114.99.2.64 - IPInfo

Basic Info

City: unknown

Region: Anhui

Country: China

Internet Service Provider: ChinaNet Anhui Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Nov 9 01:05:55 eola postfix/smtpd[31565]: connect from unknown[114.99.2.64] Nov 9 01:05:56 eola postfix/smtpd[31565]: lost connection after AUTH from unknown[114.99.2.64] Nov 9 01:05:56 eola postfix/smtpd[31565]: disconnect from unknown[114.99.2.64] ehlo=1 auth=0/1 commands=1/2 Nov 9 01:05:57 eola postfix/smtpd[31565]: connect from unknown[114.99.2.64] Nov 9 01:05:57 eola postfix/smtpd[31565]: lost connection after AUTH from unknown[114.99.2.64] Nov 9 01:05:57 eola postfix/smtpd[31565]: disconnect from unknown[114.99.2.64] ehlo=1 auth=0/1 commands=1/2 Nov 9 01:05:57 eola postfix/smtpd[31565]: connect from unknown[114.99.2.64] Nov 9 01:05:58 eola postfix/smtpd[31565]: lost connection after AUTH from unknown[114.99.2.64] Nov 9 01:05:58 eola postfix/smtpd[31565]: disconnect from unknown[114.99.2.64] ehlo=1 auth=0/1 commands=1/2 Nov 9 01:05:58 eola postfix/smtpd[31570]: connect from unknown[114.99.2.64] Nov 9 01:05:59 eola postfix/smtpd[31570]: lost connection af........ -------------------------------	2019-11-09 17:53:35

Type

Details

Datetime

attackspam

Nov  9 01:05:55 eola postfix/smtpd[31565]: connect from unknown[114.99.2.64]
Nov  9 01:05:56 eola postfix/smtpd[31565]: lost connection after AUTH from unknown[114.99.2.64]
Nov  9 01:05:56 eola postfix/smtpd[31565]: disconnect from unknown[114.99.2.64] ehlo=1 auth=0/1 commands=1/2
Nov  9 01:05:57 eola postfix/smtpd[31565]: connect from unknown[114.99.2.64]
Nov  9 01:05:57 eola postfix/smtpd[31565]: lost connection after AUTH from unknown[114.99.2.64]
Nov  9 01:05:57 eola postfix/smtpd[31565]: disconnect from unknown[114.99.2.64] ehlo=1 auth=0/1 commands=1/2
Nov  9 01:05:57 eola postfix/smtpd[31565]: connect from unknown[114.99.2.64]
Nov  9 01:05:58 eola postfix/smtpd[31565]: lost connection after AUTH from unknown[114.99.2.64]
Nov  9 01:05:58 eola postfix/smtpd[31565]: disconnect from unknown[114.99.2.64] ehlo=1 auth=0/1 commands=1/2
Nov  9 01:05:58 eola postfix/smtpd[31570]: connect from unknown[114.99.2.64]
Nov  9 01:05:59 eola postfix/smtpd[31570]: lost connection af........
-------------------------------

2019-11-09 17:53:35

Comments on same subnet:

