45.11.99.172 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Turkey

Internet Service Provider: Cibra Internet Hizmetleri ve Bilisim Teknolojileri

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	From returns@onlinecoteseguro.live Mon Apr 27 00:57:58 2020 Received: from mega-mx5.onlinecoteseguro.live ([45.11.99.172]:50185)	2020-04-27 13:39:50

Comments on same subnet:

IP	Type	Details	Datetime
45.11.99.160	attackbots	From devolver@nochostleads.live Mon Aug 17 20:52:40 2020 Received: from nocmx7.nochostleads.live ([45.11.99.160]:56191)	2020-08-18 16:31:39
45.11.99.76	attack	From hardreturn@consultoriaplanos.live Wed Aug 12 09:40:18 2020 Received: from sultormx6.consultoriaplanos.live ([45.11.99.76]:46631)	2020-08-13 00:18:11
45.11.99.60	attackbotsspam	From failemail@ultramaster.live Mon Jul 27 00:56:57 2020 Received: from ultramx9.ultramaster.live ([45.11.99.60]:45339)	2020-07-27 12:08:17
45.11.99.166	attack	From bounces01@primeiroeunico.live Thu Jul 09 09:06:49 2020 Received: from unicomx4.primeiroeunico.live ([45.11.99.166]:34838)	2020-07-09 23:50:18
45.11.99.231	attackbotsspam	From infobounce@melhorplanoaqui.live Sat May 23 17:13:06 2020 Received: from [45.11.99.231] (port=56998 helo=melhormx9.melhorplanoaqui.live)	2020-05-24 07:02:19
45.11.99.200	attack	From back@saudeempresarial.live Mon May 11 00:47:15 2020 Received: from giga-mx2.saudeempresarial.live ([45.11.99.200]:37126)	2020-05-11 20:05:52
45.11.99.161	attackspambots	[ 📨 ] From devolvido@onlinecoteseguro.live Sun Apr 19 00:11:15 2020 Received: from mega-mx11.onlinecoteseguro.live ([45.11.99.161]:48896)	2020-05-09 14:07:15
45.11.99.227	attackbotsspam	From bounce01@melhorplanoaqui.live Fri May 01 08:48:35 2020 Received: from melhormx5.melhorplanoaqui.live ([45.11.99.227]:46270)	2020-05-01 23:35:41
45.11.99.164	attackbots	[ 📨 ] From devolvidos@onlinecoteseguro.live Fri Apr 17 00:56:48 2020 Received: from mega-mx2.onlinecoteseguro.live ([45.11.99.164]:59150)	2020-04-17 14:36:25
45.11.99.14	attackbots	SMTP try to deliver spam to harvested address.	2019-09-20 12:44:50

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.11.99.172
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 15537
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.11.99.172.			IN	A

;; AUTHORITY SECTION:
.			541	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020042601 1800 900 604800 86400

;; Query time: 89 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Apr 27 13:39:45 CST 2020
;; MSG SIZE  rcvd: 116

