52.4.75.11 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: Amazon Technologies Inc.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Wed 24 20:12:39 46579/tcp Wed 24 20:12:39 46579/tcp Wed 24 20:12:39 46578/tcp Wed 24 20:13:26 46580/tcp Wed 24 20:13:27 46580/tcp	2019-07-25 14:30:02

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 52.4.75.11
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31995
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;52.4.75.11.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072500 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Jul 25 14:29:55 CST 2019
;; MSG SIZE  rcvd: 114

Host info

11.75.4.52.in-addr.arpa domain name pointer ec2-52-4-75-11.compute-1.amazonaws.com.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
11.75.4.52.in-addr.arpa	name = ec2-52-4-75-11.compute-1.amazonaws.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
51.68.33.221	attack	Spammer and email farmer.	2020-08-11 03:47:09
115.159.53.215	attackbotsspam	Aug 10 03:19:45 vm0 sshd[6626]: Failed password for root from 115.159.53.215 port 39608 ssh2 Aug 10 15:34:06 vm0 sshd[8300]: Failed password for root from 115.159.53.215 port 7599 ssh2 ...	2020-08-11 03:55:09
106.75.157.9	attackspambots	Aug 10 15:55:39 ns382633 sshd\[29718\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.157.9 user=root Aug 10 15:55:42 ns382633 sshd\[29718\]: Failed password for root from 106.75.157.9 port 36778 ssh2 Aug 10 15:56:50 ns382633 sshd\[29829\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.157.9 user=root Aug 10 15:56:52 ns382633 sshd\[29829\]: Failed password for root from 106.75.157.9 port 57994 ssh2 Aug 10 16:08:36 ns382633 sshd\[31807\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.157.9 user=root	2020-08-11 03:36:30
177.129.191.231	attackspam	Port probing on unauthorized port 1433	2020-08-11 04:08:50
187.19.249.47	attackspambots	Unauthorized connection attempt from IP address 187.19.249.47 on Port 445(SMB)	2020-08-11 03:36:19
51.68.122.147	attackspam	Banned for a week because repeated abuses, for example SSH, but not only	2020-08-11 03:43:05
196.203.110.33	attackspam	1597060866 - 08/10/2020 14:01:06 Host: 196.203.110.33/196.203.110.33 Port: 445 TCP Blocked	2020-08-11 03:48:36
14.152.95.91	attackspam	Aug 10 04:56:25 pixelmemory sshd[1783056]: Failed password for root from 14.152.95.91 port 38782 ssh2 Aug 10 05:00:15 pixelmemory sshd[1792900]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.152.95.91 user=root Aug 10 05:00:16 pixelmemory sshd[1792900]: Failed password for root from 14.152.95.91 port 47338 ssh2 Aug 10 05:01:24 pixelmemory sshd[1795670]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.152.95.91 user=root Aug 10 05:01:26 pixelmemory sshd[1795670]: Failed password for root from 14.152.95.91 port 55858 ssh2 ...	2020-08-11 03:33:23
141.98.10.196	attack	5x Failed Password	2020-08-11 03:34:11
139.59.70.186	attackspambots	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-08-11 03:30:23
147.135.133.88	attackbotsspam	Aug 10 18:49:01 rancher-0 sshd[985891]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.135.133.88 user=root Aug 10 18:49:03 rancher-0 sshd[985891]: Failed password for root from 147.135.133.88 port 54064 ssh2 ...	2020-08-11 03:54:21
88.121.24.63	attack	Aug 10 21:41:19 fhem-rasp sshd[29458]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=88.121.24.63 user=root Aug 10 21:41:21 fhem-rasp sshd[29458]: Failed password for root from 88.121.24.63 port 15579 ssh2 ...	2020-08-11 03:57:27
182.254.166.215	attack	Banned for a week because repeated abuses, for example SSH, but not only	2020-08-11 03:42:45
203.143.20.89	attack	Lines containing failures of 203.143.20.89 Aug 9 21:13:20 newdogma sshd[24972]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.143.20.89 user=r.r Aug 9 21:13:23 newdogma sshd[24972]: Failed password for r.r from 203.143.20.89 port 40868 ssh2 Aug 9 21:13:24 newdogma sshd[24972]: Received disconnect from 203.143.20.89 port 40868:11: Bye Bye [preauth] Aug 9 21:13:24 newdogma sshd[24972]: Disconnected from authenticating user r.r 203.143.20.89 port 40868 [preauth] Aug 9 21:18:32 newdogma sshd[25134]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.143.20.89 user=r.r Aug 9 21:18:34 newdogma sshd[25134]: Failed password for r.r from 203.143.20.89 port 42989 ssh2 Aug 9 21:18:36 newdogma sshd[25134]: Received disconnect from 203.143.20.89 port 42989:11: Bye Bye [preauth] Aug 9 21:18:36 newdogma sshd[25134]: Disconnected from authenticating user r.r 203.143.20.89 port 42989 [preauth........ ------------------------------	2020-08-11 03:39:31
203.215.181.218	attack	Dovecot Invalid User Login Attempt.	2020-08-11 03:33:52

Recently Reported IPs

123.23.137.8	183.82.49.10	209.126.103.59	194.190.86.109
28.123.153.158	145.239.73.103	180.191.156.1	163.3.156.25
65.185.136.225	54.75.124.119	195.140.215.131	180.253.241.82
54.39.104.30	213.132.77.36	113.161.95.210	79.137.29.100
168.235.94.73	62.117.35.226	49.234.79.176	78.156.226.162