113.53.29.4 - IPInfo

Basic Info

City: Phetchabun

Region: Changwat Phetchabun

Country: Thailand

Internet Service Provider: TOT Public Company Limited

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	ThinkPHP Remote Code Execution Vulnerability	2019-08-18 06:54:28

Comments on same subnet:

IP	Type	Details	Datetime
113.53.29.172	attack	Oct 10 09:01:07 web1 sshd[30564]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.53.29.172 user=root Oct 10 09:01:09 web1 sshd[30564]: Failed password for root from 113.53.29.172 port 46532 ssh2 Oct 10 09:14:19 web1 sshd[2798]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.53.29.172 user=root Oct 10 09:14:21 web1 sshd[2798]: Failed password for root from 113.53.29.172 port 55042 ssh2 Oct 10 09:18:19 web1 sshd[4145]: Invalid user techsupport from 113.53.29.172 port 59628 Oct 10 09:18:19 web1 sshd[4145]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.53.29.172 Oct 10 09:18:19 web1 sshd[4145]: Invalid user techsupport from 113.53.29.172 port 59628 Oct 10 09:18:21 web1 sshd[4145]: Failed password for invalid user techsupport from 113.53.29.172 port 59628 ssh2 Oct 10 09:22:17 web1 sshd[5522]: pam_unix(sshd:auth): authentication failure; logname= uid=0 eui ...	2020-10-10 07:34:16
113.53.29.172	attack	(sshd) Failed SSH login from 113.53.29.172 (TH/Thailand/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 9 08:56:17 optimus sshd[13038]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.53.29.172 user=root Oct 9 08:56:18 optimus sshd[13038]: Failed password for root from 113.53.29.172 port 53426 ssh2 Oct 9 09:13:28 optimus sshd[18001]: Invalid user design from 113.53.29.172 Oct 9 09:13:28 optimus sshd[18001]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.53.29.172 Oct 9 09:13:30 optimus sshd[18001]: Failed password for invalid user design from 113.53.29.172 port 40260 ssh2	2020-10-09 23:55:38
113.53.29.172	attackspam	Oct 9 09:01:09 host sshd[30655]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.53.29.172 user=root Oct 9 09:01:11 host sshd[30655]: Failed password for root from 113.53.29.172 port 46488 ssh2 ...	2020-10-09 15:42:32
113.53.29.172	attack	DATE:2020-10-05 18:13:30, IP:113.53.29.172, PORT:ssh SSH brute force auth (docker-dc)	2020-10-06 00:38:09
113.53.29.172	attackspambots	Oct 5 07:30:17 sigma sshd\[13564\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.53.29.172 user=rootOct 5 07:36:14 sigma sshd\[13656\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.53.29.172 user=root ...	2020-10-05 16:37:22
113.53.29.172	attack	May 15 19:17:02 ms-srv sshd[7583]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.53.29.172 May 15 19:17:04 ms-srv sshd[7583]: Failed password for invalid user tom from 113.53.29.172 port 35838 ssh2	2020-08-26 20:35:05
113.53.29.172	attackspambots	Fail2Ban Ban Triggered (2)	2020-08-06 15:40:01
113.53.29.172	attack	2020-08-05T23:27:20.8688371495-001 sshd[6640]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.53.29.172 user=root 2020-08-05T23:27:22.5541951495-001 sshd[6640]: Failed password for root from 113.53.29.172 port 51062 ssh2 2020-08-05T23:32:04.0348081495-001 sshd[6886]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.53.29.172 user=root 2020-08-05T23:32:06.0414021495-001 sshd[6886]: Failed password for root from 113.53.29.172 port 34146 ssh2 2020-08-05T23:36:41.7247201495-001 sshd[7072]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.53.29.172 user=root 2020-08-05T23:36:44.0924851495-001 sshd[7072]: Failed password for root from 113.53.29.172 port 45450 ssh2 ...	2020-08-06 12:07:54
113.53.29.172	attackbotsspam	Jul 7 19:40:03 sip sshd[5704]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.53.29.172 Jul 7 19:40:05 sip sshd[5704]: Failed password for invalid user tomcat from 113.53.29.172 port 42770 ssh2 Jul 7 19:45:22 sip sshd[7652]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.53.29.172	2020-07-11 07:25:31
113.53.29.172	attackspambots	Jul 7 16:00:51 ArkNodeAT sshd\[11514\]: Invalid user write from 113.53.29.172 Jul 7 16:00:51 ArkNodeAT sshd\[11514\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.53.29.172 Jul 7 16:00:53 ArkNodeAT sshd\[11514\]: Failed password for invalid user write from 113.53.29.172 port 53890 ssh2	2020-07-08 00:14:38
113.53.29.172	attack	2020-06-23T21:49:31.188463linuxbox-skyline sshd[138310]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.53.29.172 user=root 2020-06-23T21:49:33.676173linuxbox-skyline sshd[138310]: Failed password for root from 113.53.29.172 port 55422 ssh2 ...	2020-06-24 18:47:05
113.53.29.172	attackbotsspam	Jun 10 01:12:12 firewall sshd[1564]: Invalid user cristopher from 113.53.29.172 Jun 10 01:12:15 firewall sshd[1564]: Failed password for invalid user cristopher from 113.53.29.172 port 42312 ssh2 Jun 10 01:16:24 firewall sshd[1718]: Invalid user namunoz from 113.53.29.172 ...	2020-06-10 12:35:41
113.53.29.172	attackspambots	May 27 11:55:35 legacy sshd[21301]: Failed password for root from 113.53.29.172 port 49372 ssh2 May 27 11:59:48 legacy sshd[21420]: Failed password for root from 113.53.29.172 port 55310 ssh2 ...	2020-05-27 18:18:23
113.53.29.172	attackspambots	May 26 02:19:28 srv-ubuntu-dev3 sshd[41551]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.53.29.172 user=root May 26 02:19:30 srv-ubuntu-dev3 sshd[41551]: Failed password for root from 113.53.29.172 port 52774 ssh2 May 26 02:20:56 srv-ubuntu-dev3 sshd[41777]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.53.29.172 user=root May 26 02:20:58 srv-ubuntu-dev3 sshd[41777]: Failed password for root from 113.53.29.172 port 45170 ssh2 May 26 02:22:26 srv-ubuntu-dev3 sshd[42027]: Invalid user router from 113.53.29.172 May 26 02:22:26 srv-ubuntu-dev3 sshd[42027]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.53.29.172 May 26 02:22:26 srv-ubuntu-dev3 sshd[42027]: Invalid user router from 113.53.29.172 May 26 02:22:28 srv-ubuntu-dev3 sshd[42027]: Failed password for invalid user router from 113.53.29.172 port 37570 ssh2 May 26 02:23:57 srv-ubuntu-dev3 sshd[42 ...	2020-05-26 08:50:48
113.53.29.172	attack	May 23 23:45:27 Host-KEWR-E sshd[9377]: Invalid user mbg from 113.53.29.172 port 34348 ...	2020-05-24 20:08:50

