52.149.134.26 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: Microsoft Corporation

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt detected from IP address 52.149.134.26 to port 1433 [T]	2020-07-22 03:45:08
attackbotsspam	Jul 18 09:28:31 nextcloud sshd\[24783\]: Invalid user admin from 52.149.134.26 Jul 18 09:28:31 nextcloud sshd\[24783\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.149.134.26 Jul 18 09:28:32 nextcloud sshd\[24783\]: Failed password for invalid user admin from 52.149.134.26 port 5283 ssh2	2020-07-18 15:48:51
attackbots	Jul 18 02:43:57 rancher-0 sshd[424664]: Invalid user admin from 52.149.134.26 port 42830 ...	2020-07-18 08:49:36
attackspambots	Unauthorized SSH login attempts	2020-07-17 00:38:55
attackbotsspam	Jul 15 11:11:25 nextcloud sshd\[30208\]: Invalid user admin from 52.149.134.26 Jul 15 11:11:25 nextcloud sshd\[30208\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.149.134.26 Jul 15 11:11:27 nextcloud sshd\[30208\]: Failed password for invalid user admin from 52.149.134.26 port 20149 ssh2	2020-07-15 17:12:09
attackbotsspam	Jul 14 20:27:52 hidden sshd[353]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.149.134.26 Jul 14 20:27:54 hidden sshd[353]: Failed password for invalid user 123 from 52.149.134.26 port 26674 ssh2	2020-07-15 03:45:52

Comments on same subnet:

IP	Type	Details	Datetime
52.149.134.66	attack	Invalid user localhost from 52.149.134.66 port 53251	2020-09-28 06:05:56
52.149.134.66	attack	Invalid user 162 from 52.149.134.66 port 19013	2020-09-27 22:27:47
52.149.134.66	attack	2020-09-27 00:50:32.343294-0500 localhost sshd[20428]: Failed password for invalid user 163 from 52.149.134.66 port 15876 ssh2	2020-09-27 14:19:27
52.149.134.66	attackspambots	2020-09-26T23:46:52.645890ks3355764 sshd[17249]: Invalid user rimes from 52.149.134.66 port 29563 2020-09-26T23:46:54.461242ks3355764 sshd[17249]: Failed password for invalid user rimes from 52.149.134.66 port 29563 ssh2 ...	2020-09-27 05:57:45
52.149.134.66	attack	Sep 26 16:12:01 rancher-0 sshd[314705]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.149.134.66 user=root Sep 26 16:12:03 rancher-0 sshd[314705]: Failed password for root from 52.149.134.66 port 42403 ssh2 ...	2020-09-26 22:17:21
52.149.134.66	attackspambots	Sep 26 07:08:01 hidden sshd[24325]: Invalid user admin from 52.149.134.66 port 60912 Sep 26 07:08:01 hidden sshd[24325]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.149.134.66 Sep 26 07:08:03 hidden sshd[24325]: Failed password for invalid user admin from 52.149.134.66 port 60912 ssh2	2020-09-26 14:01:17
52.149.134.66	attack	2020-09-24T20:30:12.132592ks3355764 sshd[32225]: Invalid user ityx from 52.149.134.66 port 26538 2020-09-24T20:30:14.584632ks3355764 sshd[32225]: Failed password for invalid user ityx from 52.149.134.66 port 26538 ssh2 ...	2020-09-25 02:30:57
52.149.134.66	attack	Lines containing failures of 52.149.134.66 (max 1000) Sep 23 12:05:54 UTC__SANYALnet-Labs__cac12 sshd[19035]: Connection from 52.149.134.66 port 22729 on 64.137.176.96 port 22 Sep 23 12:05:54 UTC__SANYALnet-Labs__cac12 sshd[19036]: Connection from 52.149.134.66 port 22728 on 64.137.176.104 port 22 Sep 23 12:05:55 UTC__SANYALnet-Labs__cac12 sshd[19035]: User r.r from 52.149.134.66 not allowed because not listed in AllowUsers Sep 23 12:05:55 UTC__SANYALnet-Labs__cac12 sshd[19036]: User r.r from 52.149.134.66 not allowed because not listed in AllowUsers Sep 23 12:05:55 UTC__SANYALnet-Labs__cac12 sshd[19035]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.149.134.66 user=r.r Sep 23 12:05:55 UTC__SANYALnet-Labs__cac12 sshd[19036]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.149.134.66 user=r.r Sep 23 12:05:57 UTC__SANYALnet-Labs__cac12 sshd[19035]: Failed password for invalid user r.r........ ------------------------------	2020-09-24 18:11:46
52.149.134.171	attack	Jul 15 02:05:08 fhem-rasp sshd[3277]: Disconnected from invalid user admin 52.149.134.171 port 33126 [preauth] Jul 15 04:12:48 fhem-rasp sshd[19673]: Invalid user admin from 52.149.134.171 port 17854 ...	2020-07-15 10:50:55
52.149.134.171	attack	Jul 14 20:27:51 odroid64 sshd\[25506\]: Invalid user 123 from 52.149.134.171 Jul 14 20:27:51 odroid64 sshd\[25506\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.149.134.171 ...	2020-07-15 03:49:39

