141.164.54.52 - IPInfo

Basic Info

City: Seoul

Region: Seoul Special City

Country: South Korea

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
141.164.54.73	attack	Automated report (2020-07-04T07:12:11+08:00). Faked user agent detected.	2020-07-04 13:45:06

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 141.164.54.52
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10374
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;141.164.54.52.			IN	A

;; AUTHORITY SECTION:
.			438	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022111300 1800 900 604800 86400

;; Query time: 56 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Nov 13 20:45:21 CST 2022
;; MSG SIZE  rcvd: 106

Host info

52.54.164.141.in-addr.arpa domain name pointer seoul01-router.cloudiepl.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
52.54.164.141.in-addr.arpa	name = seoul01-router.cloudiepl.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
45.136.110.41	attackspambots	Excessive Port-Scanning	2019-10-28 06:53:07
137.74.47.22	attackbotsspam	Oct 27 23:52:39 site1 sshd\[8817\]: Invalid user al from 137.74.47.22Oct 27 23:52:41 site1 sshd\[8817\]: Failed password for invalid user al from 137.74.47.22 port 49856 ssh2Oct 27 23:56:11 site1 sshd\[8934\]: Invalid user ivo from 137.74.47.22Oct 27 23:56:14 site1 sshd\[8934\]: Failed password for invalid user ivo from 137.74.47.22 port 58756 ssh2Oct 27 23:59:34 site1 sshd\[9047\]: Invalid user test2 from 137.74.47.22Oct 27 23:59:36 site1 sshd\[9047\]: Failed password for invalid user test2 from 137.74.47.22 port 39416 ssh2 ...	2019-10-28 06:50:36
185.176.27.30	attack	10/27/2019-18:54:21.267227 185.176.27.30 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-10-28 07:18:33
103.212.235.182	attackbotsspam	Oct 27 12:30:48 eddieflores sshd\[15830\]: Invalid user Qwert123321 from 103.212.235.182 Oct 27 12:30:48 eddieflores sshd\[15830\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.212.235.182 Oct 27 12:30:50 eddieflores sshd\[15830\]: Failed password for invalid user Qwert123321 from 103.212.235.182 port 48234 ssh2 Oct 27 12:35:35 eddieflores sshd\[16179\]: Invalid user 123zxcfgas from 103.212.235.182 Oct 27 12:35:35 eddieflores sshd\[16179\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.212.235.182	2019-10-28 06:54:13
180.119.109.62	attack	Oct 27 08:53:55 noisternig postfix/smtpd[23350]: connect from unknown[180.119.109.62] Oct 27 08:53:56 noisternig postfix/smtpd[23366]: connect from unknown[180.119.109.62] Oct x@x Oct 27 08:53:57 noisternig postfix/smtpd[23350]: lost connection after RCPT from unknown[180.119.109.62] Oct 27 08:53:57 noisternig postfix/smtpd[23350]: disconnect from unknown[180.119.109.62] Oct x@x Oct 27 08:53:58 noisternig postfix/smtpd[23366]: lost connection after RCPT from unknown[180.119.109.62] Oct 27 08:53:58 noisternig postfix/smtpd[23366]: disconnect from unknown[180.119.109.62] Oct 27 09:14:57 noisternig postfix/smtpd[24249]: connect from unknown[180.119.109.62] Oct 27 09:14:57 noisternig postfix/smtpd[24112]: connect from unknown[180.119.109.62] Oct x@x Oct x@x Oct 27 09:14:58 noisternig postfix/smtpd[24112]: lost connection after RCPT from unknown[180.119.109.62] Oct 27 09:14:58 noisternig postfix/smtpd[24112]: disconnect from unknown[180.119.109.62] Oct 27 09:14:58 noisternig ........ ------------------------------	2019-10-28 06:53:53
45.125.65.99	attackspambots	\[2019-10-27 18:32:46\] SECURITY\[2634\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-10-27T18:32:46.633-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="900248556213011",SessionID="0x7fdf2c66f3c8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.125.65.99/53640",ACLName="no_extension_match" \[2019-10-27 18:32:52\] SECURITY\[2634\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-10-27T18:32:52.343-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="00848556213011",SessionID="0x7fdf2c003608",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.125.65.99/59028",ACLName="no_extension_match" \[2019-10-27 18:32:56\] SECURITY\[2634\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-10-27T18:32:56.632-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="00748556213011",SessionID="0x7fdf2c144d18",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.125.65.99/64661",ACLName="no_extensio	2019-10-28 06:52:25
159.203.201.177	attackspambots	ET DROP Dshield Block Listed Source group 1 - port: 1080 proto: TCP cat: Misc Attack	2019-10-28 07:22:20
51.68.230.54	attack	Oct 27 20:38:48 sshgateway sshd\[26449\]: Invalid user www from 51.68.230.54 Oct 27 20:38:48 sshgateway sshd\[26449\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.230.54 Oct 27 20:38:51 sshgateway sshd\[26449\]: Failed password for invalid user www from 51.68.230.54 port 54490 ssh2	2019-10-28 07:04:25
195.231.67.105	attackbotsspam	Oct 27 23:23:57 SilenceServices sshd[1283]: Failed password for root from 195.231.67.105 port 49856 ssh2 Oct 27 23:27:54 SilenceServices sshd[5652]: Failed password for root from 195.231.67.105 port 33606 ssh2	2019-10-28 06:58:40
188.114.77.232	attack	DB server: rude login attack	2019-10-28 07:08:33
81.22.45.70	attackbotsspam	Portscan or hack attempt detected by psad/fwsnort	2019-10-28 07:11:15
173.56.69.86	attack	ET SCAN Suspicious inbound to MSSQL port 1433 - port: 1433 proto: TCP cat: Potentially Bad Traffic	2019-10-28 07:20:46
185.220.221.85	attackbots	ET WEB_SERVER PyCurl Suspicious User Agent Inbound - port: 80 proto: TCP cat: Attempted Information Leak	2019-10-28 07:16:44
170.130.187.10	attackbots	GPL SNMP public access udp - port: 161 proto: UDP cat: Attempted Information Leak	2019-10-28 07:21:43
159.203.201.148	attack	ET DROP Dshield Block Listed Source group 1 - port: 27017 proto: TCP cat: Misc Attack	2019-10-28 07:22:46

Recently Reported IPs

186.146.70.167	103.175.206.111	56.221.71.230	125.34.20.101
249.228.165.233	17.1.197.81	238.47.138.225	159.139.2.214
109.74.199.5	76.66.73.154	84.190.24.114	199.26.100.158
125.90.55.46	119.130.148.142	36.65.78.253	11.204.159.64
104.28.201.73	49.254.2.208	100.22.74.161	168.82.191.190