IP address

Passive DNS

Tags: IP in hostname

IP blacklists

DataPlane VNC RFB

192.99.215.138 is listed on the DataPlane VNC RFB blacklist.

Description: DataPlane.org is a community-powered Internet data, feeds,<br>and measurement resource for operators, by operators. IPs initiating<br>an unsolicited VNC remote frame buffer (RFB) session to a remote host.
Type of feed: primary (feed detail page)

Last checked at: 2024-12-22 11:10:01.148000
Was present on blacklist at: 2024-10-01 10:10, 2024-10-01 14:10, 2024-10-01 18:10, 2024-10-01 22:10, 2024-10-02 02:10, 2024-10-02 06:10, 2024-10-02 10:10, 2024-10-02 14:10, 2024-10-02 18:10, 2024-10-02 22:10, 2024-10-03 02:10, 2024-10-03 06:10, 2024-10-03 10:10, 2024-10-03 14:10, 2024-10-03 18:10, 2024-10-03 22:10, 2024-10-04 02:10, 2024-10-04 06:10, 2024-10-04 10:10, 2024-10-04 14:10, 2024-10-04 22:10, 2024-10-05 14:10, 2024-10-05 18:10, 2024-10-05 22:10, 2024-10-06 02:10, 2024-10-06 06:10, 2024-10-06 10:10, 2024-10-06 14:10, 2024-10-06 18:10, 2024-10-06 22:10, 2024-10-07 02:10, 2024-10-07 06:10, 2024-10-07 10:10, 2024-10-07 18:10, 2024-10-07 22:10, 2024-10-08 02:10, 2024-10-08 06:10, 2024-10-08 14:10, 2024-10-08 18:10, 2024-10-08 22:10, 2024-10-09 02:10, 2024-10-09 14:10, 2024-10-09 18:10, 2024-10-09 22:10, 2024-10-10 02:10, 2024-10-10 10:10, 2024-10-10 14:10, 2024-10-10 18:10, 2024-10-10 22:10, 2024-10-11 02:10, 2024-10-11 10:10, 2024-10-11 14:10, 2024-10-11 18:10, 2024-10-11 22:10, 2024-10-12 06:10, 2024-10-12 10:10, 2024-10-12 14:10, 2024-10-12 18:10, 2024-10-12 22:10, 2024-10-13 02:10, 2024-10-13 06:10, 2024-10-13 14:10, 2024-10-13 18:10, 2024-10-13 22:10, 2024-10-14 06:10, 2024-10-14 10:10, 2024-10-14 14:10, 2024-10-14 18:10, 2024-10-14 22:10, 2024-10-15 02:10, 2024-10-15 06:10, 2024-10-15 10:10, 2024-10-15 14:10, 2024-10-15 18:10, 2024-10-15 22:10, 2024-10-16 06:10, 2024-10-16 14:10, 2024-10-17 06:10, 2024-10-17 14:10, 2024-10-17 18:10, 2024-10-18 02:10, 2024-10-18 06:10, 2024-10-18 14:10, 2024-10-18 22:10, 2024-10-19 02:10, 2024-10-19 10:10, 2024-10-19 14:10, 2024-10-20 02:10, 2024-10-20 06:10, 2024-10-20 14:10, 2024-10-20 18:10, 2024-10-22 02:10, 2024-10-22 14:10, 2024-10-22 18:10, 2024-10-22 22:10, 2024-10-23 02:10, 2024-10-23 06:10, 2024-10-23 14:10, 2024-10-23 18:10, 2024-10-23 22:10, 2024-10-24 02:10, 2024-10-24 10:10, 2024-10-24 14:10, 2024-10-24 18:10, 2024-10-24 22:10, 2024-10-25 02:10, 2024-10-25 06:10, 2024-10-25 10:10, 2024-10-25 14:10, 2024-10-25 18:10, 2024-10-25 22:10, 2024-10-26 02:10, 2024-10-26 10:10, 2024-10-26 14:10, 2024-10-26 18:10, 2024-10-27 03:10, 2024-10-27 11:10, 2024-10-27 15:10, 2024-10-27 19:10, 2024-10-27 23:10, 2024-10-28 11:10, 2024-10-28 15:10, 2024-10-28 19:10, 2024-10-28 23:10, 2024-10-29 11:10, 2024-10-29 