52.149.134.66 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: Microsoft Corporation

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Invalid user localhost from 52.149.134.66 port 53251	2020-09-28 06:05:56
attack	Invalid user 162 from 52.149.134.66 port 19013	2020-09-27 22:27:47
attack	2020-09-27 00:50:32.343294-0500 localhost sshd[20428]: Failed password for invalid user 163 from 52.149.134.66 port 15876 ssh2	2020-09-27 14:19:27
attackspambots	2020-09-26T23:46:52.645890ks3355764 sshd[17249]: Invalid user rimes from 52.149.134.66 port 29563 2020-09-26T23:46:54.461242ks3355764 sshd[17249]: Failed password for invalid user rimes from 52.149.134.66 port 29563 ssh2 ...	2020-09-27 05:57:45
attack	Sep 26 16:12:01 rancher-0 sshd[314705]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.149.134.66 user=root Sep 26 16:12:03 rancher-0 sshd[314705]: Failed password for root from 52.149.134.66 port 42403 ssh2 ...	2020-09-26 22:17:21
attackspambots	Sep 26 07:08:01 hidden sshd[24325]: Invalid user admin from 52.149.134.66 port 60912 Sep 26 07:08:01 hidden sshd[24325]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.149.134.66 Sep 26 07:08:03 hidden sshd[24325]: Failed password for invalid user admin from 52.149.134.66 port 60912 ssh2	2020-09-26 14:01:17
attack	2020-09-24T20:30:12.132592ks3355764 sshd[32225]: Invalid user ityx from 52.149.134.66 port 26538 2020-09-24T20:30:14.584632ks3355764 sshd[32225]: Failed password for invalid user ityx from 52.149.134.66 port 26538 ssh2 ...	2020-09-25 02:30:57
attack	Lines containing failures of 52.149.134.66 (max 1000) Sep 23 12:05:54 UTC__SANYALnet-Labs__cac12 sshd[19035]: Connection from 52.149.134.66 port 22729 on 64.137.176.96 port 22 Sep 23 12:05:54 UTC__SANYALnet-Labs__cac12 sshd[19036]: Connection from 52.149.134.66 port 22728 on 64.137.176.104 port 22 Sep 23 12:05:55 UTC__SANYALnet-Labs__cac12 sshd[19035]: User r.r from 52.149.134.66 not allowed because not listed in AllowUsers Sep 23 12:05:55 UTC__SANYALnet-Labs__cac12 sshd[19036]: User r.r from 52.149.134.66 not allowed because not listed in AllowUsers Sep 23 12:05:55 UTC__SANYALnet-Labs__cac12 sshd[19035]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.149.134.66 user=r.r Sep 23 12:05:55 UTC__SANYALnet-Labs__cac12 sshd[19036]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.149.134.66 user=r.r Sep 23 12:05:57 UTC__SANYALnet-Labs__cac12 sshd[19035]: Failed password for invalid user r.r........ ------------------------------	2020-09-24 18:11:46

Comments on same subnet:

IP	Type	Details	Datetime
52.149.134.26	attack	Unauthorized connection attempt detected from IP address 52.149.134.26 to port 1433 [T]	2020-07-22 03:45:08
52.149.134.26	attackbotsspam	Jul 18 09:28:31 nextcloud sshd\[24783\]: Invalid user admin from 52.149.134.26 Jul 18 09:28:31 nextcloud sshd\[24783\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.149.134.26 Jul 18 09:28:32 nextcloud sshd\[24783\]: Failed password for invalid user admin from 52.149.134.26 port 5283 ssh2	2020-07-18 15:48:51
52.149.134.26	attackbots	Jul 18 02:43:57 rancher-0 sshd[424664]: Invalid user admin from 52.149.134.26 port 42830 ...	2020-07-18 08:49:36
52.149.134.26	attackspambots	Unauthorized SSH login attempts	2020-07-17 00:38:55
52.149.134.26	attackbotsspam	Jul 15 11:11:25 nextcloud sshd\[30208\]: Invalid user admin from 52.149.134.26 Jul 15 11:11:25 nextcloud sshd\[30208\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.149.134.26 Jul 15 11:11:27 nextcloud sshd\[30208\]: Failed password for invalid user admin from 52.149.134.26 port 20149 ssh2	2020-07-15 17:12:09
52.149.134.171	attack	Jul 15 02:05:08 fhem-rasp sshd[3277]: Disconnected from invalid user admin 52.149.134.171 port 33126 [preauth] Jul 15 04:12:48 fhem-rasp sshd[19673]: Invalid user admin from 52.149.134.171 port 17854 ...	2020-07-15 10:50:55
52.149.134.171	attack	Jul 14 20:27:51 odroid64 sshd\[25506\]: Invalid user 123 from 52.149.134.171 Jul 14 20:27:51 odroid64 sshd\[25506\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.149.134.171 ...	2020-07-15 03:49:39
52.149.134.26	attackbotsspam	Jul 14 20:27:52 hidden sshd[353]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.149.134.26 Jul 14 20:27:54 hidden sshd[353]: Failed password for invalid user 123 from 52.149.134.26 port 26674 ssh2	2020-07-15 03:45:52

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 52.149.134.66
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22142
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;52.149.134.66.			IN	A

;; AUTHORITY SECTION:
.			451	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020092400 1800 900 604800 86400