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 113.53.29.4
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57299
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;113.53.29.4.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019061901 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Jun 20 02:24:04 CST 2019
;; MSG SIZE  rcvd: 115

Host info

Host 4.29.53.113.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 4.29.53.113.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
51.83.41.120	attackspambots	Apr 23 07:02:07 v22018086721571380 sshd[20178]: Failed password for invalid user wi from 51.83.41.120 port 34958 ssh2	2020-04-23 13:03:56
218.78.10.111	attackbots	Port probing on unauthorized port 8080	2020-04-23 12:41:46
222.186.42.136	attack	$f2bV_matches	2020-04-23 13:03:04
46.105.148.212	attackbotsspam	Invalid user ubuntu from 46.105.148.212 port 47392	2020-04-23 13:00:18
124.239.218.188	attack	2020-04-23 05:55:51,970 fail2ban.actions: WARNING [ssh] Ban 124.239.218.188	2020-04-23 12:24:37
171.100.156.102	attack	(imapd) Failed IMAP login from 171.100.156.102 (TH/Thailand/171-100-156-102.static.asianet.co.th): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Apr 23 08:25:15 ir1 dovecot[264309]: imap-login: Disconnected (auth failed, 1 attempts in 19 secs): user=, method=PLAIN, rip=171.100.156.102, lip=5.63.12.44, TLS, session=	2020-04-23 12:58:47
132.232.60.183	attack	Wordpress malicious attack:[sshd]	2020-04-23 12:52:29
185.234.217.48	attackbotsspam	Apr 23 05:36:38 web01.agentur-b-2.de postfix/smtpd[74149]: warning: unknown[185.234.217.48]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 23 05:36:38 web01.agentur-b-2.de postfix/smtpd[74149]: lost connection after AUTH from unknown[185.234.217.48] Apr 23 05:39:40 web01.agentur-b-2.de postfix/smtpd[74149]: warning: unknown[185.234.217.48]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 23 05:39:40 web01.agentur-b-2.de postfix/smtpd[74149]: lost connection after AUTH from unknown[185.234.217.48] Apr 23 05:41:56 web01.agentur-b-2.de postfix/smtpd[73771]: warning: unknown[185.234.217.48]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2020-04-23 12:33:27
78.128.113.75	attackbots	Apr 23 06:35:05 web01.agentur-b-2.de postfix/smtps/smtpd[84568]: warning: unknown[78.128.113.75]: SASL PLAIN authentication failed: Apr 23 06:35:05 web01.agentur-b-2.de postfix/smtps/smtpd[84568]: lost connection after AUTH from unknown[78.128.113.75] Apr 23 06:35:12 web01.agentur-b-2.de postfix/smtps/smtpd[84568]: lost connection after AUTH from unknown[78.128.113.75] Apr 23 06:35:18 web01.agentur-b-2.de postfix/smtps/smtpd[84568]: lost connection after AUTH from unknown[78.128.113.75] Apr 23 06:35:23 web01.agentur-b-2.de postfix/smtps/smtpd[84848]: warning: unknown[78.128.113.75]: SASL PLAIN authentication failed:	2020-04-23 12:36:01
162.248.52.82	attackspam	$f2bV_matches	2020-04-23 12:42:01
42.118.38.225	attack	20/4/22@23:55:46: FAIL: Alarm-Network address from=42.118.38.225 ...	2020-04-23 12:28:27
64.225.25.59	attackspam	Fail2Ban - SSH Bruteforce Attempt	2020-04-23 12:49:33
76.120.7.86	attackspam	SSH login attempts.	2020-04-23 12:46:32
161.35.97.241	attackbots	firewall-block, port(s): 23/tcp	2020-04-23 13:03:25
188.191.235.237	attack	Distributed brute force attack	2020-04-23 12:50:32

Recently Reported IPs

41.77.112.193	41.251.167.197	193.112.144.180	178.218.114.243
181.164.62.141	124.24.164.254	42.179.249.73	119.109.202.22
94.180.164.192	80.103.35.79	182.68.133.87	151.70.154.216
5.16.118.213	218.247.132.166	68.205.225.12	40.107.75.110
12.109.25.206	27.27.62.186	183.15.89.63	187.38.228.98