1.53.4.172 - IPInfo

Basic Info

City: Ho Chi Minh City

Region: Ho Chi Minh

Country: Vietnam

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
1.53.4.231	attackbots	May 5 02:27:22 ntop sshd[23751]: User r.r from 1.53.4.231 not allowed because not listed in AllowUsers May 5 02:27:22 ntop sshd[23751]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.53.4.231 user=r.r May 5 02:27:24 ntop sshd[23751]: Failed password for invalid user r.r from 1.53.4.231 port 44236 ssh2 May 5 02:27:25 ntop sshd[23751]: Connection closed by invalid user r.r 1.53.4.231 port 44236 [preauth] May 5 02:28:14 ntop sshd[24172]: User r.r from 1.53.4.231 not allowed because not listed in AllowUsers May 5 02:28:14 ntop sshd[24172]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.53.4.231 user=r.r May 5 02:28:17 ntop sshd[24172]: Failed password for invalid user r.r from 1.53.4.231 port 5327 ssh2 May 5 02:28:18 ntop sshd[24172]: Connection closed by invalid user r.r 1.53.4.231 port 5327 [preauth] May 5 02:29:04 ntop sshd[24611]: User r.r from 1.53.4.231 not allowed because........ -------------------------------	2020-05-05 16:41:57
1.53.4.112	attack	unauthorized connection attempt	2020-02-07 18:48:45
1.53.41.76	attack	Unauthorized connection attempt detected from IP address 1.53.41.76 to port 23 [T]	2020-01-15 23:41:28
1.53.41.217	attackbots	Unauthorized connection attempt detected from IP address 1.53.41.217 to port 23 [T]	2020-01-14 18:16:10
1.53.4.26	attack	23/tcp [2019-10-28]1pkt	2019-10-29 03:12:40

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.53.4.172
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57128
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;1.53.4.172.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021202 1800 900 604800 86400

;; Query time: 19 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 13 09:29:02 CST 2022
;; MSG SIZE  rcvd: 103

Host info

b'Host 172.4.53.1.in-addr.arpa not found: 2(SERVFAIL)
'

Nslookup info:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 172.4.53.1.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
114.227.254.210	attackspam	Unauthorized connection attempt detected from IP address 114.227.254.210 to port 23 [J]	2020-01-17 22:06:46
1.82.159.14	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2020-01-17 22:07:40
14.63.167.192	attackspam	Jan 17 13:59:52 ns382633 sshd\[2579\]: Invalid user 88888 from 14.63.167.192 port 41188 Jan 17 13:59:52 ns382633 sshd\[2579\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.63.167.192 Jan 17 13:59:54 ns382633 sshd\[2579\]: Failed password for invalid user 88888 from 14.63.167.192 port 41188 ssh2 Jan 17 14:04:10 ns382633 sshd\[3385\]: Invalid user sangeeta from 14.63.167.192 port 46932 Jan 17 14:04:10 ns382633 sshd\[3385\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.63.167.192	2020-01-17 22:00:46
41.38.76.165	attack	smtp probe/invalid login attempt	2020-01-17 21:58:19
222.252.16.154	attackbotsspam	Jan 17 14:04:42 amit sshd\[32120\]: Invalid user sftpuser from 222.252.16.154 Jan 17 14:04:42 amit sshd\[32120\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.252.16.154 Jan 17 14:04:44 amit sshd\[32120\]: Failed password for invalid user sftpuser from 222.252.16.154 port 10416 ssh2 ...	2020-01-17 21:30:13
51.75.167.227	attackspambots	Mail/25/465/587-993/995 Probe, Reject, BadAuth, Hack, SPAM -	2020-01-17 22:01:57
49.69.145.60	attackspambots	Mail/25/465/587-993/995 Probe, Reject, BadAuth, Hack, SPAM -	2020-01-17 22:13:23
216.10.242.28	attackbotsspam	2020-01-17T13:15:23.326810shield sshd\[16522\]: Invalid user telefonica from 216.10.242.28 port 37766 2020-01-17T13:15:23.331091shield sshd\[16522\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=216.10.242.28 2020-01-17T13:15:25.620475shield sshd\[16522\]: Failed password for invalid user telefonica from 216.10.242.28 port 37766 ssh2 2020-01-17T13:18:56.098737shield sshd\[17733\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=216.10.242.28 user=root 2020-01-17T13:18:58.296246shield sshd\[17733\]: Failed password for root from 216.10.242.28 port 39244 ssh2	2020-01-17 21:30:48
197.98.201.122	attack	20/1/17@08:03:58: FAIL: Alarm-Network address from=197.98.201.122 20/1/17@08:03:58: FAIL: Alarm-Network address from=197.98.201.122 ...	2020-01-17 22:12:24
118.100.165.64	attack	SSH brutforce	2020-01-17 22:12:55
61.6.200.56	attackspambots	Mail/25/465/587-993/995 Probe, Reject, BadAuth, Hack, SPAM -	2020-01-17 21:47:25
109.190.43.165	attack	Jan 17 14:04:01 v22018076622670303 sshd\[18288\]: Invalid user user from 109.190.43.165 port 55738 Jan 17 14:04:01 v22018076622670303 sshd\[18288\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.190.43.165 Jan 17 14:04:03 v22018076622670303 sshd\[18288\]: Failed password for invalid user user from 109.190.43.165 port 55738 ssh2 ...	2020-01-17 22:05:38
185.175.93.104	attackbots	01/17/2020-14:38:50.181695 185.175.93.104 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-01-17 21:39:16
82.223.102.87	attackbots	[FriJan1714:03:53.1804452020][:error][pid14646:tid139886134814464][client82.223.102.87:62256][client82.223.102.87]ModSecurity:Accessdeniedwithcode403\(phase2\).Matchof"beginsWith%{request_headers.host}"against"TX:1"required.[file"/usr/local/apache.ea3/conf/modsec_rules/10_asl_rules.conf"][line"504"][id"340162"][rev"302"][msg"Atomicorp.comWAFRules:RemoteFileInjectionAttackdetected\(UnauthorizedURLdetectedasargument\)"][data"\,TX:1"][severity"CRITICAL"][hostname"lighthouse-accessoires.ch"][uri"/u/register_bg.php"][unique_id"XiGwubiFIVde7vEy-xZC-AAAAYM"][FriJan1714:03:56.2031552020][:error][pid14722:tid139886071875328][client82.223.102.87:63775][client82.223.102.87]ModSecurity:Accessdeniedwithcode403\(phase2\).Matchof"beginsWith%{request_headers.host}"against"TX:1"required.[file"/usr/local/apache.ea3/conf/modsec_rules/10_asl_rules.conf"][line"504"][id"340162"][rev"302"][msg"Atomicorp.comWAFRules:RemoteFileInjectionAttackdetected\(UnauthorizedURLdetectedasargument\)"][data"\	2020-01-17 22:15:40
13.80.5.200	attack	Automated report (2020-01-17T13:04:19+00:00). Faked user agent detected.	2020-01-17 21:56:36

Recently Reported IPs

1.53.39.43	1.53.48.240	1.54.194.20	1.54.198.90
1.54.2.231	1.55.128.140	1.54.200.37	1.55.170.2
1.55.182.89	1.54.220.164	1.54.67.30	1.55.197.142
1.55.210.0	1.55.170.14	1.55.210.51	1.55.211.209
1.55.228.69	1.55.239.239	1.55.251.85	1.55.251.243