163.53.252.13 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: India

Internet Service Provider: Antariksh Broadband and Wireless Solution Private Limited

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	[Fri Sep 06 00:59:13.294193 2019] [:error] [pid 200348] [client 163.53.252.13:47384] [client 163.53.252.13] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "91"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 21)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "127.0.0.1"] [uri "/cgi-bin/ViewLog.asp"] [unique_id "XXHZkaDElfbcirD75ea4ZwAAAAc"] ...	2019-09-06 12:39:39

Type

Details

Datetime

attack

[Fri Sep 06 00:59:13.294193 2019] [:error] [pid 200348] [client 163.53.252.13:47384] [client 163.53.252.13] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "91"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 21)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "127.0.0.1"] [uri "/cgi-bin/ViewLog.asp"] [unique_id "XXHZkaDElfbcirD75ea4ZwAAAAc"]
...

2019-09-06 12:39:39

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 163.53.252.13
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 25270
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;163.53.252.13.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019090501 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Sep 06 00:08:48 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 13.252.53.163.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
*** Can't find 13.252.53.163.in-addr.arpa.: No answer

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
104.248.150.150	attack	Automatic report - Banned IP Access	2019-12-01 21:12:15
37.111.9.181	attackspam	$f2bV_matches	2019-12-01 20:37:49
36.70.0.100	attackspam	Automatic report - Port Scan Attack	2019-12-01 20:53:45
222.186.52.86	attackspam	Dec 1 13:46:21 * sshd[20164]: Failed password for root from 222.186.52.86 port 30108 ssh2	2019-12-01 21:04:35
181.28.231.178	attackbotsspam	UTC: 2019-11-30 port: 23/tcp	2019-12-01 21:09:47
121.241.244.93	attackbots	$f2bV_matches	2019-12-01 20:41:50
49.49.245.155	attack	Dec 1 12:05:11 nginx sshd[74095]: Invalid user admin from 49.49.245.155 Dec 1 12:05:11 nginx sshd[74095]: Connection closed by 49.49.245.155 port 59906 [preauth]	2019-12-01 20:56:41
177.152.153.90	attackspambots	UTC: 2019-11-30 port: 26/tcp	2019-12-01 20:45:24
51.158.21.0	attackspam	Dec 1 07:19:58 SilenceServices sshd[20287]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.158.21.0 Dec 1 07:20:00 SilenceServices sshd[20287]: Failed password for invalid user duparc from 51.158.21.0 port 40520 ssh2 Dec 1 07:22:50 SilenceServices sshd[21052]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.158.21.0	2019-12-01 20:34:29
198.108.67.51	attack	firewall-block, port(s): 5568/tcp	2019-12-01 21:04:56
114.236.113.155	attackspam	Port 1433 Scan	2019-12-01 21:06:57
104.236.124.45	attackbots	Dec 1 12:47:07 server sshd\[8822\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.124.45 user=lp Dec 1 12:47:09 server sshd\[8822\]: Failed password for lp from 104.236.124.45 port 55085 ssh2 Dec 1 13:12:47 server sshd\[14791\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.124.45 user=root Dec 1 13:12:49 server sshd\[14791\]: Failed password for root from 104.236.124.45 port 38212 ssh2 Dec 1 13:18:14 server sshd\[16052\]: Invalid user alma from 104.236.124.45 Dec 1 13:18:14 server sshd\[16052\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.124.45 ...	2019-12-01 20:33:40
118.249.42.19	attackspambots	UTC: 2019-11-30 port: 23/tcp	2019-12-01 20:52:50
91.215.244.12	attackspam	2019-12-01T10:24:51.960969abusebot.cloudsearch.cf sshd\[25747\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.215.244.12 user=root	2019-12-01 20:37:18
178.164.239.237	attackspam	Automatic report - Port Scan Attack	2019-12-01 20:52:07

Recently Reported IPs

185.185.232.209	217.114.15.154	54.225.204.189	87.12.239.255
116.236.61.228	99.63.4.33	41.220.112.82	208.230.188.137
123.208.79.53	196.131.236.60	178.111.181.131	54.209.236.92
70.211.61.207	40.170.141.3	12.109.167.169	62.175.225.55
79.173.251.80	36.71.186.48	147.156.14.103	41.169.249.152