15:10, 2024-10-29 19:10, 2024-10-29 23:10, 2024-10-30 11:10, 2024-10-30 19:10, 2024-10-30 23:10, 2024-10-31 11:10, 2024-10-31 19:10, 2024-10-31 23:10, 2024-11-01 15:10, 2024-11-01 19:10, 2024-11-01 23:10, 2024-11-02 11:10, 2024-11-02 19:10, 2024-11-02 23:10, 2024-11-03 07:10, 2024-11-03 11:10, 2024-11-03 15:10, 2024-11-03 19:10, 2024-11-03 23:10, 2024-11-04 03:10, 2024-11-04 11:10, 2024-11-04 19:10, 2024-11-04 23:10, 2024-11-05 03:10, 2024-11-05 07:10, 2024-11-05 11:10, 2024-11-05 15:10, 2024-11-05 19:10, 2024-11-05 23:10, 2024-11-06 03:10, 2024-11-06 11:10, 2024-11-06 15:10, 2024-11-06 23:10, 2024-11-07 07:10, 2024-11-07 11:10, 2024-11-07 19:10, 2024-11-07 23:10, 2024-11-08 07:10, 2024-11-08 11:10, 2024-11-08 15:10, 2024-11-08 19:10, 2024-11-08 23:10, 2024-11-09 03:10, 2024-11-09 11:10, 2024-11-09 23:10, 2024-11-10 03:10, 2024-11-10 11:10, 2024-11-10 23:10, 2024-11-11 11:10, 2024-11-11 15:10, 2024-11-11 23:10, 2024-11-12 11:10, 2024-11-12 15:10, 2024-11-12 19:10, 2024-11-12 23:10, 2024-11-13 03:10, 2024-11-13 07:10, 2024-11-13 11:10, 2024-11-13 19:10, 2024-11-13 23:10, 2024-11-14 03:10, 2024-11-14 11:10, 2024-11-14 19:10, 2024-11-15 11:10, 2024-11-15 23:10, 2024-11-16 11:10, 2024-11-16 15:10, 2024-11-16 19:10, 2024-11-16 23:10, 2024-11-17 03:10, 2024-11-17 07:10, 2024-11-17 11:10, 2024-11-17 19:10, 2024-11-17 23:10, 2024-11-18 03:10, 2024-11-18 07:10, 2024-11-18 11:10, 2024-11-18 23:10, 2024-11-19 03:10, 2024-11-19 07:10, 2024-11-19 11:10, 2024-11-19 19:10, 2024-11-19 23:10, 2024-11-20 07:10, 2024-11-20 11:10, 2024-11-20 15:10, 2024-11-20 19:10, 2024-11-20 23:10, 2024-11-21 03:10, 2024-11-21 07:10, 2024-11-21 23:10, 2024-11-22 07:10, 2024-11-22 15:10, 2024-11-22 19:10, 2024-11-23 15:10, 2024-11-23 23:10, 2024-11-25 15:10, 2024-11-25 19:10, 2024-11-26 15:10, 2024-11-27 07:10, 2024-11-28 19:10, 2024-11-29 23:10, 2024-11-30 15:10, 2024-11-30 19:10, 2024-12-03 03:10, 2024-12-03 07:10, 2024-12-04 07:10, 2024-12-04 15:10, 2024-12-04 23:10, 2024-12-05 07:10, 2024-12-06 11:10, 2024-12-07 03:10, 2024-12-07 07:10, 2024-12-07 11:10, 2024-12-07 19:10, 2024-12-11 11:10, 2024-12-12 07:10, 2024-12-12 11:10, 2024-12-12 15:10, 2024-12-13 07:10, 2024-12-13 11:10, 2024-12-13 15:10, 2024-12-14 03:10, 2024-12-14 11:10, 2024-12-14 15:10, 2024-12-15 23:10, 2024-12-16 11:10, 2024-12-16 15:10, 2024-12-16 19:10, 2024-12-17 11:10, 2024-12-17 19:10, 2024-12-17 23:10, 2024-12-18 03:10, 2024-12-18 07:10, 2024-12-18 15:10, 2024-12-18 19:10, 2024-12-18 23:10, 2024-12-19 03:10, 2024-12-19 11:10, 2024-12-19 15:10, 2024-12-19 19:10, 2024-12-19 23:10, 2024-12-20 11:10, 2024-12-20 19:10, 2024-12-20 23:10, 2024-12-21 03:10, 2024-12-21 11:10, 2024-12-21 15:10, 2024-12-21 23:10, 2024-12-22 03:10, 2024-12-22 07:10, 2024-12-22 11:10

