150.242.99.65 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Xiamen Kaopuyun Co. Ltd

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	IP 150.242.99.65 attacked honeypot on port: 139 at 6/8/2020 9:25:07 PM	2020-06-09 05:51:21

Comments on same subnet:

IP	Type	Details	Datetime
150.242.99.190	attackspambots	Sep 27 14:01:18 mail sshd\[3622\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.242.99.190 user=news Sep 27 14:01:19 mail sshd\[3622\]: Failed password for news from 150.242.99.190 port 59936 ssh2 Sep 27 14:06:11 mail sshd\[3674\]: Invalid user test from 150.242.99.190 Sep 27 14:06:11 mail sshd\[3674\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.242.99.190 ...	2019-09-28 04:00:44
150.242.99.190	attackspam	Sep 25 23:23:40 localhost sshd\[29616\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.242.99.190 user=root Sep 25 23:23:42 localhost sshd\[29616\]: Failed password for root from 150.242.99.190 port 34184 ssh2 Sep 25 23:28:29 localhost sshd\[30155\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.242.99.190 user=root	2019-09-26 05:31:59
150.242.99.190	attackspambots	2019-09-21T21:30:32.221913hub.schaetter.us sshd\[2726\]: Invalid user test from 150.242.99.190 2019-09-21T21:30:32.259646hub.schaetter.us sshd\[2726\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.242.99.190 2019-09-21T21:30:34.018813hub.schaetter.us sshd\[2726\]: Failed password for invalid user test from 150.242.99.190 port 44644 ssh2 2019-09-21T21:35:35.478425hub.schaetter.us sshd\[2752\]: Invalid user guest from 150.242.99.190 2019-09-21T21:35:35.509162hub.schaetter.us sshd\[2752\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.242.99.190 ...	2019-09-22 06:00:12
150.242.99.190	attackspam	Sep 10 12:28:57 php1 sshd\[17416\]: Invalid user ftp from 150.242.99.190 Sep 10 12:28:57 php1 sshd\[17416\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.242.99.190 Sep 10 12:28:58 php1 sshd\[17416\]: Failed password for invalid user ftp from 150.242.99.190 port 52920 ssh2 Sep 10 12:35:45 php1 sshd\[18035\]: Invalid user teste from 150.242.99.190 Sep 10 12:35:45 php1 sshd\[18035\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.242.99.190	2019-09-11 06:48:55
150.242.99.190	attackbotsspam	Sep 8 13:55:30 meumeu sshd[1618]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.242.99.190 Sep 8 13:55:31 meumeu sshd[1618]: Failed password for invalid user passw0rd from 150.242.99.190 port 53334 ssh2 Sep 8 14:01:08 meumeu sshd[2688]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.242.99.190 ...	2019-09-09 02:04:43
150.242.99.190	attackspambots	Sep 5 00:39:09 xeon sshd[43032]: Failed password for invalid user test2 from 150.242.99.190 port 45836 ssh2	2019-09-05 06:51:39
150.242.99.190	attackspambots	Sep 4 01:09:39 legacy sshd[1086]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.242.99.190 Sep 4 01:09:40 legacy sshd[1086]: Failed password for invalid user julie from 150.242.99.190 port 47358 ssh2 Sep 4 01:14:40 legacy sshd[1178]: Failed password for root from 150.242.99.190 port 34246 ssh2 ...	2019-09-04 07:16:28
150.242.99.190	attackspambots	Aug 28 18:12:06 ncomp sshd[22729]: Invalid user lfc from 150.242.99.190 Aug 28 18:12:06 ncomp sshd[22729]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.242.99.190 Aug 28 18:12:06 ncomp sshd[22729]: Invalid user lfc from 150.242.99.190 Aug 28 18:12:08 ncomp sshd[22729]: Failed password for invalid user lfc from 150.242.99.190 port 59422 ssh2	2019-08-29 03:48:43
150.242.99.190	attackspambots	Aug 24 17:04:55 icinga sshd[15822]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.242.99.190 Aug 24 17:04:56 icinga sshd[15822]: Failed password for invalid user user4 from 150.242.99.190 port 56674 ssh2 ...	2019-08-24 23:47:03
150.242.99.190	attackbots	Invalid user aa from 150.242.99.190 port 35644	2019-08-24 09:16:37
150.242.99.190	attackbots	Aug 21 08:40:41 game-panel sshd[6997]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.242.99.190 Aug 21 08:40:43 game-panel sshd[6997]: Failed password for invalid user clouderauser from 150.242.99.190 port 58490 ssh2 Aug 21 08:46:00 game-panel sshd[7189]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.242.99.190	2019-08-21 17:34:43
150.242.99.190	attackbotsspam	Aug 14 23:25:01 ks10 sshd[27329]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.242.99.190 Aug 14 23:25:02 ks10 sshd[27329]: Failed password for invalid user si from 150.242.99.190 port 60704 ssh2 ...	2019-08-15 05:54:44
150.242.99.190	attack	Aug 13 12:17:10 lnxmail61 sshd[24602]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.242.99.190	2019-08-13 20:12:13
150.242.99.190	attackbotsspam	Jul 24 10:45:01 yesfletchmain sshd\[23984\]: Invalid user finance from 150.242.99.190 port 54850 Jul 24 10:45:01 yesfletchmain sshd\[23984\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.242.99.190 Jul 24 10:45:03 yesfletchmain sshd\[23984\]: Failed password for invalid user finance from 150.242.99.190 port 54850 ssh2 Jul 24 10:50:29 yesfletchmain sshd\[24117\]: Invalid user devuser from 150.242.99.190 port 50186 Jul 24 10:50:29 yesfletchmain sshd\[24117\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.242.99.190 ...	2019-07-24 21:13:32
150.242.99.190	attackspambots	Jul 24 02:18:10 meumeu sshd[12037]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.242.99.190 Jul 24 02:18:12 meumeu sshd[12037]: Failed password for invalid user babi from 150.242.99.190 port 46608 ssh2 Jul 24 02:23:13 meumeu sshd[17757]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.242.99.190 ...	2019-07-24 08:30:06

