180.242.215.99

Basic Info

City: unknown

Region: unknown

Country: Indonesia

Internet Service Provider: PT Telkom Indonesia

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-03-30 17:04:16

Comments on same subnet:

IP	Type	Details	Datetime
180.242.215.210	attack	1588871860 - 05/07/2020 19:17:40 Host: 180.242.215.210/180.242.215.210 Port: 445 TCP Blocked	2020-05-08 05:56:46
180.242.215.172	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 18-03-2020 13:10:35.	2020-03-18 23:17:45
180.242.215.169	attack	20/1/28@23:55:35: FAIL: Alarm-Network address from=180.242.215.169 20/1/28@23:55:35: FAIL: Alarm-Network address from=180.242.215.169 ...	2020-01-29 13:48:18
180.242.215.0	attackbotsspam	unauthorized connection attempt	2020-01-17 19:41:04
180.242.215.142	attackspam	1578027255 - 01/03/2020 05:54:15 Host: 180.242.215.142/180.242.215.142 Port: 445 TCP Blocked	2020-01-03 13:38:24
180.242.215.165	attackspam	1576477409 - 12/16/2019 07:23:29 Host: 180.242.215.165/180.242.215.165 Port: 445 TCP Blocked	2019-12-16 21:34:49

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 180.242.215.99
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 28880
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;180.242.215.99.			IN	A

;; AUTHORITY SECTION:
.			474	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020033000 1800 900 604800 86400

;; Query time: 381 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Mar 30 17:04:09 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 99.215.242.180.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 99.215.242.180.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
14.169.217.255	attackbotsspam	Nov 28 23:49:26 penfold postfix/smtpd[21960]: warning: hostname static.vnpt.vn does not resolve to address 14.169.217.255 Nov 28 23:49:26 penfold postfix/smtpd[21960]: connect from unknown[14.169.217.255] Nov x@x Nov x@x Nov x@x Nov x@x Nov x@x Nov x@x Nov x@x Nov x@x Nov x@x Nov x@x Nov x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=14.169.217.255	2019-11-29 13:56:13
112.64.170.178	attackbots	Invalid user synnve from 112.64.170.178 port 8178	2019-11-29 14:05:13
211.23.76.156	attackspambots	Connection by 211.23.76.156 on port: 23 got caught by honeypot at 11/29/2019 3:56:57 AM	2019-11-29 14:18:04
118.99.103.214	attackbots	Automatic report - XMLRPC Attack	2019-11-29 14:02:41
188.113.174.55	attack	Nov 29 07:55:44 microserver sshd[41639]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.113.174.55 user=backup Nov 29 07:55:46 microserver sshd[41639]: Failed password for backup from 188.113.174.55 port 57190 ssh2 Nov 29 08:00:22 microserver sshd[42271]: Invalid user brockie from 188.113.174.55 port 43656 Nov 29 08:00:22 microserver sshd[42271]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.113.174.55 Nov 29 08:00:23 microserver sshd[42271]: Failed password for invalid user brockie from 188.113.174.55 port 43656 ssh2 Nov 29 08:10:42 microserver sshd[43691]: Invalid user admin from 188.113.174.55 port 38438 Nov 29 08:10:42 microserver sshd[43691]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.113.174.55 Nov 29 08:10:44 microserver sshd[43691]: Failed password for invalid user admin from 188.113.174.55 port 38438 ssh2 Nov 29 08:15:01 microserver sshd[43911]: Invalid user 0 f	2019-11-29 13:55:19
171.252.251.130	attackbots	Automatic report - Port Scan Attack	2019-11-29 14:11:18
110.43.42.244	attackbotsspam	Nov 29 05:52:17 pornomens sshd\[11619\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.43.42.244 user=root Nov 29 05:52:19 pornomens sshd\[11619\]: Failed password for root from 110.43.42.244 port 18232 ssh2 Nov 29 05:56:52 pornomens sshd\[11653\]: Invalid user savin from 110.43.42.244 port 53354 ...	2019-11-29 14:09:58
65.50.209.87	attackspambots	Nov 29 10:37:47 gw1 sshd[17411]: Failed password for root from 65.50.209.87 port 54294 ssh2 Nov 29 10:40:54 gw1 sshd[17596]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=65.50.209.87 ...	2019-11-29 13:53:56
159.203.201.155	attack	11/28/2019-23:57:21.606008 159.203.201.155 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-11-29 13:59:37
142.93.218.11	attackspam	Unauthorized SSH login attempts	2019-11-29 14:06:27
185.156.73.52	attackbots	11/29/2019-01:08:13.740867 185.156.73.52 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-11-29 14:13:50
165.227.46.221	attackspam	Nov 29 05:56:53 MK-Soft-VM4 sshd[31478]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.46.221 Nov 29 05:56:54 MK-Soft-VM4 sshd[31478]: Failed password for invalid user bresett from 165.227.46.221 port 35462 ssh2 ...	2019-11-29 14:14:18
2.136.131.36	attack	Nov 28 19:55:48 sachi sshd\[7580\]: Invalid user reddi from 2.136.131.36 Nov 28 19:55:48 sachi sshd\[7580\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.red-2-136-131.staticip.rima-tde.net Nov 28 19:55:50 sachi sshd\[7580\]: Failed password for invalid user reddi from 2.136.131.36 port 42042 ssh2 Nov 28 19:58:56 sachi sshd\[7850\]: Invalid user hambleton from 2.136.131.36 Nov 28 19:58:56 sachi sshd\[7850\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.red-2-136-131.staticip.rima-tde.net	2019-11-29 14:12:19
190.205.103.211	attackbots	Unauthorized access or intrusion attempt detected from Thor banned IP	2019-11-29 14:07:48
157.245.239.139	attackbots	Nov 29 13:57:11 scivo sshd[26481]: Invalid user fake from 157.245.239.139 Nov 29 13:57:11 scivo sshd[26481]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.239.139 Nov 29 13:57:13 scivo sshd[26481]: Failed password for invalid user fake from 157.245.239.139 port 49200 ssh2 Nov 29 13:57:13 scivo sshd[26481]: Received disconnect from 157.245.239.139: 11: Bye Bye [preauth] Nov 29 13:57:14 scivo sshd[26483]: Invalid user admin from 157.245.239.139 Nov 29 13:57:14 scivo sshd[26483]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.239.139 Nov 29 13:57:16 scivo sshd[26483]: Failed password for invalid user admin from 157.245.239.139 port 34524 ssh2 Nov 29 13:57:17 scivo sshd[26483]: Received disconnect from 157.245.239.139: 11: Bye Bye [preauth] Nov 29 13:57:18 scivo sshd[26485]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.239.1........ -------------------------------	2019-11-29 14:04:21

Recently Reported IPs

77.88.66.106	186.124.142.171	113.181.219.233	92.233.223.162
80.60.206.224	180.151.81.138	14.171.47.235	128.199.248.200
138.19.164.135	149.59.197.248	129.204.122.166	125.167.116.197
166.150.157.154	230.187.178.219	78.19.236.235	241.60.158.233
189.62.4.57	4.168.24.22	227.43.246.42	232.6.229.1