153.99.13.244 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: China Unicom Jiangsu Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Unauthorized IMAP connection attempt	2020-05-26 10:53:08

Comments on same subnet:

IP	Type	Details	Datetime
153.99.13.206	attack	Unauthorized connection attempt detected from IP address 153.99.13.206 to port 6656 [T]	2020-01-29 20:03:54
153.99.134.128	attackbotsspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/153.99.134.128/ CN - 1H : (736) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : CN NAME ASN : ASN4837 IP : 153.99.134.128 CIDR : 153.99.0.0/16 PREFIX COUNT : 1262 UNIQUE IP COUNT : 56665856 ATTACKS DETECTED ASN4837 : 1H - 21 3H - 55 6H - 116 12H - 248 24H - 304 DateTime : 2019-11-14 05:55:31 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-11-14 14:10:26

Type

Details

Datetime

153.99.13.206

attack

Unauthorized connection attempt detected from IP address 153.99.13.206 to port 6656 [T]

2020-01-29 20:03:54

153.99.134.128

attackbotsspam

IP Ban Report :  
 https://help-dysk.pl/wordpress-firewall-plugins/ip/153.99.134.128/ 
 
 CN - 1H : (736)  
 Protection Against DDoS WordPress plugin :  
 "odzyskiwanie danych help-dysk" 
 IP Address Ranges by Country : CN 
 NAME ASN : ASN4837 
 
 IP : 153.99.134.128 
 
 CIDR : 153.99.0.0/16 
 
 PREFIX COUNT : 1262 
 
 UNIQUE IP COUNT : 56665856 
 
 
 ATTACKS DETECTED ASN4837 :  
  1H - 21 
  3H - 55 
  6H - 116 
 12H - 248 
 24H - 304 
 
 DateTime : 2019-11-14 05:55:31 
 
 INFO : Port Scan TELNET Detected and Blocked by ADMIN  - data recovery

2019-11-14 14:10:26

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 153.99.13.244
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17035
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;153.99.13.244.			IN	A

;; AUTHORITY SECTION:
.			576	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020052501 1800 900 604800 86400

;; Query time: 52 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue May 26 10:53:03 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 244.13.99.153.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 244.13.99.153.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
94.99.242.29	attackbots	firewall-block, port(s): 8291/tcp	2020-05-28 02:16:15
113.193.243.35	attackspam	May 27 20:18:09 abendstille sshd\[13349\]: Invalid user production from 113.193.243.35 May 27 20:18:09 abendstille sshd\[13349\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.193.243.35 May 27 20:18:11 abendstille sshd\[13349\]: Failed password for invalid user production from 113.193.243.35 port 49362 ssh2 May 27 20:22:13 abendstille sshd\[17573\]: Invalid user sex from 113.193.243.35 May 27 20:22:13 abendstille sshd\[17573\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.193.243.35 ...	2020-05-28 02:38:05
181.49.254.230	attackspam	May 27 19:24:54 electroncash sshd[24654]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.49.254.230 May 27 19:24:54 electroncash sshd[24654]: Invalid user web from 181.49.254.230 port 37510 May 27 19:24:56 electroncash sshd[24654]: Failed password for invalid user web from 181.49.254.230 port 37510 ssh2 May 27 19:28:21 electroncash sshd[25646]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.49.254.230 user=root May 27 19:28:23 electroncash sshd[25646]: Failed password for root from 181.49.254.230 port 36686 ssh2 ...	2020-05-28 02:13:53
114.32.158.32	attackspambots	firewall-block, port(s): 82/tcp	2020-05-28 02:13:08
188.163.109.153	attack	0,25-01/02 [bc01/m18] PostRequest-Spammer scoring: maputo01_x2b	2020-05-28 02:34:11
46.229.230.84	attack	Automatic report - XMLRPC Attack	2020-05-28 02:07:49
139.162.122.110	attackspambots	...	2020-05-28 02:23:26
75.144.73.148	attackbotsspam	May 27 18:19:05 nbi10206 sshd[1296]: User r.r from 75.144.73.148 not allowed because not listed in AllowUsers May 27 18:19:05 nbi10206 sshd[1296]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=75.144.73.148 user=r.r May 27 18:19:07 nbi10206 sshd[1296]: Failed password for invalid user r.r from 75.144.73.148 port 36252 ssh2 May 27 18:19:07 nbi10206 sshd[1296]: Received disconnect from 75.144.73.148 port 36252:11: Bye Bye [preauth] May 27 18:19:07 nbi10206 sshd[1296]: Disconnected from 75.144.73.148 port 36252 [preauth] May 27 18:23:01 nbi10206 sshd[2385]: User r.r from 75.144.73.148 not allowed because not listed in AllowUsers May 27 18:23:01 nbi10206 sshd[2385]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=75.144.73.148 user=r.r May 27 18:23:03 nbi10206 sshd[2385]: Failed password for invalid user r.r from 75.144.73.148 port 54982 ssh2 May 27 18:23:03 nbi10206 sshd[2385]: Received dis........ -------------------------------	2020-05-28 02:37:48
216.218.206.105	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-05-28 02:07:17
221.122.67.66	attack	May 27 20:22:19 ourumov-web sshd\[26959\]: Invalid user walter from 221.122.67.66 port 43865 May 27 20:22:19 ourumov-web sshd\[26959\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.122.67.66 May 27 20:22:21 ourumov-web sshd\[26959\]: Failed password for invalid user walter from 221.122.67.66 port 43865 ssh2 ...	2020-05-28 02:41:50
218.92.0.171	attackspam	May 27 17:50:39 sshgateway sshd\[5128\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.171 user=root May 27 17:50:41 sshgateway sshd\[5128\]: Failed password for root from 218.92.0.171 port 6516 ssh2 May 27 17:50:54 sshgateway sshd\[5128\]: error: maximum authentication attempts exceeded for root from 218.92.0.171 port 6516 ssh2 \[preauth\]	2020-05-28 02:04:25
156.96.116.62	attackspam	"relaying denied"	2020-05-28 02:15:40
106.52.234.25	attackspam	(sshd) Failed SSH login from 106.52.234.25 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: May 27 17:43:37 srv sshd[7986]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.234.25 user=root May 27 17:43:39 srv sshd[7986]: Failed password for root from 106.52.234.25 port 36902 ssh2 May 27 18:07:53 srv sshd[8606]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.234.25 user=root May 27 18:07:55 srv sshd[8606]: Failed password for root from 106.52.234.25 port 58642 ssh2 May 27 18:11:44 srv sshd[8663]: Invalid user postgres from 106.52.234.25 port 39756	2020-05-28 02:10:33
5.26.149.86	attackbots	Telnet Server BruteForce Attack	2020-05-28 02:12:05
77.123.20.173	attackspam	May 27 20:37:30 debian-2gb-nbg1-2 kernel: \[12863443.872658\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=77.123.20.173 DST=195.201.40.59 LEN=40 TOS=0x08 PREC=0x20 TTL=240 ID=49363 PROTO=TCP SPT=44807 DPT=4093 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-28 02:41:29

Recently Reported IPs

209.242.220.111	212.129.147.181	185.104.249.125	155.218.44.15
176.116.136.191	201.93.22.65	186.235.50.121	14.160.9.126
96.36.8.12	94.102.51.95	37.45.34.63	14.162.205.83
14.248.108.35	186.179.180.72	178.163.42.136	92.53.64.208
167.172.125.254	63.153.177.59	91.223.20.114	46.116.73.37