IP	Type	Details	Datetime
114.99.2.11	attackspam	Sep 1 13:26:43 shivevps sshd[27572]: Bad protocol version identification '\024' from 114.99.2.11 port 44790 ...	2020-09-02 04:31:49
114.99.24.103	attackspambots	Email rejected due to spam filtering	2020-06-03 02:24:17
114.99.27.74	attackspambots	Sending SPAM email	2020-06-01 06:15:35
114.99.21.146	attack	Unauthorized IMAP connection attempt	2020-05-05 03:15:18
114.99.247.139	attackspam	Unauthorized connection attempt detected from IP address 114.99.247.139 to port 23 [T]	2020-04-11 20:10:43
114.99.22.89	attack	Lines containing failures of 114.99.22.89 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=114.99.22.89	2020-04-02 17:18:58
114.99.225.109	attackbotsspam	Mar 20 04:49:16 zimbra postfix/smtps/smtpd[21345]: lost connection after CONNECT from unknown[114.99.225.109] Mar 20 04:50:25 zimbra postfix/smtps/smtpd[21346]: warning: unknown[114.99.225.109]: SASL LOGIN authentication failed: authentication failure Mar 20 04:50:26 zimbra postfix/smtps/smtpd[21346]: lost connection after AUTH from unknown[114.99.225.109] Mar 20 04:50:26 zimbra postfix/smtps/smtpd[21346]: disconnect from unknown[114.99.225.109] ehlo=1 auth=0/1 commands=1/2 ...	2020-03-20 20:13:18
114.99.27.204	attackspambots	Feb 16 01:09:37 sd-53420 sshd\[29407\]: Invalid user yw from 114.99.27.204 Feb 16 01:09:37 sd-53420 sshd\[29407\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.99.27.204 Feb 16 01:09:39 sd-53420 sshd\[29407\]: Failed password for invalid user yw from 114.99.27.204 port 48984 ssh2 Feb 16 01:13:23 sd-53420 sshd\[29909\]: Invalid user rena from 114.99.27.204 Feb 16 01:13:23 sd-53420 sshd\[29909\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.99.27.204 ...	2020-02-16 08:24:31
114.99.28.175	attackbots	Feb 11 16:48:18 MK-Soft-VM8 sshd[13753]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.99.28.175 Feb 11 16:48:20 MK-Soft-VM8 sshd[13753]: Failed password for invalid user uzp from 114.99.28.175 port 47622 ssh2 ...	2020-02-12 01:23:47
114.99.21.163	attackspambots	lfd: (smtpauth) Failed SMTP AUTH login from 114.99.21.163 (CN/China/-): 5 in the last 3600 secs - Tue Jun 19 13:07:46 2018	2020-02-07 06:22:06
114.99.2.253	attack	Unauthorized connection attempt detected from IP address 114.99.2.253 to port 6656 [T]	2020-01-30 19:21:40
114.99.23.221	attackbotsspam	Unauthorized connection attempt detected from IP address 114.99.23.221 to port 6656 [T]	2020-01-30 15:41:25
114.99.22.143	attackbots	Unauthorized connection attempt detected from IP address 114.99.22.143 to port 6656 [T]	2020-01-30 15:18:25
114.99.25.74	attack	Jan 26 00:07:37 pkdns2 sshd\[41380\]: Invalid user willie from 114.99.25.74Jan 26 00:07:39 pkdns2 sshd\[41380\]: Failed password for invalid user willie from 114.99.25.74 port 46914 ssh2Jan 26 00:09:02 pkdns2 sshd\[41454\]: Failed password for root from 114.99.25.74 port 55884 ssh2Jan 26 00:10:21 pkdns2 sshd\[41615\]: Invalid user papa from 114.99.25.74Jan 26 00:10:23 pkdns2 sshd\[41615\]: Failed password for invalid user papa from 114.99.25.74 port 36616 ssh2Jan 26 00:11:39 pkdns2 sshd\[41693\]: Invalid user minecraft from 114.99.25.74Jan 26 00:11:41 pkdns2 sshd\[41693\]: Failed password for invalid user minecraft from 114.99.25.74 port 45584 ssh2 ...	2020-01-26 06:17:17
114.99.2.115	attack	2020-01-20 H=$jFutEfTLlD$ \[114.99.2.115\] F=\<REMOVEDREMOVEDREMOVED_perl@REMOVED.de\> rejected RCPT \<462441161@qq.com\>: relay not permitted 2020-01-20 dovecot_login authenticator failed for $uCh2rhk1k$ \[114.99.2.115\]: 535 Incorrect authentication data $set_id=REMOVEDREMOVEDREMOVED_perl$ 2020-01-20 dovecot_login authenticator failed for $WXxOoV$ \[114.99.2.115\]: 535 Incorrect authentication data $set_id=REMOVEDREMOVEDREMOVED_perl$	2020-01-21 06:33:15

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 114.99.2.64
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 5212
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;114.99.2.64.			IN	A

;; AUTHORITY SECTION:
.			415	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019110900 1800 900 604800 86400

;; Query time: 102 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Nov 09 17:53:32 CST 2019
;; MSG SIZE  rcvd: 115

