52.78.42.164 - IPInfo

Basic Info

City: Incheon

Region: Incheon

Country: South Korea

Internet Service Provider: unknown

Hostname: unknown

Organization: Amazon.com, Inc.

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 52.78.42.164
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21708
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;52.78.42.164.			IN	A

;; AUTHORITY SECTION:
.			960	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019051900 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun May 19 20:23:57 CST 2019
;; MSG SIZE  rcvd: 116

Host info

164.42.78.52.in-addr.arpa domain name pointer ec2-52-78-42-164.ap-northeast-2.compute.amazonaws.com.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
164.42.78.52.in-addr.arpa	name = ec2-52-78-42-164.ap-northeast-2.compute.amazonaws.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
37.49.225.147	attack	2020-09-03 17:02:32 auth_plain authenticator failed for (User) [37.49.225.147]: 535 Incorrect authentication data (set_id=ipabuse@lavrinenko.info,) 2020-09-03 17:07:58 auth_plain authenticator failed for (User) [37.49.225.147]: 535 Incorrect authentication data (set_id=ftpuser@lavrinenko.info,) ...	2020-09-03 22:15:52
72.53.96.22	attack	Invalid user admin from 72.53.96.22 port 53046	2020-09-03 22:30:45
13.90.225.10	attackbots	Brute forcing email accounts	2020-09-03 22:12:46
186.229.24.194	attack	Invalid user cash from 186.229.24.194 port 21473	2020-09-03 22:33:16
106.13.211.155	attackspam	Port scan: Attack repeated for 24 hours	2020-09-03 22:13:51
111.229.19.221	attackbotsspam	Sep 2 20:23:20 web9 sshd\[14216\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.19.221 user=root Sep 2 20:23:22 web9 sshd\[14216\]: Failed password for root from 111.229.19.221 port 39380 ssh2 Sep 2 20:28:40 web9 sshd\[14776\]: Invalid user admin from 111.229.19.221 Sep 2 20:28:40 web9 sshd\[14776\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.19.221 Sep 2 20:28:42 web9 sshd\[14776\]: Failed password for invalid user admin from 111.229.19.221 port 48104 ssh2	2020-09-03 22:04:52
116.206.59.195	attackspam	TCP (SYN) 116.206.59.195:38123 -> port 80, len 44	2020-09-03 22:34:10
222.186.31.166	attackbots	Sep 3 15:41:11 rocket sshd[8787]: Failed password for root from 222.186.31.166 port 22127 ssh2 Sep 3 15:41:20 rocket sshd[8814]: Failed password for root from 222.186.31.166 port 52286 ssh2 ...	2020-09-03 22:44:35
222.107.159.63	attackbotsspam	Cowrie Honeypot: Unauthorised SSH/Telnet login attempt with user "pi" at 2020-09-02T16:47:45Z	2020-09-03 22:08:42
125.99.159.93	attackspambots	Sep 3 13:15:26 inter-technics sshd[865]: Invalid user salvatore from 125.99.159.93 port 6680 Sep 3 13:15:26 inter-technics sshd[865]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.99.159.93 Sep 3 13:15:26 inter-technics sshd[865]: Invalid user salvatore from 125.99.159.93 port 6680 Sep 3 13:15:28 inter-technics sshd[865]: Failed password for invalid user salvatore from 125.99.159.93 port 6680 ssh2 Sep 3 13:19:13 inter-technics sshd[1041]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.99.159.93 user=root Sep 3 13:19:15 inter-technics sshd[1041]: Failed password for root from 125.99.159.93 port 50542 ssh2 ...	2020-09-03 22:34:51
121.178.119.138	attack	Icarus honeypot on github	2020-09-03 22:14:24
113.252.191.213	attack	Sep 2 21:04:08 iago sshd[31878]: Address 113.252.191.213 maps to 213-191-252-113-on-nets.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Sep 2 21:04:08 iago sshd[31878]: Invalid user Adminixxxr from 113.252.191.213 Sep 2 21:04:08 iago sshd[31878]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.252.191.213 Sep 2 21:04:10 iago sshd[31878]: Failed password for invalid user Adminixxxr from 113.252.191.213 port 60458 ssh2 Sep 2 21:04:10 iago sshd[31879]: Connection closed by 113.252.191.213 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=113.252.191.213	2020-09-03 22:20:31
177.86.4.224	attack	Automatic report - XMLRPC Attack	2020-09-03 22:43:36
42.98.51.13	attack	Cowrie Honeypot: Unauthorised SSH/Telnet login attempt with user "admin" at 2020-09-02T16:47:45Z	2020-09-03 22:09:41
159.203.60.236	attackbotsspam	TCP (SYN) 159.203.60.236:59341 -> port 5512, len 44	2020-09-03 22:39:12

Recently Reported IPs

5.124.186.196	185.129.193.54	203.209.89.170	185.231.245.14
46.27.134.249	178.16.154.68	207.208.188.55	161.177.166.99
87.66.186.193	92.221.110.154	178.89.176.250	23.65.122.7
87.163.214.5	187.10.251.188	188.114.89.40	208.252.88.157
171.235.244.220	109.186.107.34	91.83.195.70	2001:41d0:a:fc3e::1