52.42.62.130 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: Amazon Technologies Inc.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Unauthorized connection attempt detected from IP address 52.42.62.130 to port 23	2020-06-06 21:50:49

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 52.42.62.130
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 60327
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;52.42.62.130.			IN	A

;; AUTHORITY SECTION:
.			132	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020060600 1800 900 604800 86400

;; Query time: 120 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jun 06 21:50:41 CST 2020
;; MSG SIZE  rcvd: 116

Host info

130.62.42.52.in-addr.arpa domain name pointer ec2-52-42-62-130.us-west-2.compute.amazonaws.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
130.62.42.52.in-addr.arpa	name = ec2-52-42-62-130.us-west-2.compute.amazonaws.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
5.69.203.128	attackspambots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/5.69.203.128/ GB - 1H : (86) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : GB NAME ASN : ASN5607 IP : 5.69.203.128 CIDR : 5.64.0.0/13 PREFIX COUNT : 35 UNIQUE IP COUNT : 5376768 WYKRYTE ATAKI Z ASN5607 : 1H - 1 3H - 2 6H - 2 12H - 3 24H - 9 DateTime : 2019-10-09 13:34:51 INFO : Port SSH 22 Scan Detected and Blocked by ADMIN - data recovery	2019-10-09 23:50:22
74.83.225.239	attackspambots	Automatic report - Port Scan Attack	2019-10-09 23:40:21
145.239.91.88	attackspam	Oct 9 17:36:58 eventyay sshd[372]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.91.88 Oct 9 17:36:59 eventyay sshd[372]: Failed password for invalid user Abstract123 from 145.239.91.88 port 47564 ssh2 Oct 9 17:41:08 eventyay sshd[460]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.91.88 ...	2019-10-09 23:54:36
185.234.219.61	attack	Oct 9 16:42:08 mail postfix/smtpd\[2098\]: warning: unknown\[185.234.219.61\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Oct 9 16:49:53 mail postfix/smtpd\[2552\]: warning: unknown\[185.234.219.61\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Oct 9 16:57:37 mail postfix/smtpd\[2496\]: warning: unknown\[185.234.219.61\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Oct 9 17:28:29 mail postfix/smtpd\[2560\]: warning: unknown\[185.234.219.61\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\	2019-10-09 23:34:32
51.77.116.47	attackspam	2019-10-09T15:20:33.674038abusebot-3.cloudsearch.cf sshd\[21892\]: Invalid user Caramba123 from 51.77.116.47 port 39248	2019-10-09 23:49:06
145.239.89.243	attack	2019-10-09T15:44:47.632007shield sshd\[11010\]: Invalid user Fernanda_123 from 145.239.89.243 port 35394 2019-10-09T15:44:47.638042shield sshd\[11010\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=243.ip-145-239-89.eu 2019-10-09T15:44:49.350999shield sshd\[11010\]: Failed password for invalid user Fernanda_123 from 145.239.89.243 port 35394 ssh2 2019-10-09T15:48:48.997814shield sshd\[11634\]: Invalid user P@\$\$@1234 from 145.239.89.243 port 46028 2019-10-09T15:48:49.002166shield sshd\[11634\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=243.ip-145-239-89.eu	2019-10-09 23:54:57
178.128.90.40	attack	Oct 5 14:50:37 foo sshd[15105]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.90.40 user=r.r Oct 5 14:50:40 foo sshd[15105]: Failed password for r.r from 178.128.90.40 port 34224 ssh2 Oct 5 14:50:40 foo sshd[15105]: Received disconnect from 178.128.90.40: 11: Bye Bye [preauth] Oct 5 15:03:32 foo sshd[15248]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.90.40 user=r.r Oct 5 15:03:34 foo sshd[15248]: Failed password for r.r from 178.128.90.40 port 57984 ssh2 Oct 5 15:03:34 foo sshd[15248]: Received disconnect from 178.128.90.40: 11: Bye Bye [preauth] Oct 5 15:07:46 foo sshd[15276]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.90.40 user=r.r Oct 5 15:07:49 foo sshd[15276]: Fa .... truncated .... Oct 5 14:50:37 foo sshd[15105]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rh........ -------------------------------	2019-10-09 23:39:53
