1.53.252.99 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Viet Nam

Internet Service Provider: FPT Broadband Service

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Jun 21 22:27:56 debian-2gb-nbg1-2 kernel: \[15029955.253588\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=1.53.252.99 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=5266 PROTO=TCP SPT=54093 DPT=3384 WINDOW=1024 RES=0x00 SYN URGP=0	2020-06-22 04:28:46
attackspambots	Jun 21 14:36:02 debian-2gb-nbg1-2 kernel: \[15001641.869419\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=1.53.252.99 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=45128 PROTO=TCP SPT=54096 DPT=3397 WINDOW=1024 RES=0x00 SYN URGP=0	2020-06-22 01:22:40
attack	Tried our host z.	2020-06-14 15:44:42

Type

Details

Datetime

attack

Jun 21 22:27:56 debian-2gb-nbg1-2 kernel: \[15029955.253588\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=1.53.252.99 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=5266 PROTO=TCP SPT=54093 DPT=3384 WINDOW=1024 RES=0x00 SYN URGP=0

2020-06-22 04:28:46

attackspambots

Jun 21 14:36:02 debian-2gb-nbg1-2 kernel: \[15001641.869419\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=1.53.252.99 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=45128 PROTO=TCP SPT=54096 DPT=3397 WINDOW=1024 RES=0x00 SYN URGP=0

2020-06-22 01:22:40

attack

Tried our host z.

2020-06-14 15:44:42

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.53.252.99
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 37691
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;1.53.252.99.			IN	A

;; AUTHORITY SECTION:
.			436	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020032500 1800 900 604800 86400

;; Query time: 217 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Mar 25 19:14:14 CST 2020
;; MSG SIZE  rcvd: 115

Host info

99.252.53.1.in-addr.arpa domain name pointer hostvnfpt25298.maxserver.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
99.252.53.1.in-addr.arpa	name = hostvnfpt25298.maxserver.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
79.175.133.118	attackspambots	Invalid user alara from 79.175.133.118 port 45190	2020-02-14 09:05:32
43.247.30.156	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-14 09:30:03
106.12.17.107	attack	Feb 13 23:17:18 MK-Soft-VM3 sshd[16554]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.17.107 Feb 13 23:17:20 MK-Soft-VM3 sshd[16554]: Failed password for invalid user pollinate from 106.12.17.107 port 53838 ssh2 ...	2020-02-14 09:01:35
104.168.88.225	attack	Feb 13 13:42:12 php1 sshd\[2519\]: Invalid user somesh from 104.168.88.225 Feb 13 13:42:12 php1 sshd\[2519\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.168.88.225 Feb 13 13:42:14 php1 sshd\[2519\]: Failed password for invalid user somesh from 104.168.88.225 port 42689 ssh2 Feb 13 13:49:35 php1 sshd\[3227\]: Invalid user p@ssw0rd from 104.168.88.225 Feb 13 13:49:35 php1 sshd\[3227\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.168.88.225	2020-02-14 09:09:40
188.136.147.143	attackspambots	Automatic report - Port Scan Attack	2020-02-14 08:56:49
78.56.141.12	attack	Automatic report - XMLRPC Attack	2020-02-14 09:25:53
200.84.30.192	attackspambots	1581620911 - 02/13/2020 20:08:31 Host: 200.84.30.192/200.84.30.192 Port: 445 TCP Blocked	2020-02-14 09:02:11
197.159.128.98	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-14 08:54:23
149.56.28.100	attack	02/13/2020-22:15:43.892024 149.56.28.100 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2020-02-14 09:00:23
192.99.7.175	attack	IP was detected trying to Brute-Force SSH, FTP, Web Apps, Port-Scan or Hacking.	2020-02-14 09:15:11
108.217.86.227	attackspambots	Feb 13 22:38:14 pornomens sshd\[20783\]: Invalid user keng from 108.217.86.227 port 34064 Feb 13 22:38:14 pornomens sshd\[20783\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=108.217.86.227 Feb 13 22:38:16 pornomens sshd\[20783\]: Failed password for invalid user keng from 108.217.86.227 port 34064 ssh2 ...	2020-02-14 08:54:52
138.68.44.236	attack	Brute-force attempt banned	2020-02-14 09:02:29
104.168.88.16	attack	Feb 13 19:25:27 plusreed sshd[4064]: Invalid user qweqweqwe from 104.168.88.16 ...	2020-02-14 09:04:10
196.219.162.102	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-14 08:56:07
49.88.112.112	attack	February 14 2020, 00:54:32 [sshd] - Banned from the Cipher Host hosting platform by Fail2ban.	2020-02-14 08:55:19

Recently Reported IPs

223.95.101.217	188.68.255.205	49.149.21.14	120.75.207.146
181.199.103.63	218.1.120.144	67.68.53.183	197.156.238.119
151.127.41.4	203.87.190.220	239.193.58.149	174.35.55.22
179.148.135.55	33.170.180.151	217.108.44.80	207.136.128.17
186.107.207.111	88.208.107.54	204.166.119.144	44.64.106.225