52.42.2.56 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: Amazon Technologies Inc.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Brute force VPN server	2020-06-26 08:00:31
attack	Brute force attack against VPN service	2020-04-12 19:00:47

Comments on same subnet:

IP	Type	Details	Datetime
52.42.253.100	attack	11/26/2019-11:29:07.732906 52.42.253.100 Protocol: 6 SURICATA TLS invalid record/traffic	2019-11-26 18:47:12
52.42.253.100	attackspambots	11/25/2019-10:02:02.227775 52.42.253.100 Protocol: 6 SURICATA TLS invalid record/traffic	2019-11-25 18:12:29
52.42.253.100	attack	11/25/2019-06:20:02.050391 52.42.253.100 Protocol: 6 SURICATA TLS invalid record/traffic	2019-11-25 13:20:50
52.42.233.100	attackbotsspam	As always with amazon web services	2019-10-03 04:37:17
52.42.226.175	attack	hacker	2019-06-23 21:11:22

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 52.42.2.56
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32188
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;52.42.2.56.			IN	A

;; AUTHORITY SECTION:
.			574	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020041200 1800 900 604800 86400

;; Query time: 331 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Apr 12 19:00:44 CST 2020
;; MSG SIZE  rcvd: 114

Host info

56.2.42.52.in-addr.arpa domain name pointer ec2-52-42-2-56.us-west-2.compute.amazonaws.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
56.2.42.52.in-addr.arpa	name = ec2-52-42-2-56.us-west-2.compute.amazonaws.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
182.61.59.143	attackspam	2019-12-12T07:23:11.452003 sshd[22841]: Invalid user estremera from 182.61.59.143 port 44828 2019-12-12T07:23:11.465452 sshd[22841]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.59.143 2019-12-12T07:23:11.452003 sshd[22841]: Invalid user estremera from 182.61.59.143 port 44828 2019-12-12T07:23:13.401843 sshd[22841]: Failed password for invalid user estremera from 182.61.59.143 port 44828 ssh2 2019-12-12T07:29:51.507951 sshd[22911]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.59.143 user=root 2019-12-12T07:29:53.358719 sshd[22911]: Failed password for root from 182.61.59.143 port 47563 ssh2 ...	2019-12-12 15:15:19
31.27.149.45	attackbots	Automatic report - Banned IP Access	2019-12-12 15:03:59
49.88.112.63	attackspam	SSH login attempts	2019-12-12 15:27:50
51.255.161.25	attack	Dec 12 07:29:47 MK-Soft-VM5 sshd[7567]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.255.161.25 Dec 12 07:29:49 MK-Soft-VM5 sshd[7567]: Failed password for invalid user wwwrun from 51.255.161.25 port 33468 ssh2 ...	2019-12-12 15:19:26
49.235.134.72	attackspam	Dec 12 14:05:15 webhost01 sshd[19386]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.134.72 Dec 12 14:05:17 webhost01 sshd[19386]: Failed password for invalid user baldermann from 49.235.134.72 port 54216 ssh2 ...	2019-12-12 15:26:21
80.150.162.146	attackspambots	Dec 12 02:10:28 plusreed sshd[22134]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.150.162.146 user=root Dec 12 02:10:30 plusreed sshd[22134]: Failed password for root from 80.150.162.146 port 32596 ssh2 ...	2019-12-12 15:18:40
222.186.190.2	attackspambots	Dec 12 08:33:38 mail sshd\[18447\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.190.2 user=root Dec 12 08:33:40 mail sshd\[18447\]: Failed password for root from 222.186.190.2 port 5944 ssh2 Dec 12 08:33:43 mail sshd\[18447\]: Failed password for root from 222.186.190.2 port 5944 ssh2 ...	2019-12-12 15:35:04
117.121.214.50	attackspambots	Dec 12 06:23:25 hcbbdb sshd\[4151\]: Invalid user admin from 117.121.214.50 Dec 12 06:23:25 hcbbdb sshd\[4151\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.121.214.50 Dec 12 06:23:27 hcbbdb sshd\[4151\]: Failed password for invalid user admin from 117.121.214.50 port 33882 ssh2 Dec 12 06:29:57 hcbbdb sshd\[5812\]: Invalid user zhz from 117.121.214.50 Dec 12 06:29:57 hcbbdb sshd\[5812\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.121.214.50	2019-12-12 15:12:17
