52.252.5.207 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: Microsoft Corporation

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	fail2ban - Attack against WordPress	2020-09-28 01:57:14
attackspambots	fail2ban - Attack against WordPress	2020-09-27 18:01:33

Comments on same subnet:

IP	Type	Details	Datetime
52.252.59.235	attackbots	21 attempts against mh-ssh on star	2020-10-05 03:16:46
52.252.59.235	attack	21 attempts against mh-ssh on star	2020-10-04 19:02:46
52.252.54.85	attackspam	Unauthorized connection attempt detected from IP address 52.252.54.85 to port 3389 [T]	2020-08-14 04:28:21
52.252.56.58	attackspam	SIPVicious Scanner Detection	2020-07-30 17:49:12
52.252.52.30	attackbots	Invalid user admin from 52.252.52.30 port 48379	2020-07-18 18:43:00
52.252.52.30	attackbotsspam	SSH brute-force attempt	2020-07-16 07:15:58
52.252.52.30	attack	Jul 15 11:09:29 rancher-0 sshd[331879]: Invalid user admin from 52.252.52.30 port 41093 ...	2020-07-15 17:23:35
52.252.56.58	attack	ET SCAN Sipvicious User-Agent Detected (friendly-scanner) - port: 5060 proto: UDP cat: Attempted Information Leak	2020-07-05 22:20:56
52.252.59.246	attackspam	From root@user30.segurancaonlinepfbb.com Sat Jun 06 09:35:21 2020 Received: from user30.segurancaonlinepfbb.com ([52.252.59.246]:33060 helo=minerim10.nvxarea2zpiujjoq1c5pxbxipf.cx.internal.cloudapp.net)	2020-06-06 20:40:52
52.252.56.58	attackspam	Port Scan detected from 52.252.56.58 (US/United States/Virginia/Ashburn/-). 4 hits in the last 250 seconds	2020-06-03 02:54:06

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 52.252.5.207
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 14391
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;52.252.5.207.			IN	A

;; AUTHORITY SECTION:
.			533	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020092700 1800 900 604800 86400

;; Query time: 18 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Sep 27 18:01:29 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 207.5.252.52.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 207.5.252.52.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
106.13.25.242	attackbots	2020-09-29T02:28:44.123897hostname sshd[66817]: Failed password for root from 106.13.25.242 port 57996 ssh2 ...	2020-09-30 04:07:39
167.71.127.147	attackspambots	prod11 ...	2020-09-30 04:22:55
134.209.35.77	attackbots	firewall-block, port(s): 14684/tcp	2020-09-30 04:10:48
59.58.19.116	attackbots	Brute forcing email accounts	2020-09-30 04:09:31
128.14.230.12	attackspam	Invalid user rian from 128.14.230.12 port 53688	2020-09-30 04:10:12
125.162.208.114	attackspambots	Sep 28 22:36:19 iago sshd[24684]: Did not receive identification string from 125.162.208.114 Sep 28 22:36:28 iago sshd[24689]: Address 125.162.208.114 maps to 114.subnet125-162-208.speedy.telkom.net.id, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Sep 28 22:36:28 iago sshd[24689]: Invalid user service from 125.162.208.114 Sep 28 22:36:28 iago sshd[24689]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.162.208.114 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=125.162.208.114	2020-09-30 03:58:38
197.60.150.6	attackspam	1601325668 - 09/28/2020 22:41:08 Host: 197.60.150.6/197.60.150.6 Port: 23 TCP Blocked ...	2020-09-30 04:02:59
103.209.9.2	attackbotsspam	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-09-30 04:15:51
124.238.113.126	attackspam	22/tcp 18660/tcp 6899/tcp... [2020-07-30/09-29]28pkt,10pt.(tcp)	2020-09-30 04:08:38
222.244.144.163	attack	2020-09-29T14:32:54.150042amanda2.illicoweb.com sshd\[35921\]: Invalid user postgres from 222.244.144.163 port 38080 2020-09-29T14:32:54.155114amanda2.illicoweb.com sshd\[35921\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.244.144.163 2020-09-29T14:32:55.936875amanda2.illicoweb.com sshd\[35921\]: Failed password for invalid user postgres from 222.244.144.163 port 38080 ssh2 2020-09-29T14:36:35.219068amanda2.illicoweb.com sshd\[36013\]: Invalid user tester from 222.244.144.163 port 45520 2020-09-29T14:36:35.223517amanda2.illicoweb.com sshd\[36013\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.244.144.163 ...	2020-09-30 04:13:50
149.202.175.11	attack	$f2bV_matches	2020-09-30 03:51:48
165.232.39.229	attackspambots	SSH/22 MH Probe, BF, Hack -	2020-09-30 04:08:20
167.71.47.142	attackspam	Sep 29 10:14:26 MainVPS sshd[17471]: Invalid user vnc from 167.71.47.142 port 33764 Sep 29 10:14:26 MainVPS sshd[17471]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.47.142 Sep 29 10:14:26 MainVPS sshd[17471]: Invalid user vnc from 167.71.47.142 port 33764 Sep 29 10:14:28 MainVPS sshd[17471]: Failed password for invalid user vnc from 167.71.47.142 port 33764 ssh2 Sep 29 10:17:51 MainVPS sshd[25216]: Invalid user ubuntu from 167.71.47.142 port 42486 ...	2020-09-30 04:28:09
64.225.11.24	attackbotsspam	Sep 29 22:49:46 ift sshd\[57834\]: Failed password for root from 64.225.11.24 port 43232 ssh2Sep 29 22:49:50 ift sshd\[57836\]: Failed password for root from 64.225.11.24 port 52224 ssh2Sep 29 22:49:55 ift sshd\[57841\]: Failed password for root from 64.225.11.24 port 33118 ssh2Sep 29 22:49:59 ift sshd\[57851\]: Failed password for invalid user admin from 64.225.11.24 port 42292 ssh2Sep 29 22:50:03 ift sshd\[57873\]: Failed password for invalid user admin from 64.225.11.24 port 51270 ssh2 ...	2020-09-30 03:59:36
78.118.109.174	attackspambots	Invalid user monitoring from 78.118.109.174 port 53110	2020-09-30 03:53:45

Recently Reported IPs

22.123.41.191	74.63.6.111	38.243.6.121	255.64.123.252
128.103.5.210	107.182.97.144	96.43.213.206	66.115.181.222
222.30.85.38	18.223.82.165	51.175.198.92	194.118.20.157
162.17.212.207	63.121.202.238	11.144.67.53	33.194.128.77
103.130.212.109	203.106.81.246	118.25.59.57	157.190.230.250