52.163.203.13 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Singapore

Internet Service Provider: Microsoft Corporation

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt detected from IP address 52.163.203.13 to port 1433 [T]	2020-07-22 00:59:08
attackbotsspam	Jul 18 10:27:28 db sshd[26253]: Invalid user admin from 52.163.203.13 port 38918 ...	2020-07-18 18:28:37
attackspam	$f2bV_matches	2020-07-16 20:19:42
attackbots	2020-06-30T18:07:53.210904ks3355764 sshd[30540]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.163.203.13 user=root 2020-06-30T18:07:55.217449ks3355764 sshd[30540]: Failed password for root from 52.163.203.13 port 31633 ssh2 ...	2020-07-01 01:08:19
attackspambots	Jun 28 14:27:33 fhem-rasp sshd[17511]: Failed password for root from 52.163.203.13 port 7812 ssh2 Jun 28 14:27:33 fhem-rasp sshd[17511]: Disconnected from authenticating user root 52.163.203.13 port 7812 [preauth] ...	2020-06-28 20:47:02
attack	sshd: Failed password for .... from 52.163.203.13 port 2819 ssh2 (3 attempts)	2020-06-27 18:56:19

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 52.163.203.13
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52566
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;52.163.203.13.			IN	A

;; AUTHORITY SECTION:
.			248	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020062700 1800 900 604800 86400

