202.99.199.142

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ShanXi Province JinZhong Mobile Communication Company

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Automatic report - Banned IP Access	2019-12-27 03:03:51
attackspambots	'IP reached maximum auth failures for a one day block'	2019-12-07 19:19:31
attackspam	11.11.2019 07:29:52 - Login Fail on hMailserver Detected by ELinOX-hMail-A2F	2019-11-11 15:31:53
attackbots	[munged]::443 202.99.199.142 - - [18/Oct/2019:22:55:25 +0200] "POST /[munged]: HTTP/1.1" 200 8165 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 202.99.199.142 - - [18/Oct/2019:22:55:27 +0200] "POST /[munged]: HTTP/1.1" 200 4388 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 202.99.199.142 - - [18/Oct/2019:22:55:27 +0200] "POST /[munged]: HTTP/1.1" 200 4388 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 202.99.199.142 - - [18/Oct/2019:22:55:28 +0200] "POST /[munged]: HTTP/1.1" 200 4388 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 202.99.199.142 - - [18/Oct/2019:22:55:28 +0200] "POST /[munged]: HTTP/1.1" 200 4388 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 202.99.199.142 - - [18/Oct/2019:22:	2019-10-19 05:54:43
attack	12:33:11.499 1 IMAP-001307([202.99.199.142]) failed to open 'iain.djetlic@womble.org'. Connection from [202.99.199.142]:60660. Error Code=account is routed to NULL ...	2019-10-19 03:09:12
attackspam	Brute force attempt	2019-10-04 00:44:55

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 202.99.199.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58552
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;202.99.199.142.			IN	A

;; AUTHORITY SECTION:
.			200	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019091601 1800 900 604800 86400

;; Query time: 182 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Sep 17 09:45:32 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 142.199.99.202.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 142.199.99.202.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
1.175.163.81	attackbots	37215/tcp [2019-06-28]1pkt	2019-06-29 03:24:22
103.207.38.73	attackbotsspam	Jun 28 20:43:18 lcl-usvr-01 sshd[17522]: Invalid user admin from 103.207.38.73 Jun 28 20:43:18 lcl-usvr-01 sshd[17522]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.207.38.73 Jun 28 20:43:18 lcl-usvr-01 sshd[17522]: Invalid user admin from 103.207.38.73 Jun 28 20:43:20 lcl-usvr-01 sshd[17522]: Failed password for invalid user admin from 103.207.38.73 port 57243 ssh2 Jun 28 20:43:18 lcl-usvr-01 sshd[17522]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.207.38.73 Jun 28 20:43:18 lcl-usvr-01 sshd[17522]: Invalid user admin from 103.207.38.73 Jun 28 20:43:20 lcl-usvr-01 sshd[17522]: Failed password for invalid user admin from 103.207.38.73 port 57243 ssh2 Jun 28 20:43:20 lcl-usvr-01 sshd[17522]: error: Received disconnect from 103.207.38.73 port 57243:3: com.jcraft.jsch.JSchException: Auth fail [preauth]	2019-06-29 02:54:20
50.200.136.108	attack	3395/udp 3395/udp [2019-06-28]2pkt	2019-06-29 03:18:31
201.148.246.217	attack	SMTP-sasl brute force ...	2019-06-29 02:43:02
149.200.211.8	attackspambots	23/tcp 23/tcp [2019-06-28]2pkt	2019-06-29 02:44:32
113.59.77.122	attackbotsspam	5555/tcp [2019-06-28]1pkt	2019-06-29 02:56:00
174.138.56.93	attackspam	Jun 28 18:19:53 MK-Soft-VM4 sshd\[27981\]: Invalid user phion from 174.138.56.93 port 49974 Jun 28 18:19:53 MK-Soft-VM4 sshd\[27981\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.56.93 Jun 28 18:19:55 MK-Soft-VM4 sshd\[27981\]: Failed password for invalid user phion from 174.138.56.93 port 49974 ssh2 ...	2019-06-29 03:02:36
177.66.73.17	attack	Brute force attempt	2019-06-29 03:09:56
111.253.225.221	attackbots	37215/tcp [2019-06-28]1pkt	2019-06-29 02:43:38
94.78.212.214	attack	Jun 28 15:23:44 mxgate1 postfix/postscreen[16978]: CONNECT from [94.78.212.214]:49366 to [176.31.12.44]:25 Jun 28 15:23:44 mxgate1 postfix/dnsblog[16994]: addr 94.78.212.214 listed by domain cbl.abuseat.org as 127.0.0.2 Jun 28 15:23:44 mxgate1 postfix/dnsblog[16995]: addr 94.78.212.214 listed by domain zen.spamhaus.org as 127.0.0.11 Jun 28 15:23:44 mxgate1 postfix/dnsblog[16995]: addr 94.78.212.214 listed by domain zen.spamhaus.org as 127.0.0.4 Jun 28 15:23:45 mxgate1 postfix/dnsblog[16992]: addr 94.78.212.214 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2 Jun 28 15:23:50 mxgate1 postfix/postscreen[16978]: DNSBL rank 4 for [94.78.212.214]:49366 Jun x@x Jun 28 15:23:52 mxgate1 postfix/postscreen[16978]: HANGUP after 1.9 from [94.78.212.214]:49366 in tests after SMTP handshake Jun 28 15:23:52 mxgate1 postfix/postscreen[16978]: DISCONNECT [94.78.212.214]:49366 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=94.78.212.214	2019-06-29 03:25:35
188.155.110.80	attack	Jun 28 15:42:55 ubuntu-2gb-nbg1-dc3-1 sshd[21910]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.155.110.80 Jun 28 15:42:56 ubuntu-2gb-nbg1-dc3-1 sshd[21910]: Failed password for invalid user ikeda from 188.155.110.80 port 57826 ssh2 ...	2019-06-29 03:06:33
201.150.89.35	attack	SMTP-sasl brute force ...	2019-06-29 03:08:54
106.13.6.61	attackspam	23/tcp [2019-06-28]1pkt	2019-06-29 02:51:13
176.240.172.51	attack	Attempted WordPress login: "GET /wp-login.php"	2019-06-29 02:55:06
193.201.224.207	attack	2019-06-28T19:53:18.745499 sshd[17120]: Invalid user admin from 193.201.224.207 port 53192 2019-06-28T19:53:18.804506 sshd[17120]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.201.224.207 2019-06-28T19:53:18.745499 sshd[17120]: Invalid user admin from 193.201.224.207 port 53192 2019-06-28T19:53:20.597431 sshd[17120]: Failed password for invalid user admin from 193.201.224.207 port 53192 ssh2 2019-06-28T19:53:54.374259 sshd[17134]: Invalid user support from 193.201.224.207 port 13967 ...	2019-06-29 02:50:46

Recently Reported IPs

123.127.202.24	119.42.70.174	60.169.95.114	36.229.65.97
165.227.53.38	193.232.252.249	124.161.8.32	42.188.203.247
41.32.132.218	31.146.253.233	106.104.89.49	174.139.33.59
222.65.0.179	132.127.224.235	123.39.46.124	189.15.118.138
71.127.248.210	118.172.235.88	5.187.0.39	199.72.207.162