1.53.242.65 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Viet Nam

Internet Service Provider: FPT Broadband Service

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt detected from IP address 1.53.242.65 to port 23	2020-01-02 21:01:54

Comments on same subnet:

IP	Type	Details	Datetime
1.53.242.20	attackspambots	Unauthorized connection attempt detected from IP address 1.53.242.20 to port 8291 [T]	2020-07-22 04:48:01

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.53.242.65
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 14316
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;1.53.242.65.			IN	A

;; AUTHORITY SECTION:
.			591	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020010200 1800 900 604800 86400

;; Query time: 49 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jan 02 21:01:51 CST 2020
;; MSG SIZE  rcvd: 115

Host info

Host 65.242.53.1.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 65.242.53.1.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
167.172.201.94	attack	Oct 8 12:05:49 Tower sshd[41720]: refused connect from 85.209.0.103 (85.209.0.103) Oct 8 15:34:43 Tower sshd[41720]: Connection from 167.172.201.94 port 41540 on 192.168.10.220 port 22 rdomain "" Oct 8 15:34:45 Tower sshd[41720]: Invalid user system from 167.172.201.94 port 41540 Oct 8 15:34:45 Tower sshd[41720]: error: Could not get shadow information for NOUSER Oct 8 15:34:45 Tower sshd[41720]: Failed password for invalid user system from 167.172.201.94 port 41540 ssh2 Oct 8 15:34:45 Tower sshd[41720]: Received disconnect from 167.172.201.94 port 41540:11: Bye Bye [preauth] Oct 8 15:34:45 Tower sshd[41720]: Disconnected from invalid user system 167.172.201.94 port 41540 [preauth]	2020-10-09 04:30:00
5.62.20.36	attackspam	Automatic report - Banned IP Access	2020-10-09 04:15:12
66.207.69.154	attackspam	Oct 8 20:19:54 gw1 sshd[26139]: Failed password for root from 66.207.69.154 port 53832 ssh2 ...	2020-10-09 04:03:58
14.205.201.231	attackbots	IP 14.205.201.231 attacked honeypot on port: 5555 at 10/7/2020 1:46:45 PM	2020-10-09 04:16:22
115.77.198.222	attack	20/10/8@08:50:14: FAIL: IoT-Telnet address from=115.77.198.222 ...	2020-10-09 04:30:14
106.12.123.239	attackspam	Found on CINS badguys / proto=6 . srcport=56933 . dstport=3508 . (5380)	2020-10-09 04:11:23
222.186.31.166	attack	Oct 8 22:30:43 abendstille sshd\[18521\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.31.166 user=root Oct 8 22:30:45 abendstille sshd\[18521\]: Failed password for root from 222.186.31.166 port 54642 ssh2 Oct 8 22:30:56 abendstille sshd\[18746\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.31.166 user=root Oct 8 22:30:58 abendstille sshd\[18746\]: Failed password for root from 222.186.31.166 port 47557 ssh2 Oct 8 22:31:04 abendstille sshd\[18902\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.31.166 user=root ...	2020-10-09 04:33:37
92.239.13.99	attackbotsspam	Oct 8 11:23:31 vm0 sshd[6423]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.239.13.99 Oct 8 11:23:31 vm0 sshd[6425]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.239.13.99 ...	2020-10-09 04:37:37
61.174.212.58	attackbotsspam	Oct 8 18:08:16 scw-6657dc sshd[23724]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.174.212.58 Oct 8 18:08:16 scw-6657dc sshd[23724]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.174.212.58 Oct 8 18:08:18 scw-6657dc sshd[23724]: Failed password for invalid user 2 from 61.174.212.58 port 30465 ssh2 ...	2020-10-09 04:08:52
62.102.148.68	attackspam	62.102.148.68 - - [08/Oct/2020:21:22:54 +0300] "GET /.env HTTP/1.0" 403 1460 "-" "TBI-WebScanner/0.0.1 (+https://leakix.net/)" 62.102.148.68 - - [08/Oct/2020:21:22:54 +0300] "GET /.git/config HTTP/1.0" 403 1460 "-" "TBI-WebScanner/0.0.1 (+https://leakix.net/)" 62.102.148.68 - - [08/Oct/2020:21:22:54 +0300] "GET /composer.json HTTP/1.0" 403 1460 "-" "TBI-WebScanner/0.0.1 (+https://leakix.net/)" ...	2020-10-09 04:06:37
106.12.108.170	attackspam	firewall-block, port(s): 3838/tcp	2020-10-09 04:25:26
41.79.78.59	attackspam	Oct 8 21:06:17 host1 sshd[1600460]: Failed password for root from 41.79.78.59 port 50709 ssh2 Oct 8 21:10:45 host1 sshd[1601003]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.79.78.59 user=root Oct 8 21:10:47 host1 sshd[1601003]: Failed password for root from 41.79.78.59 port 53432 ssh2 Oct 8 21:10:45 host1 sshd[1601003]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.79.78.59 user=root Oct 8 21:10:47 host1 sshd[1601003]: Failed password for root from 41.79.78.59 port 53432 ssh2 ...	2020-10-09 04:35:54
125.215.207.44	attackbots	Coordinated SSH brute-force attack from different IPs. pam_unix(sshd:auth): user=root	2020-10-09 04:04:46
118.173.63.64	attackbotsspam	1602103648 - 10/07/2020 22:47:28 Host: 118.173.63.64/118.173.63.64 Port: 445 TCP Blocked ...	2020-10-09 04:13:51
43.225.158.124	attackspambots	Oct 7 02:47:13 CT721 sshd[19667]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.225.158.124 user=r.r Oct 7 02:47:16 CT721 sshd[19667]: Failed password for r.r from 43.225.158.124 port 58671 ssh2 Oct 7 02:47:16 CT721 sshd[19667]: Received disconnect from 43.225.158.124 port 58671:11: Bye Bye [preauth] Oct 7 02:47:16 CT721 sshd[19667]: Disconnected from 43.225.158.124 port 58671 [preauth] Oct 7 03:04:29 CT721 sshd[21280]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.225.158.124 user=r.r Oct 7 03:04:31 CT721 sshd[21280]: Failed password for r.r from 43.225.158.124 port 45132 ssh2 Oct 7 03:04:31 CT721 sshd[21280]: Received disconnect from 43.225.158.124 port 45132:11: Bye Bye [preauth] Oct 7 03:04:31 CT721 sshd[21280]: Disconnected from 43.225.158.124 port 45132 [preauth] Oct 7 03:08:12 CT721 sshd[21325]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tt........ -------------------------------	2020-10-09 04:12:42

Recently Reported IPs

39.116.198.231	217.97.17.40	218.108.36.183	81.129.0.23
85.51.186.19	106.89.220.112	218.6.244.186	216.177.83.9
215.121.120.105	81.188.211.96	81.251.86.220	79.46.196.83
98.217.111.96	191.205.146.181	214.242.19.80	47.214.58.166
79.53.189.23	76.218.88.16	68.57.81.172	187.163.215.239