City: Dublin
Region: Leinster
Country: Ireland
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2025, American Registry for Internet Numbers, Ltd.
#
# start
NetRange: 52.0.0.0 - 52.79.255.255
CIDR: 52.0.0.0/10, 52.64.0.0/12
NetName: AT-88-Z
NetHandle: NET-52-0-0-0-1
Parent: NET52 (NET-52-0-0-0-0)
NetType: Direct Allocation
OriginAS:
Organization: Amazon Technologies Inc. (AT-88-Z)
RegDate: 1991-12-19
Updated: 2024-02-05
Comment: Geofeed http://ip-ranges.amazonaws.com/geo-ip-feed.csv
Ref: https://rdap.arin.net/registry/ip/52.0.0.0
OrgName: Amazon Technologies Inc.
OrgId: AT-88-Z
Address: 410 Terry Ave N.
City: Seattle
StateProv: WA
PostalCode: 98109
Country: US
RegDate: 2011-12-08
Updated: 2024-01-24
Comment: All abuse reports MUST include:
Comment: * src IP
Comment: * dest IP (your IP)
Comment: * dest port
Comment: * Accurate date/timestamp and timezone of activity
Comment: * Intensity/frequency (short log extracts)
Comment: * Your contact details (phone and email) Without these we will be unable to identify the correct owner of the IP address at that point in time.
Ref: https://rdap.arin.net/registry/entity/AT-88-Z
OrgRoutingHandle: IPROU3-ARIN
OrgRoutingName: IP Routing
OrgRoutingPhone: +1-206-555-0000
OrgRoutingEmail: aws-routing-poc@amazon.com
OrgRoutingRef: https://rdap.arin.net/registry/entity/IPROU3-ARIN
OrgRoutingHandle: ARMP-ARIN
OrgRoutingName: AWS RPKI Management POC
OrgRoutingPhone: +1-206-555-0000
OrgRoutingEmail: aws-rpki-routing-poc@amazon.com
OrgRoutingRef: https://rdap.arin.net/registry/entity/ARMP-ARIN
OrgTechHandle: ANO24-ARIN
OrgTechName: Amazon EC2 Network Operations
OrgTechPhone: +1-206-555-0000
OrgTechEmail: amzn-noc-contact@amazon.com
OrgTechRef: https://rdap.arin.net/registry/entity/ANO24-ARIN
OrgAbuseHandle: AEA8-ARIN
OrgAbuseName: Amazon EC2 Abuse
OrgAbusePhone: +1-206-555-0000
OrgAbuseEmail: trustandsafety@support.aws.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/AEA8-ARIN
OrgNOCHandle: AANO1-ARIN
OrgNOCName: Amazon AWS Network Operations
OrgNOCPhone: +1-206-555-0000
OrgNOCEmail: amzn-noc-contact@amazon.com
OrgNOCRef: https://rdap.arin.net/registry/entity/AANO1-ARIN
# end
# start
NetRange: 52.16.0.0 - 52.19.255.255
CIDR: 52.16.0.0/14
NetName: AMAZON-DUB
NetHandle: NET-52-16-0-0-1
Parent: AT-88-Z (NET-52-0-0-0-1)
NetType: Reallocated
OriginAS:
Organization: Amazon Data Services Ireland Limited (ADSIL-1)
RegDate: 2016-09-28
Updated: 2016-09-28
Ref: https://rdap.arin.net/registry/ip/52.16.0.0
OrgName: Amazon Data Services Ireland Limited
OrgId: ADSIL-1
Address: Unit 4033, Citywest Avenue Citywest Business Park
City: Dublin
StateProv: D24
PostalCode:
Country: IE
RegDate: 2014-07-18
Updated: 2014-07-18
Ref: https://rdap.arin.net/registry/entity/ADSIL-1
OrgTechHandle: ANO24-ARIN
OrgTechName: Amazon EC2 Network Operations
OrgTechPhone: +1-206-555-0000
OrgTechEmail: amzn-noc-contact@amazon.com
OrgTechRef: https://rdap.arin.net/registry/entity/ANO24-ARIN
OrgNOCHandle: AANO1-ARIN
OrgNOCName: Amazon AWS Network Operations
OrgNOCPhone: +1-206-555-0000
OrgNOCEmail: amzn-noc-contact@amazon.com
OrgNOCRef: https://rdap.arin.net/registry/entity/AANO1-ARIN
OrgAbuseHandle: AEA8-ARIN
OrgAbuseName: Amazon EC2 Abuse
OrgAbusePhone: +1-206-555-0000
OrgAbuseEmail: trustandsafety@support.aws.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/AEA8-ARIN
# end
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2025, American Registry for Internet Numbers, Ltd.