Host info

172.99.11.45.in-addr.arpa domain name pointer mega-mx5.onlinecoteseguro.live.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
172.99.11.45.in-addr.arpa	name = mega-mx5.onlinecoteseguro.live.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
78.97.179.51	attackbots	Unauthorized connection attempt detected from IP address 78.97.179.51 to port 23	2020-01-15 01:09:52
87.26.179.248	attackbotsspam	Unauthorized connection attempt from IP address 87.26.179.248 on Port 445(SMB)	2020-01-15 01:25:34
222.186.175.163	attack	2020-01-14T18:22:49.177716scmdmz1 sshd[12803]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.163 user=root 2020-01-14T18:22:51.587160scmdmz1 sshd[12803]: Failed password for root from 222.186.175.163 port 8770 ssh2 2020-01-14T18:22:54.302263scmdmz1 sshd[12803]: Failed password for root from 222.186.175.163 port 8770 ssh2 2020-01-14T18:22:49.177716scmdmz1 sshd[12803]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.163 user=root 2020-01-14T18:22:51.587160scmdmz1 sshd[12803]: Failed password for root from 222.186.175.163 port 8770 ssh2 2020-01-14T18:22:54.302263scmdmz1 sshd[12803]: Failed password for root from 222.186.175.163 port 8770 ssh2 2020-01-14T18:22:49.177716scmdmz1 sshd[12803]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.163 user=root 2020-01-14T18:22:51.587160scmdmz1 sshd[12803]: Failed password for root from 222.186.175.163 port 8770 ssh	2020-01-15 01:28:00
49.88.112.62	attackbots	Jan 14 18:18:48 vps647732 sshd[11336]: Failed password for root from 49.88.112.62 port 4499 ssh2 Jan 14 18:19:01 vps647732 sshd[11336]: error: maximum authentication attempts exceeded for root from 49.88.112.62 port 4499 ssh2 [preauth] ...	2020-01-15 01:24:37
144.217.7.155	attack	Jan 14 18:15:43 vps691689 sshd[32752]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.217.7.155 Jan 14 18:15:45 vps691689 sshd[32752]: Failed password for invalid user oracle from 144.217.7.155 port 47917 ssh2 Jan 14 18:16:07 vps691689 sshd[32759]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.217.7.155 ...	2020-01-15 01:29:40
202.142.151.162	attackbotsspam	Unauthorized connection attempt from IP address 202.142.151.162 on Port 445(SMB)	2020-01-15 01:03:32
86.141.97.52	attackbotsspam	ssh brute force	2020-01-15 01:09:20
115.68.220.10	attackspam	Jan 14 16:00:37 localhost sshd\[3037\]: Invalid user gao from 115.68.220.10 port 44948 Jan 14 16:00:37 localhost sshd\[3037\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.68.220.10 Jan 14 16:00:40 localhost sshd\[3037\]: Failed password for invalid user gao from 115.68.220.10 port 44948 ssh2 ...	2020-01-15 01:12:38
161.10.223.9	attackbotsspam	Unauthorized connection attempt from IP address 161.10.223.9 on Port 445(SMB)	2020-01-15 00:58:12
222.255.115.237	attackbotsspam	Jan 14 15:11:34 vmanager6029 sshd\[7273\]: Invalid user user from 222.255.115.237 port 60816 Jan 14 15:11:34 vmanager6029 sshd\[7273\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.255.115.237 Jan 14 15:11:35 vmanager6029 sshd\[7273\]: Failed password for invalid user user from 222.255.115.237 port 60816 ssh2	2020-01-15 01:03:11
92.118.161.57	attack	Unauthorized connection attempt detected from IP address 92.118.161.57 to port 5222 [J]	2020-01-15 01:04:07
59.52.36.190	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-01-15 01:36:31
45.143.223.8	attack	Jan 14 12:58:16 postfix/smtps/smtpd: warning: unknown[45.143.223.8]: SASL LOGIN authentication failed Jan 14 12:58:32 postfix/smtps/smtpd: warning: unknown[45.143.223.8]: SASL LOGIN authentication failed	2020-01-15 01:35:34
209.17.97.18	attackspambots	The IP has triggered Cloudflare WAF. CF-Ray: 554a99d7de5fe6c8 \| WAF_Rule_ID: ipr24 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: US \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: clash.skk.moe \| User-Agent: Mozilla/5.0 (compatible; Nimbostratus-Bot/v1.3.2; http://cloudsystemnetworks.com) \| CF_DC: EWR. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2020-01-15 01:14:26
14.160.187.206	attackspambots	Port 1433 Scan	2020-01-15 01:30:37

Recently Reported IPs

31.208.166.61	173.240.42.171	46.48.195.232	123.25.38.131
218.56.65.232	18.224.0.142	239.249.162.168	133.242.130.175
158.69.31.47	119.27.165.49	179.104.18.111	203.195.214.104
193.111.234.105	181.70.240.34	195.144.255.98	164.125.149.197
87.116.181.255	190.77.35.217	94.237.27.142	171.221.57.183