113.253.1.199 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Hong Kong

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
113.253.19.170	attack	(smtpauth) Failed SMTP AUTH login from 113.253.19.170 (HK/Hong Kong/170-19-253-113-on-nets.com): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SMTPAUTH; Logs: 2020-07-21 03:41:07 plain authenticator failed for (127.0.0.1) [113.253.19.170]: 535 Incorrect authentication data (set_id=marker@hackerz.in.th) 2020-07-21 03:41:08 login authenticator failed for (127.0.0.1) [113.253.19.170]: 535 Incorrect authentication data (set_id=marker@hackerz.in.th)	2020-07-21 08:07:01
113.253.177.131	attack	Honeypot attack, port: 5555, PTR: 131-177-253-113-on-nets.com.	2020-04-14 00:54:52
113.253.178.44	attackspambots	Unauthorized connection attempt detected from IP address 113.253.178.44 to port 23 [J]	2020-03-03 07:20:33
113.253.11.189	attackbots	unauthorized connection attempt	2020-02-26 16:01:43
113.253.178.44	attackspam	Telnet/23 MH Probe, Scan, BF, Hack -	2020-02-19 21:20:25
113.253.18.124	attack	Honeypot attack, port: 5555, PTR: 124-18-253-113-on-nets.com.	2020-01-11 05:13:24

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 113.253.1.199
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 53134
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;113.253.1.199.			IN	A

;; AUTHORITY SECTION:
.			365	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022011002 1800 900 604800 86400

;; Query time: 57 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jan 11 20:13:56 CST 2022
;; MSG SIZE  rcvd: 106

Host info

199.1.253.113.in-addr.arpa domain name pointer 199-1-253-113-on-nets.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
199.1.253.113.in-addr.arpa	name = 199-1-253-113-on-nets.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
50.193.225.157	attack	RDP Bruteforce	2020-01-25 03:09:22
40.92.72.11	attackspambots	TCP Port: 25 invalid blocked spam-sorbs also backscatter (358)	2020-01-25 03:04:42
49.88.112.114	attack	Jan 24 08:41:53 php1 sshd\[27029\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.114 user=root Jan 24 08:41:55 php1 sshd\[27029\]: Failed password for root from 49.88.112.114 port 11844 ssh2 Jan 24 08:43:03 php1 sshd\[27118\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.114 user=root Jan 24 08:43:05 php1 sshd\[27118\]: Failed password for root from 49.88.112.114 port 56198 ssh2 Jan 24 08:44:04 php1 sshd\[27189\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.114 user=root	2020-01-25 02:50:29
5.62.103.13	attackspam	Unauthorized connection attempt detected from IP address 5.62.103.13 to port 2220 [J]	2020-01-25 02:57:31
106.12.195.220	attackspam	Unauthorized connection attempt detected from IP address 106.12.195.220 to port 2220 [J]	2020-01-25 02:48:44
197.149.122.122	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/197.149.122.122/ NG - 1H : (4) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : NG NAME ASN : ASN37480 IP : 197.149.122.122 CIDR : 197.149.122.0/24 PREFIX COUNT : 13 UNIQUE IP COUNT : 6656 ATTACKS DETECTED ASN37480 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 DateTime : 2020-01-24 13:32:29 INFO : HACK ! - Looking for resource vulnerabilities Scan Detected and Blocked by ADMIN - data recovery	2020-01-25 03:11:41
178.128.209.122	attackspambots	Jan 22 12:04:07 nbi-636 sshd[20924]: Invalid user tomcat from 178.128.209.122 port 36510 Jan 22 12:04:09 nbi-636 sshd[20924]: Failed password for invalid user tomcat from 178.128.209.122 port 36510 ssh2 Jan 22 12:04:09 nbi-636 sshd[20924]: Received disconnect from 178.128.209.122 port 36510:11: Bye Bye [preauth] Jan 22 12:04:09 nbi-636 sshd[20924]: Disconnected from 178.128.209.122 port 36510 [preauth] Jan 22 12:17:19 nbi-636 sshd[24988]: User r.r from 178.128.209.122 not allowed because not listed in AllowUsers Jan 22 12:17:19 nbi-636 sshd[24988]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.209.122 user=r.r Jan 22 12:17:21 nbi-636 sshd[24988]: Failed password for invalid user r.r from 178.128.209.122 port 36558 ssh2 Jan 22 12:17:21 nbi-636 sshd[24988]: Received disconnect from 178.128.209.122 port 36558:11: Bye Bye [preauth] Jan 22 12:17:21 nbi-636 sshd[24988]: Disconnected from 178.128.209.122 port 36558 [preauth] J........ -------------------------------	2020-01-25 03:11:14
109.167.156.165	attack	port scan and connect, tcp 1433 (ms-sql-s)	2020-01-25 03:13:19
164.132.46.14	attackbots	Unauthorized connection attempt detected from IP address 164.132.46.14 to port 2220 [J]	2020-01-25 02:53:09
118.25.156.20	attackspambots	Unauthorized connection attempt detected from IP address 118.25.156.20 to port 2220 [J]	2020-01-25 02:34:16
101.91.218.193	attackbotsspam	Unauthorized connection attempt detected from IP address 101.91.218.193 to port 2220 [J]	2020-01-25 02:49:54
194.180.224.11	attackspambots	" "	2020-01-25 02:39:47
198.108.67.107	attack	firewall-block, port(s): 3099/tcp	2020-01-25 02:39:15
129.226.174.139	attackspambots	Jan 24 19:28:45 server sshd\[2531\]: Invalid user qwe from 129.226.174.139 Jan 24 19:28:45 server sshd\[2531\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.226.174.139 Jan 24 19:28:48 server sshd\[2531\]: Failed password for invalid user qwe from 129.226.174.139 port 53308 ssh2 Jan 24 19:34:33 server sshd\[3961\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.226.174.139 user=root Jan 24 19:34:35 server sshd\[3961\]: Failed password for root from 129.226.174.139 port 39916 ssh2 ...	2020-01-25 02:41:18
51.159.59.241	attack	Portscan or hack attempt detected by psad/fwsnort	2020-01-25 02:45:35

Recently Reported IPs

139.142.201.163	55.121.205.131	38.35.60.120	31.90.246.15
236.212.84.216	135.47.25.28	65.154.102.101	132.150.105.179
82.26.143.8	210.42.218.158	117.39.109.192	16.73.102.235
204.194.81.245	146.227.31.136	255.255.139.148	18.223.113.236
195.73.240.171	180.12.244.115	139.88.133.95	128.222.234.241