101.99.12.2 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Viet Nam

Internet Service Provider: CMC Telecom Infrastructure Company

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-08-07 06:40:26,597 INFO [amun_request_handler] PortScan Detected on Port: 445 (101.99.12.2)	2019-08-07 20:39:47
attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-20 12:20:27,507 INFO [shellcode_manager] (101.99.12.2) no match, writing hexdump (efa78d925567ab25e8e612e33371bd7d :2135158) - MS17010 (EternalBlue)	2019-07-22 17:22:23
attackbots	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-20 22:15:19,763 INFO [amun_request_handler] PortScan Detected on Port: 445 (101.99.12.2)	2019-07-21 08:01:57

Type

Details

Datetime

attackspam

@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-08-07 06:40:26,597 INFO [amun_request_handler] PortScan Detected on Port: 445 (101.99.12.2)

2019-08-07 20:39:47

attack

@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-20 12:20:27,507 INFO [shellcode_manager] (101.99.12.2) no match, writing hexdump (efa78d925567ab25e8e612e33371bd7d :2135158) - MS17010 (EternalBlue)

2019-07-22 17:22:23

attackbots

@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-20 22:15:19,763 INFO [amun_request_handler] PortScan Detected on Port: 445 (101.99.12.2)

2019-07-21 08:01:57

Comments on same subnet:

IP	Type	Details	Datetime
101.99.12.202	attackbotsspam	20/9/5@12:47:53: FAIL: Alarm-Network address from=101.99.12.202 ...	2020-09-07 00:24:48
101.99.12.202	attackbotsspam	20/9/5@12:47:53: FAIL: Alarm-Network address from=101.99.12.202 ...	2020-09-06 15:45:10
101.99.12.202	attack	20/9/5@12:47:53: FAIL: Alarm-Network address from=101.99.12.202 ...	2020-09-06 07:48:08
101.99.12.137	attack	445/tcp 445/tcp 445/tcp... [2020-07-07/08-21]4pkt,1pt.(tcp)	2020-08-21 18:15:11
101.99.12.199	attackbotsspam	Port probing on unauthorized port 445	2020-07-27 16:13:15
101.99.12.77	attackspambots	Unauthorized connection attempt from IP address 101.99.12.77 on Port 445(SMB)	2020-04-30 02:23:25
101.99.12.183	attackbotsspam	Unauthorized connection attempt from IP address 101.99.12.183 on Port 445(SMB)	2019-12-27 06:37:38
101.99.12.183	attack	Unauthorized connection attempt from IP address 101.99.12.183 on Port 445(SMB)	2019-08-09 18:37:30
101.99.12.35	attackbotsspam	Unauthorized connection attempt from IP address 101.99.12.35 on Port 445(SMB)	2019-07-09 12:35:40
101.99.12.35	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-02 00:10:25,168 INFO [shellcode_manager] (101.99.12.35) no match, writing hexdump (24a70d80d5a39e6fd54d7b1c6449fc56 :2404527) - MS17010 (EternalBlue)	2019-07-02 14:34:36
101.99.12.154	attackbotsspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-01 02:27:23,924 INFO [amun_request_handler] PortScan Detected on Port: 445 (101.99.12.154)	2019-07-01 17:14:58

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 101.99.12.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56956
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;101.99.12.2.			IN	A

;; AUTHORITY SECTION:
.			2281	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072001 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Jul 21 08:01:44 CST 2019
;; MSG SIZE  rcvd: 115

Host info

2.12.99.101.in-addr.arpa domain name pointer static.cmcti.vn.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
2.12.99.101.in-addr.arpa	name = static.cmcti.vn.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
178.72.157.252	attackbotsspam	Unauthorized connection attempt detected from IP address 178.72.157.252 to port 23	2020-04-13 04:20:21
85.95.185.78	attackbots	Apr 12 22:34:21 srv-ubuntu-dev3 sshd[45779]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.95.185.78 user=root Apr 12 22:34:24 srv-ubuntu-dev3 sshd[45779]: Failed password for root from 85.95.185.78 port 44664 ssh2 Apr 12 22:38:07 srv-ubuntu-dev3 sshd[46418]: Invalid user wpyan from 85.95.185.78 Apr 12 22:38:07 srv-ubuntu-dev3 sshd[46418]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.95.185.78 Apr 12 22:38:07 srv-ubuntu-dev3 sshd[46418]: Invalid user wpyan from 85.95.185.78 Apr 12 22:38:09 srv-ubuntu-dev3 sshd[46418]: Failed password for invalid user wpyan from 85.95.185.78 port 34216 ssh2 Apr 12 22:41:58 srv-ubuntu-dev3 sshd[47117]: Invalid user dm3500 from 85.95.185.78 Apr 12 22:41:58 srv-ubuntu-dev3 sshd[47117]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.95.185.78 Apr 12 22:41:58 srv-ubuntu-dev3 sshd[47117]: Invalid user dm3500 from 85.95.185.78 ...	2020-04-13 04:42:48
178.93.9.218	attackbots	Unauthorized connection attempt detected from IP address 178.93.9.218 to port 8080	2020-04-13 04:20:01
68.132.136.198	attackspam	Unauthorized connection attempt detected from IP address 68.132.136.198 to port 80	2020-04-13 04:37:47
14.157.100.201	attack	Apr 13 06:29:43 our-server-hostname postfix/smtpd[7861]: connect from unknown[14.157.100.201] Apr x@x Apr x@x Apr x@x Apr x@x Apr x@x Apr x@x Apr x@x Apr x@x Apr x@x Apr x@x Apr x@x Apr x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=14.157.100.201	2020-04-13 04:45:55
50.77.34.118	attack	Unauthorized connection attempt detected from IP address 50.77.34.118 to port 80	2020-04-13 04:42:15
106.12.24.5	attackspambots	Brute force attempt	2020-04-13 04:51:57
93.70.249.132	attack	Unauthorized connection attempt detected from IP address 93.70.249.132 to port 81	2020-04-13 04:29:12
223.247.214.61	attackbots	Apr 13 06:31:36 our-server-hostname postfix/smtpd[7812]: connect from unknown[223.247.214.61] Apr x@x Apr x@x Apr x@x Apr x@x Apr x@x Apr x@x Apr x@x Apr x@x Apr x@x Apr x@x Apr x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=223.247.214.61	2020-04-13 04:53:30
138.122.4.46	attack	Unauthorized connection attempt detected from IP address 138.122.4.46 to port 80	2020-04-13 04:24:26
89.132.120.93	attack	Unauthorized connection attempt detected from IP address 89.132.120.93 to port 9530	2020-04-13 04:30:07
66.42.22.221	attackspambots	Unauthorized connection attempt detected from IP address 66.42.22.221 to port 23	2020-04-13 04:38:47
79.31.22.221	attackspambots	Unauthorized connection attempt detected from IP address 79.31.22.221 to port 81	2020-04-13 04:33:38
151.253.48.108	attackspam	Unauthorized connection attempt detected from IP address 151.253.48.108 to port 3389 [T]	2020-04-13 04:23:47
108.24.54.235	attackbots	Draytek Vigor Remote Command Execution Vulnerability	2020-04-13 04:27:10

Recently Reported IPs

80.215.66.126	27.131.168.154	5.29.204.61	202.182.50.74
180.252.205.133	102.159.187.202	94.156.121.179	77.21.1.109
186.91.170.139	181.209.96.194	180.191.150.203	36.92.35.73
202.179.31.63	183.91.7.114	14.169.34.247	182.191.77.200
165.73.192.12	117.20.116.182	116.100.244.149	159.0.78.241