52.46.14.68 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: Amazon.com Inc.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Automatic report generated by Wazuh	2019-11-29 05:40:40

Comments on same subnet:

IP	Type	Details	Datetime
52.46.142.109	attack	5 Attack(s) Detected [DoS Attack: ACK Scan] from source: 52.46.142.109, port 443, Tuesday, August 18, 2020 10:14:53 [DoS Attack: ACK Scan] from source: 52.46.142.109, port 443, Tuesday, August 18, 2020 10:12:50 [DoS Attack: ACK Scan] from source: 52.46.142.109, port 443, Tuesday, August 18, 2020 10:10:47 [DoS Attack: ACK Scan] from source: 52.46.142.109, port 443, Tuesday, August 18, 2020 10:08:44 [DoS Attack: ACK Scan] from source: 52.46.142.109, port 443, Tuesday, August 18, 2020 10:07:12	2020-08-20 18:25:03

Type

Details

Datetime

52.46.142.109

attack

5 Attack(s) Detected
[DoS Attack: ACK Scan] from source: 52.46.142.109, port 443, Tuesday, August 18, 2020 10:14:53

[DoS Attack: ACK Scan] from source: 52.46.142.109, port 443, Tuesday, August 18, 2020 10:12:50

[DoS Attack: ACK Scan] from source: 52.46.142.109, port 443, Tuesday, August 18, 2020 10:10:47

[DoS Attack: ACK Scan] from source: 52.46.142.109, port 443, Tuesday, August 18, 2020 10:08:44

[DoS Attack: ACK Scan] from source: 52.46.142.109, port 443, Tuesday, August 18, 2020 10:07:12

2020-08-20 18:25:03

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 52.46.14.68
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1500
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;52.46.14.68.			IN	A

;; AUTHORITY SECTION:
.			203	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019112802 1800 900 604800 86400

;; Query time: 100 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Nov 29 05:40:37 CST 2019
;; MSG SIZE  rcvd: 115

Host info

68.14.46.52.in-addr.arpa domain name pointer server-52-46-14-68.phl50.r.cloudfront.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
68.14.46.52.in-addr.arpa	name = server-52-46-14-68.phl50.r.cloudfront.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
110.172.170.142	attack	445/tcp [2019-06-21]1pkt	2019-06-22 06:00:47
159.203.161.63	attackspambots	Request: "GET / HTTP/2.0"	2019-06-22 05:20:19
184.82.25.99	attackbotsspam	445/tcp [2019-06-21]1pkt	2019-06-22 05:40:02
217.146.81.46	attackspambots	NAME : UK-HYDRACOM-20040421 CIDR : 217.146.80.0/20 \| STATUS : 200 ROBOT {Looking for resource vulnerabilities} DDoS Attack United Kingdom - block certain countries :) IP: 217.146.81.46 Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery https://help-dysk.pl	2019-06-22 05:42:52
51.89.130.124	attack	23 attempts against mh-misbehave-ban on sea.magehost.pro	2019-06-22 05:36:12
86.237.4.49	attackbots	Jun 19 02:41:47 node1 sshd[12275]: Bad protocol version identification '' from 86.237.4.49 port 60018 Jun 19 02:41:58 node1 sshd[12277]: Connection closed by 86.237.4.49 [preauth] Jun 19 02:42:02 node1 sshd[12281]: Connection closed by 86.237.4.49 [preauth] Jun 19 02:42:08 node1 sshd[12328]: Connection closed by 86.237.4.49 [preauth] Jun 19 02:42:26 node1 sshd[12353]: Connection closed by 86.237.4.49 [preauth] Jun 19 02:42:29 node1 sshd[12356]: Connection closed by 86.237.4.49 [preauth] Jun 19 02:42:32 node1 sshd[12359]: Connection closed by 86.237.4.49 [preauth] Jun 19 02:42:42 node1 sshd[12366]: Connection closed by 86.237.4.49 [preauth] Jun 19 02:42:44 node1 sshd[12370]: Connection closed by 86.237.4.49 [preauth] Jun 19 02:42:56 node1 sshd[12410]: Connection closed by 86.237.4.49 [preauth] Jun 19 02:42:59 node1 sshd[12414]: Connection closed by 86.237.4.49 [preauth] Jun 19 02:43:01 node1 sshd[12421]: Connection closed by 86.237.4.49 [preauth] Jun 19 02:43:12 node1 ss........ -------------------------------	2019-06-22 05:44:16
42.52.83.21	attackspam	5500/tcp [2019-06-21]1pkt	2019-06-22 05:25:20
188.136.205.223	attackbots	Request: "GET / HTTP/1.1"	2019-06-22 05:45:36
179.98.200.172	attackbots	Jun 21 21:53:35 debian sshd\[18556\]: Invalid user test from 179.98.200.172 port 60135 Jun 21 21:53:35 debian sshd\[18556\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.98.200.172 ...	2019-06-22 05:51:27
198.98.60.66	attackbots	2019-06-21T21:45:22.048421vfs-server-01 sshd\[6942\]: Invalid user admin from 198.98.60.66 port 51124 2019-06-21T21:45:23.611173vfs-server-01 sshd\[6946\]: Invalid user admin from 198.98.60.66 port 52926 2019-06-21T21:45:24.448968vfs-server-01 sshd\[6950\]: Invalid user user from 198.98.60.66 port 53794	2019-06-22 05:27:37
41.96.51.87	attackspam	Brute force attempt	2019-06-22 05:37:31
206.198.226.20	attackbots	Request: "GET /license.php HTTP/1.1" Request: "GET /license.php HTTP/1.1"	2019-06-22 05:26:46
118.25.224.157	attack	Tried sshing with brute force.	2019-06-22 05:44:42
165.22.143.229	attack	web-1 [ssh] SSH Attack	2019-06-22 05:37:02
79.173.226.245	attackbotsspam	23/tcp [2019-06-21]1pkt	2019-06-22 05:41:35

Recently Reported IPs

49.146.9.70	108.160.203.194	199.173.157.85	119.36.185.215
111.206.59.142	111.206.59.134	107.178.96.81	14.165.101.22
208.90.58.178	14.226.240.65	185.245.85.210	177.102.86.244
186.154.192.10	130.176.0.82	177.93.167.206	69.4.80.227
200.52.28.112	202.29.213.219	188.121.185.6	198.16.78.44