52.42.65.90 - IPInfo

Basic Info

City: Boardman

Region: Oregon

Country: United States

Internet Service Provider: Amazon Technologies Inc.

Hostname: unknown

Organization: Amazon.com, Inc.

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	tcp 2004	2019-09-05 02:00:41

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 52.42.65.90
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 14841
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;52.42.65.90.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019090401 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Sep 05 02:00:36 CST 2019
;; MSG SIZE  rcvd: 115

Host info

90.65.42.52.in-addr.arpa domain name pointer ec2-52-42-65-90.us-west-2.compute.amazonaws.com.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
90.65.42.52.in-addr.arpa	name = ec2-52-42-65-90.us-west-2.compute.amazonaws.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
210.203.22.138	attackbots	May 2 11:41:57 r.ca sshd[21410]: Failed password for invalid user gian from 210.203.22.138 port 54700 ssh2	2020-05-03 04:16:30
104.131.87.57	attack	Invalid user rss from 104.131.87.57 port 32884	2020-05-03 04:30:26
107.170.127.8	attack	2020-05-02T21:06:07.845458hermes auth[129762]: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=office@gomasy.jp rhost=107.170.127.8 ...	2020-05-03 04:29:04
129.211.62.194	attackbots	Invalid user demo from 129.211.62.194 port 50060	2020-05-03 04:07:47
137.97.184.105	attackspambots	Honeypot attack, port: 445, PTR: PTR record not found	2020-05-03 04:14:18
34.96.207.126	attackspambots	Refused from hosts.deny. Log filler.	2020-05-03 04:36:11
68.183.178.162	attackbots	May 2 22:30:50 eventyay sshd[5528]: Failed password for root from 68.183.178.162 port 40624 ssh2 May 2 22:35:10 eventyay sshd[5675]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.178.162 May 2 22:35:13 eventyay sshd[5675]: Failed password for invalid user nagios from 68.183.178.162 port 52650 ssh2 ...	2020-05-03 04:43:30
5.160.57.194	attackspambots	Honeypot attack, port: 445, PTR: PTR record not found	2020-05-03 04:07:01
50.101.187.56	attackbots	web-1 [ssh] SSH Attack	2020-05-03 04:43:49
185.2.5.18	attack	xmlrpc attack	2020-05-03 04:41:29
103.212.32.184	attack	May 1 19:56:15 host sshd[11440]: User r.r from 103.212.32.184 not allowed because none of user's groups are listed in AllowGroups May 1 19:56:15 host sshd[11440]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.212.32.184 user=r.r May 1 19:56:17 host sshd[11440]: Failed password for invalid user r.r from 103.212.32.184 port 37472 ssh2 May 1 19:56:18 host sshd[11440]: Received disconnect from 103.212.32.184 port 37472:11: Bye Bye [preauth] May 1 19:56:18 host sshd[11440]: Disconnected from invalid user r.r 103.212.32.184 port 37472 [preauth] May 1 20:14:33 host sshd[15951]: User r.r from 103.212.32.184 not allowed because none of user's groups are listed in AllowGroups May 1 20:14:33 host sshd[15951]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.212.32.184 user=r.r May 1 20:14:35 host sshd[15951]: Failed password for invalid user r.r from 103.212.32.184 port 35444 ssh2 Ma........ -------------------------------	2020-05-03 04:23:21
40.76.40.117	attackspambots	40.76.40.117 - - \[02/May/2020:22:23:31 +0200\] "POST //wp-login.php HTTP/1.0" 200 6848 "https://die-netzialisten.de//wp-login.php" "Mozilla/5.0 \(Windows NT 10.0\; Win64\; x64\) AppleWebKit/537.36 \(KHTML, like Gecko\) Chrome/79.0 Safari/537.36" 40.76.40.117 - - \[02/May/2020:22:23:32 +0200\] "POST //wp-login.php HTTP/1.0" 200 6848 "https://die-netzialisten.de//wp-login.php" "Mozilla/5.0 \(Windows NT 10.0\; Win64\; x64\) AppleWebKit/537.36 \(KHTML, like Gecko\) Chrome/79.0 Safari/537.36" 40.76.40.117 - - \[02/May/2020:22:23:33 +0200\] "POST //wp-login.php HTTP/1.0" 200 6848 "https://die-netzialisten.de//wp-login.php" "Mozilla/5.0 \(Windows NT 10.0\; Win64\; x64\) AppleWebKit/537.36 \(KHTML, like Gecko\) Chrome/79.0 Safari/537.36"	2020-05-03 04:27:54
185.46.18.99	attackspambots	2020-05-02T18:59:44.970313upcloud.m0sh1x2.com sshd[24958]: Invalid user rutorrent from 185.46.18.99 port 41376	2020-05-03 04:32:09
98.143.148.45	attackspambots	May 2 17:07:53 XXX sshd[9380]: Invalid user rt from 98.143.148.45 port 44880	2020-05-03 04:13:38
193.58.196.146	attack	May 2 21:35:12 ms-srv sshd[16715]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.58.196.146 user=root May 2 21:35:14 ms-srv sshd[16715]: Failed password for invalid user root from 193.58.196.146 port 44294 ssh2	2020-05-03 04:41:01

Recently Reported IPs

196.85.149.13	119.213.160.188	72.87.60.68	123.216.101.240
86.61.141.170	219.143.15.190	191.217.175.42	168.174.72.188
113.29.6.67	107.102.56.181	53.233.216.217	119.76.97.139
106.52.93.188	103.41.40.240	42.88.140.121	208.6.215.116
80.151.219.189	167.200.82.116	202.235.172.158	88.165.243.101