192.99.244.45 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Canada

Internet Service Provider: OVH Hosting Inc.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	TCP (SYN) 192.99.244.45:47115 -> port 3389, len 40	2020-08-15 22:20:59

Comments on same subnet:

IP	Type	Details	Datetime
192.99.244.225	attack	SSH Brute-Forcing (server1)	2020-06-18 18:40:46
192.99.244.225	attack	detected by Fail2Ban	2020-06-17 00:18:09
192.99.244.225	attackbotsspam	Jun 14 06:26:53 lanister sshd[16241]: Invalid user zabbix from 192.99.244.225 Jun 14 06:26:53 lanister sshd[16241]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.99.244.225 Jun 14 06:26:53 lanister sshd[16241]: Invalid user zabbix from 192.99.244.225 Jun 14 06:26:56 lanister sshd[16241]: Failed password for invalid user zabbix from 192.99.244.225 port 33874 ssh2	2020-06-14 20:23:45
192.99.244.225	attack	Jun 13 14:04:56 dignus sshd[17471]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.99.244.225 user=root Jun 13 14:04:58 dignus sshd[17471]: Failed password for root from 192.99.244.225 port 34506 ssh2 Jun 13 14:08:36 dignus sshd[17803]: Invalid user admin from 192.99.244.225 port 52596 Jun 13 14:08:36 dignus sshd[17803]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.99.244.225 Jun 13 14:08:38 dignus sshd[17803]: Failed password for invalid user admin from 192.99.244.225 port 52596 ssh2 ...	2020-06-14 06:08:39
192.99.244.225	attackbots	Jun 13 09:24:11 ns382633 sshd\[1017\]: Invalid user laravel from 192.99.244.225 port 34212 Jun 13 09:24:11 ns382633 sshd\[1017\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.99.244.225 Jun 13 09:24:13 ns382633 sshd\[1017\]: Failed password for invalid user laravel from 192.99.244.225 port 34212 ssh2 Jun 13 09:34:09 ns382633 sshd\[2984\]: Invalid user xiewenjing from 192.99.244.225 port 42610 Jun 13 09:34:09 ns382633 sshd\[2984\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.99.244.225	2020-06-13 17:08:11
192.99.244.225	attack	2020-06-11T21:00:53+0200 Failed SSH Authentication/Brute Force Attack.(Server 2)	2020-06-12 04:33:28
192.99.244.225	attack	Jun 10 23:38:42 legacy sshd[23091]: Failed password for root from 192.99.244.225 port 40462 ssh2 Jun 10 23:42:49 legacy sshd[23274]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.99.244.225 Jun 10 23:42:51 legacy sshd[23274]: Failed password for invalid user yuanwd from 192.99.244.225 port 34592 ssh2 ...	2020-06-11 05:57:17
192.99.244.225	attackbots	detected by Fail2Ban	2020-06-04 14:12:12
192.99.244.225	attackbots	Invalid user renata from 192.99.244.225 port 36116	2020-05-30 20:13:22
192.99.244.225	attackspam	ssh brute force	2020-05-25 13:23:00
192.99.244.225	attack	May 20 20:26:31 ArkNodeAT sshd\[8379\]: Invalid user iab from 192.99.244.225 May 20 20:26:31 ArkNodeAT sshd\[8379\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.99.244.225 May 20 20:26:33 ArkNodeAT sshd\[8379\]: Failed password for invalid user iab from 192.99.244.225 port 42422 ssh2	2020-05-21 02:38:34
192.99.244.225	attack	May 15 00:41:57 vps639187 sshd\[24808\]: Invalid user testftp from 192.99.244.225 port 35828 May 15 00:41:57 vps639187 sshd\[24808\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.99.244.225 May 15 00:42:00 vps639187 sshd\[24808\]: Failed password for invalid user testftp from 192.99.244.225 port 35828 ssh2 ...	2020-05-15 06:56:46
192.99.244.225	attackspambots	May 11 22:46:11 ns382633 sshd\[8965\]: Invalid user admin from 192.99.244.225 port 49380 May 11 22:46:11 ns382633 sshd\[8965\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.99.244.225 May 11 22:46:13 ns382633 sshd\[8965\]: Failed password for invalid user admin from 192.99.244.225 port 49380 ssh2 May 11 22:55:22 ns382633 sshd\[10627\]: Invalid user alvin from 192.99.244.225 port 53024 May 11 22:55:22 ns382633 sshd\[10627\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.99.244.225	2020-05-12 07:09:30
192.99.244.225	attackspambots	Apr 4 22:13:00 ks10 sshd[2532827]: Failed password for root from 192.99.244.225 port 42356 ssh2 ...	2020-04-05 06:08:03
192.99.244.225	attackspam	Mar 29 07:40:00 askasleikir sshd[105299]: Failed password for invalid user srs from 192.99.244.225 port 52354 ssh2 Mar 29 07:19:53 askasleikir sshd[104337]: Failed password for invalid user fyjiang from 192.99.244.225 port 55904 ssh2 Mar 29 07:35:15 askasleikir sshd[105081]: Failed password for invalid user shenhao from 192.99.244.225 port 39318 ssh2	2020-03-30 01:47:35

