112.53.2.25 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: None

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
112.53.203.29	attackspam	112.53.203.29 (CN/China/-), 3 distributed sshd attacks on account [ubnt] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Oct 11 16:45:28 internal2 sshd[29629]: Invalid user ubnt from 112.53.203.29 port 49068 Oct 11 16:44:19 internal2 sshd[29063]: Invalid user ubnt from 185.244.39.29 port 33518 Oct 11 16:21:16 internal2 sshd[20901]: Invalid user ubnt from 183.196.178.155 port 41566 IP Addresses Blocked:	2020-10-13 02:13:54
112.53.203.29	attackspam	112.53.203.29 (CN/China/-), 3 distributed sshd attacks on account [ubnt] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Oct 11 16:45:28 internal2 sshd[29629]: Invalid user ubnt from 112.53.203.29 port 49068 Oct 11 16:44:19 internal2 sshd[29063]: Invalid user ubnt from 185.244.39.29 port 33518 Oct 11 16:21:16 internal2 sshd[20901]: Invalid user ubnt from 183.196.178.155 port 41566 IP Addresses Blocked:	2020-10-12 17:39:30
112.53.236.56	attackbotsspam	Telnet/23 MH Probe, Scan, BF, Hack -	2020-04-23 17:43:27
112.53.236.114	attackbotsspam	Unauthorized connection attempt detected from IP address 112.53.236.114 to port 1433	2020-01-03 08:00:18
112.53.234.29	attackbots	firewall-block, port(s): 1433/tcp	2020-01-02 02:35:58
112.53.236.57	attack	port scan/probe/communication attempt; port 23	2019-11-26 08:36:28
112.53.236.57	attackbots	Honeypot attack, port: 23, PTR: PTR record not found	2019-08-26 12:05:31

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 112.53.2.25
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2563
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;112.53.2.25.			IN	A

;; AUTHORITY SECTION:
.			525	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020700 1800 900 604800 86400

;; Query time: 15 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 07 15:02:41 CST 2022
;; MSG SIZE  rcvd: 104

