203.99.118.2 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Indonesia

Internet Service Provider: Patra Telekomunikasi Indonesia Internet Service Provider

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Jul 1 03:01:25 mxgate1 postfix/postscreen[12157]: CONNECT from [203.99.118.2]:39458 to [176.31.12.44]:25 Jul 1 03:01:25 mxgate1 postfix/dnsblog[12160]: addr 203.99.118.2 listed by domain cbl.abuseat.org as 127.0.0.2 Jul 1 03:01:25 mxgate1 postfix/dnsblog[12161]: addr 203.99.118.2 listed by domain zen.spamhaus.org as 127.0.0.3 Jul 1 03:01:25 mxgate1 postfix/dnsblog[12161]: addr 203.99.118.2 listed by domain zen.spamhaus.org as 127.0.0.4 Jul 1 03:01:25 mxgate1 postfix/dnsblog[12159]: addr 203.99.118.2 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2 Jul 1 03:01:25 mxgate1 postfix/dnsblog[12719]: addr 203.99.118.2 listed by domain b.barracudacentral.org as 127.0.0.2 Jul 1 03:01:31 mxgate1 postfix/postscreen[12157]: DNSBL rank 5 for [203.99.118.2]:39458 Jul x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=203.99.118.2	2019-07-01 16:08:40

Type

Details

Datetime

attack

Jul  1 03:01:25 mxgate1 postfix/postscreen[12157]: CONNECT from [203.99.118.2]:39458 to [176.31.12.44]:25
Jul  1 03:01:25 mxgate1 postfix/dnsblog[12160]: addr 203.99.118.2 listed by domain cbl.abuseat.org as 127.0.0.2
Jul  1 03:01:25 mxgate1 postfix/dnsblog[12161]: addr 203.99.118.2 listed by domain zen.spamhaus.org as 127.0.0.3
Jul  1 03:01:25 mxgate1 postfix/dnsblog[12161]: addr 203.99.118.2 listed by domain zen.spamhaus.org as 127.0.0.4
Jul  1 03:01:25 mxgate1 postfix/dnsblog[12159]: addr 203.99.118.2 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2
Jul  1 03:01:25 mxgate1 postfix/dnsblog[12719]: addr 203.99.118.2 listed by domain b.barracudacentral.org as 127.0.0.2
Jul  1 03:01:31 mxgate1 postfix/postscreen[12157]: DNSBL rank 5 for [203.99.118.2]:39458
Jul x@x


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=203.99.118.2

2019-07-01 16:08:40

Comments on same subnet:

IP	Type	Details	Datetime
203.99.118.154	attack	email spam	2019-12-17 16:39:55
203.99.118.202	attackspambots	SMTP/25/465/587-993/995 Probe, Reject, BadAuth, Hack, SPAM -	2019-09-11 15:37:55

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 203.99.118.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7098
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;203.99.118.2.			IN	A

;; AUTHORITY SECTION:
.			2923	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019063001 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Jul 01 16:08:32 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 2.118.99.203.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 2.118.99.203.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
46.101.170.142	attackspam	Jul 8 03:09:35 localhost sshd\[46523\]: Invalid user git from 46.101.170.142 port 39384 Jul 8 03:09:35 localhost sshd\[46523\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.170.142 ...	2019-07-08 10:48:09
141.98.80.67	attack	Jul 8 04:07:41 mail postfix/smtpd\[11645\]: warning: unknown\[141.98.80.67\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 8 04:07:47 mail postfix/smtpd\[13785\]: warning: unknown\[141.98.80.67\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 8 04:07:49 mail postfix/smtpd\[12744\]: warning: unknown\[141.98.80.67\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-07-08 10:13:31
103.231.139.130	attackspambots	Jul 8 03:39:59 mail postfix/smtpd\[25580\]: warning: unknown\[103.231.139.130\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Jul 8 03:40:41 mail postfix/smtpd\[25613\]: warning: unknown\[103.231.139.130\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Jul 8 04:11:06 mail postfix/smtpd\[26260\]: warning: unknown\[103.231.139.130\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Jul 8 04:11:46 mail postfix/smtpd\[26618\]: warning: unknown\[103.231.139.130\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\	2019-07-08 10:14:25
201.216.193.65	attackspam	Jul 8 04:24:33 localhost sshd\[19025\]: Invalid user ftp from 201.216.193.65 port 34033 Jul 8 04:24:33 localhost sshd\[19025\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.216.193.65 Jul 8 04:24:35 localhost sshd\[19025\]: Failed password for invalid user ftp from 201.216.193.65 port 34033 ssh2	2019-07-08 10:38:28
212.156.93.202	attack	Unauthorized connection attempt from IP address 212.156.93.202 on Port 445(SMB)	2019-07-08 10:58:20
202.75.100.234	attack	ssh failed login	2019-07-08 10:36:59
61.221.211.184	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-07 23:02:13,880 INFO [amun_request_handler] PortScan Detected on Port: 445 (61.221.211.184)	2019-07-08 10:56:46
206.189.94.158	attack	Jul 8 04:05:32 amit sshd\[4777\]: Invalid user admin from 206.189.94.158 Jul 8 04:05:32 amit sshd\[4777\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.94.158 Jul 8 04:05:34 amit sshd\[4777\]: Failed password for invalid user admin from 206.189.94.158 port 51414 ssh2 ...	2019-07-08 10:35:10
62.114.185.155	attack	IP of network, from which spam was originally sent. Spamvertising site: http://yourgenericinc.su	2019-07-08 10:18:28
67.205.135.188	attackspam	Jul 8 01:02:56 minden010 sshd[21068]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=67.205.135.188 Jul 8 01:02:58 minden010 sshd[21068]: Failed password for invalid user mg from 67.205.135.188 port 43852 ssh2 Jul 8 01:05:56 minden010 sshd[22067]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=67.205.135.188 ...	2019-07-08 10:33:33
54.36.150.74	attackspambots	SQL Injection	2019-07-08 10:44:02
188.166.216.84	attackbotsspam	Jul 8 05:22:21 srv-4 sshd\[29985\]: Invalid user nscd from 188.166.216.84 Jul 8 05:22:21 srv-4 sshd\[29985\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.216.84 Jul 8 05:22:23 srv-4 sshd\[29985\]: Failed password for invalid user nscd from 188.166.216.84 port 60057 ssh2 ...	2019-07-08 10:44:22
190.119.190.122	attackspam	Jul 8 04:23:37 MK-Soft-Root2 sshd\[7139\]: Invalid user oracle from 190.119.190.122 port 33580 Jul 8 04:23:37 MK-Soft-Root2 sshd\[7139\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.119.190.122 Jul 8 04:23:38 MK-Soft-Root2 sshd\[7139\]: Failed password for invalid user oracle from 190.119.190.122 port 33580 ssh2 ...	2019-07-08 10:27:51
59.52.76.180	attackspambots	Unauthorized connection attempt from IP address 59.52.76.180 on Port 445(SMB)	2019-07-08 10:57:06
171.34.176.186	attack	Port scan on 2 port(s): 8080 8081	2019-07-08 10:27:30

Recently Reported IPs

159.155.46.144	245.202.40.102	248.131.249.84	172.89.236.200
163.74.172.62	177.130.161.245	243.234.29.100	136.159.48.230
100.201.130.216	217.146.255.247	121.166.247.50	167.160.190.137
168.181.61.154	187.111.152.142	177.44.124.86	176.192.107.26
93.87.5.70	112.17.64.65	5.133.66.237	191.53.197.56