City: Ashburn
Region: Virginia
Country: United States
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
| IP | Type | Details | Datetime |
|---|---|---|---|
| 52.55.70.221 | attackspambots | srv04 Mass scanning activity detected Target: 53(domain) .. |
2020-04-20 02:56:39 |
| 52.55.70.221 | attack | trying to access non-authorized port |
2020-02-26 16:48:03 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 52.55.70.73
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57773
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;52.55.70.73. IN A
;; AUTHORITY SECTION:
. 531 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2020081001 1800 900 604800 86400
;; Query time: 102 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Aug 11 08:42:07 CST 2020
;; MSG SIZE rcvd: 11573.70.55.52.in-addr.arpa domain name pointer ec2-52-55-70-73.compute-1.amazonaws.com.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
73.70.55.52.in-addr.arpa name = ec2-52-55-70-73.compute-1.amazonaws.com.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 77.247.110.173 | attackbots | Multiport scan : 11 ports scanned 23485 28688 31954 31955 31956 49900 49901 49902 58090 58091 58092 |
2019-10-27 07:23:29 |
| 168.232.197.4 | attackspambots | ET SCAN Sipvicious User-Agent Detected (friendly-scanner) - port: 5060 proto: UDP cat: Attempted Information Leak |
2019-10-27 07:10:08 |
| 194.29.209.214 | attackspam | TCP connect flood, port scan (port 80/TCP or 443/TCP or 22/TCP). Date: 2019 Oct 26. 17:15:41 Source IP: 194.29.209.214 Details: 2019 Oct 26 17:15:41 - TCP Connection warning: 128 connections from same ip address (194.29.209.214) 2019 Oct 26 17:20:19 - TCP Connection warning: 157 connections from same ip address (194.29.209.214) 2019 Oct 26 17:30:32 - TCP Connection warning: 211 connections from same ip address (194.29.209.214) 2019 Oct 26 17:35:12 - TCP Connection warning: 118 connections from same ip address (194.29.209.214) |
2019-10-27 07:01:54 |
| 80.82.65.74 | attackspam | 10/26/2019-18:55:09.754633 80.82.65.74 Protocol: 6 ET SCAN NMAP -sS window 1024 |
2019-10-27 07:22:55 |
| 89.248.167.131 | attack | ET CINS Active Threat Intelligence Poor Reputation IP group 88 - port: 1024 proto: TCP cat: Misc Attack |
2019-10-27 06:52:47 |
| 77.120.238.208 | attack | ET CINS Active Threat Intelligence Poor Reputation IP group 68 - port: 23 proto: TCP cat: Misc Attack |
2019-10-27 06:54:13 |
| 194.29.215.20 | attack | ET SCAN Potential SSH Scan - port: 22 proto: TCP cat: Attempted Information Leak |
2019-10-27 07:01:25 |
| 92.53.65.196 | attackspam | ET CINS Active Threat Intelligence Poor Reputation IP group 93 - port: 7005 proto: TCP cat: Misc Attack |
2019-10-27 07:18:17 |
| 77.247.110.61 | attackspambots | 10/27/2019-00:32:31.392427 77.247.110.61 Protocol: 17 ET SCAN Sipvicious Scan |
2019-10-27 07:24:14 |
| 185.175.93.18 | attack | 10/27/2019-00:59:37.059087 185.175.93.18 Protocol: 6 ET DROP Dshield Block Listed Source group 1 |
2019-10-27 07:06:12 |
| 94.102.56.181 | attack | 10/26/2019-19:04:28.043659 94.102.56.181 Protocol: 6 ET SCAN NMAP -sS window 1024 |
2019-10-27 07:15:11 |
| 89.33.8.34 | attackspam | ET CINS Active Threat Intelligence Poor Reputation IP group 88 - port: 53 proto: UDP cat: Misc Attack |
2019-10-27 06:53:15 |
| 185.176.27.30 | attack | Multiport scan : 6 ports scanned 2494 2589 2590 2591 2686 2688 |
2019-10-27 07:05:51 |
| 60.191.82.92 | attackbots | ET COMPROMISED Known Compromised or Hostile Host Traffic group 15 - port: 8050 proto: TCP cat: Misc Attack |
2019-10-27 07:26:54 |
| 194.29.208.202 | attackbots | TCP connect flood, port scan (port 80/TCP or 443/TCP or 22/TCP). Date: 2019 Oct 26. 17:20:02 Source IP: 194.29.208.202 Details: 2019 Oct 26 17:20:02 - TCP Connection warning: 101 connections from same ip address (194.29.208.202) 2019 Oct 26 17:20:19 - TCP Connection warning: 138 connections from same ip address (194.29.208.202) 2019 Oct 26 17:30:32 - TCP Connection warning: 110 connections from same ip address (194.29.208.202) 2019 Oct 26 17:35:12 - TCP Connection warning: 179 connections from same ip address (194.29.208.202) |
2019-10-27 07:02:24 |