#; <<>> DiG 9.10.3-P4-Ubuntu <<>> 52.18.49.85
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2691
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;52.18.49.85. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025092700 1800 900 604800 86400
;; Query time: 67 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Sep 27 18:40:17 CST 2025
;; MSG SIZE rcvd: 10485.49.18.52.in-addr.arpa domain name pointer ec2-52-18-49-85.eu-west-1.compute.amazonaws.com.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
85.49.18.52.in-addr.arpa name = ec2-52-18-49-85.eu-west-1.compute.amazonaws.com.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 163.13.137.201 | attackspambots | Mar 20 18:09:43 vpn sshd[31816]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.13.137.201 Mar 20 18:09:44 vpn sshd[31816]: Failed password for invalid user wwwroot from 163.13.137.201 port 58946 ssh2 Mar 20 18:15:03 vpn sshd[31842]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.13.137.201 |
2019-07-19 13:13:31 |
| 51.68.188.67 | attackbots | Jul 19 04:03:56 localhost sshd\[6701\]: Invalid user sandeep from 51.68.188.67 port 47578 Jul 19 04:03:56 localhost sshd\[6701\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.188.67 Jul 19 04:03:58 localhost sshd\[6701\]: Failed password for invalid user sandeep from 51.68.188.67 port 47578 ssh2 |
2019-07-19 14:06:25 |
| 58.27.242.74 | attackspambots | @LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-18 19:21:11,157 INFO [amun_request_handler] PortScan Detected on Port: 445 (58.27.242.74) |
2019-07-19 13:14:32 |
| 163.10.1.155 | attackbots | Mar 24 09:12:02 vpn sshd[4603]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.10.1.155 Mar 24 09:12:04 vpn sshd[4603]: Failed password for invalid user admin from 163.10.1.155 port 45638 ssh2 Mar 24 09:18:04 vpn sshd[4625]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.10.1.155 |
2019-07-19 13:28:12 |
| 171.25.193.20 | attackbots | [Aegis] @ 2019-07-18 23:41:22 0100 -> Multiple authentication failures. |
2019-07-19 13:25:38 |
| 185.211.129.146 | attack | RDP Bruteforce |
2019-07-19 13:36:57 |
| 84.85.23.67 | attack | Jul 19 07:51:23 s0 sshd\[116092\]: Invalid user user from 84.85.23.67 port 59464 Jul 19 07:51:23 s0 sshd\[116092\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=84.85.23.67 Jul 19 07:51:25 s0 sshd\[116092\]: Failed password for invalid user user from 84.85.23.67 port 59464 ssh2 ... |
2019-07-19 14:03:13 |
| 93.29.187.145 | attackspam | Jul 19 06:29:12 h2177944 sshd\[24608\]: Failed password for invalid user sysadmin from 93.29.187.145 port 32986 ssh2 Jul 19 07:30:08 h2177944 sshd\[26807\]: Invalid user nj from 93.29.187.145 port 40948 Jul 19 07:30:08 h2177944 sshd\[26807\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.29.187.145 Jul 19 07:30:10 h2177944 sshd\[26807\]: Failed password for invalid user nj from 93.29.187.145 port 40948 ssh2 ... |
2019-07-19 14:02:06 |
| 202.99.223.202 | attackspam | Jul 19 07:14:03 localhost sshd\[31207\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.99.223.202 user=root Jul 19 07:14:05 localhost sshd\[31207\]: Failed password for root from 202.99.223.202 port 40266 ssh2 Jul 19 07:19:49 localhost sshd\[31721\]: Invalid user ftpvm from 202.99.223.202 port 60760 Jul 19 07:19:49 localhost sshd\[31721\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.99.223.202 |
