148.72.153.53 - IPInfo

Basic Info

City: St. Louis

Region: Missouri

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
148.72.153.223	attackbotsspam	Fraud VOIP	2020-10-09 02:40:40
148.72.153.223	attackspambots	Port scan denied	2020-10-08 18:40:33
148.72.153.224	attack	TCP (SYN) 148.72.153.224:50883 -> port 8190, len 44	2020-07-27 21:59:52
148.72.153.223	attackbotsspam	Unauthorized connection attempt detected from IP address 148.72.153.223 to port 8089 [T]	2020-06-24 03:32:44
148.72.153.114	attack	1589112638 - 05/10/2020 14:10:38 Host: 148.72.153.114/148.72.153.114 Port: 445 TCP Blocked	2020-05-11 01:27:18
148.72.153.211	attackspam	Scanning for exploits - /.env	2020-05-01 05:56:47
148.72.153.211	attackbotsspam	CMS (WordPress or Joomla) login attempt.	2020-04-28 02:44:52
148.72.153.211	attack	Automatic report - Banned IP Access	2020-04-27 18:18:42
148.72.153.211	attackspam	Trying to log into unused portions of the site	2020-04-26 12:57:07
148.72.153.208	attackspam	Forbidden directory scan :: 2020/02/23 06:23:31 [error] 36085#36085: *11114 access forbidden by rule, client: 148.72.153.208, server: [censored_1], request: "GET /configuration.php.old HTTP/1.1", host: "www.[censored_1]"	2020-02-23 15:06:40
148.72.153.248	attackspam	SSH login attempts.	2020-02-17 15:34:04

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 148.72.153.53
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4192
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;148.72.153.53.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025060500 1800 900 604800 86400

;; Query time: 33 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jun 05 19:56:18 CST 2025
;; MSG SIZE  rcvd: 106

