45.172.99.94 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Brazil

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
45.172.99.197	attackbots	Aug 16 05:35:57 mail.srvfarm.net postfix/smtps/smtpd[1890438]: warning: unknown[45.172.99.197]: SASL PLAIN authentication failed: Aug 16 05:35:57 mail.srvfarm.net postfix/smtps/smtpd[1890438]: lost connection after AUTH from unknown[45.172.99.197] Aug 16 05:36:46 mail.srvfarm.net postfix/smtps/smtpd[1888763]: warning: unknown[45.172.99.197]: SASL PLAIN authentication failed: Aug 16 05:36:47 mail.srvfarm.net postfix/smtps/smtpd[1888763]: lost connection after AUTH from unknown[45.172.99.197] Aug 16 05:40:15 mail.srvfarm.net postfix/smtps/smtpd[1907644]: warning: unknown[45.172.99.197]: SASL PLAIN authentication failed:	2020-08-16 12:34:00
45.172.99.31	attack	(smtpauth) Failed SMTP AUTH login from 45.172.99.31 (BR/Brazil/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-08-03 08:22:49 plain authenticator failed for ([45.172.99.31]) [45.172.99.31]: 535 Incorrect authentication data (set_id=info@atlaspumpsepahan.com)	2020-08-03 16:22:20
45.172.99.239	attack	Distributed brute force attack	2020-07-30 20:00:56

Type

Details

Datetime

45.172.99.197

attackbots

Aug 16 05:35:57 mail.srvfarm.net postfix/smtps/smtpd[1890438]: warning: unknown[45.172.99.197]: SASL PLAIN authentication failed: 
Aug 16 05:35:57 mail.srvfarm.net postfix/smtps/smtpd[1890438]: lost connection after AUTH from unknown[45.172.99.197]
Aug 16 05:36:46 mail.srvfarm.net postfix/smtps/smtpd[1888763]: warning: unknown[45.172.99.197]: SASL PLAIN authentication failed: 
Aug 16 05:36:47 mail.srvfarm.net postfix/smtps/smtpd[1888763]: lost connection after AUTH from unknown[45.172.99.197]
Aug 16 05:40:15 mail.srvfarm.net postfix/smtps/smtpd[1907644]: warning: unknown[45.172.99.197]: SASL PLAIN authentication failed:

2020-08-16 12:34:00

45.172.99.31

attack

(smtpauth) Failed SMTP AUTH login from 45.172.99.31 (BR/Brazil/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-08-03 08:22:49 plain authenticator failed for ([45.172.99.31]) [45.172.99.31]: 535 Incorrect authentication data (set_id=info@atlaspumpsepahan.com)

2020-08-03 16:22:20

45.172.99.239

attack

Distributed brute force attack

2020-07-30 20:00:56

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.172.99.94
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33681
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;45.172.99.94.			IN	A

;; AUTHORITY SECTION:
.			591	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020702 1800 900 604800 86400

;; Query time: 13 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 08 09:42:06 CST 2022
;; MSG SIZE  rcvd: 105

