52.52.1.216 - IPInfo

Basic Info

City: San Jose

Region: California

Country: United States

Internet Service Provider: Amazon Technologies Inc.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	F2B jail: sshd. Time: 2019-11-05 07:31:08, Reported by: VKReport	2019-11-05 14:43:09

Comments on same subnet:

IP	Type	Details	Datetime
52.52.190.187	attackbotsspam	REQUESTED PAGE: /wp-login.php	2019-12-30 22:47:29
52.52.190.187	attackspambots	Malicious/Probing: /wp-login.php	2019-12-29 22:46:52
52.52.190.187	attackbots	Looking for resource vulnerabilities	2019-12-29 14:07:44
52.52.139.6	attackbots	Invalid user quintanilha from 52.52.139.6 port 52377	2019-12-28 08:11:10
52.52.190.187	attackspam	Blocked user enumeration attempt	2019-11-23 14:03:03
52.52.190.187	attack	Automatic report - Banned IP Access	2019-11-22 08:04:45
52.52.190.187	attack	WordPress wp-login brute force :: 52.52.190.187 0.128 BYPASS [26/Oct/2019:23:05:50 1100] [censored_1] "POST /wp-login.php HTTP/1.1" 200 3777 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36"	2019-10-26 20:14:34
52.52.190.187	attackspam	Automatic report - Banned IP Access	2019-10-22 16:32:35
52.52.190.187	attackspam	Automatic report - Banned IP Access	2019-10-21 15:10:05
52.52.190.187	attackspambots	LGS,WP GET /blog/wp-login.php GET /wp-login.php GET /wp-login.php GET /wordpress/wp-login.php	2019-10-04 12:09:40
52.52.190.187	attack	$f2bV_matches	2019-10-03 08:36:51

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 52.52.1.216
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 12130
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;52.52.1.216.			IN	A

;; AUTHORITY SECTION:
.			422	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019110301 1800 900 604800 86400

;; Query time: 120 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Nov 04 03:43:27 CST 2019
;; MSG SIZE  rcvd: 115

Host info

216.1.52.52.in-addr.arpa domain name pointer ec2-52-52-1-216.us-west-1.compute.amazonaws.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
216.1.52.52.in-addr.arpa	name = ec2-52-52-1-216.us-west-1.compute.amazonaws.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
191.53.193.133	attack	Autoban 191.53.193.133 AUTH/CONNECT	2019-07-22 04:35:05
91.231.40.134	attackbotsspam	Sun, 21 Jul 2019 18:28:49 +0000 likely compromised host or open proxy. ddos rate spidering	2019-07-22 03:51:10
182.70.190.85	attack	Sun, 21 Jul 2019 18:28:46 +0000 likely compromised host or open proxy. ddos rate spidering	2019-07-22 03:59:29
41.221.69.37	attackbotsspam	Sun, 21 Jul 2019 18:28:46 +0000 likely compromised host or open proxy. ddos rate spidering	2019-07-22 04:00:43
109.252.28.141	attackspam	Sun, 21 Jul 2019 18:28:39 +0000 likely compromised host or open proxy. ddos rate spidering	2019-07-22 04:23:10
180.190.183.33	attack	Sun, 21 Jul 2019 18:28:43 +0000 likely compromised host or open proxy. ddos rate spidering	2019-07-22 04:09:28
191.53.106.1	attackbotsspam	Autoban 191.53.106.1 AUTH/CONNECT	2019-07-22 04:37:46
191.53.198.80	attackspambots	Autoban 191.53.198.80 AUTH/CONNECT	2019-07-22 04:18:44
157.230.91.45	attackbotsspam	Jul 21 21:12:19 debian sshd\[18468\]: Invalid user nexus from 157.230.91.45 port 55662 Jul 21 21:12:19 debian sshd\[18468\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.91.45 ...	2019-07-22 04:19:02
191.53.248.98	attackspam	Autoban 191.53.248.98 AUTH/CONNECT	2019-07-22 03:56:05
213.6.8.38	attackbots	Jul 21 20:23:16 dev0-dcde-rnet sshd[12172]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.6.8.38 Jul 21 20:23:18 dev0-dcde-rnet sshd[12172]: Failed password for invalid user jamie from 213.6.8.38 port 44918 ssh2 Jul 21 20:28:35 dev0-dcde-rnet sshd[12200]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.6.8.38	2019-07-22 04:29:35
157.36.247.151	attackbots	Sun, 21 Jul 2019 18:28:49 +0000 likely compromised host or open proxy. ddos rate spidering	2019-07-22 03:50:21
185.223.161.207	attack	6.657.673,45-03/02 [bc22/m40] concatform PostRequest-Spammer scoring: maputo01_x2b	2019-07-22 04:28:11
196.74.143.178	attackspambots	Sun, 21 Jul 2019 18:28:48 +0000 likely compromised host or open proxy. ddos rate spidering	2019-07-22 03:52:22
50.199.225.204	attackbots	Jul 21 20:24:16 dev0-dcde-rnet sshd[12174]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=50.199.225.204 Jul 21 20:24:17 dev0-dcde-rnet sshd[12174]: Failed password for invalid user victoria from 50.199.225.204 port 13368 ssh2 Jul 21 20:28:44 dev0-dcde-rnet sshd[12210]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=50.199.225.204	2019-07-22 04:07:15

Recently Reported IPs

86.40.119.204	69.47.5.228	157.234.243.50	14.187.62.179
101.247.96.156	189.77.36.230	90.57.66.128	12.165.64.11
103.92.121.83	85.53.244.53	176.107.212.251	5.137.6.80
65.13.105.253	138.192.87.229	110.38.10.56	47.132.253.224
126.176.5.154	3.111.132.105	50.27.237.237	209.52.7.133