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 150.242.99.65
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 50103
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;150.242.99.65.			IN	A

;; AUTHORITY SECTION:
.			355	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020060803 1800 900 604800 86400

;; Query time: 57 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jun 09 05:51:18 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 65.99.242.150.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 65.99.242.150.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
24.230.41.86	attackbotsspam	Brute forcing email accounts	2020-08-11 02:09:19
210.9.47.154	attackbotsspam	210.9.47.154 (AU/Australia/-), 12 distributed sshd attacks on account [root] in the last 3600 secs	2020-08-11 01:47:54
195.154.53.237	attack	[2020-08-10 13:20:15] NOTICE[1185][C-00000681] chan_sip.c: Call from '' (195.154.53.237:61037) to extension '011972595725668' rejected because extension not found in context 'public'. [2020-08-10 13:20:15] SECURITY[1203] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-08-10T13:20:15.923-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="011972595725668",SessionID="0x7f10c405ea98",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/195.154.53.237/61037",ACLName="no_extension_match" [2020-08-10 13:22:56] NOTICE[1185][C-00000684] chan_sip.c: Call from '' (195.154.53.237:50524) to extension '011972595725668' rejected because extension not found in context 'public'. [2020-08-10 13:22:56] SECURITY[1203] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-08-10T13:22:56.691-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="011972595725668",SessionID="0x7f10c405ea98",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/U ...	2020-08-11 01:48:54
27.72.105.41	attackspam	Aug 10 13:57:12 buvik sshd[13208]: Failed password for root from 27.72.105.41 port 57766 ssh2 Aug 10 14:03:07 buvik sshd[14441]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.72.105.41 user=root Aug 10 14:03:08 buvik sshd[14441]: Failed password for root from 27.72.105.41 port 37304 ssh2 ...	2020-08-11 01:58:53
104.131.46.166	attack	Banned for a week because repeated abuses, for example SSH, but not only	2020-08-11 01:44:36
210.212.213.194	attack	Unauthorized connection attempt from IP address 210.212.213.194 on Port 445(SMB)	2020-08-11 01:56:32
201.235.96.232	attackspam	bruteforce detected	2020-08-11 02:34:13
40.73.119.184	attack	Bruteforce detected by fail2ban	2020-08-11 01:41:04
103.133.108.249	attack	Port scanning	2020-08-11 02:04:01
124.156.114.53	attack	Aug 10 10:59:55 vm0 sshd[13347]: Failed password for root from 124.156.114.53 port 43536 ssh2 ...	2020-08-11 02:11:34
111.229.63.223	attackspambots	Aug 10 19:44:18 OPSO sshd\[21288\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.63.223 user=root Aug 10 19:44:20 OPSO sshd\[21288\]: Failed password for root from 111.229.63.223 port 41650 ssh2 Aug 10 19:48:27 OPSO sshd\[22050\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.63.223 user=root Aug 10 19:48:29 OPSO sshd\[22050\]: Failed password for root from 111.229.63.223 port 58014 ssh2 Aug 10 19:52:37 OPSO sshd\[22733\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.63.223 user=root	2020-08-11 02:09:06
110.93.237.253	attackbotsspam	1597061023 - 08/10/2020 14:03:43 Host: 110.93.237.253/110.93.237.253 Port: 445 TCP Blocked	2020-08-11 01:34:44
198.46.152.161	attackspam	2020-08-10T15:40:13.638945n23.at sshd[984440]: Failed password for root from 198.46.152.161 port 45542 ssh2 2020-08-10T15:44:37.515933n23.at sshd[987688]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.46.152.161 user=root 2020-08-10T15:44:39.596571n23.at sshd[987688]: Failed password for root from 198.46.152.161 port 53132 ssh2 ...	2020-08-11 01:49:23
151.254.162.244	attackbotsspam	2020-08-10 06:51:49.766755-0500 localhost smtpd[18306]: NOQUEUE: reject: RCPT from unknown[151.254.162.244]: 554 5.7.1 Service unavailable; Client host [151.254.162.244] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/151.254.162.244; from= to= proto=ESMTP helo=<[151.254.162.244]>	2020-08-11 02:04:35
47.176.104.74	attackbotsspam	Aug 10 12:36:37 game-panel sshd[18854]: Failed password for root from 47.176.104.74 port 59517 ssh2 Aug 10 12:40:52 game-panel sshd[19091]: Failed password for root from 47.176.104.74 port 14589 ssh2	2020-08-11 02:00:19

Recently Reported IPs

84.194.208.235	129.68.69.65	192.35.169.41	11.149.194.251
149.99.124.131	131.254.18.250	178.44.107.45	64.227.100.251
95.224.50.78	117.167.71.218	222.92.94.2	49.235.63.27
103.78.15.2	85.160.174.225	178.21.252.93	195.71.148.164
185.116.3.207	27.6.196.118	50.65.233.5	75.249.101.183