DShield reports (IP summary, reports)

2024-09-24: Number of reports: 235; Distinct targets: 13
2024-10-22: Number of reports: 666; Distinct targets: 36
2024-10-23: Number of reports: 183; Distinct targets: 10
2024-10-24: Number of reports: 150; Distinct targets: 8
2024-10-26: Number of reports: 1041; Distinct targets: 53
2024-10-27: Number of reports: 801; Distinct targets: 44
2024-10-29: Number of reports: 669; Distinct targets: 35
2024-10-30: Number of reports: 144; Distinct targets: 8
2024-11-02: Number of reports: 1101; Distinct targets: 60
2024-11-05: Number of reports: 1224; Distinct targets: 67

OTX pulses

[66ba190458a27fd9b1acc40e] 2024-08-12 14:15:32.760000 | Redis honeypot logs for 2024-08-12

Author name:	jnazario
Pulse modified:	2024-08-12 14:15:32.760000
Indicator created:	2024-08-12 14:15:33
Indicator role:	None
Indicator title:
Indicator expiration:	2024-09-11 14:00:00

[606d75c11c08ff94089a9430] 2021-04-07 09:05:05.353000 | Georgs Honeypot

Author name:	georgengelmann
Pulse modified:	2024-09-25 23:59:02.066000
Indicator created:	2024-08-27 01:45:02
Indicator role:	bruteforce
Indicator title:	RDP intrusion attempt from ip138.ip-192-99-215.net port 61237
Indicator expiration:	2024-09-26 01:00:00

[6717b5525916b0a3b418cd96] 2024-10-22 14:23:14.513000 | VNC honeypot logs for 2024/10/22

Author name:	jnazario
Pulse modified:	2024-10-22 14:23:14.513000
Indicator created:	2024-10-22 14:23:15
Indicator role:	None
Indicator title:
Indicator expiration:	2024-11-21 14:00:00

[675ef4c764223371f2bd62da] 2024-12-15 15:24:55.557000 | VNC honeypot logs for 2024/12/15

Author name:	jnazario
Pulse modified:	2024-12-15 15:24:55.557000
Indicator created:	2024-12-15 15:24:56
Indicator role:	None
Indicator title:
Indicator expiration:	2025-01-14 15:00:00

[676044b429fd8c2cb12d72b9] 2024-12-16 15:18:12.265000 | VNC honeypot logs for 2024/12/16

Author name:	jnazario
Pulse modified:	2024-12-16 15:18:12.265000
Indicator created:	2024-12-16 15:18:13
Indicator role:	None
Indicator title:
Indicator expiration:	2025-01-15 15:00:00

[6761962a49afcacb72082120] 2024-12-17 15:18:02.913000 | VNC honeypot logs for 2024/12/17

Author name:	jnazario
Pulse modified:	2024-12-17 15:18:02.913000
Indicator created:	2024-12-17 15:18:03
Indicator role:	None
Indicator title:
Indicator expiration:	2025-01-16 15:00:00

[6762e7b707c53cfef7baa439] 2024-12-18 15:18:15.489000 | VNC honeypot logs for 2024/12/18

Author name:	jnazario
Pulse modified:	2024-12-18 15:18:15.489000
Indicator created:	2024-12-18 15:18:16
Indicator role:	None
Indicator title:
Indicator expiration:	2025-01-17 15:00:00

Origin AS: AS16276 - OVH
BGP Prefix: 192.99.0.0/16
geo: Canada; 🕑 America/Toronto
hostname: ip138.ip-192-99-215.net
hostname_class: ['ip_in_hostname']
Address block ('inetnum' or 'NetRange' in whois database): 192.99.0.0 - 192.99.255.255
last_activity: 2024-12-18 16:33:23.542000
reserved_range: 0
Shodan's InternetDB: Open ports: 3050, 3389, 5000, 5800, 5900; Tags: self-signed; CPEs: cpe:/a:firebirdsql:firebird
ts_added: 2024-07-21 05:06:16.851000
ts_last_update: 2024-12-22 11:10:25.886000

Warden event timeline

DShield event timeline

Presence on blacklists

OTX pulses