52.149.231.149

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: Microsoft Corporation

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Jun 25 05:54:14 mockhub sshd[30622]: Failed password for root from 52.149.231.149 port 37494 ssh2 Jun 25 05:59:54 mockhub sshd[30814]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.149.231.149 ...	2020-06-25 21:11:02

Type

Details

Datetime

attack

Jun 25 05:54:14 mockhub sshd[30622]: Failed password for root from 52.149.231.149 port 37494 ssh2
Jun 25 05:59:54 mockhub sshd[30814]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.149.231.149
...

2020-06-25 21:11:02

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 52.149.231.149
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2825
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;52.149.231.149.			IN	A

;; AUTHORITY SECTION:
.			244	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020062500 1800 900 604800 86400

;; Query time: 56 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jun 25 21:10:56 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 149.231.149.52.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 149.231.149.52.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
37.59.98.64	attack	SSH invalid-user multiple login try	2020-04-09 18:47:28
180.183.233.189	attack	Unauthorised access (Apr 9) SRC=180.183.233.189 LEN=52 TTL=113 ID=2273 DF TCP DPT=445 WINDOW=8192 SYN	2020-04-09 18:46:10
185.58.226.235	attackbots	Apr 8 23:42:42 web9 sshd\[28146\]: Invalid user postgres from 185.58.226.235 Apr 8 23:42:42 web9 sshd\[28146\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.58.226.235 Apr 8 23:42:44 web9 sshd\[28146\]: Failed password for invalid user postgres from 185.58.226.235 port 53202 ssh2 Apr 8 23:47:32 web9 sshd\[28771\]: Invalid user admin from 185.58.226.235 Apr 8 23:47:32 web9 sshd\[28771\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.58.226.235	2020-04-09 18:57:15
171.103.35.90	attackbotsspam	Dovecot Invalid User Login Attempt.	2020-04-09 18:28:29
112.85.42.232	attackbotsspam	Unauthorised connection attempt detected at AUO MAIN. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-04-09 18:35:45
139.59.38.252	attack	$f2bV_matches	2020-04-09 18:44:05
177.107.133.186	attackspam	firewall-block, port(s): 445/tcp	2020-04-09 18:31:43
122.51.161.239	attackbotsspam	Apr 9 13:24:59 www sshd\[56746\]: Invalid user clouduser from 122.51.161.239 Apr 9 13:24:59 www sshd\[56746\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.161.239 Apr 9 13:25:01 www sshd\[56746\]: Failed password for invalid user clouduser from 122.51.161.239 port 35670 ssh2 ...	2020-04-09 18:34:03
106.12.166.167	attackspambots	Apr 9 05:51:52 NPSTNNYC01T sshd[316]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.166.167 Apr 9 05:51:54 NPSTNNYC01T sshd[316]: Failed password for invalid user qhsupport from 106.12.166.167 port 10947 ssh2 Apr 9 05:55:27 NPSTNNYC01T sshd[453]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.166.167 ...	2020-04-09 18:30:06
46.167.205.4	attackspambots	Unauthorized connection attempt detected from IP address 46.167.205.4 to port 3389	2020-04-09 18:24:08
87.26.38.158	attack	firewall-block, port(s): 3389/tcp	2020-04-09 18:42:34
162.243.131.9	attackbotsspam	Apr 9 14:09:44 LAN pfB_PRI1_v4 (1770008447) TCP-SA 1xx.xxx.xxx.xxx:587 162.243.131.9:57425 zg-0312c-247.stretchoid.com US CINS_army_v4 162.243.131.9	2020-04-09 18:24:31
2607:f298:5:6000::9e3:6f15	attackspambots	MYH,DEF GET /wp-login.php	2020-04-09 18:24:57
113.189.248.135	attackbotsspam	Apr 9 05:49:56 raspberrypi sshd\[2038\]: Invalid user ftpuser from 113.189.248.135 ...	2020-04-09 18:55:16
95.110.235.17	attack	Apr 9 09:57:41 * sshd[2653]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.110.235.17 Apr 9 09:57:43 * sshd[2653]: Failed password for invalid user deploy from 95.110.235.17 port 37252 ssh2	2020-04-09 18:23:23

Recently Reported IPs

5.202.232.99	77.139.239.6	179.182.24.153	185.11.224.100
130.86.243.158	111.119.188.8	193.27.228.198	248.221.59.209
61.182.57.161	250.224.195.90	50.17.15.247	92.203.29.61
115.196.132.24	185.107.72.209	106.52.111.73	161.240.94.40
208.191.82.252	3.52.8.226	3.24.44.55	215.131.181.97