52.253.90.92 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Singapore

Internet Service Provider: Microsoft Corporation

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Sep 21 09:13:08 ny01 sshd[31621]: Failed password for root from 52.253.90.92 port 46270 ssh2 Sep 21 09:17:42 ny01 sshd[32135]: Failed password for root from 52.253.90.92 port 57614 ssh2	2020-09-21 21:44:46
attackbotsspam	$f2bV_matches	2020-09-21 13:30:32
attack	Sep 21 01:49:59 dhoomketu sshd[3247185]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.253.90.92 Sep 21 01:49:59 dhoomketu sshd[3247185]: Invalid user testftp from 52.253.90.92 port 39246 Sep 21 01:50:01 dhoomketu sshd[3247185]: Failed password for invalid user testftp from 52.253.90.92 port 39246 ssh2 Sep 21 01:54:05 dhoomketu sshd[3247269]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.253.90.92 user=root Sep 21 01:54:07 dhoomketu sshd[3247269]: Failed password for root from 52.253.90.92 port 50578 ssh2 ...	2020-09-21 05:21:01

Type

Details

Datetime

attack

Sep 21 09:13:08 ny01 sshd[31621]: Failed password for root from 52.253.90.92 port 46270 ssh2
Sep 21 09:17:42 ny01 sshd[32135]: Failed password for root from 52.253.90.92 port 57614 ssh2

2020-09-21 21:44:46

attackbotsspam

$f2bV_matches

2020-09-21 13:30:32

attack

Sep 21 01:49:59 dhoomketu sshd[3247185]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.253.90.92 
Sep 21 01:49:59 dhoomketu sshd[3247185]: Invalid user testftp from 52.253.90.92 port 39246
Sep 21 01:50:01 dhoomketu sshd[3247185]: Failed password for invalid user testftp from 52.253.90.92 port 39246 ssh2
Sep 21 01:54:05 dhoomketu sshd[3247269]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.253.90.92  user=root
Sep 21 01:54:07 dhoomketu sshd[3247269]: Failed password for root from 52.253.90.92 port 50578 ssh2
...

2020-09-21 05:21:01

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 52.253.90.92
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42189
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;52.253.90.92.			IN	A

;; AUTHORITY SECTION:
.			559	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020092001 1800 900 604800 86400