Host info

Host 94.99.172.45.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 94.99.172.45.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
49.233.92.166	attackbots	$f2bV_matches	2020-03-18 18:46:42
37.189.144.10	attack	Automatic report - Port Scan Attack	2020-03-18 19:27:03
216.198.66.12	attackspambots	Mar 18 04:58:33 silence02 sshd[23239]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=216.198.66.12 Mar 18 04:58:34 silence02 sshd[23239]: Failed password for invalid user user5 from 216.198.66.12 port 47570 ssh2 Mar 18 05:06:36 silence02 sshd[23592]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=216.198.66.12	2020-03-18 19:25:35
139.199.162.74	attackspam	Unauthorized connection attempt detected from IP address 139.199.162.74 to port 1433	2020-03-18 19:14:16
162.243.130.179	attackspam	firewall-block, port(s): 28015/tcp	2020-03-18 19:13:19
165.227.96.190	attackbots	2020-03-18T10:00:49.196252abusebot-3.cloudsearch.cf sshd[26173]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.96.190 user=root 2020-03-18T10:00:50.640845abusebot-3.cloudsearch.cf sshd[26173]: Failed password for root from 165.227.96.190 port 33722 ssh2 2020-03-18T10:04:38.472510abusebot-3.cloudsearch.cf sshd[26461]: Invalid user irc from 165.227.96.190 port 45346 2020-03-18T10:04:38.478419abusebot-3.cloudsearch.cf sshd[26461]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.96.190 2020-03-18T10:04:38.472510abusebot-3.cloudsearch.cf sshd[26461]: Invalid user irc from 165.227.96.190 port 45346 2020-03-18T10:04:41.031500abusebot-3.cloudsearch.cf sshd[26461]: Failed password for invalid user irc from 165.227.96.190 port 45346 ssh2 2020-03-18T10:06:39.566673abusebot-3.cloudsearch.cf sshd[26697]: Invalid user testing from 165.227.96.190 port 56832 ...	2020-03-18 18:52:59
167.172.68.159	attackspambots	Mar 18 05:44:52 cloud sshd[32701]: Failed password for root from 167.172.68.159 port 51642 ssh2	2020-03-18 19:28:19
190.90.140.75	attackbots	Mar 18 11:10:12 sigma sshd\[28513\]: Invalid user plex from 190.90.140.75Mar 18 11:10:14 sigma sshd\[28513\]: Failed password for invalid user plex from 190.90.140.75 port 40398 ssh2 ...	2020-03-18 19:27:52
179.184.57.194	attack	Mar 17 22:50:12 web1 sshd\[2258\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.184.57.194 user=root Mar 17 22:50:13 web1 sshd\[2258\]: Failed password for root from 179.184.57.194 port 54923 ssh2 Mar 17 22:52:38 web1 sshd\[2450\]: Invalid user esadmin from 179.184.57.194 Mar 17 22:52:38 web1 sshd\[2450\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.184.57.194 Mar 17 22:52:41 web1 sshd\[2450\]: Failed password for invalid user esadmin from 179.184.57.194 port 41864 ssh2	2020-03-18 19:05:45
81.214.140.215	attackspam	DATE:2020-03-18 04:46:49, IP:81.214.140.215, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2020-03-18 19:30:37
188.37.236.27	attack	Fail2Ban - HTTP Auth Bruteforce Attempt	2020-03-18 19:33:47
119.188.157.211	attack	ssh brute force	2020-03-18 18:46:20
185.101.231.42	attackbots	Mar 18 09:42:04 sso sshd[21461]: Failed password for root from 185.101.231.42 port 45894 ssh2 ...	2020-03-18 18:55:00
106.13.43.117	attackbotsspam	Mar 18 11:54:02 Ubuntu-1404-trusty-64-minimal sshd\[16043\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.43.117 user=root Mar 18 11:54:05 Ubuntu-1404-trusty-64-minimal sshd\[16043\]: Failed password for root from 106.13.43.117 port 45776 ssh2 Mar 18 12:03:14 Ubuntu-1404-trusty-64-minimal sshd\[26509\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.43.117 user=root Mar 18 12:03:16 Ubuntu-1404-trusty-64-minimal sshd\[26509\]: Failed password for root from 106.13.43.117 port 60500 ssh2 Mar 18 12:08:43 Ubuntu-1404-trusty-64-minimal sshd\[28714\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.43.117 user=root	2020-03-18 19:30:10
46.101.17.215	attackbotsspam	$f2bV_matches	2020-03-18 19:15:12

Recently Reported IPs

20.42.73.27	52.168.142.236	151.28.127.83	103.119.164.170
185.60.12.148	39.53.124.171	157.230.20.215	36.106.167.121
118.25.106.105	61.53.221.46	182.50.120.204	178.135.246.243
47.119.156.26	179.202.232.112	107.172.233.90	220.134.208.8
117.214.62.117	59.53.222.11	134.236.105.85	61.7.138.112