113.53.248.2 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Thailand

Internet Service Provider: Boromarajonani_college_of_nursing_sawanpracharak Nakhon Sawan

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt from IP address 113.53.248.2 on Port 445(SMB)	2019-09-17 19:41:11

Comments on same subnet:

IP	Type	Details	Datetime
113.53.248.29	attackbotsspam	Unauthorized connection attempt detected from IP address 113.53.248.29 to port 445 [T]	2020-01-30 18:34:30

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 113.53.248.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 46254
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;113.53.248.2.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019091700 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Sep 17 19:40:57 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 2.248.53.113.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 2.248.53.113.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
163.172.204.185	attack	Oct 15 10:11:10 firewall sshd[11514]: Invalid user Password123456 from 163.172.204.185 Oct 15 10:11:11 firewall sshd[11514]: Failed password for invalid user Password123456 from 163.172.204.185 port 42030 ssh2 Oct 15 10:20:46 firewall sshd[11734]: Invalid user sonhn123 from 163.172.204.185 ...	2019-10-15 21:27:13
106.52.34.27	attackbots	Oct 15 14:45:27 * sshd[5412]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.34.27 Oct 15 14:45:29 * sshd[5412]: Failed password for invalid user administrator from 106.52.34.27 port 45334 ssh2	2019-10-15 21:32:56
185.176.27.178	attackbots	Oct 15 14:53:05 mc1 kernel: \[2430359.516795\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=185.176.27.178 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=31553 PROTO=TCP SPT=49892 DPT=25952 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 15 14:55:52 mc1 kernel: \[2430526.999930\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=185.176.27.178 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=42232 PROTO=TCP SPT=49892 DPT=37941 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 15 14:57:30 mc1 kernel: \[2430624.638344\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=185.176.27.178 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=46909 PROTO=TCP SPT=49892 DPT=16481 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-10-15 20:58:05
84.45.251.243	attackbotsspam	Oct 15 13:12:32 hcbbdb sshd\[9885\]: Invalid user delete from 84.45.251.243 Oct 15 13:12:32 hcbbdb sshd\[9885\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=84-45-251-243.static.enta.net Oct 15 13:12:34 hcbbdb sshd\[9885\]: Failed password for invalid user delete from 84.45.251.243 port 49508 ssh2 Oct 15 13:16:23 hcbbdb sshd\[10317\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=84-45-251-243.static.enta.net user=root Oct 15 13:16:25 hcbbdb sshd\[10317\]: Failed password for root from 84.45.251.243 port 60572 ssh2	2019-10-15 21:18:41
51.77.141.158	attackbotsspam	Oct 15 15:19:53 mout sshd[15050]: Invalid user ubuntu10 from 51.77.141.158 port 57881	2019-10-15 21:33:18
60.30.249.6	attack	Unauthorised access (Oct 15) SRC=60.30.249.6 LEN=40 TTL=47 ID=26733 TCP DPT=8080 WINDOW=23029 SYN Unauthorised access (Oct 15) SRC=60.30.249.6 LEN=40 TTL=47 ID=59417 TCP DPT=8080 WINDOW=23029 SYN Unauthorised access (Oct 14) SRC=60.30.249.6 LEN=40 TTL=47 ID=31906 TCP DPT=8080 WINDOW=23029 SYN	2019-10-15 21:03:51
117.201.250.194	attackspambots	Oct 15 13:45:42 srv206 sshd[620]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.201.250.194 user=root Oct 15 13:45:44 srv206 sshd[620]: Failed password for root from 117.201.250.194 port 41932 ssh2 ...	2019-10-15 21:13:55
222.186.180.223	attackbots	2019-10-15T13:07:12.842509hub.schaetter.us sshd\[6203\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.223 user=root 2019-10-15T13:07:14.832711hub.schaetter.us sshd\[6203\]: Failed password for root from 222.186.180.223 port 37470 ssh2 2019-10-15T13:07:18.754880hub.schaetter.us sshd\[6203\]: Failed password for root from 222.186.180.223 port 37470 ssh2 2019-10-15T13:07:23.089146hub.schaetter.us sshd\[6203\]: Failed password for root from 222.186.180.223 port 37470 ssh2 2019-10-15T13:07:27.770683hub.schaetter.us sshd\[6203\]: Failed password for root from 222.186.180.223 port 37470 ssh2 ...	2019-10-15 21:10:16
85.13.2.117	attackbots	Unauthorised access (Oct 15) SRC=85.13.2.117 LEN=40 TTL=54 ID=4759 TCP DPT=8080 WINDOW=692 SYN	2019-10-15 21:04:47
189.115.28.186	attack	Oct 15 13:24:10 pegasus sshd[1159]: Failed password for invalid user nagesh from 189.115.28.186 port 60954 ssh2 Oct 15 13:24:10 pegasus sshd[1159]: Connection closed by 189.115.28.186 port 60954 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=189.115.28.186	2019-10-15 21:26:37
188.40.225.168	attack	9 hits - GET /wp-includes/wlwmanifest.xml 404 GET /blog/wp-includes/wlwmanifest.xml 404 GET /web/wp-includes/wlwmanifest.xml 404	2019-10-15 21:36:03
2.59.119.148	attackbotsspam	X-Barracuda-Envelope-From: mother@baconbrain.icu X-Barracuda-Effective-Source-IP: hostmaster.hostingdunyam.com.tr[160.20.109.5] X-Barracuda-Apparent-Source-IP: 160.20.109.5	2019-10-15 21:00:06
106.12.93.12	attackbotsspam	Oct 15 12:44:59 venus sshd\[24608\]: Invalid user changeme from 106.12.93.12 port 33438 Oct 15 12:44:59 venus sshd\[24608\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.93.12 Oct 15 12:45:00 venus sshd\[24608\]: Failed password for invalid user changeme from 106.12.93.12 port 33438 ssh2 ...	2019-10-15 20:58:29
124.41.211.27	attackspam	2019-10-15T12:54:21.401996abusebot-5.cloudsearch.cf sshd\[5848\]: Invalid user lee from 124.41.211.27 port 39378	2019-10-15 21:15:27
118.144.155.254	attackspam	2019-10-15T12:46:23.451418abusebot-5.cloudsearch.cf sshd\[5775\]: Invalid user rowland from 118.144.155.254 port 48533	2019-10-15 21:14:42

Recently Reported IPs

123.162.97.252	14.234.154.189	125.161.136.92	190.230.44.167
159.138.153.162	125.214.48.203	58.59.112.158	199.195.226.71
174.137.254.193	221.23.4.255	162.54.230.76	121.244.27.59
128.73.72.10	101.109.116.192	14.231.137.247	42.116.164.122
85.106.48.173	64.32.4.14	134.73.76.231	192.210.203.145