1.53.252.63 - IPInfo

Basic Info

City: Ho Chi Minh City

Region: Ho Chi Minh

Country: Vietnam

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
1.53.252.99	attack	Jun 21 22:27:56 debian-2gb-nbg1-2 kernel: \[15029955.253588\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=1.53.252.99 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=5266 PROTO=TCP SPT=54093 DPT=3384 WINDOW=1024 RES=0x00 SYN URGP=0	2020-06-22 04:28:46
1.53.252.99	attackspambots	Jun 21 14:36:02 debian-2gb-nbg1-2 kernel: \[15001641.869419\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=1.53.252.99 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=45128 PROTO=TCP SPT=54096 DPT=3397 WINDOW=1024 RES=0x00 SYN URGP=0	2020-06-22 01:22:40
1.53.252.99	attack	Tried our host z.	2020-06-14 15:44:42

Type

Details

Datetime

1.53.252.99

attack

Jun 21 22:27:56 debian-2gb-nbg1-2 kernel: \[15029955.253588\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=1.53.252.99 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=5266 PROTO=TCP SPT=54093 DPT=3384 WINDOW=1024 RES=0x00 SYN URGP=0

2020-06-22 04:28:46

1.53.252.99

attackspambots

Jun 21 14:36:02 debian-2gb-nbg1-2 kernel: \[15001641.869419\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=1.53.252.99 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=45128 PROTO=TCP SPT=54096 DPT=3397 WINDOW=1024 RES=0x00 SYN URGP=0

2020-06-22 01:22:40

1.53.252.99

attack

Tried our host z.

2020-06-14 15:44:42

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.53.252.63
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58658
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;1.53.252.63.			IN	A

;; AUTHORITY SECTION:
.			539	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022031602 1800 900 604800 86400

;; Query time: 193 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Mar 17 04:07:39 CST 2022
;; MSG SIZE  rcvd: 104

Host info

Host 63.252.53.1.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 63.252.53.1.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
128.134.187.167	attack	Aug 31 00:25:21 meumeu sshd[20411]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.134.187.167 Aug 31 00:25:23 meumeu sshd[20411]: Failed password for invalid user tuser from 128.134.187.167 port 51724 ssh2 Aug 31 00:29:59 meumeu sshd[20907]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.134.187.167 ...	2019-08-31 07:15:19
46.101.162.247	attack	2019-08-30T22:18:22.578915abusebot-2.cloudsearch.cf sshd\[10727\]: Invalid user andrey from 46.101.162.247 port 35872	2019-08-31 06:40:56
101.50.3.31	attack	WordPress wp-login brute force :: 101.50.3.31 0.052 BYPASS [31/Aug/2019:02:21:09 1000] [censored_2] "POST /wp-login.php HTTP/1.1" 200 4630 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-08-31 07:00:21
13.71.117.11	attack	Aug 31 00:50:18 vps647732 sshd[18408]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.71.117.11 Aug 31 00:50:20 vps647732 sshd[18408]: Failed password for invalid user emc from 13.71.117.11 port 38210 ssh2 ...	2019-08-31 07:05:58
41.196.0.189	attackbots	Automated report - ssh fail2ban: Aug 30 23:14:26 authentication failure Aug 30 23:14:28 wrong password, user=web1, port=42374, ssh2 Aug 30 23:23:50 authentication failure	2019-08-31 07:09:09
185.163.109.66	attackspam	15 pkts, ports: UDP:3386, TCP:6666, TCP:3542, TCP:1521, TCP:7474, TCP:5672, TCP:5601, TCP:9418, TCP:9090, TCP:9944, TCP:27017, TCP:4443, TCP:8123, TCP:5007, TCP:389	2019-08-31 07:18:13
3.0.89.215	attackspambots	Aug 30 22:08:36 plex sshd[19886]: Invalid user nitesh from 3.0.89.215 port 47928	2019-08-31 06:47:11
138.94.160.58	attackbotsspam	Aug 31 00:16:56 rpi sshd[12820]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.94.160.58 Aug 31 00:16:58 rpi sshd[12820]: Failed password for invalid user ubuntu from 138.94.160.58 port 57450 ssh2	2019-08-31 06:43:42
202.163.126.134	attackbots	[Aegis] @ 2019-08-30 22:59:18 0100 -> Attempted Administrator Privilege Gain: ET SCAN LibSSH Based Frequent SSH Connections Likely BruteForce Attack	2019-08-31 07:17:44
139.59.74.183	attack	Aug 30 18:20:53 dedicated sshd[3376]: Invalid user qhsupport from 139.59.74.183 port 45682	2019-08-31 07:04:32
218.197.16.152	attackbotsspam	Aug 30 11:59:03 web9 sshd\[31222\]: Invalid user gabi from 218.197.16.152 Aug 30 11:59:03 web9 sshd\[31222\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.197.16.152 Aug 30 11:59:04 web9 sshd\[31222\]: Failed password for invalid user gabi from 218.197.16.152 port 57665 ssh2 Aug 30 12:04:37 web9 sshd\[32361\]: Invalid user ansible from 218.197.16.152 Aug 30 12:04:37 web9 sshd\[32361\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.197.16.152	2019-08-31 06:50:41
79.137.77.131	attackbotsspam	Aug 31 00:12:38 rpi sshd[12743]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.137.77.131 Aug 31 00:12:40 rpi sshd[12743]: Failed password for invalid user penrod from 79.137.77.131 port 36030 ssh2	2019-08-31 06:40:28
213.206.191.122	attack	Aug 30 06:21:36 hpm sshd\[27435\]: Invalid user pi from 213.206.191.122 Aug 30 06:21:36 hpm sshd\[27437\]: Invalid user pi from 213.206.191.122 Aug 30 06:21:36 hpm sshd\[27435\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.206.191.122 Aug 30 06:21:36 hpm sshd\[27437\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.206.191.122 Aug 30 06:21:38 hpm sshd\[27435\]: Failed password for invalid user pi from 213.206.191.122 port 51264 ssh2	2019-08-31 06:39:56
210.227.113.18	attack	Aug 30 12:37:02 hiderm sshd\[10425\]: Invalid user admin from 210.227.113.18 Aug 30 12:37:02 hiderm sshd\[10425\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.227.113.18 Aug 30 12:37:04 hiderm sshd\[10425\]: Failed password for invalid user admin from 210.227.113.18 port 55090 ssh2 Aug 30 12:41:35 hiderm sshd\[10972\]: Invalid user kito from 210.227.113.18 Aug 30 12:41:35 hiderm sshd\[10972\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.227.113.18	2019-08-31 06:49:16
191.240.38.185	attackbots	Brute force attempt	2019-08-31 07:12:35

Recently Reported IPs

1.33.174.33	1.54.232.137	1.54.232.150	1.7.139.163
10.0.1.250	10.105.15.111	10.121.15.111	10.15.34.2
10.200.0.231	10.30.168.210	10.37.33.5	10.37.34.36
10.37.35.151	10.9.10.11	100.21.141.219	100.21.56.72
100.21.63.126	100.24.101.116	100.24.102.31	100.24.130.63