2019-07-19 13:27:01 |
| 163.172.144.137 | attack | Feb 22 21:48:03 vpn sshd[3331]: Invalid user contact from 163.172.144.137 Feb 22 21:48:03 vpn sshd[3331]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.172.144.137 Feb 22 21:48:05 vpn sshd[3331]: Failed password for invalid user contact from 163.172.144.137 port 39258 ssh2 Feb 22 21:50:55 vpn sshd[3334]: Invalid user contact from 163.172.144.137 Feb 22 21:50:55 vpn sshd[3334]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.172.144.137 |
2019-07-19 13:10:16 |
| 177.39.84.130 | attackspam | Jul 19 11:15:40 vibhu-HP-Z238-Microtower-Workstation sshd\[7640\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.39.84.130 user=root Jul 19 11:15:42 vibhu-HP-Z238-Microtower-Workstation sshd\[7640\]: Failed password for root from 177.39.84.130 port 57147 ssh2 Jul 19 11:21:42 vibhu-HP-Z238-Microtower-Workstation sshd\[7905\]: Invalid user brother from 177.39.84.130 Jul 19 11:21:42 vibhu-HP-Z238-Microtower-Workstation sshd\[7905\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.39.84.130 Jul 19 11:21:44 vibhu-HP-Z238-Microtower-Workstation sshd\[7905\]: Failed password for invalid user brother from 177.39.84.130 port 56154 ssh2 ... |
2019-07-19 13:56:48 |
| 103.72.163.180 | attackbots | 103.72.163.180 - - [19/Jul/2019:03:55:01 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 103.72.163.180 - - [19/Jul/2019:03:55:02 +0200] "POST /wp-login.php HTTP/1.1" 200 1503 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 103.72.163.180 - - [19/Jul/2019:03:55:03 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 103.72.163.180 - - [19/Jul/2019:03:55:04 +0200] "POST /wp-login.php HTTP/1.1" 200 1486 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 103.72.163.180 - - [19/Jul/2019:03:55:05 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 103.72.163.180 - - [19/Jul/2019:03:55:06 +0200] "POST /wp-login.php HTTP/1.1" 200 1486 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ... |
2019-07-19 13:41:41 |
| 101.255.92.138 | attackspambots | @LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-18 19:21:05,378 INFO [amun_request_handler] PortScan Detected on Port: 445 (101.255.92.138) |
2019-07-19 13:21:07 |
| 209.141.42.85 | attackspambots | Jul 18 20:19:51 wildwolf ssh-honeypotd[26164]: Failed password for r.r from 209.141.42.85 port 51330 ssh2 (target: 158.69.100.140:22, password: r.r) Jul 18 20:19:52 wildwolf ssh-honeypotd[26164]: Failed password for admin from 209.141.42.85 port 52816 ssh2 (target: 158.69.100.140:22, password: admin) Jul 18 20:19:55 wildwolf ssh-honeypotd[26164]: Failed password for r.r from 209.141.42.85 port 55738 ssh2 (target: 158.69.100.140:22, password: password) Jul 18 20:19:56 wildwolf ssh-honeypotd[26164]: Failed password for admin from 209.141.42.85 port 57604 ssh2 (target: 158.69.100.140:22, password: 1234) Jul 18 20:19:59 wildwolf ssh-honeypotd[26164]: Failed password for user from 209.141.42.85 port 59074 ssh2 (target: 158.69.100.140:22, password: user) Jul 18 20:20:00 wildwolf ssh-honeypotd[26164]: Failed password for user from 209.141.42.85 port 34844 ssh2 (target: 158.69.100.140:22, password: passwd) Jul 18 20:20:01 wildwolf ssh-honeypotd[26164]: Failed password for admin ........ ------------------------------ |
2019-07-19 13:55:37 |
| 91.66.214.22 | attackbotsspam | Automatic report - Banned IP Access |
2019-07-19 14:05:32 |