;; Query time: 55 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Sep 21 05:20:58 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 92.90.253.52.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 92.90.253.52.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
223.19.235.127	attackspambots	Unauthorized connection attempt from IP address 223.19.235.127 on Port 445(SMB)	2019-08-28 02:36:53
90.59.161.63	attack	SSH bruteforce (Triggered fail2ban)	2019-08-28 02:20:02
134.175.84.31	attack	2019-08-27T14:25:47.541058abusebot-6.cloudsearch.cf sshd\[27550\]: Invalid user love from 134.175.84.31 port 48552	2019-08-28 02:22:23
130.255.245.164	attack	Unauthorized connection attempt from IP address 130.255.245.164 on Port 445(SMB)	2019-08-28 02:55:31
118.24.25.150	attackbots	Aug 27 01:20:24 kapalua sshd\[5680\]: Invalid user mr from 118.24.25.150 Aug 27 01:20:24 kapalua sshd\[5680\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.25.150 Aug 27 01:20:26 kapalua sshd\[5680\]: Failed password for invalid user mr from 118.24.25.150 port 40364 ssh2 Aug 27 01:26:38 kapalua sshd\[6323\]: Invalid user john1 from 118.24.25.150 Aug 27 01:26:38 kapalua sshd\[6323\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.25.150	2019-08-28 02:25:49
77.223.36.250	attackspam	Aug 27 14:54:54 taivassalofi sshd[120156]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=77.223.36.250 Aug 27 14:54:56 taivassalofi sshd[120156]: Failed password for invalid user marie from 77.223.36.250 port 36770 ssh2 ...	2019-08-28 02:32:04
118.89.35.168	attackspam	Aug 27 12:11:42 ip-172-31-1-72 sshd\[26933\]: Invalid user iolee from 118.89.35.168 Aug 27 12:11:42 ip-172-31-1-72 sshd\[26933\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.89.35.168 Aug 27 12:11:44 ip-172-31-1-72 sshd\[26933\]: Failed password for invalid user iolee from 118.89.35.168 port 35924 ssh2 Aug 27 12:13:30 ip-172-31-1-72 sshd\[26951\]: Invalid user starcraft from 118.89.35.168 Aug 27 12:13:30 ip-172-31-1-72 sshd\[26951\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.89.35.168	2019-08-28 02:50:52
183.99.77.161	attackbotsspam	Aug 27 09:11:21 xb0 sshd[27939]: Failed password for invalid user hauptinhaltsverzeichnis from 183.99.77.161 port 29505 ssh2 Aug 27 09:11:21 xb0 sshd[27939]: Received disconnect from 183.99.77.161: 11: Bye Bye [preauth] Aug 27 09:21:16 xb0 sshd[30202]: Failed password for invalid user cychen from 183.99.77.161 port 24156 ssh2 Aug 27 09:21:16 xb0 sshd[30202]: Received disconnect from 183.99.77.161: 11: Bye Bye [preauth] Aug 27 09:26:05 xb0 sshd[29841]: Failed password for invalid user test from 183.99.77.161 port 29876 ssh2 Aug 27 09:26:05 xb0 sshd[29841]: Received disconnect from 183.99.77.161: 11: Bye Bye [preauth] Aug 27 09:30:39 xb0 sshd[31558]: Failed password for invalid user brood from 183.99.77.161 port 14648 ssh2 Aug 27 09:30:39 xb0 sshd[31558]: Received disconnect from 183.99.77.161: 11: Bye Bye [preauth] Aug 27 09:35:18 xb0 sshd[31416]: Failed password for invalid user gts from 183.99.77.161 port 31211 ssh2 Aug 27 09:35:18 xb0 sshd[31416]: Received disconnect ........ -------------------------------	2019-08-28 02:27:57
187.162.45.13	attackspambots	" "	2019-08-28 02:49:20
112.133.248.103	attackspambots	Unauthorized connection attempt from IP address 112.133.248.103 on Port 445(SMB)	2019-08-28 02:21:15
188.20.52.25	attack	Aug 27 15:24:36 localhost sshd\[303\]: Invalid user 123123 from 188.20.52.25 port 34730 Aug 27 15:24:36 localhost sshd\[303\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.20.52.25 Aug 27 15:24:38 localhost sshd\[303\]: Failed password for invalid user 123123 from 188.20.52.25 port 34730 ssh2	2019-08-28 02:29:12
1.172.61.219	attack	Unauthorized connection attempt from IP address 1.172.61.219 on Port 445(SMB)	2019-08-28 02:54:32
36.228.225.162	attackbotsspam	Unauthorized connection attempt from IP address 36.228.225.162 on Port 445(SMB)	2019-08-28 03:00:42
62.102.148.69	attack	Automated report - ssh fail2ban: Aug 27 20:34:44 wrong password, user=root, port=42423, ssh2 Aug 27 20:34:47 wrong password, user=root, port=42423, ssh2 Aug 27 20:34:51 wrong password, user=root, port=42423, ssh2 Aug 27 20:34:54 wrong password, user=root, port=42423, ssh2	2019-08-28 02:50:33
51.77.245.181	attackspambots	Aug 27 15:40:03 SilenceServices sshd[25625]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.245.181 Aug 27 15:40:06 SilenceServices sshd[25625]: Failed password for invalid user hduser from 51.77.245.181 port 54260 ssh2 Aug 27 15:43:51 SilenceServices sshd[27139]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.245.181	2019-08-28 02:38:12

Recently Reported IPs

203.218.158.176	211.194.92.252	72.220.123.92	94.191.81.127
37.41.175.82	182.114.202.46	112.118.57.30	187.104.121.207
180.26.173.228	242.184.19.154	15.125.107.62	103.137.194.173
58.9.110.27	45.167.213.0	186.91.193.113	83.170.242.46
183.104.137.225	221.15.170.239	220.242.181.32	220.142.43.128