52.4.143.42 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: Amazon Technologies Inc.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	port scan	2020-05-21 23:52:58

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 52.4.143.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31279
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;52.4.143.42.			IN	A

;; AUTHORITY SECTION:
.			214	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020052101 1800 900 604800 86400

;; Query time: 112 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu May 21 23:52:53 CST 2020
;; MSG SIZE  rcvd: 115

Host info

42.143.4.52.in-addr.arpa domain name pointer ec2-52-4-143-42.compute-1.amazonaws.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
42.143.4.52.in-addr.arpa	name = ec2-52-4-143-42.compute-1.amazonaws.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
193.112.141.32	attackbotsspam	Invalid user miner from 193.112.141.32 port 51938	2020-05-16 13:37:55
177.53.7.41	attack	email spam	2020-05-16 13:21:06
212.64.0.99	attack	May 16 04:43:25 vps687878 sshd\[928\]: Invalid user pkjain from 212.64.0.99 port 50510 May 16 04:43:25 vps687878 sshd\[928\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.0.99 May 16 04:43:27 vps687878 sshd\[928\]: Failed password for invalid user pkjain from 212.64.0.99 port 50510 ssh2 May 16 04:52:59 vps687878 sshd\[1942\]: Invalid user test from 212.64.0.99 port 43910 May 16 04:52:59 vps687878 sshd\[1942\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.0.99 ...	2020-05-16 13:40:42
117.211.192.70	attackspam	...	2020-05-16 14:00:03
109.225.107.159	attackbots	May 16 04:43:54 ns381471 sshd[27408]: Failed password for root from 109.225.107.159 port 23520 ssh2	2020-05-16 13:49:38
185.132.53.145	attackspam	SSH login attempts.	2020-05-16 13:58:10
61.111.32.137	attackspam	May 16 04:49:51 sso sshd[28195]: Failed password for root from 61.111.32.137 port 55714 ssh2 ...	2020-05-16 13:38:08
92.63.194.108	attackspam	2020-05-16T03:43:40.239932rocketchat.forhosting.nl sshd[14461]: Invalid user guest from 92.63.194.108 port 33867 2020-05-16T03:43:40.239932rocketchat.forhosting.nl sshd[14461]: Invalid user guest from 92.63.194.108 port 33867 2020-05-16T03:43:40.241532rocketchat.forhosting.nl sshd[14461]: Failed none for invalid user guest from 92.63.194.108 port 33867 ssh2 ...	2020-05-16 13:53:53
61.74.118.139	attack	May 15 22:54:45 ny01 sshd[2947]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.74.118.139 May 15 22:54:47 ny01 sshd[2947]: Failed password for invalid user newuser from 61.74.118.139 port 52082 ssh2 May 15 22:57:05 ny01 sshd[3643]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.74.118.139	2020-05-16 14:03:19
92.63.194.104	attackspam	May 16 04:46:14 nextcloud sshd\[10090\]: Invalid user admin from 92.63.194.104 May 16 04:46:14 nextcloud sshd\[10090\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.63.194.104 May 16 04:46:16 nextcloud sshd\[10090\]: Failed password for invalid user admin from 92.63.194.104 port 39925 ssh2	2020-05-16 14:03:00
106.13.239.120	attack	Invalid user ut2k4server from 106.13.239.120 port 56708	2020-05-16 13:18:28
189.62.69.106	attack	Invalid user ug from 189.62.69.106 port 60520	2020-05-16 13:27:04
45.82.122.19	attackspambots	Repeated brute force against a port	2020-05-16 13:38:37
85.96.67.30	attack	DATE:2020-05-16 04:01:54, IP:85.96.67.30, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-05-16 13:45:18
106.13.71.1	attack	May 16 09:48:26 webhost01 sshd[5821]: Failed password for root from 106.13.71.1 port 57308 ssh2 May 16 09:52:50 webhost01 sshd[5866]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.71.1 ...	2020-05-16 13:42:16

Recently Reported IPs

92.83.139.5	91.176.220.154	91.84.95.122	89.40.73.207
87.251.75.44	47.12.137.106	14.170.222.30	159.192.225.167
128.46.74.84	121.67.142.22	79.12.75.1	106.78.159.208
49.122.186.9	194.26.29.216	254.31.214.71	176.113.115.208
172.105.104.172	103.131.169.163	230.20.201.222	29.134.66.68