Host info

Host 64.2.99.114.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 64.2.99.114.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
144.217.42.212	attack	2020-07-15T04:02:31.253816centos sshd[19893]: Invalid user mmx from 144.217.42.212 port 55987 2020-07-15T04:02:33.581305centos sshd[19893]: Failed password for invalid user mmx from 144.217.42.212 port 55987 ssh2 2020-07-15T04:05:11.436946centos sshd[20053]: Invalid user spider from 144.217.42.212 port 49871 ...	2020-07-15 10:10:21
49.234.21.36	attackbotsspam	Jul 15 04:05:09 sshd\[17405\]: Invalid user ubuntu from 49.234.21.36Jul 15 04:05:11 sshd\[17405\]: Failed password for invalid user ubuntu from 49.234.21.36 port 53636 ssh2 ...	2020-07-15 10:17:06
47.52.239.42	attackspam	Attempt to hack Wordpress Login, XMLRPC or other login	2020-07-15 10:17:20
23.102.40.72	attack	Jul 15 04:05:10 mellenthin sshd[11234]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.102.40.72 Jul 15 04:05:13 mellenthin sshd[11234]: Failed password for invalid user admin from 23.102.40.72 port 27696 ssh2	2020-07-15 10:14:29
189.91.231.252	attackspam	Jul 15 05:22:29 ift sshd\[16000\]: Invalid user hmj from 189.91.231.252Jul 15 05:22:31 ift sshd\[16000\]: Failed password for invalid user hmj from 189.91.231.252 port 49524 ssh2Jul 15 05:26:02 ift sshd\[16862\]: Invalid user dxp from 189.91.231.252Jul 15 05:26:04 ift sshd\[16862\]: Failed password for invalid user dxp from 189.91.231.252 port 46832 ssh2Jul 15 05:29:38 ift sshd\[17437\]: Invalid user zimbra from 189.91.231.252 ...	2020-07-15 10:45:00
103.92.24.240	attack	Jul 14 20:24:58 server1 sshd\[27554\]: Failed password for invalid user flask from 103.92.24.240 port 35900 ssh2 Jul 14 20:26:06 server1 sshd\[27938\]: Invalid user customer from 103.92.24.240 Jul 14 20:26:06 server1 sshd\[27938\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.92.24.240 Jul 14 20:26:08 server1 sshd\[27938\]: Failed password for invalid user customer from 103.92.24.240 port 50864 ssh2 Jul 14 20:27:14 server1 sshd\[28348\]: Invalid user ftpuser1 from 103.92.24.240 ...	2020-07-15 10:45:23
14.146.126.189	attackbots	20 attempts against mh-ssh on mist	2020-07-15 10:46:47
218.94.136.90	attackbotsspam	Jul 15 03:51:56 ArkNodeAT sshd\[10681\]: Invalid user meena from 218.94.136.90 Jul 15 03:51:56 ArkNodeAT sshd\[10681\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.94.136.90 Jul 15 03:51:58 ArkNodeAT sshd\[10681\]: Failed password for invalid user meena from 218.94.136.90 port 62590 ssh2	2020-07-15 10:07:42
200.27.212.22	attackspambots	Jul 15 03:56:12 prod4 sshd\[8316\]: Invalid user luca from 200.27.212.22 Jul 15 03:56:15 prod4 sshd\[8316\]: Failed password for invalid user luca from 200.27.212.22 port 56940 ssh2 Jul 15 04:04:58 prod4 sshd\[11355\]: Invalid user zsy from 200.27.212.22 ...	2020-07-15 10:37:56
103.25.134.156	attackbots	$f2bV_matches	2020-07-15 10:33:31
111.72.196.38	attackspambots	Jul 15 02:59:01 nirvana postfix/smtpd[20915]: connect from unknown[111.72.196.38] Jul 15 02:59:02 nirvana postfix/smtpd[20915]: lost connection after AUTH from unknown[111.72.196.38] Jul 15 02:59:02 nirvana postfix/smtpd[20915]: disconnect from unknown[111.72.196.38] Jul 15 03:02:36 nirvana postfix/smtpd[21206]: connect from unknown[111.72.196.38] Jul 15 03:02:37 nirvana postfix/smtpd[21206]: warning: unknown[111.72.196.38]: SASL LOGIN authentication failed: authentication failure Jul 15 03:02:38 nirvana postfix/smtpd[21206]: warning: unknown[111.72.196.38]: SASL LOGIN authentication failed: authentication failure Jul 15 03:02:39 nirvana postfix/smtpd[21206]: warning: unknown[111.72.196.38]: SASL LOGIN authentication failed: authentication failure Jul 15 03:02:40 nirvana postfix/smtpd[21206]: warning: unknown[111.72.196.38]: SASL LOGIN authentication failed: authentication failure Jul 15 03:02:43 nirvana postfix/smtpd[21206]: warning: unknown[111.72.196.38]: SASL LOGIN ........ -------------------------------	2020-07-15 10:41:46
52.187.148.245	attackspambots	SSH authentication failure x 6 reported by Fail2Ban ...	2020-07-15 10:36:36
104.42.75.167	attackbots	2020-07-14T22:12:40.677885mail.thespaminator.com sshd[4924]: Invalid user admin from 104.42.75.167 port 59186 2020-07-14T22:12:40.680883mail.thespaminator.com sshd[4923]: Invalid user admin from 104.42.75.167 port 59187 ...	2020-07-15 10:29:42
116.235.131.148	attackbots	Jul 15 04:55:53 ift sshd\[12015\]: Invalid user mongodb from 116.235.131.148Jul 15 04:55:55 ift sshd\[12015\]: Failed password for invalid user mongodb from 116.235.131.148 port 51426 ssh2Jul 15 05:00:28 ift sshd\[12821\]: Invalid user rose from 116.235.131.148Jul 15 05:00:31 ift sshd\[12821\]: Failed password for invalid user rose from 116.235.131.148 port 44474 ssh2Jul 15 05:05:16 ift sshd\[13480\]: Invalid user shashank from 116.235.131.148 ...	2020-07-15 10:10:51
13.70.89.23	attack	Connection to SSH Honeypot - Detected by HoneypotDB	2020-07-15 10:40:28

Recently Reported IPs

31.206.33.140	198.2.128.9	175.151.238.119	128.68.159.54
45.93.247.55	41.63.170.21	103.249.100.196	69.7.43.74
186.130.83.2	114.99.0.221	172.113.104.142	45.146.202.123
222.93.178.149	27.226.0.187	103.55.104.210	87.6.249.146
101.78.209.105	36.233.206.220	42.112.21.203	94.73.146.80