52.221.34.104 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Singapore

Internet Service Provider: Amazon Data Services Singapore

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Aug 29 19:36:06 journals sshd\[27943\]: Invalid user w from 52.221.34.104 Aug 29 19:36:06 journals sshd\[27943\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.221.34.104 Aug 29 19:36:08 journals sshd\[27943\]: Failed password for invalid user w from 52.221.34.104 port 50244 ssh2 Aug 29 19:37:07 journals sshd\[28031\]: Invalid user woongyoon from 52.221.34.104 Aug 29 19:37:07 journals sshd\[28031\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.221.34.104 ...	2020-08-30 02:12:07

Type

Details

Datetime

attackspambots

Aug 29 19:36:06 journals sshd\[27943\]: Invalid user w from 52.221.34.104
Aug 29 19:36:06 journals sshd\[27943\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.221.34.104
Aug 29 19:36:08 journals sshd\[27943\]: Failed password for invalid user w from 52.221.34.104 port 50244 ssh2
Aug 29 19:37:07 journals sshd\[28031\]: Invalid user woongyoon from 52.221.34.104
Aug 29 19:37:07 journals sshd\[28031\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.221.34.104
...

2020-08-30 02:12:07

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 52.221.34.104
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 25887
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;52.221.34.104.			IN	A

;; AUTHORITY SECTION:
.			468	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020082901 1800 900 604800 86400

;; Query time: 40 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Aug 30 02:12:00 CST 2020
;; MSG SIZE  rcvd: 117

Host info

104.34.221.52.in-addr.arpa domain name pointer ec2-52-221-34-104.ap-southeast-1.compute.amazonaws.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
104.34.221.52.in-addr.arpa	name = ec2-52-221-34-104.ap-southeast-1.compute.amazonaws.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
189.102.195.21	attack	Feb 20 22:42:45 server sshd[2260212]: User uucp from 189.102.195.21 not allowed because not listed in AllowUsers Feb 20 22:42:47 server sshd[2260212]: Failed password for invalid user uucp from 189.102.195.21 port 36033 ssh2 Feb 20 22:47:40 server sshd[2263180]: Failed password for invalid user nginx from 189.102.195.21 port 5505 ssh2	2020-02-21 07:05:04
222.186.180.8	attackbots	Feb 21 00:27:00 legacy sshd[8715]: Failed password for root from 222.186.180.8 port 34004 ssh2 Feb 21 00:27:02 legacy sshd[8715]: Failed password for root from 222.186.180.8 port 34004 ssh2 Feb 21 00:27:05 legacy sshd[8715]: Failed password for root from 222.186.180.8 port 34004 ssh2 Feb 21 00:27:08 legacy sshd[8715]: Failed password for root from 222.186.180.8 port 34004 ssh2 ...	2020-02-21 07:30:14
49.247.207.56	attackbots	Invalid user alexadra from 49.247.207.56 port 49764	2020-02-21 07:14:19
171.251.79.159	attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-21 07:07:49
68.183.124.53	attack	Feb 20 23:46:57 server sshd[2298830]: User postgres from 68.183.124.53 not allowed because not listed in AllowUsers Feb 20 23:46:59 server sshd[2298830]: Failed password for invalid user postgres from 68.183.124.53 port 41842 ssh2 Feb 20 23:49:35 server sshd[2300453]: Failed password for invalid user web from 68.183.124.53 port 41984 ssh2	2020-02-21 07:38:15
207.242.238.194	attackspam	20/2/20@16:47:29: FAIL: Alarm-Network address from=207.242.238.194 20/2/20@16:47:29: FAIL: Alarm-Network address from=207.242.238.194 ...	2020-02-21 07:12:50
80.245.114.176	attackbotsspam	Feb 20 23:04:39 web8 sshd\[3580\]: Invalid user chris from 80.245.114.176 Feb 20 23:04:39 web8 sshd\[3580\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.245.114.176 Feb 20 23:04:41 web8 sshd\[3580\]: Failed password for invalid user chris from 80.245.114.176 port 59222 ssh2 Feb 20 23:07:14 web8 sshd\[4993\]: Invalid user rabbitmq from 80.245.114.176 Feb 20 23:07:14 web8 sshd\[4993\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.245.114.176	2020-02-21 07:25:04
80.65.22.217	attackspambots	Invalid user sb from 80.65.22.217 port 58792	2020-02-21 07:22:07
106.13.90.78	attack	SSH Login Bruteforce	2020-02-21 07:00:41
195.103.11.114	attack	SSH/22 MH Probe, BF, Hack -	2020-02-21 07:17:07
167.99.251.192	attackspam	IP blocked	2020-02-21 07:39:01
196.52.43.103	attackbotsspam	Honeypot hit.	2020-02-21 07:13:11
45.95.168.120	attackspam	45.95.168.120 - - [21/Feb/2020:02:48:35 +0400] "POST /GponForm/diag_Form?style/ HTTP/1.1" 502 157 "-" "curl/7.3.2" ...	2020-02-21 07:06:40
113.62.176.97	attackbotsspam	Feb 20 18:19:16 ny01 sshd[7908]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.62.176.97 Feb 20 18:19:18 ny01 sshd[7908]: Failed password for invalid user cpaneleximscanner from 113.62.176.97 port 10317 ssh2 Feb 20 18:20:37 ny01 sshd[8455]: Failed password for man from 113.62.176.97 port 17124 ssh2	2020-02-21 07:23:41
104.194.9.13	attack	Port scan on 5 port(s): 5061 5062 5063 5064 5065	2020-02-21 07:21:32

Recently Reported IPs

98.121.70.211	116.68.147.218	192.241.235.243	189.146.173.177
192.241.220.23	134.122.127.196	176.59.4.144	79.73.169.219
38.135.122.87	115.238.195.178	122.230.68.140	192.241.220.154
144.48.168.76	38.28.203.101	103.237.145.165	78.188.250.40
255.55.114.182	22.229.126.45	105.115.90.229	190.94.237.253