118.99.72.166 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Indonesia

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
118.99.72.7	attackbots	Unauthorized connection attempt from IP address 118.99.72.7 on Port 445(SMB)	2019-07-13 10:11:22

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 118.99.72.166
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57434
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;118.99.72.166.			IN	A

;; AUTHORITY SECTION:
.			194	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022030803 1800 900 604800 86400

;; Query time: 51 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Mar 09 10:39:18 CST 2022
;; MSG SIZE  rcvd: 106

Host info

Host 166.72.99.118.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 166.72.99.118.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
211.108.168.106	attackspam	(sshd) Failed SSH login from 211.108.168.106 (KR/South Korea/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Aug 21 13:58:55 amsweb01 sshd[28903]: Invalid user hxeadm from 211.108.168.106 port 44074 Aug 21 13:58:57 amsweb01 sshd[28903]: Failed password for invalid user hxeadm from 211.108.168.106 port 44074 ssh2 Aug 21 14:03:30 amsweb01 sshd[29694]: Invalid user test from 211.108.168.106 port 57742 Aug 21 14:03:32 amsweb01 sshd[29694]: Failed password for invalid user test from 211.108.168.106 port 57742 ssh2 Aug 21 14:07:40 amsweb01 sshd[30312]: Invalid user ubuntu from 211.108.168.106 port 38792	2020-08-21 20:49:09
106.12.60.40	attackbotsspam	frenzy	2020-08-21 20:44:33
167.99.153.200	attackspambots	Too many connections or unauthorized access detected from Arctic banned ip	2020-08-21 20:39:31
120.92.119.90	attackspam	2020-08-21T14:26:50.225046galaxy.wi.uni-potsdam.de sshd[14152]: Invalid user farmacia from 120.92.119.90 port 39740 2020-08-21T14:26:50.227002galaxy.wi.uni-potsdam.de sshd[14152]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.119.90 2020-08-21T14:26:50.225046galaxy.wi.uni-potsdam.de sshd[14152]: Invalid user farmacia from 120.92.119.90 port 39740 2020-08-21T14:26:51.975517galaxy.wi.uni-potsdam.de sshd[14152]: Failed password for invalid user farmacia from 120.92.119.90 port 39740 ssh2 2020-08-21T14:30:10.941513galaxy.wi.uni-potsdam.de sshd[14568]: Invalid user applvis from 120.92.119.90 port 11146 2020-08-21T14:30:10.946777galaxy.wi.uni-potsdam.de sshd[14568]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.119.90 2020-08-21T14:30:10.941513galaxy.wi.uni-potsdam.de sshd[14568]: Invalid user applvis from 120.92.119.90 port 11146 2020-08-21T14:30:12.489129galaxy.wi.uni-potsdam.de sshd[14568]: F ...	2020-08-21 21:03:24
118.193.31.206	attackspambots	Aug 19 20:01:11 h2022099 sshd[18455]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.193.31.206 user=r.r Aug 19 20:01:13 h2022099 sshd[18455]: Failed password for r.r from 118.193.31.206 port 43614 ssh2 Aug 19 20:01:13 h2022099 sshd[18455]: Received disconnect from 118.193.31.206: 11: Bye Bye [preauth] Aug 19 20:16:26 h2022099 sshd[20518]: Invalid user patrol from 118.193.31.206 Aug 19 20:16:26 h2022099 sshd[20518]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.193.31.206 Aug 19 20:16:28 h2022099 sshd[20518]: Failed password for invalid user patrol from 118.193.31.206 port 34432 ssh2 Aug 19 20:16:28 h2022099 sshd[20518]: Received disconnect from 118.193.31.206: 11: Bye Bye [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=118.193.31.206	2020-08-21 20:36:18
184.105.247.252	attackspambots	TCP (SYN) 184.105.247.252:53323 -> port 5900, len 44	2020-08-21 20:40:45
103.194.248.166	attackbotsspam	srvr1: (mod_security) mod_security (id:942100) triggered by 103.194.248.166 (IN/-/-): 1 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/08/21 12:07:19 [error] 482759#0: 840772 [client 103.194.248.166] ModSecurity: Access denied with code 406 (phase 2). [file "/etc/modsecurity.d/REQUEST-942-APPLICATION-ATTACK-SQLI.conf"] [line "45"] [id "942100"] [rev ""] [msg ""] [redacted] [severity "0"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-sqli"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/152/248/66"] [tag "PCI/6.5.2"] [redacted] [uri "/forum/viewthread.php"] [unique_id "159801163981.150509"] [ref ""], client: 103.194.248.166, [redacted] request: "GET /forum/viewthread.php?thread_id=1122%27%29%29+OR+++%28%28%2727vH%27%3D%2727vH HTTP/1.1" [redacted]	2020-08-21 21:07:39
118.89.219.116	attackbots	20 attempts against mh-ssh on cloud	2020-08-21 20:42:10
112.80.35.2	attackbotsspam	Aug 21 09:05:19 firewall sshd[14517]: Failed password for syslog from 112.80.35.2 port 65534 ssh2 Aug 21 09:07:59 firewall sshd[14657]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.80.35.2 user=root Aug 21 09:08:01 firewall sshd[14657]: Failed password for root from 112.80.35.2 port 65534 ssh2 ...	2020-08-21 20:36:52
217.174.208.194	attackspam	Port Scan ...	2020-08-21 20:31:03
34.212.51.96	attackspam	WordPress wp-login brute force :: 34.212.51.96 0.112 - [21/Aug/2020:12:23:04 0000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 2411 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "HTTP/1.1"	2020-08-21 20:56:04
222.186.175.183	attackspambots	Aug 21 14:26:39 abendstille sshd\[5152\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.183 user=root Aug 21 14:26:40 abendstille sshd\[5149\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.183 user=root Aug 21 14:26:41 abendstille sshd\[5152\]: Failed password for root from 222.186.175.183 port 64596 ssh2 Aug 21 14:26:42 abendstille sshd\[5149\]: Failed password for root from 222.186.175.183 port 10420 ssh2 Aug 21 14:26:44 abendstille sshd\[5152\]: Failed password for root from 222.186.175.183 port 64596 ssh2 ...	2020-08-21 20:32:26
177.153.19.172	attackbots	From bounce-35cd4d53be0cb40ec1d4b79cbb1257a1@smtplw-13.com Fri Aug 21 09:08:05 2020 Received: from smtp222t19f172.saaspmta0002.correio.biz ([177.153.19.172]:44211)	2020-08-21 20:29:27
219.141.106.102	attackbots	Port Scan detected! ...	2020-08-21 20:47:55
222.186.42.7	attack	21.08.2020 12:36:56 SSH access blocked by firewall	2020-08-21 20:43:23

Recently Reported IPs

118.99.72.165	118.99.72.186	118.99.72.19	88.172.97.209
118.99.72.192	118.99.72.220	118.99.72.222	118.99.72.230
118.99.72.232	118.99.72.239	118.99.72.241	118.99.72.38
118.99.72.43	118.99.72.44	118.99.72.56	118.96.220.193
118.97.29.210	118.97.30.165	118.99.72.59	118.99.72.63