106.12.42.95	attackspambots	Oct 9 17:53:14 vps647732 sshd[7565]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.42.95 Oct 9 17:53:16 vps647732 sshd[7565]: Failed password for invalid user Mexico123 from 106.12.42.95 port 59596 ssh2 ...	2019-10-09 23:57:18
163.172.133.109	attackspam	Oct 9 14:56:00 **** sshd[23149]: Did not receive identification string from 163.172.133.109 port 57662	2019-10-09 23:45:26
106.12.207.197	attackspam	Oct 9 11:33:36 plusreed sshd[28668]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.207.197 user=root Oct 9 11:33:38 plusreed sshd[28668]: Failed password for root from 106.12.207.197 port 57308 ssh2 ...	2019-10-09 23:43:40
129.28.30.54	attack	Oct 9 04:06:23 hpm sshd\[7230\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.28.30.54 user=root Oct 9 04:06:25 hpm sshd\[7230\]: Failed password for root from 129.28.30.54 port 42138 ssh2 Oct 9 04:11:21 hpm sshd\[7793\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.28.30.54 user=root Oct 9 04:11:23 hpm sshd\[7793\]: Failed password for root from 129.28.30.54 port 47454 ssh2 Oct 9 04:16:09 hpm sshd\[8200\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.28.30.54 user=root	2019-10-09 23:37:20
164.132.42.32	attackspam	Oct 9 17:37:04 amit sshd\[7695\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.132.42.32 user=root Oct 9 17:37:06 amit sshd\[7695\]: Failed password for root from 164.132.42.32 port 33778 ssh2 Oct 9 17:40:51 amit sshd\[7775\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.132.42.32 user=root ...	2019-10-10 00:07:27
106.251.67.78	attackspam	Oct 9 17:49:11 pkdns2 sshd\[39008\]: Invalid user @!WQSA from 106.251.67.78Oct 9 17:49:14 pkdns2 sshd\[39008\]: Failed password for invalid user @!WQSA from 106.251.67.78 port 57870 ssh2Oct 9 17:53:37 pkdns2 sshd\[39196\]: Invalid user Abcd2018 from 106.251.67.78Oct 9 17:53:39 pkdns2 sshd\[39196\]: Failed password for invalid user Abcd2018 from 106.251.67.78 port 39886 ssh2Oct 9 17:58:02 pkdns2 sshd\[39399\]: Invalid user 0o9i8u7y6t from 106.251.67.78Oct 9 17:58:03 pkdns2 sshd\[39399\]: Failed password for invalid user 0o9i8u7y6t from 106.251.67.78 port 50130 ssh2 ...	2019-10-10 00:02:10
122.224.203.228	attackbots	Oct 9 08:49:01 Tower sshd[18200]: Connection from 122.224.203.228 port 48586 on 192.168.10.220 port 22 Oct 9 08:49:03 Tower sshd[18200]: Failed password for root from 122.224.203.228 port 48586 ssh2 Oct 9 08:49:03 Tower sshd[18200]: Received disconnect from 122.224.203.228 port 48586:11: Bye Bye [preauth] Oct 9 08:49:03 Tower sshd[18200]: Disconnected from authenticating user root 122.224.203.228 port 48586 [preauth]	2019-10-09 23:31:48
114.4.208.6	attack	2019-10-09 06:34:06 H=(114-4-192-17.resources.indosat.com) [114.4.208.6]:44422 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3, 127.0.0.4) (https://www.spamhaus.org/query/ip/114.4.208.6) 2019-10-09 06:34:07 H=(114-4-192-17.resources.indosat.com) [114.4.208.6]:44422 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3, 127.0.0.4) (https://www.spamhaus.org/query/ip/114.4.208.6) 2019-10-09 06:34:07 H=(114-4-192-17.resources.indosat.com) [114.4.208.6]:44422 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3, 127.0.0.4) (https://www.spamhaus.org/query/ip/114.4.208.6) ...	2019-10-10 00:11:40

Recently Reported IPs

143.192.227.16	12.251.216.104	108.190.59.129	111.246.118.168
183.16.209.121	85.108.114.114	167.71.4.99	180.127.108.50
85.105.242.55	45.77.95.38	105.103.79.78	185.63.253.223
152.98.237.164	170.16.41.23	36.227.174.181	219.213.216.14
178.18.250.92	98.240.103.197	182.243.156.152	142.18.247.97