Host info

Host 25.2.53.112.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 25.2.53.112.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
68.183.83.38	attack	2020-10-09T08:58:37.599336mail.broermann.family sshd[391]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.83.38 user=root 2020-10-09T08:58:39.722749mail.broermann.family sshd[391]: Failed password for root from 68.183.83.38 port 57134 ssh2 2020-10-09T09:01:15.382497mail.broermann.family sshd[686]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.83.38 user=root 2020-10-09T09:01:17.196137mail.broermann.family sshd[686]: Failed password for root from 68.183.83.38 port 40880 ssh2 2020-10-09T09:03:51.203543mail.broermann.family sshd[891]: Invalid user hr from 68.183.83.38 port 52858 ...	2020-10-09 18:01:13
138.204.78.249	attackspam	SSH login attempts.	2020-10-09 18:22:01
193.32.163.108	attackspambots	Port scan denied	2020-10-09 17:52:28
58.16.204.238	attack	SSH brute-force attempt	2020-10-09 18:19:07
106.13.34.173	attack	Oct 9 04:56:40 Tower sshd[15139]: Connection from 106.13.34.173 port 45186 on 192.168.10.220 port 22 rdomain "" Oct 9 04:56:43 Tower sshd[15139]: Invalid user cron from 106.13.34.173 port 45186 Oct 9 04:56:43 Tower sshd[15139]: error: Could not get shadow information for NOUSER Oct 9 04:56:43 Tower sshd[15139]: Failed password for invalid user cron from 106.13.34.173 port 45186 ssh2 Oct 9 04:56:43 Tower sshd[15139]: Received disconnect from 106.13.34.173 port 45186:11: Bye Bye [preauth] Oct 9 04:56:43 Tower sshd[15139]: Disconnected from invalid user cron 106.13.34.173 port 45186 [preauth]	2020-10-09 17:49:29
94.191.75.220	attackspambots	Oct 9 09:32:27 DAAP sshd[2015]: Invalid user a from 94.191.75.220 port 41958 Oct 9 09:32:27 DAAP sshd[2015]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.191.75.220 Oct 9 09:32:27 DAAP sshd[2015]: Invalid user a from 94.191.75.220 port 41958 Oct 9 09:32:29 DAAP sshd[2015]: Failed password for invalid user a from 94.191.75.220 port 41958 ssh2 Oct 9 09:34:08 DAAP sshd[2029]: Invalid user oracle from 94.191.75.220 port 56630 ...	2020-10-09 17:47:55
157.230.93.183	attackspam	fail2ban	2020-10-09 18:09:23
174.219.148.95	attackspambots	Brute forcing email accounts	2020-10-09 17:59:51
218.92.0.211	attackbotsspam	Oct 9 10:05:08 ip-172-31-61-156 sshd[20961]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.211 user=root Oct 9 10:05:09 ip-172-31-61-156 sshd[20961]: Failed password for root from 218.92.0.211 port 28340 ssh2 ...	2020-10-09 18:06:10
130.162.64.72	attackspambots	Oct 9 11:31:18 OPSO sshd\[23046\]: Invalid user guest123 from 130.162.64.72 port 35887 Oct 9 11:31:18 OPSO sshd\[23046\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=130.162.64.72 Oct 9 11:31:20 OPSO sshd\[23046\]: Failed password for invalid user guest123 from 130.162.64.72 port 35887 ssh2 Oct 9 11:37:08 OPSO sshd\[24182\]: Invalid user git1 from 130.162.64.72 port 9576 Oct 9 11:37:08 OPSO sshd\[24182\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=130.162.64.72	2020-10-09 17:58:02
45.142.120.59	attackspam	2020-10-09 03:32:55 dovecot_login authenticator failed for \(localhost\) \[45.142.120.59\]: 535 Incorrect authentication data 2020-10-09 03:32:58 dovecot_login authenticator failed for \(localhost\) \[45.142.120.59\]: 535 Incorrect authentication data 2020-10-09 03:33:05 dovecot_login authenticator failed for \(localhost\) \[45.142.120.59\]: 535 Incorrect authentication data 2020-10-09 03:33:05 dovecot_login authenticator failed for \(localhost\) \[45.142.120.59\]: 535 Incorrect authentication data 2020-10-09 03:37:41 dovecot_login authenticator failed for \(localhost\) \[45.142.120.59\]: 535 Incorrect authentication data \(set_id=ags@no-server.de\) ...	2020-10-09 17:50:14
144.217.42.212	attackbotsspam	2020-10-09T10:46:20.753032cyberdyne sshd[1676903]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.217.42.212 user=root 2020-10-09T10:46:22.466407cyberdyne sshd[1676903]: Failed password for root from 144.217.42.212 port 39322 ssh2 2020-10-09T10:47:43.282429cyberdyne sshd[1676933]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.217.42.212 user=root 2020-10-09T10:47:45.723243cyberdyne sshd[1676933]: Failed password for root from 144.217.42.212 port 48853 ssh2 ...	2020-10-09 18:15:19
186.206.129.189	attackspambots	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-10-09T07:54:55Z and 2020-10-09T08:02:59Z	2020-10-09 18:08:42
49.234.111.57	attackbotsspam	Oct 9 11:30:03 h2779839 sshd[12060]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.111.57 user=root Oct 9 11:30:04 h2779839 sshd[12060]: Failed password for root from 49.234.111.57 port 44426 ssh2 Oct 9 11:34:02 h2779839 sshd[12110]: Invalid user radvd from 49.234.111.57 port 58230 Oct 9 11:34:02 h2779839 sshd[12110]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.111.57 Oct 9 11:34:02 h2779839 sshd[12110]: Invalid user radvd from 49.234.111.57 port 58230 Oct 9 11:34:05 h2779839 sshd[12110]: Failed password for invalid user radvd from 49.234.111.57 port 58230 ssh2 Oct 9 11:37:41 h2779839 sshd[12153]: Invalid user tester from 49.234.111.57 port 43796 Oct 9 11:37:41 h2779839 sshd[12153]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.111.57 Oct 9 11:37:41 h2779839 sshd[12153]: Invalid user tester from 49.234.111.57 port 43796 Oct 9 11 ...	2020-10-09 17:58:56
128.199.251.10	attackbotsspam	Oct 8 13:11:50 foo sshd[10620]: Did not receive identification string from 128.199.251.10 Oct 8 13:14:32 foo sshd[10662]: Invalid user Boss321 from 128.199.251.10 Oct 8 13:14:32 foo sshd[10662]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.251.10 Oct 8 13:14:34 foo sshd[10662]: Failed password for invalid user Boss321 from 128.199.251.10 port 47264 ssh2 Oct 8 13:14:34 foo sshd[10662]: Received disconnect from 128.199.251.10: 11: Normal Shutdown, Thank you for playing [preauth] Oct 8 13:15:06 foo sshd[10690]: Invalid user RiiRii from 128.199.251.10 Oct 8 13:15:06 foo sshd[10690]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.251.10 Oct 8 13:15:08 foo sshd[10690]: Failed password for invalid user RiiRii from 128.199.251.10 port 39708 ssh2 Oct 8 13:15:08 foo sshd[10690]: Received disconnect from 128.199.251.10: 11: Normal Shutdown, Thank you for playing [preauth]........ -------------------------------	2020-10-09 18:21:15

Recently Reported IPs

138.197.97.196	20.205.108.252	190.144.31.254	179.80.142.19
34.124.198.164	89.46.105.243	67.222.109.195	113.176.84.243
103.10.99.214	82.191.238.172	41.36.48.222	203.173.94.162
2.83.36.218	194.158.75.202	120.53.250.199	52.26.21.202
41.90.230.214	201.20.70.150	165.22.89.6	105.112.143.30