City: Mumbai
Region: Maharashtra
Country: India
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#
# start
NetRange: 52.0.0.0 - 52.79.255.255
CIDR: 52.0.0.0/10, 52.64.0.0/12
NetName: AT-88-Z
NetHandle: NET-52-0-0-0-1
Parent: NET52 (NET-52-0-0-0-0)
NetType: Direct Allocation
OriginAS:
Organization: Amazon Technologies Inc. (AT-88-Z)
RegDate: 1991-12-19
Updated: 2024-02-05
Comment: Geofeed http://ip-ranges.amazonaws.com/geo-ip-feed.csv
Ref: https://rdap.arin.net/registry/ip/52.0.0.0
OrgName: Amazon Technologies Inc.
OrgId: AT-88-Z
Address: 410 Terry Ave N.
City: Seattle
StateProv: WA
PostalCode: 98109
Country: US
RegDate: 2011-12-08
Updated: 2024-01-24
Comment: All abuse reports MUST include:
Comment: * src IP
Comment: * dest IP (your IP)
Comment: * dest port
Comment: * Accurate date/timestamp and timezone of activity
Comment: * Intensity/frequency (short log extracts)
Comment: * Your contact details (phone and email) Without these we will be unable to identify the correct owner of the IP address at that point in time.
Ref: https://rdap.arin.net/registry/entity/AT-88-Z
OrgRoutingHandle: IPROU3-ARIN
OrgRoutingName: IP Routing
OrgRoutingPhone: +1-206-555-0000
OrgRoutingEmail: aws-routing-poc@amazon.com
OrgRoutingRef: https://rdap.arin.net/registry/entity/IPROU3-ARIN
OrgRoutingHandle: ARMP-ARIN
OrgRoutingName: AWS RPKI Management POC
OrgRoutingPhone: +1-206-555-0000
OrgRoutingEmail: aws-rpki-routing-poc@amazon.com
OrgRoutingRef: https://rdap.arin.net/registry/entity/ARMP-ARIN
OrgTechHandle: ANO24-ARIN
OrgTechName: Amazon EC2 Network Operations
OrgTechPhone: +1-206-555-0000
OrgTechEmail: amzn-noc-contact@amazon.com
OrgTechRef: https://rdap.arin.net/registry/entity/ANO24-ARIN
OrgAbuseHandle: AEA8-ARIN
OrgAbuseName: Amazon EC2 Abuse
OrgAbusePhone: +1-206-555-0000
OrgAbuseEmail: trustandsafety@support.aws.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/AEA8-ARIN
OrgNOCHandle: AANO1-ARIN
OrgNOCName: Amazon AWS Network Operations
OrgNOCPhone: +1-206-555-0000
OrgNOCEmail: amzn-noc-contact@amazon.com
OrgNOCRef: https://rdap.arin.net/registry/entity/AANO1-ARIN
# end
# start
NetRange: 52.66.0.0 - 52.66.255.255
CIDR: 52.66.0.0/16
NetName: AMAZON-BOM
NetHandle: NET-52-66-0-0-1
Parent: AT-88-Z (NET-52-0-0-0-1)
NetType: Reallocated
OriginAS:
Organization: Amazon Data Services India (ADSI-6)
RegDate: 2016-08-05
Updated: 2021-02-10
Ref: https://rdap.arin.net/registry/ip/52.66.0.0
OrgName: Amazon Data Services India
OrgId: ADSI-6
Address: L&T Business Park, Gate No.5, Tower A
Address: Ground Floor, Sakivihar Road, Pawai
City: Mumbai
StateProv: MAHARASHTRA
PostalCode: 400072
Country: IN
RegDate: 2016-08-05
Updated: 2019-08-02
Ref: https://rdap.arin.net/registry/entity/ADSI-6
OrgNOCHandle: AANO1-ARIN
OrgNOCName: Amazon AWS Network Operations
OrgNOCPhone: +1-206-555-0000
OrgNOCEmail: amzn-noc-contact@amazon.com
OrgNOCRef: https://rdap.arin.net/registry/entity/AANO1-ARIN
OrgTechHandle: ANO24-ARIN
OrgTechName: Amazon EC2 Network Operations
OrgTechPhone: +1-206-555-0000
OrgTechEmail: amzn-noc-contact@amazon.com
OrgTechRef: https://rdap.arin.net/registry/entity/ANO24-ARIN
OrgAbuseHandle: AEA8-ARIN
OrgAbuseName: Amazon EC2 Abuse
OrgAbusePhone: +1-206-555-0000
OrgAbuseEmail: trustandsafety@support.aws.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/AEA8-ARIN
# end
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#; <<>> DiG 9.10.3-P4-Ubuntu <<>> 52.66.28.146
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61548
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;52.66.28.146. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2026030101 1800 900 604800 86400
;; Query time: 29 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Mar 02 08:00:35 CST 2026
;; MSG SIZE rcvd: 105146.28.66.52.in-addr.arpa domain name pointer ec2-52-66-28-146.ap-south-1.compute.amazonaws.com.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
146.28.66.52.in-addr.arpa name = ec2-52-66-28-146.ap-south-1.compute.amazonaws.com.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 45.115.178.195 | attackspam | 2019-09-24T18:25:09.885671abusebot-6.cloudsearch.cf sshd\[8595\]: Invalid user oradev from 45.115.178.195 port 41785 |
2019-09-25 02:29:37 |
