52.64.44.109 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Australia

Internet Service Provider: Amazon Technologies Inc.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	xmlrpc attack	2019-11-03 19:25:44

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 52.64.44.109
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 28297
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;52.64.44.109.			IN	A

;; AUTHORITY SECTION:
.			501	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019110300 1800 900 604800 86400

;; Query time: 111 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Nov 03 19:25:40 CST 2019
;; MSG SIZE  rcvd: 116

Host info

109.44.64.52.in-addr.arpa domain name pointer ec2-52-64-44-109.ap-southeast-2.compute.amazonaws.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
109.44.64.52.in-addr.arpa	name = ec2-52-64-44-109.ap-southeast-2.compute.amazonaws.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
34.102.176.152	attackspambots	fake sharepoint page for phishing	2020-09-24 22:53:58
222.186.180.6	attackspam	Sep 24 16:28:13 vpn01 sshd[30024]: Failed password for root from 222.186.180.6 port 9500 ssh2 Sep 24 16:28:17 vpn01 sshd[30024]: Failed password for root from 222.186.180.6 port 9500 ssh2 ...	2020-09-24 22:35:26
20.185.30.253	attack	[f2b] sshd bruteforce, retries: 1	2020-09-24 22:45:46
2.47.183.107	attack	Sep 24 06:26:20 sshgateway sshd\[25384\]: Invalid user dennis from 2.47.183.107 Sep 24 06:26:20 sshgateway sshd\[25384\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=net-2-47-183-107.cust.vodafonedsl.it Sep 24 06:26:22 sshgateway sshd\[25384\]: Failed password for invalid user dennis from 2.47.183.107 port 54338 ssh2	2020-09-24 22:54:16
106.12.33.174	attack	2020-09-24T13:34:45.944000shield sshd\[22613\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.33.174 user=root 2020-09-24T13:34:48.104948shield sshd\[22613\]: Failed password for root from 106.12.33.174 port 53056 ssh2 2020-09-24T13:43:55.013106shield sshd\[24290\]: Invalid user ahmad from 106.12.33.174 port 59248 2020-09-24T13:43:55.023103shield sshd\[24290\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.33.174 2020-09-24T13:43:57.354844shield sshd\[24290\]: Failed password for invalid user ahmad from 106.12.33.174 port 59248 ssh2	2020-09-24 22:59:55
45.15.139.111	attackbotsspam	(eximsyntax) Exim syntax errors from 45.15.139.111 (ES/Spain/45.15.139.111-ip.goufone.cat): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-09-23 20:33:56 SMTP call from [45.15.139.111] dropped: too many syntax or protocol errors (last command was "?\034?\032?\027?\031?\034?\033?\030?\032?\026?\016?\r?\v?\f? ?")	2020-09-24 22:38:08
61.93.240.18	attack	Invalid user ftpadmin from 61.93.240.18 port 24388	2020-09-24 23:12:54
154.221.18.237	attack	Invalid user edi from 154.221.18.237 port 54810	2020-09-24 22:59:31
1.64.192.226	attackspam	Sep 23 20:07:45 ssh2 sshd[73099]: User root from 1-64-192-226.static.netvigator.com not allowed because not listed in AllowUsers Sep 23 20:07:45 ssh2 sshd[73099]: Failed password for invalid user root from 1.64.192.226 port 40506 ssh2 Sep 23 20:07:45 ssh2 sshd[73099]: Connection closed by invalid user root 1.64.192.226 port 40506 [preauth] ...	2020-09-24 22:33:40
93.143.76.179	attackbots	Automatic report - Port Scan Attack	2020-09-24 23:11:13
85.117.82.3	attackspambots	1600880642 - 09/23/2020 19:04:02 Host: 85.117.82.3/85.117.82.3 Port: 445 TCP Blocked	2020-09-24 22:34:30
60.12.221.84	attack	Invalid user mmk from 60.12.221.84 port 40845	2020-09-24 22:50:02
222.186.175.217	attackspam	Sep 24 16:22:38 abendstille sshd\[5420\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.217 user=root Sep 24 16:22:40 abendstille sshd\[5420\]: Failed password for root from 222.186.175.217 port 23968 ssh2 Sep 24 16:22:52 abendstille sshd\[5420\]: Failed password for root from 222.186.175.217 port 23968 ssh2 Sep 24 16:23:10 abendstille sshd\[5878\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.217 user=root Sep 24 16:23:12 abendstille sshd\[5878\]: Failed password for root from 222.186.175.217 port 59122 ssh2 ...	2020-09-24 22:36:03
218.92.0.248	attack	Sep 24 16:36:02 vm0 sshd[2967]: Failed password for root from 218.92.0.248 port 21076 ssh2 Sep 24 16:36:15 vm0 sshd[2967]: error: maximum authentication attempts exceeded for root from 218.92.0.248 port 21076 ssh2 [preauth] ...	2020-09-24 22:43:59
222.186.175.169	attackbotsspam	Sep 24 16:27:15 marvibiene sshd[11120]: Failed password for root from 222.186.175.169 port 37712 ssh2 Sep 24 16:27:19 marvibiene sshd[11120]: Failed password for root from 222.186.175.169 port 37712 ssh2	2020-09-24 22:34:08

Recently Reported IPs

77.133.7.239	20.131.119.158	81.112.210.88	8.218.127.126
139.180.182.75	222.8.1.168	149.110.84.140	6.158.181.164
40.239.72.56	34.247.228.83	203.184.71.38	31.176.132.131
159.34.79.42	208.225.190.89	181.1.137.52	49.85.48.244
178.65.20.168	205.163.180.57	177.21.218.127	94.51.64.188