-usvr-01 sshd[26054]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=83.174.223.160 user=root Sep 16 15:24:41 itv-usvr-01 sshd[26054]: Failed password for root from 83.174.223.160 port 49147 ssh2 Sep 16 15:28:47 itv-usvr-01 sshd[26219]: Invalid user dante from 83.174.223.160 Sep 16 15:28:47 itv-usvr-01 sshd[26219]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=83.174.223.160 Sep 16 15:28:47 itv-usvr-01 sshd[26219]: Invalid user dante from 83.174.223.160 Sep 16 15:28:49 itv-usvr-01 sshd[26219]: Failed password for invalid user dante from 83.174.223.160 port 39359 ssh2	2019-09-16 17:24:29
218.98.40.135	attackspambots	Sep 8 18:26:55 vpxxxxxxx22308 sshd[12925]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.98.40.135 user=r.r Sep 8 18:26:56 vpxxxxxxx22308 sshd[12925]: Failed password for r.r from 218.98.40.135 port 30176 ssh2 Sep 8 18:26:58 vpxxxxxxx22308 sshd[12925]: Failed password for r.r from 218.98.40.135 port 30176 ssh2 Sep 8 18:27:01 vpxxxxxxx22308 sshd[12925]: Failed password for r.r from 218.98.40.135 port 30176 ssh2 Sep 8 18:36:41 vpxxxxxxx22308 sshd[13948]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.98.40.135 user=r.r ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=218.98.40.135	2019-09-16 16:59:11
81.22.45.25	attack	09/16/2019-04:28:55.791815 81.22.45.25 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-09-16 17:04:08
159.65.146.232	attackbotsspam	Sep 15 23:14:39 lcdev sshd\[21541\]: Invalid user pat from 159.65.146.232 Sep 15 23:14:39 lcdev sshd\[21541\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.146.232 Sep 15 23:14:41 lcdev sshd\[21541\]: Failed password for invalid user pat from 159.65.146.232 port 39942 ssh2 Sep 15 23:18:51 lcdev sshd\[21918\]: Invalid user changeme from 159.65.146.232 Sep 15 23:18:51 lcdev sshd\[21918\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.146.232	2019-09-16 17:22:20
45.136.109.31	attackbots	Sep 16 10:21:59 mc1 kernel: \[1172668.431942\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=45.136.109.31 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=42521 PROTO=TCP SPT=55850 DPT=588 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 16 10:22:06 mc1 kernel: \[1172675.984983\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=45.136.109.31 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=49690 PROTO=TCP SPT=55850 DPT=662 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 16 10:29:24 mc1 kernel: \[1173114.093369\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=45.136.109.31 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=16274 PROTO=TCP SPT=55850 DPT=793 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-09-16 17:01:49
103.3.226.230	attack	Sep 16 10:56:53 vps01 sshd[9034]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.3.226.230 Sep 16 10:56:55 vps01 sshd[9034]: Failed password for invalid user piao from 103.3.226.230 port 33846 ssh2	2019-09-16 16:59:46
202.101.194.242	attackspam	SMB Server BruteForce Attack	2019-09-16 17:02:37
174.138.27.11	attackspam	Sep 16 12:00:07 www sshd\[26002\]: Invalid user rhtvybq2014 from 174.138.27.11 Sep 16 12:00:07 www sshd\[26002\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.27.11 Sep 16 12:00:10 www sshd\[26002\]: Failed password for invalid user rhtvybq2014 from 174.138.27.11 port 57262 ssh2 ...	2019-09-16 17:03:37
185.246.75.146	attackspambots	Sep 16 11:21:01 microserver sshd[32870]: Invalid user serverpilot from 185.246.75.146 port 35996 Sep 16 11:21:01 microserver sshd[32870]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.246.75.146 Sep 16 11:21:04 microserver sshd[32870]: Failed password for invalid user serverpilot from 185.246.75.146 port 35996 ssh2 Sep 16 11:26:43 microserver sshd[33575]: Invalid user suge from 185.246.75.146 port 50562 Sep 16 11:26:43 microserver sshd[33575]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.246.75.146 Sep 16 11:37:27 microserver sshd[35020]: Invalid user UMEOX from 185.246.75.146 port 51552 Sep 16 11:37:27 microserver sshd[35020]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.246.75.146 Sep 16 11:37:28 microserver sshd[35020]: Failed password for invalid user UMEOX from 185.246.75.146 port 51552 ssh2 Sep 16 11:42:51 microserver sshd[35726]: Invalid user norby from 185.246.75.	2019-09-16 16:51:00
211.247.16.206	attackbots	Sep 16 05:39:58 master sshd[26029]: Failed password for root from 211.247.16.206 port 35386 ssh2 Sep 16 05:40:02 master sshd[26029]: Failed password for root from 211.247.16.206 port 35386 ssh2 Sep 16 05:40:05 master sshd[26029]: Failed password for root from 211.247.16.206 port 35386 ssh2	2019-09-16 16:57:30

Recently Reported IPs

125.172.166.11	60.180.5.88	54.36.148.171	190.184.205.242
116.237.27.46	182.61.163.232	58.113.176.227	103.27.237.154
125.65.112.247	85.154.44.226	128.63.86.172	68.183.236.29
52.177.202.136	174.171.180.44	248.221.200.123	34.110.103.112
11.7.50.55	188.254.106.186	103.226.119.174	142.93.219.126