52.249.195.48 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
52.249.195.72	attackspambots	Unauthorized connection attempt detected from IP address 52.249.195.72 to port 1433 [T]	2020-07-22 03:02:49
52.249.195.72	attack	SSH Brute-Forcing (server1)	2020-07-18 13:31:44
52.249.195.72	attack	SSH Brute Force	2020-07-18 06:59:38
52.249.195.72	attack	Jul 16 20:56:43 localhost sshd[302241]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.249.195.72 user=root Jul 16 20:56:45 localhost sshd[302241]: Failed password for root from 52.249.195.72 port 52970 ssh2 ...	2020-07-16 19:24:17
52.249.195.72	attackspambots	Invalid user admin from 52.249.195.72 port 1564	2020-07-16 07:29:01
52.249.195.72	attack	Jul 14 12:34:17 rama sshd[490642]: Invalid user ancorahotel.hostname from 52.249.195.72 Jul 14 12:34:17 rama sshd[490642]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.249.195.72 Jul 14 12:34:17 rama sshd[490651]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.249.195.72 user=r.r Jul 14 12:34:17 rama sshd[490639]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.249.195.72 user=ancorahotel Jul 14 12:34:17 rama sshd[490652]: Invalid user ancorahotel.hostname from 52.249.195.72 Jul 14 12:34:17 rama sshd[490652]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.249.195.72 Jul 14 12:34:17 rama sshd[490653]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.249.195.72 user=r.r Jul 14 12:34:17 rama sshd[490638]: pam_unix(sshd:auth): authentication failure; log........ -------------------------------	2020-07-16 01:16:18

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 52.249.195.48
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 50310
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;52.249.195.48.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020702 1800 900 604800 86400

;; Query time: 47 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 08 07:52:19 CST 2022
;; MSG SIZE  rcvd: 106