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 52.149.134.26
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22108
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;52.149.134.26.			IN	A

;; AUTHORITY SECTION:
.			566	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020071402 1800 900 604800 86400

;; Query time: 59 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jul 15 03:45:49 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 26.134.149.52.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 26.134.149.52.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
104.236.224.69	attackspam	SSH bruteforce	2020-02-29 20:48:16
92.63.196.3	attack	Fail2Ban Ban Triggered	2020-02-29 20:40:31
5.135.165.55	attackspambots	Feb 29 17:42:45 gw1 sshd[14404]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.135.165.55 Feb 29 17:42:47 gw1 sshd[14404]: Failed password for invalid user tomcat from 5.135.165.55 port 51956 ssh2 ...	2020-02-29 20:54:38
103.5.150.16	attackspam	Automatic report - Banned IP Access	2020-02-29 20:34:40
106.13.140.138	attackspambots	Feb 29 07:53:10 hcbbdb sshd\[23619\]: Invalid user guest from 106.13.140.138 Feb 29 07:53:10 hcbbdb sshd\[23619\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.140.138 Feb 29 07:53:11 hcbbdb sshd\[23619\]: Failed password for invalid user guest from 106.13.140.138 port 54672 ssh2 Feb 29 07:56:20 hcbbdb sshd\[23917\]: Invalid user youtube from 106.13.140.138 Feb 29 07:56:20 hcbbdb sshd\[23917\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.140.138	2020-02-29 20:46:40
220.135.85.166	attackspambots	Port probing on unauthorized port 23	2020-02-29 21:15:52
118.24.115.206	attack	Invalid user support from 118.24.115.206 port 33206	2020-02-29 21:04:58
222.186.180.142	attackbotsspam	Feb 29 13:46:47 dcd-gentoo sshd[21656]: User root from 222.186.180.142 not allowed because none of user's groups are listed in AllowGroups Feb 29 13:46:50 dcd-gentoo sshd[21656]: error: PAM: Authentication failure for illegal user root from 222.186.180.142 Feb 29 13:46:47 dcd-gentoo sshd[21656]: User root from 222.186.180.142 not allowed because none of user's groups are listed in AllowGroups Feb 29 13:46:50 dcd-gentoo sshd[21656]: error: PAM: Authentication failure for illegal user root from 222.186.180.142 Feb 29 13:46:47 dcd-gentoo sshd[21656]: User root from 222.186.180.142 not allowed because none of user's groups are listed in AllowGroups Feb 29 13:46:50 dcd-gentoo sshd[21656]: error: PAM: Authentication failure for illegal user root from 222.186.180.142 Feb 29 13:46:50 dcd-gentoo sshd[21656]: Failed keyboard-interactive/pam for invalid user root from 222.186.180.142 port 57615 ssh2 ...	2020-02-29 20:48:38
139.59.58.234	attackbots	Feb 29 12:31:58 mout sshd[25850]: Invalid user r00t from 139.59.58.234 port 55382	2020-02-29 21:11:29
117.160.141.43	attackspam	Feb 29 13:20:53 hosting sshd[32218]: Invalid user esadmin from 117.160.141.43 port 58732 ...	2020-02-29 21:01:59
118.24.111.239	attackspam	Feb 29 17:44:25 gw1 sshd[14485]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.111.239 Feb 29 17:44:27 gw1 sshd[14485]: Failed password for invalid user soc from 118.24.111.239 port 59426 ssh2 ...	2020-02-29 20:47:13
190.234.163.35	attackspam	1582954675 - 02/29/2020 06:37:55 Host: 190.234.163.35/190.234.163.35 Port: 445 TCP Blocked	2020-02-29 21:14:36
92.27.96.84	attackbotsspam	Unauthorized connection attempt detected from IP address 92.27.96.84 to port 23 [J]	2020-02-29 20:50:58
219.111.52.251	attackspambots	Feb 29 12:53:43 * sshd[16666]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=219.111.52.251 Feb 29 12:53:45 * sshd[16666]: Failed password for invalid user factory from 219.111.52.251 port 59182 ssh2	2020-02-29 20:41:23
70.37.49.155	attackbots	Feb 29 13:14:50 MK-Soft-VM6 sshd[12276]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=70.37.49.155 Feb 29 13:14:52 MK-Soft-VM6 sshd[12276]: Failed password for invalid user hero from 70.37.49.155 port 45928 ssh2 ...	2020-02-29 21:13:27

Recently Reported IPs

20.145.13.50	232.214.134.201	13.68.252.36	236.193.106.108
146.80.125.211	201.157.50.193	144.58.248.100	141.73.133.114
26.202.123.77	233.120.252.106	163.159.142.70	141.109.85.250
201.194.215.63	161.69.183.0	32.11.251.22	74.83.199.74
41.97.55.109	104.243.200.51	156.217.116.126	170.48.201.124