54.252.81.57 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Australia

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 54.252.81.57
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 37341
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;54.252.81.57.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025021501 1800 900 604800 86400

;; Query time: 51 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 16 02:54:28 CST 2025
;; MSG SIZE  rcvd: 105

Host info

57.81.252.54.in-addr.arpa domain name pointer ec2-54-252-81-57.ap-southeast-2.compute.amazonaws.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
57.81.252.54.in-addr.arpa	name = ec2-54-252-81-57.ap-southeast-2.compute.amazonaws.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
157.55.39.85	attackbots	[Thu Aug 20 10:47:50.008433 2020] [:error] [pid 24698:tid 140548207650560] [client 157.55.39.85:2681] [client 157.55.39.85] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/swiper-v77.js"] [unique_id "Xz3yZqGeI0GCUMzG@ueWgAAAAC0"] ...	2020-08-20 19:24:46
61.177.172.41	attackbots	Aug 20 08:52:10 ajax sshd[29070]: Failed password for root from 61.177.172.41 port 14077 ssh2 Aug 20 08:52:15 ajax sshd[29070]: Failed password for root from 61.177.172.41 port 14077 ssh2	2020-08-20 19:05:54
111.229.94.113	attack	SSH	2020-08-20 18:56:10
51.210.151.242	attackspambots	Invalid user odoo from 51.210.151.242 port 42752	2020-08-20 19:01:34
31.24.224.121	attackbotsspam	1 Attack(s) Detected [DoS Attack: ACK Scan] from source: 31.24.224.121, port 443, Tuesday, August 18, 2020 23:19:58	2020-08-20 18:50:46
49.233.170.22	attack	(sshd) Failed SSH login from 49.233.170.22 (CN/China/-): 5 in the last 3600 secs	2020-08-20 19:07:06
106.12.74.99	attackbotsspam	Aug 20 06:36:32 Invalid user gok from 106.12.74.99 port 52350	2020-08-20 19:24:25
106.13.86.54	attack	Aug 20 12:28:11 vpn01 sshd[26886]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.86.54 Aug 20 12:28:14 vpn01 sshd[26886]: Failed password for invalid user ftp-user from 106.13.86.54 port 33198 ssh2 ...	2020-08-20 19:11:29
172.245.66.53	attack	Aug 20 10:28:19 roki-contabo sshd\[21198\]: Invalid user sam from 172.245.66.53 Aug 20 10:28:19 roki-contabo sshd\[21198\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.245.66.53 Aug 20 10:28:21 roki-contabo sshd\[21198\]: Failed password for invalid user sam from 172.245.66.53 port 49766 ssh2 Aug 20 10:29:04 roki-contabo sshd\[21201\]: Invalid user ftp from 172.245.66.53 Aug 20 10:29:04 roki-contabo sshd\[21201\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.245.66.53 ...	2020-08-20 19:02:25
184.82.225.86	attackbots	Port Scan ...	2020-08-20 19:04:22
187.190.15.230	attackbots	xmlrpc attack	2020-08-20 19:17:26
213.25.120.14	attack	DATE:2020-08-20 05:48:02, IP:213.25.120.14, PORT:1433 MSSQL brute force auth on honeypot server (epe-honey1-hq)	2020-08-20 19:09:43
209.141.38.43	attack	2020-08-20T03:48:12.376775server.espacesoutien.com sshd[29022]: Failed password for root from 209.141.38.43 port 41500 ssh2 2020-08-20T03:48:14.848484server.espacesoutien.com sshd[29022]: Failed password for root from 209.141.38.43 port 41500 ssh2 2020-08-20T03:48:17.129758server.espacesoutien.com sshd[29022]: Failed password for root from 209.141.38.43 port 41500 ssh2 2020-08-20T03:48:19.898216server.espacesoutien.com sshd[29022]: Failed password for root from 209.141.38.43 port 41500 ssh2 ...	2020-08-20 19:02:03
104.248.205.67	attackbots	TCP (SYN) 104.248.205.67:43387 -> port 26632, len 44	2020-08-20 18:59:43
120.53.9.99	attackspam	Aug 20 11:32:49 buvik sshd[24346]: Invalid user hadoop from 120.53.9.99 Aug 20 11:32:49 buvik sshd[24346]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.53.9.99 Aug 20 11:32:51 buvik sshd[24346]: Failed password for invalid user hadoop from 120.53.9.99 port 56256 ssh2 ...	2020-08-20 19:14:12

Recently Reported IPs

66.241.249.85	168.185.59.146	212.112.183.59	76.113.240.156
69.135.160.130	181.142.228.103	16.23.106.59	2.14.187.229
41.83.199.48	86.146.110.73	246.193.78.95	79.162.188.7
203.148.110.141	163.125.120.64	19.54.198.200	126.82.145.116
209.127.75.104	37.215.145.165	137.175.120.22	76.201.68.201