52.138.48.74 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Canada

Internet Service Provider: Microsoft Corporation

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	tcp 5903	2020-08-28 21:29:14

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 52.138.48.74
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1671
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;52.138.48.74.			IN	A

;; AUTHORITY SECTION:
.			305	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020082800 1800 900 604800 86400

;; Query time: 64 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Aug 28 21:29:08 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 74.48.138.52.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 74.48.138.52.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
111.201.133.69	attackbotsspam	Sep 27 06:34:02 vlre-nyc-1 sshd\[20162\]: Invalid user train1 from 111.201.133.69 Sep 27 06:34:02 vlre-nyc-1 sshd\[20162\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.201.133.69 Sep 27 06:34:04 vlre-nyc-1 sshd\[20162\]: Failed password for invalid user train1 from 111.201.133.69 port 40658 ssh2 Sep 27 06:41:58 vlre-nyc-1 sshd\[20288\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.201.133.69 user=root Sep 27 06:42:00 vlre-nyc-1 sshd\[20288\]: Failed password for root from 111.201.133.69 port 62490 ssh2 ...	2020-09-27 17:28:35
95.243.136.198	attackspam	2020-09-27T06:24:32.543473abusebot-4.cloudsearch.cf sshd[30313]: Invalid user admin123 from 95.243.136.198 port 56567 2020-09-27T06:24:32.552258abusebot-4.cloudsearch.cf sshd[30313]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=host-95-243-136-198.business.telecomitalia.it 2020-09-27T06:24:32.543473abusebot-4.cloudsearch.cf sshd[30313]: Invalid user admin123 from 95.243.136.198 port 56567 2020-09-27T06:24:34.020742abusebot-4.cloudsearch.cf sshd[30313]: Failed password for invalid user admin123 from 95.243.136.198 port 56567 ssh2 2020-09-27T06:28:24.950186abusebot-4.cloudsearch.cf sshd[30650]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=host-95-243-136-198.business.telecomitalia.it user=root 2020-09-27T06:28:26.934909abusebot-4.cloudsearch.cf sshd[30650]: Failed password for root from 95.243.136.198 port 53270 ssh2 2020-09-27T06:32:11.259771abusebot-4.cloudsearch.cf sshd[30917]: Invalid user kadmin f ...	2020-09-27 17:24:28
124.160.96.249	attackbots	2020-09-27T11:06:32.609873mail.broermann.family sshd[622]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.160.96.249 2020-09-27T11:06:32.605501mail.broermann.family sshd[622]: Invalid user daniella from 124.160.96.249 port 38290 2020-09-27T11:06:33.791816mail.broermann.family sshd[622]: Failed password for invalid user daniella from 124.160.96.249 port 38290 ssh2 2020-09-27T11:09:55.145341mail.broermann.family sshd[901]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.160.96.249 user=root 2020-09-27T11:09:56.864959mail.broermann.family sshd[901]: Failed password for root from 124.160.96.249 port 33012 ssh2 ...	2020-09-27 17:17:19
128.199.177.224	attack	Sep 27 05:09:31 Tower sshd[43188]: Connection from 128.199.177.224 port 41290 on 192.168.10.220 port 22 rdomain "" Sep 27 05:09:38 Tower sshd[43188]: Invalid user oracle from 128.199.177.224 port 41290 Sep 27 05:09:38 Tower sshd[43188]: error: Could not get shadow information for NOUSER Sep 27 05:09:38 Tower sshd[43188]: Failed password for invalid user oracle from 128.199.177.224 port 41290 ssh2 Sep 27 05:09:38 Tower sshd[43188]: Received disconnect from 128.199.177.224 port 41290:11: Bye Bye [preauth] Sep 27 05:09:38 Tower sshd[43188]: Disconnected from invalid user oracle 128.199.177.224 port 41290 [preauth]	2020-09-27 17:22:34
111.231.32.127	attackspam	SSH Brute Force	2020-09-27 17:31:16
122.51.243.223	attackbots	2020-09-27T08:52:24.135853n23.at sshd[3506050]: Invalid user zj from 122.51.243.223 port 55048 2020-09-27T08:52:26.145437n23.at sshd[3506050]: Failed password for invalid user zj from 122.51.243.223 port 55048 ssh2 2020-09-27T09:06:53.756145n23.at sshd[3517819]: Invalid user ftpuser from 122.51.243.223 port 40820 ...	2020-09-27 17:47:39
190.88.165.176	attackspam	Listed on zen-spamhaus also barracudaCentral / proto=6 . srcport=2313 . dstport=81 . (2649)	2020-09-27 17:16:47
117.50.106.150	attackspambots	Sep 27 11:42:01 haigwepa sshd[14466]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.106.150 Sep 27 11:42:03 haigwepa sshd[14466]: Failed password for invalid user admin from 117.50.106.150 port 45688 ssh2 ...	2020-09-27 17:57:08
5.188.0.148	attackspam	[portscan] Port scan	2020-09-27 17:51:11
187.33.162.56	attackspambots	bruteforce detected	2020-09-27 17:18:58
51.79.42.138	attackbotsspam	RDPBruteCAu24	2020-09-27 17:40:20
59.125.31.24	attack	(sshd) Failed SSH login from 59.125.31.24 (TW/Taiwan/59-125-31-24.HINET-IP.hinet.net): 12 in the last 3600 secs	2020-09-27 17:44:48
185.103.199.50	attack	Microsoft-Windows-Security-Auditing	2020-09-27 17:26:02
34.78.67.120	attackbots	Port Scan: TCP/443	2020-09-27 17:33:46
185.123.164.54	attackbots	<6 unauthorized SSH connections	2020-09-27 17:24:16

Recently Reported IPs

45.236.75.22	217.12.213.64	170.238.58.49	93.178.247.62
40.84.236.59	120.237.118.139	187.228.156.174	104.131.13.17
83.212.84.67	93.85.14.174	204.145.4.205	165.227.5.140
177.139.10.167	106.51.98.190	59.63.98.178	171.34.78.119
51.210.243.85	123.231.137.234	69.174.91.39	177.149.26.52