Host info

53.153.72.148.in-addr.arpa domain name pointer server.scholarlyupdates.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
53.153.72.148.in-addr.arpa	name = server.scholarlyupdates.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
120.29.225.101	attackspam	Unauthorized connection attempt from IP address 120.29.225.101 on Port 445(SMB)	2020-01-03 19:02:57
58.59.25.2	attackbots	Unauthorized connection attempt from IP address 58.59.25.2 on Port 445(SMB)	2020-01-03 19:13:31
122.3.174.77	attackbots	Unauthorized connection attempt from IP address 122.3.174.77 on Port 445(SMB)	2020-01-03 18:35:14
149.126.32.23	attack	Dec 30 02:53:34 mailrelay sshd[27412]: Invalid user naaseh from 149.126.32.23 port 39806 Dec 30 02:53:34 mailrelay sshd[27412]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.126.32.23 Dec 30 02:53:36 mailrelay sshd[27412]: Failed password for invalid user naaseh from 149.126.32.23 port 39806 ssh2 Dec 30 02:53:36 mailrelay sshd[27412]: Received disconnect from 149.126.32.23 port 39806:11: Bye Bye [preauth] Dec 30 02:53:36 mailrelay sshd[27412]: Disconnected from 149.126.32.23 port 39806 [preauth] Dec 30 03:07:02 mailrelay sshd[27654]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.126.32.23 user=r.r Dec 30 03:07:04 mailrelay sshd[27654]: Failed password for r.r from 149.126.32.23 port 58681 ssh2 Dec 30 03:07:04 mailrelay sshd[27654]: Received disconnect from 149.126.32.23 port 58681:11: Bye Bye [preauth] Dec 30 03:07:04 mailrelay sshd[27654]: Disconnected from 149.126.32.23 port 5........ -------------------------------	2020-01-03 19:01:56
203.81.91.112	attackbots	Unauthorized connection attempt from IP address 203.81.91.112 on Port 445(SMB)	2020-01-03 18:47:33
149.56.123.177	attack	149.56.123.177 - - [03/Jan/2020:07:16:12 +0100] "POST /wp-login.php HTTP/1.1" 200 3871 "http://idea.univ-lyon3.fr/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.132 Safari/537.36" 149.56.123.177 - - [03/Jan/2020:07:16:13 +0100] "POST /wp-login.php HTTP/1.1" 200 3871 "http://idea.univ-lyon3.fr/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.132 Safari/537.36" 149.56.123.177 - - [03/Jan/2020:07:16:13 +0100] "POST /wp-login.php HTTP/1.1" 200 3871 "http://idea.univ-lyon3.fr/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.132 Safari/537.36" 149.56.123.177 - - [03/Jan/2020:07:16:13 +0100] "POST /wp-login.php HTTP/1.1" 200 3871 "http://idea.univ-lyon3.fr/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.132 Safari/537.36" 149.56.123.177 - - [03/Jan/2020:07:16:14	2020-01-03 19:12:04
189.92.173.30	attackbots	Unauthorized connection attempt from IP address 189.92.173.30 on Port 445(SMB)	2020-01-03 18:51:00
88.255.84.68	attackbots	Unauthorized connection attempt from IP address 88.255.84.68 on Port 445(SMB)	2020-01-03 19:02:14
200.86.228.10	attackspambots	Jan 3 09:48:09 ip-172-31-62-245 sshd\[19689\]: Invalid user jfq from 200.86.228.10\ Jan 3 09:48:12 ip-172-31-62-245 sshd\[19689\]: Failed password for invalid user jfq from 200.86.228.10 port 44320 ssh2\ Jan 3 09:52:16 ip-172-31-62-245 sshd\[19740\]: Invalid user vbox from 200.86.228.10\ Jan 3 09:52:18 ip-172-31-62-245 sshd\[19740\]: Failed password for invalid user vbox from 200.86.228.10 port 60511 ssh2\ Jan 3 09:56:20 ip-172-31-62-245 sshd\[19756\]: Invalid user ubnt from 200.86.228.10\	2020-01-03 18:39:06
67.207.91.133	attackspam	SSH bruteforce (Triggered fail2ban)	2020-01-03 19:10:09
140.143.183.71	attack	Jan 3 05:31:34 ws12vmsma01 sshd[12170]: Invalid user erp1 from 140.143.183.71 Jan 3 05:31:35 ws12vmsma01 sshd[12170]: Failed password for invalid user erp1 from 140.143.183.71 port 57908 ssh2 Jan 3 05:35:10 ws12vmsma01 sshd[12676]: Invalid user test from 140.143.183.71 ...	2020-01-03 18:42:44
36.32.236.8	attack	Unauthorized connection attempt from IP address 36.32.236.8 on Port 445(SMB)	2020-01-03 19:13:57
184.105.139.106	attackspam	3389BruteforceFW23	2020-01-03 19:09:26
110.137.160.225	attackbots	Jan 3 05:45:39 vmd46246 kernel: [1938130.116613] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:fb:88:28:99:3a:4d:30:af:08:00 SRC=110.137.160.225 DST=144.91.112.181 LEN=52 TOS=0x00 PREC=0x00 TTL=120 ID=847 DF PROTO=TCP SPT=60154 DPT=8291 WINDOW=8192 RES=0x00 SYN URGP=0 Jan 3 05:45:47 vmd46246 kernel: [1938138.326681] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:fb:88:28:99:3a:4d:30:af:08:00 SRC=110.137.160.225 DST=144.91.112.181 LEN=52 TOS=0x00 PREC=0x00 TTL=120 ID=4633 DF PROTO=TCP SPT=60154 DPT=8291 WINDOW=8192 RES=0x00 SYN URGP=0 Jan 3 05:45:50 vmd46246 kernel: [1938141.407833] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:fb:88:28:99:3a:4d:30:af:08:00 SRC=110.137.160.225 DST=144.91.112.181 LEN=52 TOS=0x00 PREC=0x00 TTL=120 ID=18862 DF PROTO=TCP SPT=60154 DPT=8291 WINDOW=8192 RES=0x00 SYN URGP=0 ...	2020-01-03 19:04:40
62.234.131.141	attack	SSH invalid-user multiple login attempts	2020-01-03 18:45:45

Recently Reported IPs

171.8.15.220	47.237.148.54	47.237.148.200	47.237.149.134
47.237.105.171	47.237.151.30	47.236.242.165	124.23.134.81
113.215.188.18	154.44.115.56	8.219.232.25	47.236.224.53
8.219.82.196	47.237.17.41	113.215.189.15	65.49.1.29
40.124.174.149	8.222.132.180	8.219.210.25	47.236.227.156