52.252.103.141

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: Microsoft Corporation

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Jul 17 12:13:40 rancher-0 sshd[405383]: Invalid user administrator from 52.252.103.141 port 12131 ...	2020-07-17 19:36:40
attackspambots	Invalid user admin from 52.252.103.141 port 64821	2020-07-16 07:18:02
attackbots	2020-07-14 08:44:53.828237-0500 localhost sshd[65828]: Failed password for invalid user www.customvisuals.com from 52.252.103.141 port 18270 ssh2	2020-07-14 23:06:44

Type

Details

Datetime

attackspambots

Jul 17 12:13:40 rancher-0 sshd[405383]: Invalid user administrator from 52.252.103.141 port 12131
...

2020-07-17 19:36:40

attackspambots

Invalid user admin from 52.252.103.141 port 64821

2020-07-16 07:18:02

attackbots

2020-07-14 08:44:53.828237-0500  localhost sshd[65828]: Failed password for invalid user www.customvisuals.com from 52.252.103.141 port 18270 ssh2

2020-07-14 23:06:44

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 52.252.103.141
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 53185
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;52.252.103.141.			IN	A

;; AUTHORITY SECTION:
.			357	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020071400 1800 900 604800 86400

;; Query time: 12 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jul 14 23:06:37 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 141.103.252.52.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 141.103.252.52.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
52.231.206.52	attack	(smtpauth) Failed SMTP AUTH login from 52.231.206.52 (KR/South Korea/-): 5 in the last 14400 secs; ID: DAN	2020-08-01 13:10:33
125.124.70.22	attackspam	Invalid user ruisi from 125.124.70.22 port 45956	2020-08-01 13:17:51
103.145.12.206	attackspam	[2020-07-31 23:57:35] NOTICE[1248] chan_sip.c: Registration from '"1600" ' failed for '103.145.12.206:6180' - Wrong password [2020-07-31 23:57:35] SECURITY[1275] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-07-31T23:57:35.836-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="1600",SessionID="0x7f2720091b18",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/103.145.12.206/6180",Challenge="5416d8ab",ReceivedChallenge="5416d8ab",ReceivedHash="1dd9cfa0944e32d86b9ded5fff38bcde" [2020-07-31 23:57:35] NOTICE[1248] chan_sip.c: Registration from '"1600" ' failed for '103.145.12.206:6180' - Wrong password [2020-07-31 23:57:35] SECURITY[1275] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-07-31T23:57:35.943-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="1600",SessionID="0x7f27200510e8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP ...	2020-08-01 12:43:31
35.194.36.3	attackbotsspam	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: 3.36.194.35.bc.googleusercontent.com.	2020-08-01 13:13:47
68.97.172.56	attack	Chat Spam	2020-08-01 12:59:56
195.158.8.206	attack	Aug 1 13:57:00 localhost sshd[3137479]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.158.8.206 user=root Aug 1 13:57:02 localhost sshd[3137479]: Failed password for root from 195.158.8.206 port 36524 ssh2 ...	2020-08-01 13:08:02
89.250.148.154	attackbotsspam	Aug 1 07:28:43 hosting sshd[2901]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.250.148.154 user=root Aug 1 07:28:45 hosting sshd[2901]: Failed password for root from 89.250.148.154 port 37778 ssh2 ...	2020-08-01 13:16:10
206.189.145.233	attackbots	Aug 1 10:02:00 gw1 sshd[21896]: Failed password for root from 206.189.145.233 port 60796 ssh2 ...	2020-08-01 13:20:53
117.204.255.28	attackbots	Automatic report - Port Scan Attack	2020-08-01 12:57:04
192.241.237.158	attack	port scan and connect, tcp 990 (ftps)	2020-08-01 13:19:27
14.179.10.203	attackspam	Automatic report - Port Scan Attack	2020-08-01 12:48:09
180.76.53.42	attackspam	Aug 1 10:51:25 itv-usvr-02 sshd[22361]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.53.42 user=root Aug 1 10:55:57 itv-usvr-02 sshd[22601]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.53.42 user=root Aug 1 11:00:28 itv-usvr-02 sshd[22755]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.53.42 user=root	2020-08-01 12:50:12
64.227.15.109	attackbots	Attempted connection to port 80.	2020-08-01 12:50:28
61.175.121.76	attackbots	Aug 1 07:38:52 journals sshd\[93600\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.175.121.76 user=root Aug 1 07:38:54 journals sshd\[93600\]: Failed password for root from 61.175.121.76 port 23031 ssh2 Aug 1 07:40:56 journals sshd\[93786\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.175.121.76 user=root Aug 1 07:40:57 journals sshd\[93786\]: Failed password for root from 61.175.121.76 port 34317 ssh2 Aug 1 07:43:08 journals sshd\[93973\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.175.121.76 user=root ...	2020-08-01 12:52:57
119.44.20.30	attackbotsspam	Multiple SSH authentication failures from 119.44.20.30	2020-08-01 13:16:59

Recently Reported IPs

52.231.162.132	52.232.47.182	52.149.208.90	70.37.58.62
52.188.23.7	191.235.79.154	52.165.223.138	40.117.63.36
79.116.138.121	40.115.237.117	23.98.74.16	212.232.61.37
20.188.46.82	174.138.51.109	40.121.142.69	213.32.148.153
157.55.202.218	13.93.178.8	185.177.124.203	104.215.151.60