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 192.99.244.45
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58307
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;192.99.244.45.			IN	A

;; AUTHORITY SECTION:
.			463	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020081500 1800 900 604800 86400

;; Query time: 29 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Aug 15 22:20:55 CST 2020
;; MSG SIZE  rcvd: 117

Host info

45.244.99.192.in-addr.arpa domain name pointer 45.ip-192-99-244.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
45.244.99.192.in-addr.arpa	name = 45.ip-192-99-244.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
81.84.249.147	attackspambots	Jun 24 14:40:27 srv-ubuntu-dev3 sshd[70260]: Invalid user xyj from 81.84.249.147 Jun 24 14:40:27 srv-ubuntu-dev3 sshd[70260]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.84.249.147 Jun 24 14:40:27 srv-ubuntu-dev3 sshd[70260]: Invalid user xyj from 81.84.249.147 Jun 24 14:40:29 srv-ubuntu-dev3 sshd[70260]: Failed password for invalid user xyj from 81.84.249.147 port 41144 ssh2 Jun 24 14:44:35 srv-ubuntu-dev3 sshd[70873]: Invalid user mongodb from 81.84.249.147 Jun 24 14:44:35 srv-ubuntu-dev3 sshd[70873]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.84.249.147 Jun 24 14:44:35 srv-ubuntu-dev3 sshd[70873]: Invalid user mongodb from 81.84.249.147 Jun 24 14:44:38 srv-ubuntu-dev3 sshd[70873]: Failed password for invalid user mongodb from 81.84.249.147 port 40738 ssh2 Jun 24 14:48:54 srv-ubuntu-dev3 sshd[71608]: Invalid user toor from 81.84.249.147 ...	2020-06-25 00:17:46
41.231.54.59	attackbots	41.231.54.59 - - [24/Jun/2020:15:57:28 +0200] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 41.231.54.59 - - [24/Jun/2020:15:57:29 +0200] "POST /wp-login.php HTTP/1.1" 200 2031 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 41.231.54.59 - - [24/Jun/2020:15:57:29 +0200] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 41.231.54.59 - - [24/Jun/2020:15:57:29 +0200] "POST /wp-login.php HTTP/1.1" 200 2030 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 41.231.54.59 - - [24/Jun/2020:15:57:29 +0200] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 41.231.54.59 - - [24/Jun/2020:15:57:29 +0200] "POST /wp-login.php HTTP/1.1" 200 2030 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/6 ...	2020-06-25 00:48:02
202.158.123.42	attackbotsspam	Jun 24 18:02:15 PorscheCustomer sshd[23610]: Failed password for root from 202.158.123.42 port 39698 ssh2 Jun 24 18:06:38 PorscheCustomer sshd[23736]: Failed password for root from 202.158.123.42 port 36050 ssh2 ...	2020-06-25 00:16:55
159.89.207.85	attackspambots	Jun 24 16:12:41 sigma sshd\[10792\]: Invalid user rick from 159.89.207.85Jun 24 16:12:43 sigma sshd\[10792\]: Failed password for invalid user rick from 159.89.207.85 port 7210 ssh2 ...	2020-06-25 00:32:28
45.227.253.58	attackbotsspam	SQL Injection	2020-06-25 00:33:15
192.241.229.54	attack	24-6-2020 14:05:28 Unauthorized connection attempt (Brute-Force). 24-6-2020 14:05:28 Connection from IP address: 192.241.229.54 on port: 110 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=192.241.229.54	2020-06-25 00:47:21
222.186.42.137	attackspambots	sshd jail - ssh hack attempt	2020-06-25 00:25:16
51.15.180.70	attackspam	51.15.180.70 - - [24/Jun/2020:15:12:22 +0100] "POST /wp-login.php HTTP/1.1" 200 2213 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 51.15.180.70 - - [24/Jun/2020:15:12:23 +0100] "POST /wp-login.php HTTP/1.1" 200 2258 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 51.15.180.70 - - [24/Jun/2020:15:12:23 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-06-25 00:45:29
