194.99.22.105 - IPInfo

Basic Info

City: Nuremberg

Region: Bavaria

Country: Germany

Internet Service Provider: MVPS Ltd

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	trying to access non-authorized port	2020-04-27 07:23:16

Comments on same subnet:

IP	Type	Details	Datetime
194.99.22.200	attackbots	TCP (SYN) 194.99.22.200:45530 -> port 23653, len 44	2020-05-25 17:31:04

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 194.99.22.105
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 40207
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;194.99.22.105.			IN	A

;; AUTHORITY SECTION:
.			420	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020042601 1800 900 604800 86400

;; Query time: 107 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Apr 27 07:23:13 CST 2020
;; MSG SIZE  rcvd: 117

Host info

105.22.99.194.in-addr.arpa domain name pointer no-reverse-yet.local.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
105.22.99.194.in-addr.arpa	name = no-reverse-yet.local.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
94.66.58.181	attackbotsspam	Autoban 94.66.58.181 AUTH/CONNECT	2019-09-24 02:35:28
159.65.6.57	attack	Sep 23 13:26:25 web8 sshd\[25027\]: Invalid user reggello from 159.65.6.57 Sep 23 13:26:25 web8 sshd\[25027\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.6.57 Sep 23 13:26:28 web8 sshd\[25027\]: Failed password for invalid user reggello from 159.65.6.57 port 51522 ssh2 Sep 23 13:31:13 web8 sshd\[27138\]: Invalid user lx from 159.65.6.57 Sep 23 13:31:13 web8 sshd\[27138\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.6.57	2019-09-24 02:16:34
186.18.108.3	attackbots	Sep 23 15:13:46 vtv3 sshd\[17245\]: Invalid user sublink from 186.18.108.3 port 37099 Sep 23 15:13:46 vtv3 sshd\[17245\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.18.108.3 Sep 23 15:13:48 vtv3 sshd\[17245\]: Failed password for invalid user sublink from 186.18.108.3 port 37099 ssh2 Sep 23 15:18:59 vtv3 sshd\[20298\]: Invalid user pankaj from 186.18.108.3 port 58254 Sep 23 15:18:59 vtv3 sshd\[20298\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.18.108.3 Sep 23 15:29:31 vtv3 sshd\[26175\]: Invalid user r_maner from 186.18.108.3 port 44097 Sep 23 15:29:31 vtv3 sshd\[26175\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.18.108.3 Sep 23 15:29:32 vtv3 sshd\[26175\]: Failed password for invalid user r_maner from 186.18.108.3 port 44097 ssh2 Sep 23 15:34:56 vtv3 sshd\[29061\]: Invalid user servercsgo from 186.18.108.3 port 37022 Sep 23 15:34:56 vtv3 sshd\[29061\]:	2019-09-24 02:48:40
185.175.93.104	attackbotsspam	09/23/2019-20:31:26.236564 185.175.93.104 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-09-24 02:33:08
86.35.42.74	attackspam	Sep 23 14:35:19 at sshd\[17400\]: Invalid user pi from 86.35.42.74 port 42288 Sep 23 14:35:19 at sshd\[17402\]: Invalid user pi from 86.35.42.74 port 42296 Sep 23 14:35:19 at sshd\[17400\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=86.35.42.74 Sep 23 14:35:19 at sshd\[17402\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=86.35.42.74 Sep 23 14:35:21 at sshd\[17400\]: Failed password for invalid user pi from 86.35.42.74 port 42288 ssh2 Sep 23 14:35:21 at sshd\[17402\]: Failed password for invalid user pi from 86.35.42.74 port 42296 ssh2 ...	2019-09-24 02:38:25
80.211.51.116	attack	Sep 23 21:29:51 webhost01 sshd[20524]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.51.116 Sep 23 21:29:53 webhost01 sshd[20524]: Failed password for invalid user user from 80.211.51.116 port 57330 ssh2 ...	2019-09-24 02:40:01
1.165.3.82	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/1.165.3.82/ TW - 1H : (2800) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : TW NAME ASN : ASN3462 IP : 1.165.3.82 CIDR : 1.165.0.0/16 PREFIX COUNT : 390 UNIQUE IP COUNT : 12267520 WYKRYTE ATAKI Z ASN3462 : 1H - 274 3H - 1100 6H - 2230 12H - 2703 24H - 2712 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-09-24 02:24:35