Host info

Host 48.195.249.52.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 48.195.249.52.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
222.186.180.223	attack	Aug 30 00:50:58 melroy-server sshd[24047]: Failed password for root from 222.186.180.223 port 61104 ssh2 Aug 30 00:51:03 melroy-server sshd[24047]: Failed password for root from 222.186.180.223 port 61104 ssh2 ...	2020-08-30 06:58:49
64.227.0.234	attack	64.227.0.234 - - [29/Aug/2020:23:59:51 +0200] "GET /wp-login.php HTTP/1.1" 200 8775 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 64.227.0.234 - - [29/Aug/2020:23:59:53 +0200] "POST /wp-login.php HTTP/1.1" 200 9092 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 64.227.0.234 - - [29/Aug/2020:23:59:54 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-30 06:29:53
223.188.143.132	attack	1598732613 - 08/29/2020 22:23:33 Host: 223.188.143.132/223.188.143.132 Port: 445 TCP Blocked	2020-08-30 07:10:46
61.177.172.128	attackbotsspam	Aug 30 00:56:35 eventyay sshd[30194]: Failed password for root from 61.177.172.128 port 21130 ssh2 Aug 30 00:56:47 eventyay sshd[30194]: error: maximum authentication attempts exceeded for root from 61.177.172.128 port 21130 ssh2 [preauth] Aug 30 00:56:52 eventyay sshd[30197]: Failed password for root from 61.177.172.128 port 30592 ssh2 ...	2020-08-30 06:58:02
60.12.221.84	attackspambots	Aug 29 18:46:52 mail sshd\[50228\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.12.221.84 user=root ...	2020-08-30 07:03:27
94.240.163.226	attack	20/8/29@17:08:11: FAIL: Alarm-Network address from=94.240.163.226 20/8/29@17:08:11: FAIL: Alarm-Network address from=94.240.163.226 ...	2020-08-30 07:09:55
39.108.133.34	attackspam	Aug 29 22:13:59 ns392434 sshd[4418]: Invalid user huanghao from 39.108.133.34 port 48100 Aug 29 22:13:59 ns392434 sshd[4418]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=39.108.133.34 Aug 29 22:13:59 ns392434 sshd[4418]: Invalid user huanghao from 39.108.133.34 port 48100 Aug 29 22:14:02 ns392434 sshd[4418]: Failed password for invalid user huanghao from 39.108.133.34 port 48100 ssh2 Aug 29 22:22:42 ns392434 sshd[4488]: Invalid user fi from 39.108.133.34 port 52264 Aug 29 22:22:42 ns392434 sshd[4488]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=39.108.133.34 Aug 29 22:22:42 ns392434 sshd[4488]: Invalid user fi from 39.108.133.34 port 52264 Aug 29 22:22:43 ns392434 sshd[4488]: Failed password for invalid user fi from 39.108.133.34 port 52264 ssh2 Aug 29 22:24:30 ns392434 sshd[4518]: Invalid user postgres from 39.108.133.34 port 43172	2020-08-30 06:46:57
114.231.42.212	attackspam	Aug 29 20:24:03 *** sshd[14788]: Invalid user postgres from 114.231.42.212	2020-08-30 06:54:30
182.235.230.167	attackbotsspam	Port probing on unauthorized port 23	2020-08-30 06:58:29
141.98.10.214	attackbots	SSH Brute-Force attacks	2020-08-30 07:11:00
222.186.173.154	attackspambots	2020-08-29T22:52:52.512263vps1033 sshd[31527]: Failed password for root from 222.186.173.154 port 32500 ssh2 2020-08-29T22:52:56.277915vps1033 sshd[31527]: Failed password for root from 222.186.173.154 port 32500 ssh2 2020-08-29T22:52:59.251390vps1033 sshd[31527]: Failed password for root from 222.186.173.154 port 32500 ssh2 2020-08-29T22:53:02.312904vps1033 sshd[31527]: Failed password for root from 222.186.173.154 port 32500 ssh2 2020-08-29T22:53:04.781291vps1033 sshd[31527]: Failed password for root from 222.186.173.154 port 32500 ssh2 ...	2020-08-30 07:01:21
14.152.95.91	attackbots	Aug 29 23:57:53 h2779839 sshd[31819]: Invalid user newuser from 14.152.95.91 port 50492 Aug 29 23:57:53 h2779839 sshd[31819]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.152.95.91 Aug 29 23:57:53 h2779839 sshd[31819]: Invalid user newuser from 14.152.95.91 port 50492 Aug 29 23:57:55 h2779839 sshd[31819]: Failed password for invalid user newuser from 14.152.95.91 port 50492 ssh2 Aug 30 00:00:21 h2779839 sshd[32166]: Invalid user testuser from 14.152.95.91 port 45118 Aug 30 00:00:21 h2779839 sshd[32166]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.152.95.91 Aug 30 00:00:21 h2779839 sshd[32166]: Invalid user testuser from 14.152.95.91 port 45118 Aug 30 00:00:23 h2779839 sshd[32166]: Failed password for invalid user testuser from 14.152.95.91 port 45118 ssh2 Aug 30 00:02:50 h2779839 sshd[3746]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.152.95.91 us ...	2020-08-30 06:43:35
14.115.29.45	attackspambots	2020-08-29T22:34:36.219181abusebot-4.cloudsearch.cf sshd[32279]: Invalid user trac from 14.115.29.45 port 52782 2020-08-29T22:34:36.225544abusebot-4.cloudsearch.cf sshd[32279]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.115.29.45 2020-08-29T22:34:36.219181abusebot-4.cloudsearch.cf sshd[32279]: Invalid user trac from 14.115.29.45 port 52782 2020-08-29T22:34:38.176116abusebot-4.cloudsearch.cf sshd[32279]: Failed password for invalid user trac from 14.115.29.45 port 52782 ssh2 2020-08-29T22:38:09.784702abusebot-4.cloudsearch.cf sshd[32387]: Invalid user user from 14.115.29.45 port 45392 2020-08-29T22:38:09.794435abusebot-4.cloudsearch.cf sshd[32387]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.115.29.45 2020-08-29T22:38:09.784702abusebot-4.cloudsearch.cf sshd[32387]: Invalid user user from 14.115.29.45 port 45392 2020-08-29T22:38:11.654393abusebot-4.cloudsearch.cf sshd[32387]: Failed password fo ...	2020-08-30 06:51:58
171.109.5.102	attackspambots	Port Scan ...	2020-08-30 06:53:56
180.71.58.82	attackspam	2020-08-29T17:44:22.209672morrigan.ad5gb.com sshd[168825]: Connection closed by 180.71.58.82 port 47105 [preauth] 2020-08-29T17:44:22.210792morrigan.ad5gb.com sshd[168826]: Connection closed by 180.71.58.82 port 46499 [preauth]	2020-08-30 06:51:43

Recently Reported IPs

78.154.167.68	222.253.140.148	74.203.73.219	111.3.0.209
163.142.121.169	201.213.239.26	176.147.118.102	199.116.100.144
94.29.126.155	222.216.162.195	102.164.61.223	101.75.114.62
112.248.0.197	115.205.252.95	184.82.165.4	45.83.64.124
81.180.242.174	77.234.20.135	116.179.37.54	186.47.180.90