52.63.48.248 - IPInfo

Basic Info

City: Sydney

Region: New South Wales

Country: Australia

Internet Service Provider: Amazon Technologies Inc.

Hostname: unknown

Organization: Amazon.com, Inc.

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	xmlrpc attack	2019-07-29 00:32:16

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 52.63.48.248
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 36274
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;52.63.48.248.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072800 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Jul 29 00:31:57 CST 2019
;; MSG SIZE  rcvd: 116

Host info

248.48.63.52.in-addr.arpa domain name pointer ec2-52-63-48-248.ap-southeast-2.compute.amazonaws.com.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
248.48.63.52.in-addr.arpa	name = ec2-52-63-48-248.ap-southeast-2.compute.amazonaws.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
83.53.171.232	attack	Automatic report - Port Scan Attack	2020-04-13 21:51:19
79.137.77.131	attackbots	Apr 13 15:41:42 prod4 sshd\[23311\]: Invalid user schlussel from 79.137.77.131 Apr 13 15:41:44 prod4 sshd\[23311\]: Failed password for invalid user schlussel from 79.137.77.131 port 58418 ssh2 Apr 13 15:45:56 prod4 sshd\[24690\]: Invalid user backup from 79.137.77.131 ...	2020-04-13 22:05:09
58.152.43.73	attack	SSH login attempts.	2020-04-13 22:05:26
80.211.116.102	attack	Invalid user elan from 80.211.116.102 port 56535	2020-04-13 21:49:25
103.242.56.189	attackspam	$f2bV_matches	2020-04-13 22:23:27
167.114.210.127	attackspambots	Automatic report - XMLRPC Attack	2020-04-13 22:20:25
218.92.0.212	attack	2020-04-13T13:38:17.533537shield sshd\[11758\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.212 user=root 2020-04-13T13:38:19.839790shield sshd\[11758\]: Failed password for root from 218.92.0.212 port 33474 ssh2 2020-04-13T13:38:24.001214shield sshd\[11758\]: Failed password for root from 218.92.0.212 port 33474 ssh2 2020-04-13T13:38:27.068619shield sshd\[11758\]: Failed password for root from 218.92.0.212 port 33474 ssh2 2020-04-13T13:38:31.450889shield sshd\[11758\]: Failed password for root from 218.92.0.212 port 33474 ssh2	2020-04-13 21:50:28
185.220.101.40	attack	Apr 13 10:36:33 risk sshd[16056]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.220.101.40 user=r.r Apr 13 10:36:35 risk sshd[16056]: Failed password for r.r from 185.220.101.40 port 3888 ssh2 Apr 13 10:36:37 risk sshd[16056]: Failed password for r.r from 185.220.101.40 port 3888 ssh2 Apr 13 10:36:39 risk sshd[16056]: Failed password for r.r from 185.220.101.40 port 3888 ssh2 Apr 13 10:36:41 risk sshd[16056]: Failed password for r.r from 185.220.101.40 port 3888 ssh2 Apr 13 10:36:43 risk sshd[16056]: Failed password for r.r from 185.220.101.40 port 3888 ssh2 Apr 13 10:36:45 risk sshd[16056]: Failed password for r.r from 185.220.101.40 port 3888 ssh2 Apr 13 10:36:45 risk sshd[16056]: PAM 5 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.220.101.40 user=r.r ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=185.220.101.40	2020-04-13 22:03:39
187.0.211.99	attackspambots	Invalid user admin from 187.0.211.99 port 55020	2020-04-13 21:46:49
180.76.146.100	attack	Apr 13 15:36:48 plex sshd[23278]: Invalid user test from 180.76.146.100 port 35288	2020-04-13 21:45:09
192.241.239.62	attack	109/tcp 5222/tcp 20/tcp... [2020-03-14/04-12]22pkt,21pt.(tcp)	2020-04-13 22:03:16
168.227.99.10	attack	Apr 13 11:07:30 sshd\[12924\]: Invalid user hack from 168.227.99.10Apr 13 11:07:32 sshd\[12924\]: Failed password for invalid user hack from 168.227.99.10 port 41032 ssh2 ...	2020-04-13 22:16:36
162.243.132.34	attackspambots	Port Scan: Events[1] countPorts[1]: 83 ..	2020-04-13 22:08:08
61.12.38.162	attackbots	Apr 13 12:22:04 server sshd[2625]: Failed password for root from 61.12.38.162 port 45832 ssh2 Apr 13 13:07:47 server sshd[11762]: Failed password for invalid user gen@59#sys from 61.12.38.162 port 58210 ssh2 Apr 13 13:11:55 server sshd[12477]: Failed password for invalid user sa55555 from 61.12.38.162 port 38820 ssh2	2020-04-13 21:44:08
37.49.225.166	attack	30120/udp 3478/udp 5060/udp... [2020-02-12/04-13]241pkt,2pt.(tcp),16pt.(udp)	2020-04-13 22:12:02

Recently Reported IPs

100.176.245.141	209.2.153.170	220.10.226.59	60.130.196.135
32.134.226.146	170.78.123.14	163.201.194.59	34.248.149.239
79.154.176.156	31.148.146.67	76.67.204.61	167.56.23.174
61.113.235.247	218.163.68.25	109.78.165.249	218.34.46.135
47.79.135.105	45.54.137.147	128.199.224.215	178.24.63.19