52.172.42.153 - IPInfo

Basic Info

City: Chennai

Region: Tamil Nadu

Country: India

Internet Service Provider: Microsoft Corporation

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Jun 6 15:35:37 scw-6657dc sshd[5931]: Invalid user deployer from 52.172.42.153 port 36044 Jun 6 15:35:37 scw-6657dc sshd[5931]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.172.42.153 Jun 6 15:35:39 scw-6657dc sshd[5931]: Failed password for invalid user deployer from 52.172.42.153 port 36044 ssh2 ...	2020-06-07 00:12:52
attack	2020-06-05 22:06:00,845 fail2ban.actions [937]: NOTICE [sshd] Ban 52.172.42.153 2020-06-05 22:38:22,112 fail2ban.actions [937]: NOTICE [sshd] Ban 52.172.42.153 2020-06-05 23:10:55,481 fail2ban.actions [937]: NOTICE [sshd] Ban 52.172.42.153 2020-06-05 23:42:26,975 fail2ban.actions [937]: NOTICE [sshd] Ban 52.172.42.153 2020-06-06 00:15:06,346 fail2ban.actions [937]: NOTICE [sshd] Ban 52.172.42.153 ...	2020-06-06 07:08:49

Type

Details

Datetime

attack

Jun  6 15:35:37 scw-6657dc sshd[5931]: Invalid user deployer from 52.172.42.153 port 36044
Jun  6 15:35:37 scw-6657dc sshd[5931]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.172.42.153
Jun  6 15:35:39 scw-6657dc sshd[5931]: Failed password for invalid user deployer from 52.172.42.153 port 36044 ssh2
...

2020-06-07 00:12:52

attack

2020-06-05 22:06:00,845 fail2ban.actions        [937]: NOTICE  [sshd] Ban 52.172.42.153
2020-06-05 22:38:22,112 fail2ban.actions        [937]: NOTICE  [sshd] Ban 52.172.42.153
2020-06-05 23:10:55,481 fail2ban.actions        [937]: NOTICE  [sshd] Ban 52.172.42.153
2020-06-05 23:42:26,975 fail2ban.actions        [937]: NOTICE  [sshd] Ban 52.172.42.153
2020-06-06 00:15:06,346 fail2ban.actions        [937]: NOTICE  [sshd] Ban 52.172.42.153
...

2020-06-06 07:08:49

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 52.172.42.153
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 43423
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;52.172.42.153.			IN	A

;; AUTHORITY SECTION:
.			239	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020060501 1800 900 604800 86400