49.234.68.13	attack	Dec 12 07:50:42 localhost sshd\[12242\]: Invalid user liuliu from 49.234.68.13 port 34276 Dec 12 07:50:42 localhost sshd\[12242\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.68.13 Dec 12 07:50:44 localhost sshd\[12242\]: Failed password for invalid user liuliu from 49.234.68.13 port 34276 ssh2	2019-12-12 15:18:23
145.239.73.103	attack	Dec 12 01:56:30 ny01 sshd[4340]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.73.103 Dec 12 01:56:32 ny01 sshd[4340]: Failed password for invalid user orwell from 145.239.73.103 port 49312 ssh2 Dec 12 02:01:44 ny01 sshd[5156]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.73.103	2019-12-12 15:05:26
51.178.25.125	attack	51.178.25.125 - - [12/Dec/2019:07:20:33 +0100] "GET /wp-login.php HTTP/1.1" 200 1896 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 51.178.25.125 - - [12/Dec/2019:07:20:33 +0100] "POST /wp-login.php HTTP/1.1" 200 2294 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 51.178.25.125 - - [12/Dec/2019:07:28:08 +0100] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 51.178.25.125 - - [12/Dec/2019:07:28:09 +0100] "POST /wp-login.php HTTP/1.1" 200 1486 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 51.178.25.125 - - [12/Dec/2019:07:30:00 +0100] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 51.178.25.125 - - [12/Dec/2019:07:30:00 +0100] "POST /wp-login.php HTTP/1.1" 200 1486 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-12-12 15:01:00
34.66.28.207	attackbotsspam	Dec 11 21:02:16 web9 sshd\[22414\]: Invalid user krom from 34.66.28.207 Dec 11 21:02:16 web9 sshd\[22414\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=34.66.28.207 Dec 11 21:02:18 web9 sshd\[22414\]: Failed password for invalid user krom from 34.66.28.207 port 38726 ssh2 Dec 11 21:07:43 web9 sshd\[23273\]: Invalid user q1w2e3r4t5y6 from 34.66.28.207 Dec 11 21:07:43 web9 sshd\[23273\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=34.66.28.207	2019-12-12 15:13:07
187.190.235.89	attackspambots	2019-12-12T06:22:02.453501abusebot-6.cloudsearch.cf sshd\[9457\]: Invalid user sysadm from 187.190.235.89 port 47245 2019-12-12T06:22:02.458640abusebot-6.cloudsearch.cf sshd\[9457\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=fixed-187-190-235-89.totalplay.net 2019-12-12T06:22:03.591938abusebot-6.cloudsearch.cf sshd\[9457\]: Failed password for invalid user sysadm from 187.190.235.89 port 47245 ssh2 2019-12-12T06:29:58.986931abusebot-6.cloudsearch.cf sshd\[9463\]: Invalid user rpc from 187.190.235.89 port 45257	2019-12-12 15:09:33
51.38.224.46	attack	Dec 11 20:51:01 hpm sshd\[28337\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.224.46 user=root Dec 11 20:51:04 hpm sshd\[28337\]: Failed password for root from 51.38.224.46 port 47968 ssh2 Dec 11 20:56:13 hpm sshd\[28853\]: Invalid user admin from 51.38.224.46 Dec 11 20:56:13 hpm sshd\[28853\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.224.46 Dec 11 20:56:15 hpm sshd\[28853\]: Failed password for invalid user admin from 51.38.224.46 port 55408 ssh2	2019-12-12 15:07:41
167.99.173.234	attackbotsspam	Dec 12 13:37:53 itv-usvr-01 sshd[6539]: Invalid user pedro from 167.99.173.234 Dec 12 13:37:53 itv-usvr-01 sshd[6539]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.173.234 Dec 12 13:37:53 itv-usvr-01 sshd[6539]: Invalid user pedro from 167.99.173.234 Dec 12 13:37:55 itv-usvr-01 sshd[6539]: Failed password for invalid user pedro from 167.99.173.234 port 41832 ssh2 Dec 12 13:46:43 itv-usvr-01 sshd[7053]: Invalid user jobsubmit from 167.99.173.234	2019-12-12 15:05:02

Recently Reported IPs

114.25.31.238	143.137.250.148	106.54.141.65	81.51.99.187
42.118.219.11	119.42.172.56	51.79.145.232	132.157.66.243
171.229.252.225	94.191.94.179	178.239.173.220	52.166.151.84
163.44.151.51	123.206.206.45	201.250.223.171	80.48.133.138
108.209.118.83	188.18.47.31	105.143.134.239	210.212.53.249