;; Query time: 96 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jun 27 18:56:16 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 13.203.163.52.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 13.203.163.52.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
200.119.112.204	attackbotsspam	Aug 11 07:53:53 cosmoit sshd[24078]: Failed password for root from 200.119.112.204 port 39580 ssh2	2020-08-11 14:56:00
62.210.194.9	attackbots	Aug 11 05:01:11 mail.srvfarm.net postfix/smtpd[2145422]: lost connection after STARTTLS from r9.news.eu.rvca.com[62.210.194.9] Aug 11 05:03:04 mail.srvfarm.net postfix/smtpd[2145457]: lost connection after STARTTLS from r9.news.eu.rvca.com[62.210.194.9] Aug 11 05:05:08 mail.srvfarm.net postfix/smtpd[2145463]: lost connection after STARTTLS from r9.news.eu.rvca.com[62.210.194.9] Aug 11 05:06:24 mail.srvfarm.net postfix/smtpd[2145503]: lost connection after STARTTLS from r9.news.eu.rvca.com[62.210.194.9] Aug 11 05:07:45 mail.srvfarm.net postfix/smtpd[2145455]: lost connection after STARTTLS from r9.news.eu.rvca.com[62.210.194.9]	2020-08-11 15:42:14
103.207.6.54	attackspam	Aug 11 05:03:40 mail.srvfarm.net postfix/smtpd[2145468]: warning: unknown[103.207.6.54]: SASL PLAIN authentication failed: Aug 11 05:03:40 mail.srvfarm.net postfix/smtpd[2145468]: lost connection after AUTH from unknown[103.207.6.54] Aug 11 05:04:58 mail.srvfarm.net postfix/smtpd[2145463]: warning: unknown[103.207.6.54]: SASL PLAIN authentication failed: Aug 11 05:04:59 mail.srvfarm.net postfix/smtpd[2145463]: lost connection after AUTH from unknown[103.207.6.54] Aug 11 05:10:49 mail.srvfarm.net postfix/smtps/smtpd[2148626]: warning: unknown[103.207.6.54]: SASL PLAIN authentication failed:	2020-08-11 15:38:01
172.82.239.21	attack	Aug 11 05:01:11 mail.srvfarm.net postfix/smtpd[2145457]: lost connection after STARTTLS from r21.news.eu.rvca.com[172.82.239.21] Aug 11 05:03:04 mail.srvfarm.net postfix/smtpd[2145464]: lost connection after STARTTLS from r21.news.eu.rvca.com[172.82.239.21] Aug 11 05:05:08 mail.srvfarm.net postfix/smtpd[2145288]: lost connection after STARTTLS from r21.news.eu.rvca.com[172.82.239.21] Aug 11 05:06:25 mail.srvfarm.net postfix/smtpd[2145254]: lost connection after STARTTLS from r21.news.eu.rvca.com[172.82.239.21] Aug 11 05:07:45 mail.srvfarm.net postfix/smtpd[2145291]: lost connection after STARTTLS from r21.news.eu.rvca.com[172.82.239.21]	2020-08-11 15:36:31
167.71.237.144	attack	Aug 11 06:24:13 jumpserver sshd[106568]: Failed password for root from 167.71.237.144 port 49106 ssh2 Aug 11 06:28:58 jumpserver sshd[106660]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.237.144 user=root Aug 11 06:28:59 jumpserver sshd[106660]: Failed password for root from 167.71.237.144 port 57726 ssh2 ...	2020-08-11 15:00:05
2001:41d0:8:531::	attackspambots	2020/08/11 05:18:11 [error] 4856#4856: 140401 open() "/usr/share/nginx/html/wp-login.php" failed (2: No such file or directory), client: 2001:41d0:8:531::, server: _, request: "GET /wp-login.php HTTP/1.1", host: "sirit-germany.com%0D" 2020/08/11 05:18:11 [error] 4856#4856: 140402 open() "/usr/share/nginx/html/wp-login.php" failed (2: No such file or directory), client: 2001:41d0:8:531::, server: _, request: "GET /wp-login.php HTTP/1.1", host: "sirit-germany.com%0D"	2020-08-11 15:30:22
51.124.151.92	attack	2020/08/11 05:49:14 [error] 4856#4856: 144756 open() "/usr/share/nginx/html/wp-login.php" failed (2: No such file or directory), client: 51.124.151.92, server: _, request: "GET /wp-login.php HTTP/1.1", host: "freifunk-hueckeswagen.de" 2020/08/11 05:49:25 [error] 4856#4856: 144771 open() "/usr/share/nginx/html/wp-login.php" failed (2: No such file or directory), client: 51.124.151.92, server: _, request: "GET /wp-login.php HTTP/1.1", host: "freifunk-overath.de" 2020/08/11 05:49:26 [error] 4856#4856: *144777 open() "/usr/share/nginx/html/wp-login.php" failed (2: No such file or directory), client: 51.124.151.92, server: _, request: "GET /wp-login.php HTTP/1.1", host: "freifunk-remscheid.de"	2020-08-11 15:23:21
103.40.202.67	attack	Aug 11 05:14:11 mail.srvfarm.net postfix/smtpd[2161878]: warning: unknown[103.40.202.67]: SASL PLAIN authentication failed: Aug 11 05:14:12 mail.srvfarm.net postfix/smtpd[2161878]: lost connection after AUTH from unknown[103.40.202.67] Aug 11 05:18:32 mail.srvfarm.net postfix/smtpd[2163449]: warning: unknown[103.40.202.67]: SASL PLAIN authentication failed: Aug 11 05:18:32 mail.srvfarm.net postfix/smtpd[2163449]: lost connection after AUTH from unknown[103.40.202.67] Aug 11 05:23:08 mail.srvfarm.net postfix/smtpd[2161875]: warning: unknown[103.40.202.67]: SASL PLAIN authentication failed:	2020-08-11 15:38:58
1.4.155.227	attackspam	1597118041 - 08/11/2020 05:54:01 Host: 1.4.155.227/1.4.155.227 Port: 445 TCP Blocked	2020-08-11 14:59:10
103.25.132.177	attack	Aug 11 05:47:41 mail.srvfarm.net postfix/smtps/smtpd[2166053]: warning: unknown[103.25.132.177]: SASL PLAIN authentication failed: Aug 11 05:47:41 mail.srvfarm.net postfix/smtps/smtpd[2166053]: lost connection after AUTH from unknown[103.25.132.177] Aug 11 05:50:12 mail.srvfarm.net postfix/smtpd[2167341]: warning: unknown[103.25.132.177]: SASL PLAIN authentication failed: Aug 11 05:50:12 mail.srvfarm.net postfix/smtpd[2167341]: lost connection after AUTH from unknown[103.25.132.177] Aug 11 05:51:01 mail.srvfarm.net postfix/smtpd[2168261]: warning: unknown[103.25.132.177]: SASL PLAIN authentication failed:	2020-08-11 15:21:24
179.108.245.151	attack	Aug 11 05:36:31 mail.srvfarm.net postfix/smtps/smtpd[2164467]: warning: unknown[179.108.245.151]: SASL PLAIN authentication failed: Aug 11 05:36:32 mail.srvfarm.net postfix/smtps/smtpd[2164467]: lost connection after AUTH from unknown[179.108.245.151] Aug 11 05:41:01 mail.srvfarm.net postfix/smtps/smtpd[2164177]: warning: unknown[179.108.245.151]: SASL PLAIN authentication failed: Aug 11 05:41:02 mail.srvfarm.net postfix/smtps/smtpd[2164177]: lost connection after AUTH from unknown[179.108.245.151] Aug 11 05:44:58 mail.srvfarm.net postfix/smtps/smtpd[2166053]: warning: unknown[179.108.245.151]: SASL PLAIN authentication failed:	2020-08-11 15:15:11
13.80.69.199	attackspam	Aug 10 20:23:01 php1 sshd\[23503\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.80.69.199 user=root Aug 10 20:23:03 php1 sshd\[23503\]: Failed password for root from 13.80.69.199 port 40446 ssh2 Aug 10 20:27:18 php1 sshd\[23954\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.80.69.199 user=root Aug 10 20:27:20 php1 sshd\[23954\]: Failed password for root from 13.80.69.199 port 52416 ssh2 Aug 10 20:31:45 php1 sshd\[24395\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.80.69.199 user=root	2020-08-11 14:57:05
2002:b9ea:da55::b9ea:da55	attackspam	Aug 11 05:09:51 web01.agentur-b-2.de postfix/smtpd[411857]: warning: unknown[2002:b9ea:da55::b9ea:da55]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 11 05:09:51 web01.agentur-b-2.de postfix/smtpd[411857]: lost connection after AUTH from unknown[2002:b9ea:da55::b9ea:da55] Aug 11 05:10:27 web01.agentur-b-2.de postfix/smtpd[411856]: warning: unknown[2002:b9ea:da55::b9ea:da55]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 11 05:10:27 web01.agentur-b-2.de postfix/smtpd[411856]: lost connection after AUTH from unknown[2002:b9ea:da55::b9ea:da55] Aug 11 05:19:36 web01.agentur-b-2.de postfix/smtpd[413470]: warning: unknown[2002:b9ea:da55::b9ea:da55]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2020-08-11 15:27:09
87.246.7.136	attackbots	Brute force attempt	2020-08-11 15:40:15
94.102.59.107	attackspambots	(smtpauth) Failed SMTP AUTH login from 94.102.59.107 (NL/Netherlands/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-08-11 12:08:34 login authenticator failed for (USER) [94.102.59.107]: 535 Incorrect authentication data (set_id=info@mobarez.org)	2020-08-11 15:39:57

Recently Reported IPs

198.46.222.55	198.245.64.185	111.186.58.93	112.133.248.64
183.83.247.143	159.89.202.176	231.59.131.28	71.246.228.159
107.172.229.148	60.167.177.28	193.174.89.19	176.245.26.42
154.48.152.130	229.255.140.174	135.23.134.224	208.53.127.30
42.71.42.53	123.203.4.121	35.238.87.78	52.167.211.39