;; Query time: 41 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jun 06 07:08:45 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 153.42.172.52.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 153.42.172.52.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
218.92.0.188	attack	Sep 25 11:04:16 lcdev sshd\[28543\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.188 user=root Sep 25 11:04:18 lcdev sshd\[28543\]: Failed password for root from 218.92.0.188 port 35583 ssh2 Sep 25 11:04:34 lcdev sshd\[28556\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.188 user=root Sep 25 11:04:36 lcdev sshd\[28556\]: Failed password for root from 218.92.0.188 port 61151 ssh2 Sep 25 11:04:52 lcdev sshd\[28574\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.188 user=root	2019-09-26 07:05:18
222.186.175.169	attackspam	Sep 25 18:32:05 xtremcommunity sshd\[469705\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.169 user=root Sep 25 18:32:07 xtremcommunity sshd\[469705\]: Failed password for root from 222.186.175.169 port 49730 ssh2 Sep 25 18:32:11 xtremcommunity sshd\[469705\]: Failed password for root from 222.186.175.169 port 49730 ssh2 Sep 25 18:32:15 xtremcommunity sshd\[469705\]: Failed password for root from 222.186.175.169 port 49730 ssh2 Sep 25 18:32:20 xtremcommunity sshd\[469705\]: Failed password for root from 222.186.175.169 port 49730 ssh2 ...	2019-09-26 07:01:24
47.74.190.56	attackbots	F2B jail: sshd. Time: 2019-09-26 00:41:16, Reported by: VKReport	2019-09-26 07:07:34
148.72.211.251	attackspam	Looking for resource vulnerabilities	2019-09-26 06:57:44
91.206.33.25	attack	port scan and connect, tcp 88 (kerberos-sec)	2019-09-26 06:36:55
218.89.55.163	attackspambots	3389BruteforceFW21	2019-09-26 06:37:25
222.186.175.148	attackbotsspam	Sep 26 01:07:40 rotator sshd\[2348\]: Failed password for root from 222.186.175.148 port 52208 ssh2Sep 26 01:07:44 rotator sshd\[2348\]: Failed password for root from 222.186.175.148 port 52208 ssh2Sep 26 01:07:48 rotator sshd\[2348\]: Failed password for root from 222.186.175.148 port 52208 ssh2Sep 26 01:07:52 rotator sshd\[2348\]: Failed password for root from 222.186.175.148 port 52208 ssh2Sep 26 01:07:56 rotator sshd\[2348\]: Failed password for root from 222.186.175.148 port 52208 ssh2Sep 26 01:08:07 rotator sshd\[2353\]: Failed password for root from 222.186.175.148 port 60174 ssh2 ...	2019-09-26 07:13:00
46.229.168.134	attackbots	Automatic report - Banned IP Access	2019-09-26 07:09:01
194.44.67.82	attackbotsspam	Chat Spam	2019-09-26 06:42:13
222.180.162.8	attackspambots	invalid user	2019-09-26 06:55:27
91.241.59.43	attackbots	Sep 26 00:33:12 vps01 sshd[27469]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.241.59.43 Sep 26 00:33:14 vps01 sshd[27469]: Failed password for invalid user laur from 91.241.59.43 port 48760 ssh2	2019-09-26 06:39:23
111.230.110.87	attack	Sep 25 12:34:11 sachi sshd\[7061\]: Invalid user yuanwd from 111.230.110.87 Sep 25 12:34:11 sachi sshd\[7061\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.230.110.87 Sep 25 12:34:14 sachi sshd\[7061\]: Failed password for invalid user yuanwd from 111.230.110.87 port 40572 ssh2 Sep 25 12:37:44 sachi sshd\[7314\]: Invalid user Pentti from 111.230.110.87 Sep 25 12:37:44 sachi sshd\[7314\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.230.110.87	2019-09-26 07:04:10
117.185.62.146	attack	Sep 26 01:14:33 pkdns2 sshd\[4021\]: Invalid user jboss from 117.185.62.146Sep 26 01:14:35 pkdns2 sshd\[4021\]: Failed password for invalid user jboss from 117.185.62.146 port 39318 ssh2Sep 26 01:17:51 pkdns2 sshd\[4160\]: Invalid user gituser from 117.185.62.146Sep 26 01:17:53 pkdns2 sshd\[4160\]: Failed password for invalid user gituser from 117.185.62.146 port 51849 ssh2Sep 26 01:21:26 pkdns2 sshd\[4327\]: Invalid user tonic from 117.185.62.146Sep 26 01:21:27 pkdns2 sshd\[4327\]: Failed password for invalid user tonic from 117.185.62.146 port 36143 ssh2 ...	2019-09-26 06:33:57
2604:a880:2:d0::2253:f001	attackbots	Forbidden directory scan :: 2019/09/26 06:55:17 [error] 1103#1103: *280024 access forbidden by rule, client: 2604:a880:2:d0::2253:f001, server: [censored_2], request: "GET //exp.sql HTTP/1.1", host: "[censored_2]:443"	2019-09-26 07:09:35
203.130.192.242	attackspambots	Sep 25 17:56:21 ny01 sshd[20117]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.130.192.242 Sep 25 17:56:22 ny01 sshd[20117]: Failed password for invalid user git from 203.130.192.242 port 32770 ssh2 Sep 25 18:01:45 ny01 sshd[21068]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.130.192.242	2019-09-26 06:42:56

Recently Reported IPs

74.37.31.203	5.151.73.104	177.117.147.43	77.218.34.203
152.173.8.33	205.185.115.40	90.46.206.117	164.68.105.228
3.210.153.138	217.90.28.127	151.42.17.13	69.90.137.235
2.17.211.148	189.94.192.48	83.163.9.141	204.234.178.206
101.149.22.38	76.110.56.140	200.230.71.2	85.87.106.226