161.35.15.136	attackspam	Lines containing failures of 161.35.15.136 Jun 24 13:39:13 shared09 sshd[25279]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=161.35.15.136 user=r.r Jun 24 13:39:15 shared09 sshd[25279]: Failed password for r.r from 161.35.15.136 port 38730 ssh2 Jun 24 13:39:15 shared09 sshd[25279]: Received disconnect from 161.35.15.136 port 38730:11: Bye Bye [preauth] Jun 24 13:39:15 shared09 sshd[25279]: Disconnected from authenticating user r.r 161.35.15.136 port 38730 [preauth] Jun 24 13:43:07 shared09 sshd[26821]: Invalid user hudson from 161.35.15.136 port 40492 Jun 24 13:43:07 shared09 sshd[26821]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=161.35.15.136 Jun 24 13:43:08 shared09 sshd[26821]: Failed password for invalid user hudson from 161.35.15.136 port 40492 ssh2 Jun 24 13:43:08 shared09 sshd[26821]: Received disconnect from 161.35.15.136 port 40492:11: Bye Bye [preauth] Jun 24 13:43:08 sha........ ------------------------------	2020-06-25 00:40:09
85.56.176.64	attackspambots	[portscan] Port scan	2020-06-25 00:12:12
192.144.183.188	attackbots	Jun 24 15:02:24 *** sshd[15252]: Invalid user deploy from 192.144.183.188	2020-06-25 00:20:35
51.91.177.246	attack	Scanned 311 unique addresses for 2 unique TCP ports in 24 hours (ports 24296,24902)	2020-06-25 00:43:52
94.132.133.107	attack	Lines containing failures of 94.132.133.107 Jun 24 13:45:41 kopano postfix/smtpd[25117]: connect from a94-132-133-107.cpe.netcabo.pt[94.132.133.107] Jun x@x Jun 24 13:45:41 kopano postfix/smtpd[25117]: lost connection after DATA from a94-132-133-107.cpe.netcabo.pt[94.132.133.107] Jun 24 13:45:41 kopano postfix/smtpd[25117]: disconnect from a94-132-133-107.cpe.netcabo.pt[94.132.133.107] ehlo=1 mail=1 rcpt=0/1 data=0/1 commands=2/4 Jun 24 13:45:47 kopano postfix/smtpd[25117]: connect from a94-132-133-107.cpe.netcabo.pt[94.132.133.107] Jun x@x Jun 24 13:45:48 kopano postfix/smtpd[25117]: lost connection after DATA from a94-132-133-107.cpe.netcabo.pt[94.132.133.107] Jun 24 13:45:48 kopano postfix/smtpd[25117]: disconnect from a94-132-133-107.cpe.netcabo.pt[94.132.133.107] ehlo=1 mail=1 rcpt=0/1 data=0/1 commands=2/4 Jun 24 13:45:52 kopano postfix/smtpd[25117]: connect from a94-132-133-107.cpe.netcabo.pt[94.132.133.107] Jun x@x Jun 24 13:45:52 kopano postfix/smtpd[25117]: los........ ------------------------------	2020-06-25 00:49:33
69.163.144.78	attackspambots	69.163.144.78 - - [24/Jun/2020:14:28:06 +0200] "GET /wp-login.php HTTP/1.1" 200 6060 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 69.163.144.78 - - [24/Jun/2020:14:28:07 +0200] "POST /wp-login.php HTTP/1.1" 200 6311 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 69.163.144.78 - - [24/Jun/2020:14:28:09 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-06-25 00:25:42
198.211.108.68	attack	198.211.108.68 - - [24/Jun/2020:13:41:09 +0100] "POST /wp-login.php HTTP/1.1" 200 1968 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 198.211.108.68 - - [24/Jun/2020:13:41:10 +0100] "POST /wp-login.php HTTP/1.1" 200 1972 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 198.211.108.68 - - [24/Jun/2020:13:41:11 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-06-25 00:48:20

Recently Reported IPs

83.20.43.106	167.58.240.138	61.27.185.159	93.8.160.179
176.202.128.8	159.65.239.34	45.167.9.189	117.202.93.231
54.90.37.91	107.54.33.152	196.247.31.165	71.112.158.35
183.245.117.154	179.49.20.50	45.83.67.157	75.82.233.30
44.253.79.3	187.167.195.62	175.138.172.14	57.139.160.209