52.169.157.99 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Ireland

Internet Service Provider: Microsoft Corporation

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	spam, phishing	2020-08-18 15:52:32

Comments on same subnet:

IP	Type	Details	Datetime
52.169.157.242	attackspambots	Attempted connection to port 3390.	2020-08-19 06:35:55

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 52.169.157.99
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31851
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;52.169.157.99.			IN	A

;; AUTHORITY SECTION:
.			304	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020081800 1800 900 604800 86400

;; Query time: 66 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Aug 18 15:52:24 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 99.157.169.52.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 99.157.169.52.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
201.244.36.148	attackbots	Jul 29 12:12:18 srv-4 sshd\[24344\]: Invalid user usp from 201.244.36.148 Jul 29 12:12:18 srv-4 sshd\[24344\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.244.36.148 Jul 29 12:12:20 srv-4 sshd\[24344\]: Failed password for invalid user usp from 201.244.36.148 port 56129 ssh2 ...	2019-07-29 18:04:55
40.40.80.115	attackspam	Honeypot attack, port: 445, PTR: PTR record not found	2019-07-29 19:08:32
88.231.165.51	attackspambots	Honeypot attack, port: 23, PTR: 88.231.165.51.dynamic.ttnet.com.tr.	2019-07-29 19:06:05
163.172.191.192	attack	SSH/22 MH Probe, BF, Hack -	2019-07-29 18:13:47
52.187.171.78	attackspambots	Many RDP login attempts detected by IDS script	2019-07-29 18:55:21
124.127.132.22	attack	Jul 29 13:08:01 microserver sshd[42522]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.127.132.22 user=root Jul 29 13:08:03 microserver sshd[42522]: Failed password for root from 124.127.132.22 port 50757 ssh2 Jul 29 13:11:54 microserver sshd[43432]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.127.132.22 user=root Jul 29 13:11:55 microserver sshd[43432]: Failed password for root from 124.127.132.22 port 55489 ssh2 Jul 29 13:15:59 microserver sshd[44444]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.127.132.22 user=root Jul 29 13:39:12 microserver sshd[47905]: Invalid user passWord from 124.127.132.22 port 16948 Jul 29 13:39:12 microserver sshd[47905]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.127.132.22 Jul 29 13:39:14 microserver sshd[47905]: Failed password for invalid user passWord from 124.127.132.22 port 16948 ssh	2019-07-29 18:20:02
218.93.121.42	attackspam	port scan and connect, tcp 22 (ssh)	2019-07-29 18:59:10
42.118.70.6	attack	1564382897 - 07/29/2019 13:48:17 Host: 42.118.70.6/42.118.70.6 Port: 23 TCP Blocked ...	2019-07-29 18:23:07
58.213.198.77	attackbotsspam	DATE:2019-07-29 08:48:58, IP:58.213.198.77, PORT:ssh brute force auth on SSH service (patata)	2019-07-29 18:05:19
223.244.250.99	attack	Jul 29 07:43:03 durga sshd[157557]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.244.250.99 user=r.r Jul 29 07:43:05 durga sshd[157557]: Failed password for r.r from 223.244.250.99 port 1752 ssh2 Jul 29 07:43:05 durga sshd[157557]: Received disconnect from 223.244.250.99: 11: Bye Bye [preauth] Jul 29 07:46:51 durga sshd[158436]: Invalid user * from 223.244.250.99 Jul 29 07:46:51 durga sshd[158436]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.244.250.99 Jul 29 07:46:53 durga sshd[158436]: Failed password for invalid user * from 223.244.250.99 port 29613 ssh2 Jul 29 07:46:53 durga sshd[158436]: Received disconnect from 223.244.250.99: 11: Bye Bye [preauth] Jul 29 07:50:35 durga sshd[159368]: Invalid user 0nl1n3 from 223.244.250.99 Jul 29 07:50:35 durga sshd[159368]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.244.250.99 Jul 29 0........ -------------------------------	2019-07-29 18:12:03
85.159.5.94	attackspam	Jul 29 04:54:02 localhost kernel: [15634635.423162] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=85.159.5.94 DST=[mungedIP2] LEN=44 TOS=0x00 PREC=0x00 TTL=53 ID=27799 PROTO=TCP SPT=48174 DPT=52869 WINDOW=64870 RES=0x00 SYN URGP=0 Jul 29 04:54:02 localhost kernel: [15634635.423194] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=85.159.5.94 DST=[mungedIP2] LEN=44 TOS=0x00 PREC=0x00 TTL=53 ID=27799 PROTO=TCP SPT=48174 DPT=52869 SEQ=758669438 ACK=0 WINDOW=64870 RES=0x00 SYN URGP=0 OPT (020405B4)	2019-07-29 18:53:10
194.35.43.203	attack	SSH/22 MH Probe, BF, Hack -	2019-07-29 18:56:32
206.189.155.139	attack	Lines containing failures of 206.189.155.139 Jul 29 05:36:13 kopano sshd[13158]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.155.139 user=r.r Jul 29 05:36:15 kopano sshd[13158]: Failed password for r.r from 206.189.155.139 port 59966 ssh2 Jul 29 05:36:15 kopano sshd[13158]: Received disconnect from 206.189.155.139 port 59966:11: Bye Bye [preauth] Jul 29 05:36:15 kopano sshd[13158]: Disconnected from authenticating user r.r 206.189.155.139 port 59966 [preauth] Jul 29 05:53:45 kopano sshd[14674]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.155.139 user=r.r Jul 29 05:53:47 kopano sshd[14674]: Failed password for r.r from 206.189.155.139 port 55752 ssh2 Jul 29 05:53:47 kopano sshd[14674]: Received disconnect from 206.189.155.139 port 55752:11: Bye Bye [preauth] Jul 29 05:53:47 kopano sshd[14674]: Disconnected from authenticating user r.r 206.189.155.139 port 55752 [preau........ ------------------------------	2019-07-29 18:18:59
165.22.136.185	attack	20 attempts against mh-ssh on train.magehost.pro	2019-07-29 18:31:29
58.72.155.170	attackspam	Jul 29 02:29:15 mail sshd[19617]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.72.155.170 user=root Jul 29 02:29:17 mail sshd[19617]: Failed password for root from 58.72.155.170 port 57164 ssh2 Jul 29 08:42:45 mail sshd[2821]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.72.155.170 user=root Jul 29 08:42:47 mail sshd[2821]: Failed password for root from 58.72.155.170 port 39242 ssh2 Jul 29 08:47:58 mail sshd[3389]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.72.155.170 user=root Jul 29 08:48:00 mail sshd[3389]: Failed password for root from 58.72.155.170 port 35202 ssh2 ...	2019-07-29 18:38:13

Recently Reported IPs

128.185.185.120	180.183.28.228	136.232.82.10	36.72.125.137
113.76.88.250	118.70.128.231	5.9.144.131	111.173.10.199
34.84.157.244	103.231.134.223	123.247.49.42	210.94.99.109
54.207.6.203	110.246.191.155	189.254.204.50	52.186.8.68
191.232.161.73	140.213.24.90	71.223.18.218	50.62.208.170