201.22.74.99 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Brazil

Internet Service Provider: Vivo S.A.

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	2020-05-09T23:46:17.6846741495-001 sshd[6436]: Failed password for invalid user az from 201.22.74.99 port 42638 ssh2 2020-05-09T23:48:46.0423811495-001 sshd[6492]: Invalid user user3 from 201.22.74.99 port 49098 2020-05-09T23:48:46.0454421495-001 sshd[6492]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.22.74.99.static.gvt.net.br 2020-05-09T23:48:46.0423811495-001 sshd[6492]: Invalid user user3 from 201.22.74.99 port 49098 2020-05-09T23:48:48.0054691495-001 sshd[6492]: Failed password for invalid user user3 from 201.22.74.99 port 49098 ssh2 2020-05-09T23:51:23.7437291495-001 sshd[6623]: Invalid user sjx from 201.22.74.99 port 55558 ...	2020-05-10 12:30:33
attackspambots	May 3 16:18:39 tuxlinux sshd[48528]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.22.74.99 user=root May 3 16:18:42 tuxlinux sshd[48528]: Failed password for root from 201.22.74.99 port 41276 ssh2 May 3 16:18:39 tuxlinux sshd[48528]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.22.74.99 user=root May 3 16:18:42 tuxlinux sshd[48528]: Failed password for root from 201.22.74.99 port 41276 ssh2 May 3 16:34:02 tuxlinux sshd[48878]: Invalid user ls from 201.22.74.99 port 50708 ...	2020-05-03 23:07:45
attack	Apr 28 13:11:12 l03 sshd[1102]: Invalid user noc from 201.22.74.99 port 36792 ...	2020-04-29 00:32:20
attackspambots	Apr 26 03:53:39 124388 sshd[10991]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.22.74.99 Apr 26 03:53:39 124388 sshd[10991]: Invalid user user from 201.22.74.99 port 42034 Apr 26 03:53:41 124388 sshd[10991]: Failed password for invalid user user from 201.22.74.99 port 42034 ssh2 Apr 26 03:56:41 124388 sshd[11008]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.22.74.99 user=root Apr 26 03:56:43 124388 sshd[11008]: Failed password for root from 201.22.74.99 port 57578 ssh2	2020-04-26 12:38:12
attackspam	Apr 21 12:36:57 IngegnereFirenze sshd[14816]: Failed password for invalid user za from 201.22.74.99 port 48326 ssh2 ...	2020-04-21 23:03:22

Comments on same subnet:

IP	Type	Details	Datetime
201.22.74.28	attackbots	9001/tcp 23/tcp 2323/tcp... [2019-11-05/12-12]5pkt,3pt.(tcp)	2019-12-12 23:11:56
201.22.74.28	attack	Automatic report - Port Scan Attack	2019-10-02 08:32:38
201.22.74.28	attackbots	Automatic report - Port Scan Attack	2019-07-28 20:54:45

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 201.22.74.99
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 45331
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;201.22.74.99.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020042100 1800 900 604800 86400

;; Query time: 49 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Apr 21 23:03:17 CST 2020
;; MSG SIZE  rcvd: 116