;; Query time: 17 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Sep 24 18:11:43 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 66.134.149.52.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 66.134.149.52.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
112.209.1.102	attackbots	19/12/15@01:30:00: FAIL: Alarm-Intrusion address from=112.209.1.102 ...	2019-12-15 15:25:00
188.213.165.47	attackbotsspam	2019-12-15T07:49:51.733094shield sshd\[7292\]: Invalid user !\~!@\#\$ from 188.213.165.47 port 48250 2019-12-15T07:49:51.738892shield sshd\[7292\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.213.165.47 2019-12-15T07:49:53.190780shield sshd\[7292\]: Failed password for invalid user !\~!@\#\$ from 188.213.165.47 port 48250 ssh2 2019-12-15T07:55:14.068151shield sshd\[8505\]: Invalid user yamamoto from 188.213.165.47 port 54870 2019-12-15T07:55:14.073919shield sshd\[8505\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.213.165.47	2019-12-15 15:57:52
94.177.240.4	attackspam	2019-12-15T08:17:25.004181struts4.enskede.local sshd\[20318\]: Invalid user mobarekeh from 94.177.240.4 port 44232 2019-12-15T08:17:25.012428struts4.enskede.local sshd\[20318\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.177.240.4 2019-12-15T08:17:28.959847struts4.enskede.local sshd\[20318\]: Failed password for invalid user mobarekeh from 94.177.240.4 port 44232 ssh2 2019-12-15T08:22:30.940132struts4.enskede.local sshd\[20398\]: Invalid user zte from 94.177.240.4 port 52558 2019-12-15T08:22:30.948821struts4.enskede.local sshd\[20398\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.177.240.4 ...	2019-12-15 15:50:10
45.143.220.103	attack	Host Scan	2019-12-15 15:50:47
49.235.42.243	attackspam	SSH Brute Force	2019-12-15 15:40:25
115.239.239.98	attackspambots	Dec 15 08:46:21 localhost sshd\[5748\]: Invalid user storms from 115.239.239.98 port 56790 Dec 15 08:46:21 localhost sshd\[5748\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.239.239.98 Dec 15 08:46:24 localhost sshd\[5748\]: Failed password for invalid user storms from 115.239.239.98 port 56790 ssh2	2019-12-15 15:51:33
14.226.54.197	attackbots	Unauthorized connection attempt detected from IP address 14.226.54.197 to port 445	2019-12-15 15:51:17
49.88.112.64	attack	Dec 15 08:53:03 SilenceServices sshd[27121]: Failed password for root from 49.88.112.64 port 3139 ssh2 Dec 15 08:53:17 SilenceServices sshd[27121]: error: maximum authentication attempts exceeded for root from 49.88.112.64 port 3139 ssh2 [preauth] Dec 15 08:53:23 SilenceServices sshd[27209]: Failed password for root from 49.88.112.64 port 44600 ssh2	2019-12-15 15:55:09
118.175.46.191	spambotsattackproxynormal	no	2019-12-15 15:33:59
104.131.96.177	attack	Dec 15 13:21:54 areeb-Workstation sshd[30161]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.96.177 Dec 15 13:21:56 areeb-Workstation sshd[30161]: Failed password for invalid user lichi from 104.131.96.177 port 49810 ssh2 ...	2019-12-15 16:03:10
139.59.41.170	attackbots	Dec 14 21:18:07 hpm sshd\[27067\]: Invalid user jacline from 139.59.41.170 Dec 14 21:18:07 hpm sshd\[27067\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.41.170 Dec 14 21:18:10 hpm sshd\[27067\]: Failed password for invalid user jacline from 139.59.41.170 port 37552 ssh2 Dec 14 21:24:11 hpm sshd\[27616\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.41.170 user=mail Dec 14 21:24:14 hpm sshd\[27616\]: Failed password for mail from 139.59.41.170 port 45832 ssh2	2019-12-15 15:34:32
129.204.79.131	attack	Dec 15 07:55:14 h2177944 sshd\[5778\]: Invalid user velthuysen from 129.204.79.131 port 59704 Dec 15 07:55:14 h2177944 sshd\[5778\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.79.131 Dec 15 07:55:16 h2177944 sshd\[5778\]: Failed password for invalid user velthuysen from 129.204.79.131 port 59704 ssh2 Dec 15 08:04:12 h2177944 sshd\[6598\]: Invalid user ssh from 129.204.79.131 port 39376 ...	2019-12-15 15:38:06
42.116.253.249	attackspambots	2019-12-15T07:58:00.928356scmdmz1 sshd\[19976\]: Invalid user mysql from 42.116.253.249 port 55918 2019-12-15T07:58:00.931115scmdmz1 sshd\[19976\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.116.253.249 2019-12-15T07:58:02.297905scmdmz1 sshd\[19976\]: Failed password for invalid user mysql from 42.116.253.249 port 55918 ssh2 ...	2019-12-15 15:22:21
121.46.4.222	attackbotsspam	Dec 15 13:52:29 itv-usvr-01 sshd[6146]: Invalid user user from 121.46.4.222 Dec 15 13:52:29 itv-usvr-01 sshd[6146]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.46.4.222 Dec 15 13:52:29 itv-usvr-01 sshd[6146]: Invalid user user from 121.46.4.222 Dec 15 13:52:31 itv-usvr-01 sshd[6146]: Failed password for invalid user user from 121.46.4.222 port 58993 ssh2 Dec 15 13:58:28 itv-usvr-01 sshd[6366]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.46.4.222 user=root Dec 15 13:58:30 itv-usvr-01 sshd[6366]: Failed password for root from 121.46.4.222 port 50369 ssh2	2019-12-15 15:27:56
101.227.243.56	attack	"SSH brute force auth login attempt."	2019-12-15 15:28:24

Recently Reported IPs

95.182.4.79	190.24.59.220	115.50.229.111	155.195.85.60
133.248.59.220	45.142.121.98	203.135.63.30	184.170.223.148
165.232.116.224	79.166.233.181	13.92.33.79	89.182.146.156
18.160.197.123	128.86.229.46	25.181.138.15	113.135.4.91
52.172.211.118	45.33.86.159	80.254.182.118	190.186.43.70