52.66.108.40 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: India

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 52.66.108.40
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 36865
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;52.66.108.40.			IN	A

;; AUTHORITY SECTION:
.			29	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025021200 1800 900 604800 86400

;; Query time: 12 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Feb 12 15:13:13 CST 2025
;; MSG SIZE  rcvd: 105

Host info

40.108.66.52.in-addr.arpa domain name pointer ec2-52-66-108-40.ap-south-1.compute.amazonaws.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
40.108.66.52.in-addr.arpa	name = ec2-52-66-108-40.ap-south-1.compute.amazonaws.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
122.114.158.242	attackbots	(sshd) Failed SSH login from 122.114.158.242 (CN/China/-): 5 in the last 3600 secs	2020-08-26 15:37:57
104.248.157.207	attackbotsspam	Invalid user test from 104.248.157.207 port 59114	2020-08-26 15:48:30
185.220.103.9	attackbots	Aug 26 04:44:17 shivevps sshd[30870]: Bad protocol version identification '\024' from 185.220.103.9 port 44650 Aug 26 04:44:22 shivevps sshd[31094]: Bad protocol version identification '\024' from 185.220.103.9 port 46468 Aug 26 04:44:23 shivevps sshd[31158]: Bad protocol version identification '\024' from 185.220.103.9 port 46946 ...	2020-08-26 15:12:41
119.29.119.151	attackspam	2020-08-26T01:39:13.570255linuxbox-skyline sshd[164842]: Invalid user redmine from 119.29.119.151 port 40580 ...	2020-08-26 15:46:00
45.4.0.100	attack	Aug 26 04:38:39 shivevps sshd[21191]: Bad protocol version identification '\024' from 45.4.0.100 port 50779 Aug 26 04:40:04 shivevps sshd[23592]: Bad protocol version identification '\024' from 45.4.0.100 port 57237 Aug 26 04:42:25 shivevps sshd[26942]: Bad protocol version identification '\024' from 45.4.0.100 port 35016 ...	2020-08-26 15:19:25
185.220.102.244	attackspam	$f2bV_matches	2020-08-26 15:25:26
106.12.207.236	attackbotsspam	Apr 16 16:46:31 ms-srv sshd[36788]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.207.236 Apr 16 16:46:34 ms-srv sshd[36788]: Failed password for invalid user og from 106.12.207.236 port 51032 ssh2	2020-08-26 15:51:46
45.227.255.207	attackbots	SSH Bruteforce Attempt on Honeypot	2020-08-26 15:26:25
91.121.173.41	attackspambots	Aug 26 09:38:08 [host] sshd[31549]: Invalid user a Aug 26 09:38:08 [host] sshd[31549]: pam_unix(sshd: Aug 26 09:38:10 [host] sshd[31549]: Failed passwor	2020-08-26 15:46:49
124.219.176.139	attack	Aug 26 04:39:21 shivevps sshd[22466]: Bad protocol version identification '\024' from 124.219.176.139 port 39076 Aug 26 04:41:52 shivevps sshd[26020]: Bad protocol version identification '\024' from 124.219.176.139 port 40596 Aug 26 04:44:09 shivevps sshd[30673]: Bad protocol version identification '\024' from 124.219.176.139 port 42386 ...	2020-08-26 15:08:43
94.247.16.29	attackspam	spam	2020-08-26 15:06:50
36.81.153.44	attack	1433/tcp [2020-08-26]1pkt	2020-08-26 15:40:46
181.129.183.19	attack	Aug 26 04:38:45 shivevps sshd[21344]: Bad protocol version identification '\024' from 181.129.183.19 port 47207 Aug 26 04:43:50 shivevps sshd[30015]: Bad protocol version identification '\024' from 181.129.183.19 port 54460 Aug 26 04:44:25 shivevps sshd[31290]: Bad protocol version identification '\024' from 181.129.183.19 port 55241 ...	2020-08-26 15:43:27
162.247.74.206	attackspambots	$f2bV_matches	2020-08-26 15:35:01
117.239.149.94	attackbots	[Wed Aug 26 10:53:34.803560 2020] [:error] [pid 30543:tid 139707031746304] [client 117.239.149.94:63017] [client 117.239.149.94] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197:80"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/manager/html"] [unique_id "X0XcviXBG@3tAFpdD8koaAAAAnY"] ...	2020-08-26 15:14:11

Recently Reported IPs

184.49.136.124	186.213.244.146	236.66.64.74	118.154.47.242
142.173.117.92	109.57.247.167	180.247.184.28	250.90.253.170
70.38.64.183	207.116.44.59	135.115.93.217	150.71.52.230
41.120.238.42	240.65.168.180	226.226.236.149	118.50.231.165
202.119.103.178	193.168.53.144	98.90.169.221	117.206.61.23