95.154.18.99 - IPInfo

Basic Info

City: Haderslev

Region: South Denmark

Country: Denmark

Internet Service Provider: Stofa A/S

Hostname: unknown

Organization: Telia Stofa A/S

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	RDP Brute-Force (Grieskirchen RZ2)	2019-11-15 00:38:48
attackspam	RDPBruteGSL24	2019-09-26 15:29:13

Comments on same subnet:

IP	Type	Details	Datetime
95.154.187.226	attackbotsspam	Unauthorized connection attempt from IP address 95.154.187.226 on Port 445(SMB)	2020-06-24 08:32:25
95.154.185.199	attack	unauthorized connection attempt	2020-02-16 17:21:56

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 95.154.18.99
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22818
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;95.154.18.99.			IN	A

;; AUTHORITY SECTION:
.			387	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019061600 1800 900 604800 86400

;; Query time: 78 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jun 16 20:56:39 CST 2019
;; MSG SIZE  rcvd: 116

Host info

99.18.154.95.in-addr.arpa domain name pointer 5F9A1263.rev.sefiber.dk.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
99.18.154.95.in-addr.arpa	name = 5F9A1263.rev.sefiber.dk.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
193.56.28.119	attackspam	SPAM Delivery Attempt	2019-11-25 13:41:47
222.186.173.154	attackspambots	pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.154 user=root Failed password for root from 222.186.173.154 port 3530 ssh2 Failed password for root from 222.186.173.154 port 3530 ssh2 Failed password for root from 222.186.173.154 port 3530 ssh2 Failed password for root from 222.186.173.154 port 3530 ssh2	2019-11-25 13:30:14
206.72.197.90	attackbotsspam	206.72.197.90 was recorded 12 times by 11 hosts attempting to connect to the following ports: 81. Incident counter (4h, 24h, all-time): 12, 79, 1541	2019-11-25 14:02:42
122.5.46.22	attack	Nov 25 05:33:53 Ubuntu-1404-trusty-64-minimal sshd\[21000\]: Invalid user mysql from 122.5.46.22 Nov 25 05:33:53 Ubuntu-1404-trusty-64-minimal sshd\[21000\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.5.46.22 Nov 25 05:33:55 Ubuntu-1404-trusty-64-minimal sshd\[21000\]: Failed password for invalid user mysql from 122.5.46.22 port 38250 ssh2 Nov 25 05:59:04 Ubuntu-1404-trusty-64-minimal sshd\[8368\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.5.46.22 user=root Nov 25 05:59:06 Ubuntu-1404-trusty-64-minimal sshd\[8368\]: Failed password for root from 122.5.46.22 port 52730 ssh2	2019-11-25 13:27:42
117.131.207.235	attack	Nov 25 06:12:35 andromeda postfix/smtpd\[38280\]: warning: unknown\[117.131.207.235\]: SASL LOGIN authentication failed: authentication failure Nov 25 06:12:46 andromeda postfix/smtpd\[38280\]: warning: unknown\[117.131.207.235\]: SASL LOGIN authentication failed: authentication failure Nov 25 06:12:49 andromeda postfix/smtpd\[12491\]: warning: unknown\[117.131.207.235\]: SASL LOGIN authentication failed: authentication failure Nov 25 06:12:55 andromeda postfix/smtpd\[12491\]: warning: unknown\[117.131.207.235\]: SASL LOGIN authentication failed: authentication failure Nov 25 06:13:03 andromeda postfix/smtpd\[38280\]: warning: unknown\[117.131.207.235\]: SASL LOGIN authentication failed: authentication failure	2019-11-25 13:49:50
49.235.92.101	attackspambots	49.235.92.101 was recorded 62 times by 25 hosts attempting to connect to the following ports: 2375,2376,2377,4243. Incident counter (4h, 24h, all-time): 62, 355, 645	2019-11-25 13:58:52
95.110.227.64	attack	Nov 25 06:58:58 ncomp sshd[6774]: Invalid user krysta from 95.110.227.64 Nov 25 06:58:58 ncomp sshd[6774]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.110.227.64 Nov 25 06:58:58 ncomp sshd[6774]: Invalid user krysta from 95.110.227.64 Nov 25 06:59:01 ncomp sshd[6774]: Failed password for invalid user krysta from 95.110.227.64 port 48732 ssh2	2019-11-25 13:33:15
154.221.24.135	attack	$f2bV_matches_ltvn	2019-11-25 13:47:04
117.255.216.106	attackbots	Invalid user pcap from 117.255.216.106 port 11672 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.255.216.106 Failed password for invalid user pcap from 117.255.216.106 port 11672 ssh2 Invalid user djmax from 117.255.216.106 port 61669 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.255.216.106	2019-11-25 13:31:15
222.186.180.9	attackbots	Nov 25 06:10:44 dcd-gentoo sshd[24763]: User root from 222.186.180.9 not allowed because none of user's groups are listed in AllowGroups Nov 25 06:10:46 dcd-gentoo sshd[24763]: error: PAM: Authentication failure for illegal user root from 222.186.180.9 Nov 25 06:10:44 dcd-gentoo sshd[24763]: User root from 222.186.180.9 not allowed because none of user's groups are listed in AllowGroups Nov 25 06:10:46 dcd-gentoo sshd[24763]: error: PAM: Authentication failure for illegal user root from 222.186.180.9 Nov 25 06:10:44 dcd-gentoo sshd[24763]: User root from 222.186.180.9 not allowed because none of user's groups are listed in AllowGroups Nov 25 06:10:46 dcd-gentoo sshd[24763]: error: PAM: Authentication failure for illegal user root from 222.186.180.9 Nov 25 06:10:46 dcd-gentoo sshd[24763]: Failed keyboard-interactive/pam for invalid user root from 222.186.180.9 port 19004 ssh2 ...	2019-11-25 13:40:04
222.186.175.182	attackspambots	SSH authentication failure x 6 reported by Fail2Ban ...	2019-11-25 13:43:26
49.88.112.54	attackspam	5x Failed Password	2019-11-25 14:01:56
66.70.173.48	attack	Nov 25 05:53:43 ns382633 sshd\[23596\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.173.48 user=root Nov 25 05:53:45 ns382633 sshd\[23596\]: Failed password for root from 66.70.173.48 port 36996 ssh2 Nov 25 05:55:44 ns382633 sshd\[24264\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.173.48 user=root Nov 25 05:55:46 ns382633 sshd\[24264\]: Failed password for root from 66.70.173.48 port 49148 ssh2 Nov 25 05:58:45 ns382633 sshd\[24503\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.173.48 user=root	2019-11-25 13:43:05
72.4.147.218	attackspambots	Automatic report - XMLRPC Attack	2019-11-25 14:00:13
104.244.72.98	attackbotsspam	port scan and connect, tcp 22 (ssh)	2019-11-25 13:54:22

Recently Reported IPs

179.178.143.98	51.79.26.235	2620:7:6001::ffff:c759:e646	52.226.69.228
93.142.101.89	221.195.245.27	90.114.21.101	188.216.174.206
85.229.206.214	186.65.114.199	80.110.60.128	213.124.96.137
186.193.20.65	195.62.36.54	103.251.56.58	46.100.41.185
114.239.190.229	60.191.32.71	125.224.24.238	176.59.49.241