| 95.85.60.251 | attackspam | Sep 24 17:27:29 mail sshd[28365]: Invalid user guest from 95.85.60.251 Sep 24 17:27:29 mail sshd[28365]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.85.60.251 Sep 24 17:27:29 mail sshd[28365]: Invalid user guest from 95.85.60.251 Sep 24 17:27:31 mail sshd[28365]: Failed password for invalid user guest from 95.85.60.251 port 59194 ssh2 Sep 24 17:45:25 mail sshd[23447]: Invalid user damian from 95.85.60.251 ... |
2019-09-25 02:40:04 |
| 106.13.74.162 | attack | Too many connections or unauthorized access detected from Arctic banned ip |
2019-09-25 02:41:23 |
| 106.12.58.4 | attackbotsspam | 2019-09-24T15:54:13.795643abusebot-7.cloudsearch.cf sshd\[4771\]: Invalid user admin from 106.12.58.4 port 33878 |
2019-09-25 02:18:36 |
| 79.117.1.55 | attack | Automatic report - Port Scan Attack |
2019-09-25 02:50:25 |
| 206.189.132.184 | attackspam | Sep 24 13:30:09 web8 sshd\[19279\]: Invalid user fd@123 from 206.189.132.184 Sep 24 13:30:09 web8 sshd\[19279\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.132.184 Sep 24 13:30:11 web8 sshd\[19279\]: Failed password for invalid user fd@123 from 206.189.132.184 port 60624 ssh2 Sep 24 13:34:47 web8 sshd\[21399\]: Invalid user mediatomb from 206.189.132.184 Sep 24 13:34:47 web8 sshd\[21399\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.132.184 |
2019-09-25 02:53:27 |
| 212.30.52.243 | attack | Sep 24 08:13:29 tdfoods sshd\[3918\]: Invalid user !QAZ2wsx from 212.30.52.243 Sep 24 08:13:29 tdfoods sshd\[3918\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.30.52.243 Sep 24 08:13:32 tdfoods sshd\[3918\]: Failed password for invalid user !QAZ2wsx from 212.30.52.243 port 45186 ssh2 Sep 24 08:18:46 tdfoods sshd\[4372\]: Invalid user pass from 212.30.52.243 Sep 24 08:18:46 tdfoods sshd\[4372\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.30.52.243 |
2019-09-25 02:35:01 |
| 74.122.128.210 | attackspambots | Sep 24 08:49:02 hpm sshd\[29297\]: Invalid user sysop from 74.122.128.210 Sep 24 08:49:02 hpm sshd\[29297\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=static-74-122-128-210.ptr.terago.net Sep 24 08:49:04 hpm sshd\[29297\]: Failed password for invalid user sysop from 74.122.128.210 port 20261 ssh2 Sep 24 08:52:43 hpm sshd\[29596\]: Invalid user viktor from 74.122.128.210 Sep 24 08:52:43 hpm sshd\[29596\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=static-74-122-128-210.ptr.terago.net |
2019-09-25 02:55:08 |
| 148.70.23.121 | attack | Too many connections or unauthorized access detected from Arctic banned ip |
2019-09-25 02:33:23 |
| 125.67.237.251 | attackspambots | Sep 24 14:39:21 anodpoucpklekan sshd[6856]: Invalid user backup1 from 125.67.237.251 port 55602 ... |
2019-09-25 02:38:22 |
| 104.248.44.227 | attackspambots | detected by Fail2Ban |
2019-09-25 02:32:11 |
| 112.170.78.118 | attackspam | Unauthorized SSH login attempts |
2019-09-25 02:47:44 |
| 167.71.203.239 | attackbots | Sep 23 20:51:28 euve59663 sshd[17085]: Invalid user demo from 167.71.20= 3.239 Sep 23 20:51:28 euve59663 sshd[17085]: pam_unix(sshd:auth): authenticat= ion failure; logname=3D uid=3D0 euid=3D0 tty=3Dssh ruser=3D rhost=3D167= .71.203.239=20 Sep 23 20:51:31 euve59663 sshd[17085]: Failed password for invalid user= demo from 167.71.203.239 port 31230 ssh2 Sep 23 20:51:31 euve59663 sshd[17085]: Received disconnect from 167.71.= 203.239: 11: Bye Bye [preauth] Sep 23 21:12:40 euve59663 sshd[21202]: Invalid user ventas from 167.71.= 203.239 Sep 23 21:12:40 euve59663 sshd[21202]: pam_unix(sshd:auth): authenticat= ion failure; logname=3D uid=3D0 euid=3D0 tty=3Dssh ruser=3D rhost=3D167= .71.203.239=20 Sep 23 21:12:42 euve59663 sshd[21202]: Failed password for invalid user= ventas from 167.71.203.239 port 36478 ssh2 Sep 23 21:12:42 euve59663 sshd[21202]: Received disconnect from 167.71.= 203.239: 11: Bye Bye [preauth] Sep 23 21:17:03 euve59663 sshd[21975]: Invalid user kinrys fro........ ------------------------------- |
2019-09-25 03:05:33 |
| 5.199.130.188 | attackbotsspam | 2019-09-24T18:33:31.972165abusebot.cloudsearch.cf sshd\[10419\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=tor.piratenpartei-nrw.de user=root |
2019-09-25 03:02:17 |
| 212.64.58.154 | attackspambots | 2019-09-24T22:40:20.098015enmeeting.mahidol.ac.th sshd\[7348\]: Invalid user install from 212.64.58.154 port 44098 2019-09-24T22:40:20.116854enmeeting.mahidol.ac.th sshd\[7348\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.58.154 2019-09-24T22:40:21.937678enmeeting.mahidol.ac.th sshd\[7348\]: Failed password for invalid user install from 212.64.58.154 port 44098 ssh2 ... |
2019-09-25 02:35:54 |