54.92.13.208 - IPInfo

Basic Info

City: Tokyo

Region: Tokyo

Country: Japan

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
54.92.138.3	attack	UDP 54.92.138.3:46532 -> port 53, len 61	2020-07-23 22:23:24
54.92.136.52	attack	Invalid user monte from 54.92.136.52 port 40496	2020-06-18 06:33:37
54.92.138.3	attack	21.05.2020 12:03:00 Recursive DNS scan	2020-05-21 21:32:08
54.92.131.210	attackspambots	Dec 26 07:25:06 h2177944 kernel: \[540237.290884\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=54.92.131.210 DST=85.214.117.9 LEN=64 TOS=0x00 PREC=0x00 TTL=238 ID=12441 PROTO=TCP SPT=41505 DPT=8002 WINDOW=43521 RES=0x00 SYN URGP=0 Dec 26 07:25:06 h2177944 kernel: \[540237.290900\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=54.92.131.210 DST=85.214.117.9 LEN=64 TOS=0x00 PREC=0x00 TTL=238 ID=12441 PROTO=TCP SPT=41505 DPT=8002 WINDOW=43521 RES=0x00 SYN URGP=0 Dec 26 07:25:06 h2177944 kernel: \[540237.294144\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=54.92.131.210 DST=85.214.117.9 LEN=64 TOS=0x00 PREC=0x00 TTL=238 ID=31230 PROTO=TCP SPT=41505 DPT=84 WINDOW=43521 RES=0x00 SYN URGP=0 Dec 26 07:25:06 h2177944 kernel: \[540237.294159\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=54.92.131.210 DST=85.214.117.9 LEN=64 TOS=0x00 PREC=0x00 TTL=238 ID=31230 PROTO=TCP SPT=41505 DPT=84 WINDOW=43521 RES=0x00 SYN URGP=0 Dec 26 07:25:06 h2177944 kernel: \[540237.421727\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=54.92.131.210 DST=85.214.117.9 LEN=	2019-12-26 18:22:58
54.92.131.210	attackbotsspam	CloudCIX Reconnaissance Scan Detected, PTR: ec2-54-92-131-210.compute-1.amazonaws.com.	2019-12-23 03:02:13

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 54.92.13.208
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 36832
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;54.92.13.208.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071400 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Jul 14 20:52:29 CST 2019
;; MSG SIZE  rcvd: 116

Host info

208.13.92.54.in-addr.arpa domain name pointer ec2-54-92-13-208.ap-northeast-1.compute.amazonaws.com.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
208.13.92.54.in-addr.arpa	name = ec2-54-92-13-208.ap-northeast-1.compute.amazonaws.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
119.18.192.98	attack	Nov 2 16:20:38 plusreed sshd[17185]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.18.192.98 user=root Nov 2 16:20:40 plusreed sshd[17185]: Failed password for root from 119.18.192.98 port 51902 ssh2 ...	2019-11-03 04:35:21
112.121.163.11	attackspam	firewall-block, port(s): 911/tcp	2019-11-03 04:43:25
182.61.18.184	attackspambots	xmlrpc attack	2019-11-03 04:48:24
39.50.177.164	attack	/wp-login.php	2019-11-03 04:53:12
211.101.15.27	attack	firewall-block, port(s): 1433/tcp	2019-11-03 04:26:46
49.88.112.111	attackspambots	Nov 3 01:41:00 gw1 sshd[6022]: Failed password for root from 49.88.112.111 port 31672 ssh2 ...	2019-11-03 05:00:41
45.142.195.5	attackbots	2019-11-02T21:37:58.217240mail01 postfix/smtpd[13926]: warning: unknown[45.142.195.5]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-11-02T21:38:43.439031mail01 postfix/smtpd[28545]: warning: unknown[45.142.195.5]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-11-02T21:38:57.353558mail01 postfix/smtpd[28545]: warning: unknown[45.142.195.5]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-11-03 04:39:52
187.32.18.208	attackspam	Automatic report - Port Scan Attack	2019-11-03 04:58:00
139.199.87.233	attackspam	Nov 2 23:15:26 vtv3 sshd\[20580\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.87.233 user=root Nov 2 23:15:27 vtv3 sshd\[20580\]: Failed password for root from 139.199.87.233 port 35530 ssh2 Nov 2 23:19:58 vtv3 sshd\[22627\]: Invalid user matt from 139.199.87.233 port 44406 Nov 2 23:19:58 vtv3 sshd\[22627\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.87.233 Nov 2 23:20:00 vtv3 sshd\[22627\]: Failed password for invalid user matt from 139.199.87.233 port 44406 ssh2 Nov 2 23:32:53 vtv3 sshd\[29366\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.87.233 user=root Nov 2 23:32:55 vtv3 sshd\[29366\]: Failed password for root from 139.199.87.233 port 42806 ssh2 Nov 2 23:37:18 vtv3 sshd\[31704\]: Invalid user finance from 139.199.87.233 port 51686 Nov 2 23:37:18 vtv3 sshd\[31704\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0	2019-11-03 05:01:17
222.186.175.217	attack	Nov 2 16:28:56 debian sshd\[26619\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.217 user=root Nov 2 16:28:58 debian sshd\[26619\]: Failed password for root from 222.186.175.217 port 33136 ssh2 Nov 2 16:29:02 debian sshd\[26619\]: Failed password for root from 222.186.175.217 port 33136 ssh2 ...	2019-11-03 04:30:05
85.93.52.99	attackbots	Nov 2 21:12:18 sso sshd[5310]: Failed password for root from 85.93.52.99 port 40090 ssh2 Nov 2 21:20:26 sso sshd[6203]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.93.52.99 ...	2019-11-03 04:46:26
185.81.154.44	attackspambots	Nov 2 21:20:51 MK-Soft-VM6 sshd[9376]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.81.154.44 Nov 2 21:20:53 MK-Soft-VM6 sshd[9376]: Failed password for invalid user progroomsales from 185.81.154.44 port 34784 ssh2 ...	2019-11-03 04:25:35
222.186.190.2	attack	Nov 3 02:08:39 areeb-Workstation sshd[10311]: Failed password for root from 222.186.190.2 port 29446 ssh2 Nov 3 02:08:57 areeb-Workstation sshd[10311]: error: maximum authentication attempts exceeded for root from 222.186.190.2 port 29446 ssh2 [preauth] ...	2019-11-03 04:50:07
183.2.202.42	attackspam	firewall-block, port(s): 5060/udp	2019-11-03 04:36:51
189.27.18.159	attackspam	Automatic report - Port Scan Attack	2019-11-03 04:55:11

Recently Reported IPs

81.128.206.12	126.22.32.67	167.86.63.63	79.107.142.147
131.221.151.105	103.91.204.209	42.232.133.244	42.92.159.221
101.20.56.168	64.189.139.193	156.220.23.225	142.103.8.122
52.63.152.235	200.91.34.21	40.126.163.107	62.165.208.220
220.89.38.160	72.211.13.192	36.226.216.117	2.161.4.20