Host info

99.74.22.201.in-addr.arpa domain name pointer 201.22.74.99.static.gvt.net.br.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
99.74.22.201.in-addr.arpa	name = 201.22.74.99.static.gvt.net.br.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
212.19.134.49	attackspam	Fail2Ban - SSH Bruteforce Attempt	2020-04-03 22:44:04
113.25.116.191	attackbotsspam	trying to access non-authorized port	2020-04-03 22:01:45
68.183.12.80	attackbotsspam	Apr 3 15:14:11 prox sshd[9044]: Failed password for root from 68.183.12.80 port 37638 ssh2	2020-04-03 22:54:33
141.98.10.137	attackspambots	Apr 3 16:42:54 srv01 postfix/smtpd\[8227\]: warning: unknown\[141.98.10.137\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 3 16:45:24 srv01 postfix/smtpd\[8931\]: warning: unknown\[141.98.10.137\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 3 16:46:20 srv01 postfix/smtpd\[8227\]: warning: unknown\[141.98.10.137\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 3 16:46:40 srv01 postfix/smtpd\[8931\]: warning: unknown\[141.98.10.137\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 3 16:51:26 srv01 postfix/smtpd\[8227\]: warning: unknown\[141.98.10.137\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-04-03 22:52:57
52.89.111.6	attackbotsspam	Apr 3 15:09:44 ns382633 sshd\[6909\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.89.111.6 user=root Apr 3 15:09:45 ns382633 sshd\[6909\]: Failed password for root from 52.89.111.6 port 34446 ssh2 Apr 3 15:23:39 ns382633 sshd\[9859\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.89.111.6 user=root Apr 3 15:23:40 ns382633 sshd\[9859\]: Failed password for root from 52.89.111.6 port 59680 ssh2 Apr 3 15:27:43 ns382633 sshd\[10775\]: Invalid user ce from 52.89.111.6 port 43940 Apr 3 15:27:43 ns382633 sshd\[10775\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.89.111.6	2020-04-03 22:24:19
218.92.0.203	attackspambots	2020-04-03T10:34:57.953886xentho-1 sshd[277566]: Failed password for root from 218.92.0.203 port 37484 ssh2 2020-04-03T10:34:55.646113xentho-1 sshd[277566]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.203 user=root 2020-04-03T10:34:57.953886xentho-1 sshd[277566]: Failed password for root from 218.92.0.203 port 37484 ssh2 2020-04-03T10:35:01.615652xentho-1 sshd[277566]: Failed password for root from 218.92.0.203 port 37484 ssh2 2020-04-03T10:34:55.646113xentho-1 sshd[277566]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.203 user=root 2020-04-03T10:34:57.953886xentho-1 sshd[277566]: Failed password for root from 218.92.0.203 port 37484 ssh2 2020-04-03T10:35:01.615652xentho-1 sshd[277566]: Failed password for root from 218.92.0.203 port 37484 ssh2 2020-04-03T10:35:04.145592xentho-1 sshd[277566]: Failed password for root from 218.92.0.203 port 37484 ssh2 2020-04-03T10:36:43.742747xent ...	2020-04-03 22:43:48
185.41.207.45	attackbots	Attempt to attack host OS, exploiting network vulnerabilities, on 03-04-2020 14:00:11.	2020-04-03 22:17:15
87.250.224.91	attackspam	[Fri Apr 03 19:59:42.870077 2020] [:error] [pid 29063:tid 139818263267072] [client 87.250.224.91:42633] [client 87.250.224.91] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "XoczPgH6UiYbFB0fbPM2DgAAAtE"] ...	2020-04-03 22:50:47
125.26.15.28	attack	SSH bruteforce (Triggered fail2ban)	2020-04-03 22:50:16
162.243.129.170	attackbotsspam	Honeypot hit: [2020-04-03 15:59:59 +0300] Connected from 162.243.129.170 to (HoneypotIP):143	2020-04-03 22:37:51
111.231.142.160	attack	Apr 3 15:58:12 raspberrypi sshd[23256]: Failed password for root from 111.231.142.160 port 34974 ssh2	2020-04-03 22:36:11
36.71.234.186	attackbotsspam	Unauthorized connection attempt from IP address 36.71.234.186 on Port 445(SMB)	2020-04-03 22:12:58
51.178.29.191	attackspambots	Apr 3 09:56:14 vps46666688 sshd[9329]: Failed password for root from 51.178.29.191 port 54364 ssh2 ...	2020-04-03 22:11:47
187.50.124.218	attackbots	Unauthorized connection attempt from IP address 187.50.124.218 on Port 445(SMB)	2020-04-03 22:05:37
142.93.204.89	attackspam	Apr 3 14:41:45 XXX sshd[39784]: Invalid user ubnt from 142.93.204.89 port 42676	2020-04-03 22:35:37

Recently Reported IPs

129.213.104.151	128.199.36.177	128.199.33.157	122.224.217.43
31.115.132.170	120.53.0.166	45.159.198.89	154.103.222.204
116.255.172.200	115.167.123.192	113.183.102.84	113.174.173.207
113.125.117.57	110.77.159.90	102.140.138.213	91.193.102.10
85.192.177.140	83.61.242.136	80.241.218.50	77.37.162.17