52.29.81.56 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Germany

Internet Service Provider: A100 ROW GmbH

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Jul 31 21:51:48 MK-Soft-Root2 sshd\[7306\]: Invalid user kundan from 52.29.81.56 port 44540 Jul 31 21:51:48 MK-Soft-Root2 sshd\[7306\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.29.81.56 Jul 31 21:51:50 MK-Soft-Root2 sshd\[7306\]: Failed password for invalid user kundan from 52.29.81.56 port 44540 ssh2 ...	2019-08-01 04:06:57
attackspam	Automatic report - Banned IP Access	2019-07-31 07:18:06
attackspambots	Jul 29 19:41:19 TORMINT sshd\[28967\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.29.81.56 user=root Jul 29 19:41:21 TORMINT sshd\[28967\]: Failed password for root from 52.29.81.56 port 44095 ssh2 Jul 29 19:46:27 TORMINT sshd\[29115\]: Invalid user postgres from 52.29.81.56 Jul 29 19:46:27 TORMINT sshd\[29115\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.29.81.56 ...	2019-07-30 07:50:36

Type

Details

Datetime

attackspam

Jul 31 21:51:48 MK-Soft-Root2 sshd\[7306\]: Invalid user kundan from 52.29.81.56 port 44540
Jul 31 21:51:48 MK-Soft-Root2 sshd\[7306\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.29.81.56
Jul 31 21:51:50 MK-Soft-Root2 sshd\[7306\]: Failed password for invalid user kundan from 52.29.81.56 port 44540 ssh2
...

2019-08-01 04:06:57

attackspam

Automatic report - Banned IP Access

2019-07-31 07:18:06

attackspambots

Jul 29 19:41:19 TORMINT sshd\[28967\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.29.81.56  user=root
Jul 29 19:41:21 TORMINT sshd\[28967\]: Failed password for root from 52.29.81.56 port 44095 ssh2
Jul 29 19:46:27 TORMINT sshd\[29115\]: Invalid user postgres from 52.29.81.56
Jul 29 19:46:27 TORMINT sshd\[29115\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.29.81.56
...

2019-07-30 07:50:36

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 52.29.81.56
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 41913
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;52.29.81.56.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072901 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Jul 30 07:50:31 CST 2019
;; MSG SIZE  rcvd: 115

Host info

56.81.29.52.in-addr.arpa domain name pointer ec2-52-29-81-56.eu-central-1.compute.amazonaws.com.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
56.81.29.52.in-addr.arpa	name = ec2-52-29-81-56.eu-central-1.compute.amazonaws.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
45.227.254.30	attackbotsspam	Fail2Ban Ban Triggered	2019-12-11 06:54:24
185.175.93.105	attackbotsspam	12/10/2019-23:32:05.789022 185.175.93.105 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-12-11 07:01:07
51.161.12.231	attack	Dec 11 01:25:50 debian-2gb-vpn-nbg1-1 kernel: [395134.210596] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:38:96:44:d2:74:7f:6e:37:e3:08:00 SRC=51.161.12.231 DST=78.46.192.101 LEN=40 TOS=0x00 PREC=0x00 TTL=238 ID=5646 PROTO=TCP SPT=32767 DPT=8545 WINDOW=1024 RES=0x00 SYN URGP=0	2019-12-11 06:52:35
185.156.73.64	attackbotsspam	12/10/2019-17:00:39.919143 185.156.73.64 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-12-11 07:02:01
94.102.56.181	attackbots	Port scan: Attack repeated for 24 hours	2019-12-11 06:41:08
37.49.225.166	attackspambots	37.49.225.166 was recorded 12 times by 12 hosts attempting to connect to the following ports: 6881. Incident counter (4h, 24h, all-time): 12, 69, 1057	2019-12-11 06:57:30
185.209.0.17	attackspambots	ET DROP Dshield Block Listed Source group 1 - port: 3646 proto: TCP cat: Misc Attack	2019-12-11 06:31:32
77.247.108.77	attackspam	12/10/2019-23:48:56.143077 77.247.108.77 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 74	2019-12-11 06:51:35
190.5.136.18	attackbots	ET SCAN MS Terminal Server Traffic on Non-standard Port - port: 1000 proto: TCP cat: Attempted Information Leak	2019-12-11 06:58:44
50.200.136.108	attackbotsspam	ET CINS Active Threat Intelligence Poor Reputation IP group 39 - port: 21600 proto: UDP cat: Misc Attack	2019-12-11 06:53:27
89.248.172.16	attack	Port scan: Attack repeated for 24 hours	2019-12-11 06:46:39
5.78.58.192	attackspam	ET SCAN Suspicious inbound to MSSQL port 1433 - port: 1433 proto: TCP cat: Potentially Bad Traffic	2019-12-11 06:57:44
92.63.194.15	attackspam	12/10/2019-17:05:37.432524 92.63.194.15 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-12-11 06:45:11
185.209.0.2	attackspambots	ET DROP Dshield Block Listed Source group 1 - port: 3668 proto: TCP cat: Misc Attack	2019-12-11 06:31:49
185.156.73.31	attackbots	Dec 11 01:54:19 debian-2gb-vpn-nbg1-1 kernel: [396843.515545] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:38:96:44:d2:74:7f:6e:37:e3:08:00 SRC=185.156.73.31 DST=78.46.192.101 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=12684 PROTO=TCP SPT=40625 DPT=55548 WINDOW=1024 RES=0x00 SYN URGP=0	2019-12-11 07:02:21

Recently Reported IPs

174.138.44.201	128.199.231.239	102.160.192.13	122.13.2.171
189.17.194.174	125.131.149.4	110.78.155.90	194.108.137.241
88.99.237.60	49.73.157.39	137.108.198.2	187.84.160.57
177.21.131.246	187.109.57.225	130.243.138.32	184.1.120.1
191.53.59.236	10.25.210.190	177.129.206.188	84.241.199.192