52.66.104.100 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
52.66.104.148	attack	May 22 23:03:17 server1 sshd\[6017\]: Invalid user dsj from 52.66.104.148 May 22 23:03:17 server1 sshd\[6017\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.66.104.148 May 22 23:03:19 server1 sshd\[6017\]: Failed password for invalid user dsj from 52.66.104.148 port 47698 ssh2 May 22 23:05:32 server1 sshd\[6654\]: Invalid user pmc from 52.66.104.148 May 22 23:05:32 server1 sshd\[6654\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.66.104.148 ...	2020-05-23 13:27:27
52.66.104.148	attackbotsspam	May 21 19:05:06 vpn01 sshd[25654]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.66.104.148 May 21 19:05:08 vpn01 sshd[25654]: Failed password for invalid user yvv from 52.66.104.148 port 37852 ssh2 ...	2020-05-22 02:06:02

Type

Details

Datetime

52.66.104.148

attack

May 22 23:03:17 server1 sshd\[6017\]: Invalid user dsj from 52.66.104.148
May 22 23:03:17 server1 sshd\[6017\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.66.104.148 
May 22 23:03:19 server1 sshd\[6017\]: Failed password for invalid user dsj from 52.66.104.148 port 47698 ssh2
May 22 23:05:32 server1 sshd\[6654\]: Invalid user pmc from 52.66.104.148
May 22 23:05:32 server1 sshd\[6654\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.66.104.148 
...

2020-05-23 13:27:27

52.66.104.148

attackbotsspam

May 21 19:05:06 vpn01 sshd[25654]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.66.104.148
May 21 19:05:08 vpn01 sshd[25654]: Failed password for invalid user yvv from 52.66.104.148 port 37852 ssh2
...

2020-05-22 02:06:02

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 52.66.104.100
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 19906
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;52.66.104.100.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020701 1800 900 604800 86400

;; Query time: 65 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 08 05:53:38 CST 2022
;; MSG SIZE  rcvd: 106

Host info

100.104.66.52.in-addr.arpa domain name pointer smtp.ezswype.in.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
100.104.66.52.in-addr.arpa	name = smtp.ezswype.in.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
95.136.116.235	attack	[Aegis] @ 2019-12-30 06:23:06 0000 -> Dovecot brute force attack (multiple auth failures).	2019-12-30 20:13:36
112.85.42.185	attack	sshd jail - ssh hack attempt	2019-12-30 20:35:03
63.81.87.78	attackbotsspam	Dec 30 07:23:11 grey postfix/smtpd\[18971\]: NOQUEUE: reject: RCPT from brave.vidyad.com\[63.81.87.78\]: 554 5.7.1 Service unavailable\; Client host \[63.81.87.78\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[63.81.87.78\]\; from=\ to=\ proto=ESMTP helo=\ ...	2019-12-30 20:08:28
113.242.251.80	attackbots	Telnet Server BruteForce Attack	2019-12-30 19:58:49
54.67.11.162	attack	\[2019-12-30 03:52:22\] SECURITY\[2857\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-12-30T03:52:22.063-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="1320048221530247",SessionID="0x7f0fb4a5a908",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/54.67.11.162/62927",ACLName="no_extension_match" \[2019-12-30 03:54:24\] SECURITY\[2857\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-12-30T03:54:24.602-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="1330048221530247",SessionID="0x7f0fb4a5a908",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/54.67.11.162/65240",ACLName="no_extension_match" \[2019-12-30 03:56:27\] SECURITY\[2857\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-12-30T03:56:27.223-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="1340048221530247",SessionID="0x7f0fb41a7f38",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/54.67.11.162/61070",ACLName="no_ext	2019-12-30 19:54:03
112.85.42.174	attackbots	Dec 30 13:17:01 jane sshd[3347]: Failed password for root from 112.85.42.174 port 58358 ssh2 Dec 30 13:17:06 jane sshd[3347]: Failed password for root from 112.85.42.174 port 58358 ssh2 ...	2019-12-30 20:21:26
59.53.6.66	attackbots	Unauthorized connection attempt detected from IP address 59.53.6.66 to port 445	2019-12-30 19:57:50
51.77.212.235	attackbotsspam	ssh brute force	2019-12-30 20:28:20
116.58.237.177	attack	1577686950 - 12/30/2019 07:22:30 Host: 116.58.237.177/116.58.237.177 Port: 445 TCP Blocked	2019-12-30 20:34:29
112.85.42.172	attack	2019-12-30T12:02:31.301998hub.schaetter.us sshd\[22254\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.172 user=root 2019-12-30T12:02:33.853147hub.schaetter.us sshd\[22254\]: Failed password for root from 112.85.42.172 port 62599 ssh2 2019-12-30T12:02:37.191368hub.schaetter.us sshd\[22254\]: Failed password for root from 112.85.42.172 port 62599 ssh2 2019-12-30T12:02:40.276779hub.schaetter.us sshd\[22254\]: Failed password for root from 112.85.42.172 port 62599 ssh2 2019-12-30T12:02:43.448236hub.schaetter.us sshd\[22254\]: Failed password for root from 112.85.42.172 port 62599 ssh2 ...	2019-12-30 20:18:57
46.38.144.17	attackspam	Dec 30 12:50:36 relay postfix/smtpd\[18434\]: warning: unknown\[46.38.144.17\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 30 12:51:21 relay postfix/smtpd\[5652\]: warning: unknown\[46.38.144.17\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 30 12:52:05 relay postfix/smtpd\[17211\]: warning: unknown\[46.38.144.17\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 30 12:52:49 relay postfix/smtpd\[5652\]: warning: unknown\[46.38.144.17\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 30 12:53:34 relay postfix/smtpd\[18434\]: warning: unknown\[46.38.144.17\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-12-30 20:02:26
122.54.196.112	attackspambots	19/12/30@01:22:34: FAIL: Alarm-Network address from=122.54.196.112 ...	2019-12-30 20:30:38
2.61.153.79	attack	1577686961 - 12/30/2019 07:22:41 Host: 2.61.153.79/2.61.153.79 Port: 445 TCP Blocked	2019-12-30 20:26:21
188.166.208.131	attackspambots	Dec 30 07:19:04 plusreed sshd[22224]: Invalid user Qa123654789 from 188.166.208.131 ...	2019-12-30 20:29:52
51.68.123.198	attackspam	Dec 30 07:20:14 localhost sshd\[5254\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.123.198 user=root Dec 30 07:20:15 localhost sshd\[5254\]: Failed password for root from 51.68.123.198 port 47974 ssh2 Dec 30 07:22:39 localhost sshd\[5521\]: Invalid user guest from 51.68.123.198 port 44864	2019-12-30 20:27:08

Recently Reported IPs

201.150.190.165	94.52.111.41	200.114.83.26	45.70.237.162
222.173.28.194	113.173.187.74	190.79.233.106	189.152.114.126
80.26.96.212	220.81.233.115	123.110.34.123	217.113.120.51
107.171.177.248	176.118.118.166	131.153.240.162	99.10.112.153
84.88.40.250	179.57.84.81	200.90.115.75	27.124.5.25