52.2.199.73 - IPInfo

Basic Info

City: Ashburn

Region: Virginia

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 52.2.199.73
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58422
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;52.2.199.73.			IN	A

;; AUTHORITY SECTION:
.			237	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2023100401 1800 900 604800 86400

;; Query time: 23 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Oct 05 05:43:06 CST 2023
;; MSG SIZE  rcvd: 104

Host info

73.199.2.52.in-addr.arpa domain name pointer ec2-52-2-199-73.compute-1.amazonaws.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
73.199.2.52.in-addr.arpa	name = ec2-52-2-199-73.compute-1.amazonaws.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
128.14.209.178	attackspambots	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: survey.internet-census.org.	2020-08-17 22:22:33
144.34.170.117	attackbots	Aug 17 08:05:13 Host-KEWR-E sshd[3363]: Disconnected from invalid user crh 144.34.170.117 port 49380 [preauth] ...	2020-08-17 22:10:06
104.236.124.45	attack	Aug 17 09:39:45 ws12vmsma01 sshd[34720]: Failed password for invalid user vz from 104.236.124.45 port 59949 ssh2 Aug 17 09:48:47 ws12vmsma01 sshd[36055]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.124.45 user=root Aug 17 09:48:49 ws12vmsma01 sshd[36055]: Failed password for root from 104.236.124.45 port 45272 ssh2 ...	2020-08-17 22:28:47
139.155.127.59	attackbotsspam	Aug 17 12:19:44 plex-server sshd[2656564]: Invalid user lili from 139.155.127.59 port 58736 Aug 17 12:19:44 plex-server sshd[2656564]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.127.59 Aug 17 12:19:44 plex-server sshd[2656564]: Invalid user lili from 139.155.127.59 port 58736 Aug 17 12:19:46 plex-server sshd[2656564]: Failed password for invalid user lili from 139.155.127.59 port 58736 ssh2 Aug 17 12:23:22 plex-server sshd[2658027]: Invalid user dev1 from 139.155.127.59 port 40354 ...	2020-08-17 22:38:24
94.102.59.107	attack	2020-08-17 14:49:13 auth_plain authenticator failed for (USER) [94.102.59.107]: 535 Incorrect authentication data (set_id=admin@lavrinenko.info) 2020-08-17 15:34:10 auth_plain authenticator failed for (USER) [94.102.59.107]: 535 Incorrect authentication data (set_id=admin@it-svc.com.ua) ...	2020-08-17 22:06:09
189.63.21.166	attackspam	2020-08-17T14:06:34.410319shield sshd\[9757\]: Invalid user spider from 189.63.21.166 port 52786 2020-08-17T14:06:34.421147shield sshd\[9757\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.63.21.166 2020-08-17T14:06:36.477917shield sshd\[9757\]: Failed password for invalid user spider from 189.63.21.166 port 52786 ssh2 2020-08-17T14:12:19.966767shield sshd\[10497\]: Invalid user mysql from 189.63.21.166 port 44930 2020-08-17T14:12:19.978920shield sshd\[10497\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.63.21.166	2020-08-17 22:19:39
150.109.151.206	attackbots	Port scan: Attack repeated for 24 hours	2020-08-17 22:25:09
201.114.229.78	attackbotsspam	$f2bV_matches	2020-08-17 21:59:40
37.71.22.82	attackbotsspam	(imapd) Failed IMAP login from 37.71.22.82 (FR/France/82.22.71.37.rev.sfr.net): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Aug 17 16:34:39 ir1 dovecot[3110802]: imap-login: Disconnected (auth failed, 1 attempts in 4 secs): user=, method=PLAIN, rip=37.71.22.82, lip=5.63.12.44, TLS, session=	2020-08-17 22:43:34
27.150.22.155	attackspam	Aug 17 15:06:15 nextcloud sshd\[3866\]: Invalid user ts3 from 27.150.22.155 Aug 17 15:06:15 nextcloud sshd\[3866\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.150.22.155 Aug 17 15:06:17 nextcloud sshd\[3866\]: Failed password for invalid user ts3 from 27.150.22.155 port 40938 ssh2	2020-08-17 22:02:27
51.83.135.225	attackspam	Lines containing failures of 51.83.135.225 Aug 17 13:26:17 new sshd[23353]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.135.225 user=r.r Aug 17 13:26:20 new sshd[23353]: Failed password for r.r from 51.83.135.225 port 55104 ssh2 Aug 17 13:26:23 new sshd[23353]: Received disconnect from 51.83.135.225 port 55104:11: Bye Bye [preauth] Aug 17 13:26:23 new sshd[23353]: Disconnected from authenticating user r.r 51.83.135.225 port 55104 [preauth] Aug 17 13:42:08 new sshd[28107]: Invalid user mc from 51.83.135.225 port 46254 Aug 17 13:42:08 new sshd[28107]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.135.225 Aug 17 13:42:10 new sshd[28107]: Failed password for invalid user mc from 51.83.135.225 port 46254 ssh2 Aug 17 13:42:10 new sshd[28107]: Received disconnect from 51.83.135.225 port 46254:11: Bye Bye [preauth] Aug 17 13:42:10 new sshd[28107]: Disconnected from invalid user mc ........ ------------------------------	2020-08-17 22:10:57
94.130.169.148	attackbots	Lines containing failures of 94.130.169.148 Aug 17 13:44:21 shared10 sshd[25011]: Invalid user test from 94.130.169.148 port 46438 Aug 17 13:44:21 shared10 sshd[25011]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.130.169.148 Aug 17 13:44:23 shared10 sshd[25011]: Failed password for invalid user test from 94.130.169.148 port 46438 ssh2 Aug 17 13:44:23 shared10 sshd[25011]: Received disconnect from 94.130.169.148 port 46438:11: Bye Bye [preauth] Aug 17 13:44:23 shared10 sshd[25011]: Disconnected from invalid user test 94.130.169.148 port 46438 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=94.130.169.148	2020-08-17 22:14:02
104.164.45.96	attack	IP 104.164.45.96 attacked honeypot on port: 80 at 8/17/2020 5:04:15 AM	2020-08-17 22:13:46
51.254.36.178	attackspambots	Auto Fail2Ban report, multiple SSH login attempts.	2020-08-17 22:37:02
185.216.25.156	attackspam	Port Scan ...	2020-08-17 22:16:32

Recently Reported IPs

6.208.39.108	149.42.74.171	240.126.33.14	0.219.104.70
48.103.78.186	0.195.55.23	138.28.141.16	178.39.119.38
98.199.235.143	96.40.106.85	154.46.11.237	165.100.13.32
221.245.35.233	144.119.239.56	119.115.70.140	47.64.145.196
189.78.140.121	34.200.56.156	78.55.69.12	108.198.22.23