IP address

Search at other sites:

.00052.53.199.191ec2-52-53-199-191.us-west-1.compute.amazonaws.com

Shodan(more info)

Passive DNS

IP blacklists

blocklist.de SSH

52.53.199.191 is listed on the blocklist.de SSH blacklist.

Description: Blocklist.de feed is a free and voluntary service provided<br>by a Fraud/Abuse-specialist. IPs performing SSH attacks.
Type of feed: primary (feed detail page)

Last checked at: 2025-06-04 22:05:05.385000
Was present on blacklist at: 2025-06-02 22:05, 2025-06-03 04:05, 2025-06-03 10:05, 2025-06-03 16:05, 2025-06-03 22:05, 2025-06-04 04:05, 2025-06-04 10:05, 2025-06-04 16:05, 2025-06-04 22:05

BruteForceBlocker

52.53.199.191 is listed on the BruteForceBlocker blacklist.

Description: Daniel Gerzo's BruteForceBlocker. The list is made by perl script,<br>that works along with pf - OpenBSD's firewall and it's main<br>purpose is to block SSH bruteforce attacks via firewall.
Type of feed: primary (feed detail page)

Last checked at: 2025-06-21 02:52:00.226000
Was present on blacklist at: 2025-06-03 02:52, 2025-06-04 02:52, 2025-06-05 02:52, 2025-06-06 02:52, 2025-06-07 02:52, 2025-06-08 02:52, 2025-06-09 02:52, 2025-06-10 02:52, 2025-06-11 02:52, 2025-06-12 02:52, 2025-06-13 02:52, 2025-06-14 02:52, 2025-06-15 02:52, 2025-06-16 02:52, 2025-06-17 02:52, 2025-06-18 02:52, 2025-06-19 02:52, 2025-06-20 02:52, 2025-06-21 02:52

AbuseIPDB

52.53.199.191 is listed on the AbuseIPDB blacklist.

Description: AbuseIPDB is a project managed by Marathon Studios Inc.<br>Lists IPs performing a malicious activity (DDoS, spam, phishing...)
Type of feed: primary (feed detail page)

Last checked at: 2025-06-03 04:00:00.592000
Was present on blacklist at: 2025-06-03 04:00

FireHOL anonymizers

52.53.199.191 is listed on the FireHOL anonymizers blacklist.

Description: List of anonymizing IPs, aggregated from multiple lists by FireHOL.
Type of feed: secondary (feed detail page)

Last checked at: 2025-06-21 00:05:07
Was present on blacklist at: 2025-06-06 00:05, 2025-06-07 00:05, 2025-06-08 00:05, 2025-06-09 00:05, 2025-06-10 00:05, 2025-06-11 00:05, 2025-06-12 00:05, 2025-06-13 00:05, 2025-06-14 00:05, 2025-06-15 00:05, 2025-06-16 00:05, 2025-06-17 00:05, 2025-06-18 00:05, 2025-06-19 00:05, 2025-06-20 00:05, 2025-06-21 00:05

Warden events (1)

2025-06-02

AttemptLogin (node.00aee5): 1

DShield reports (IP summary, reports)

2025-06-02

Number of reports: 72

Distinct targets: 9

2025-06-03

Number of reports: 64

Distinct targets: 6

Origin AS

AS16509 - AMAZON-02

BGP Prefix

52.52.0.0/15

geo

United States, San Jose

🕑 America/Los_Angeles

hostname

ec2-52-53-199-191.us-west-1.compute.amazonaws.com

hostname_class

['ip_in_hostname']

Address block ('inetnum' or 'NetRange' in whois database)

52.0.0.0 - 52.63.255.255

last_activity

2025-06-02 23:26:35.210000

last_warden_event

2025-06-02 23:26:35.210000

rep

0.0

reserved_range

0

Shodan's InternetDB

Open ports: 83, 593, 994, 1283, 1599, 1951, 2021, 2082, 2087, 3050, 3128, 4150, 5001, 5093, 5172, 5560, 5801, 5908, 6433, 7001, 7170, 7474, 8125, 8126, 8285, 8402, 8464, 8839, 9002, 9003, 9040, 9126, 9160, 9307, 9345, 9398, 9433, 9922, 10000, 10036, 10180, 10225, 10911, 11681, 12103, 12149, 12220, 12251, 12263, 12398, 16404, 18028, 18049, 18060, 18092, 20087, 20325, 21381, 27036, 30005, 30006, 30021, 30444, 35002, 36501, 44021, 47990, 49592, 50010, 55554

Tags: honeypot, cloud, eol-product, ai

CPEs: cpe:/a:atlassian:confluence, cpe:/a:f5:nginx, cpe:/a:jquery:jquery:1.9.1, cpe:/a:eclipse:jetty:7.5.4, cpe:/a:jquery:jquery_ui:1.8.2, cpe:/a:jquery:jquery, cpe:/a:php:php:5.5.9, cpe:/a:microsoft:internet_information_services, cpe:/a:getbootstrap:bootstrap, cpe:/a:oracle:jre, cpe:/a:angularjs:angular.js:1.6.5, cpe:/a:jquery:jquery:1.7.1, cpe:/a:jquery:jquery:3.5.1, cpe:/o:microsoft:windows

ts_added

2025-06-02 22:09:19.129000

ts_last_update

2025-06-21 02:52:13.363000

Warden event timeline

DShield event timeline

Presence on blacklists