50.31.8.136	attack	50.31.8.136 - - [23/Sep/2019:08:16:30 -0400] "GET /?page=products&action=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd%00&manufacturerID=1&productID=6501.15M&linkID=3128 HTTP/1.1" 200 17216 "https://baldwinbrasshardware.com/?page=products&action=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd%00&manufacturerID=1&productID=6501.15M&linkID=3128" "Mozilla/5.0 (Windows NT 10.0; WOW64; Rv:50.0) Gecko/20100101 Firefox/50.0" ...	2019-09-24 02:35:57
23.129.64.162	attackbots	Sep 23 14:34:45 rotator sshd\[23371\]: Invalid user admin from 23.129.64.162Sep 23 14:34:47 rotator sshd\[23371\]: Failed password for invalid user admin from 23.129.64.162 port 11067 ssh2Sep 23 14:34:50 rotator sshd\[23371\]: Failed password for invalid user admin from 23.129.64.162 port 11067 ssh2Sep 23 14:34:53 rotator sshd\[23371\]: Failed password for invalid user admin from 23.129.64.162 port 11067 ssh2Sep 23 14:34:56 rotator sshd\[23371\]: Failed password for invalid user admin from 23.129.64.162 port 11067 ssh2Sep 23 14:34:58 rotator sshd\[23371\]: Failed password for invalid user admin from 23.129.64.162 port 11067 ssh2 ...	2019-09-24 02:48:10
199.254.238.216	attack	Sep 23 19:52:37 andromeda sshd\[28357\]: Invalid user sya from 199.254.238.216 port 58926 Sep 23 19:52:37 andromeda sshd\[28357\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.254.238.216 Sep 23 19:52:39 andromeda sshd\[28357\]: Failed password for invalid user sya from 199.254.238.216 port 58926 ssh2	2019-09-24 02:17:53
42.118.70.227	attackbotsspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/42.118.70.227/ VN - 1H : (382) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : VN NAME ASN : ASN18403 IP : 42.118.70.227 CIDR : 42.118.64.0/21 PREFIX COUNT : 2592 UNIQUE IP COUNT : 1397760 WYKRYTE ATAKI Z ASN18403 : 1H - 21 3H - 93 6H - 201 12H - 272 24H - 278 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-09-24 02:17:03
213.32.21.139	attackspambots	Sep 23 09:15:30 Tower sshd[26714]: Connection from 213.32.21.139 port 60870 on 192.168.10.220 port 22 Sep 23 09:15:33 Tower sshd[26714]: Invalid user temp from 213.32.21.139 port 60870 Sep 23 09:15:33 Tower sshd[26714]: error: Could not get shadow information for NOUSER Sep 23 09:15:33 Tower sshd[26714]: Failed password for invalid user temp from 213.32.21.139 port 60870 ssh2 Sep 23 09:15:34 Tower sshd[26714]: Received disconnect from 213.32.21.139 port 60870:11: Bye Bye [preauth] Sep 23 09:15:34 Tower sshd[26714]: Disconnected from invalid user temp 213.32.21.139 port 60870 [preauth]	2019-09-24 02:37:37
60.250.227.153	attackspambots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/60.250.227.153/ TW - 1H : (2803) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : TW NAME ASN : ASN3462 IP : 60.250.227.153 CIDR : 60.250.0.0/16 PREFIX COUNT : 390 UNIQUE IP COUNT : 12267520 WYKRYTE ATAKI Z ASN3462 : 1H - 277 3H - 1100 6H - 2231 12H - 2706 24H - 2715 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-09-24 02:13:46
148.70.216.213	attack	Sep 23 08:34:58 debian sshd\[22488\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.216.213 user=root Sep 23 08:35:00 debian sshd\[22488\]: Failed password for root from 148.70.216.213 port 47148 ssh2 Sep 23 08:35:02 debian sshd\[22490\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.216.213 user=root ...	2019-09-24 02:46:41
46.105.157.97	attack	Sep 23 18:11:50 venus sshd\[15775\]: Invalid user ubuntu12 from 46.105.157.97 port 45452 Sep 23 18:11:50 venus sshd\[15775\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.105.157.97 Sep 23 18:11:52 venus sshd\[15775\]: Failed password for invalid user ubuntu12 from 46.105.157.97 port 45452 ssh2 ...	2019-09-24 02:30:13

Recently Reported IPs

105.202.22.212	192.126.153.171	176.62.235.11	37.76.26.240
192.241.246.167	129.59.83.98	58.142.193.135	112.112.115.65
88.62.122.28	98.248.102.187	221.38.178.251	128.214.21.193
65.69.145.33	61.250.238.204	116.73.72.211	58.255.224.234
165.147.37.119	58.74.198.227	36.209.57.59	99.160.233.161