52.66.241.9 - IPInfo

Basic Info

City: Mumbai

Region: Maharashtra

Country: India

Internet Service Provider: Amazon Data Services India

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Nov 7 11:49:42 TORMINT sshd\[24268\]: Invalid user womaho from 52.66.241.9 Nov 7 11:49:42 TORMINT sshd\[24268\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.66.241.9 Nov 7 11:49:44 TORMINT sshd\[24268\]: Failed password for invalid user womaho from 52.66.241.9 port 37712 ssh2 ...	2019-11-08 01:11:25

Type

Details

Datetime

attack

Nov  7 11:49:42 TORMINT sshd\[24268\]: Invalid user womaho from 52.66.241.9
Nov  7 11:49:42 TORMINT sshd\[24268\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.66.241.9
Nov  7 11:49:44 TORMINT sshd\[24268\]: Failed password for invalid user womaho from 52.66.241.9 port 37712 ssh2
...

2019-11-08 01:11:25

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 52.66.241.9
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22558
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;52.66.241.9.			IN	A

;; AUTHORITY SECTION:
.			482	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019110700 1800 900 604800 86400

;; Query time: 111 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Nov 08 01:11:22 CST 2019
;; MSG SIZE  rcvd: 115

Host info

9.241.66.52.in-addr.arpa domain name pointer ec2-52-66-241-9.ap-south-1.compute.amazonaws.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
9.241.66.52.in-addr.arpa	name = ec2-52-66-241-9.ap-south-1.compute.amazonaws.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
51.158.20.200	attackspam	Sep 23 08:15:40 124388 sshd[16889]: Invalid user mari from 51.158.20.200 port 56864 Sep 23 08:15:40 124388 sshd[16889]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.158.20.200 Sep 23 08:15:40 124388 sshd[16889]: Invalid user mari from 51.158.20.200 port 56864 Sep 23 08:15:41 124388 sshd[16889]: Failed password for invalid user mari from 51.158.20.200 port 56864 ssh2 Sep 23 08:19:06 124388 sshd[17050]: Invalid user csgo from 51.158.20.200 port 32763	2020-09-23 18:00:21
113.190.68.144	attackspambots	Unauthorized connection attempt from IP address 113.190.68.144 on Port 445(SMB)	2020-09-23 17:45:31
49.88.112.116	attack	Logfile match	2020-09-23 18:00:54
37.142.7.55	attack	Sep 22 17:01:29 ssh2 sshd[20456]: User root from 37.142.7.55 not allowed because not listed in AllowUsers Sep 22 17:01:29 ssh2 sshd[20456]: Failed password for invalid user root from 37.142.7.55 port 51614 ssh2 Sep 22 17:01:29 ssh2 sshd[20456]: Connection closed by invalid user root 37.142.7.55 port 51614 [preauth] ...	2020-09-23 18:06:38
1.10.250.58	attackspambots	Listed on abuseat.org plus zen-spamhaus / proto=6 . srcport=10124 . dstport=23 . (3054)	2020-09-23 18:01:20
219.249.20.203	attackbotsspam	Automatic report - Banned IP Access	2020-09-23 17:36:13
190.24.58.54	attack	Listed on zen-spamhaus also barracudaCentral and abuseat.org / proto=6 . srcport=10348 . dstport=2323 . (3057)	2020-09-23 17:40:50
92.204.55.7	attackbots	Attempt to upload PHP script;	2020-09-23 17:59:52
122.51.89.18	attack	Sep 23 05:06:51 *** sshd[12294]: Invalid user gis from 122.51.89.18	2020-09-23 17:36:50
58.87.75.178	attackbots	Invalid user clouduser from 58.87.75.178 port 53228	2020-09-23 18:08:00
218.150.7.161	attack	Brute-force attempt banned	2020-09-23 18:07:19
54.37.66.7	attackbotsspam	Sep 23 10:46:03 abendstille sshd\[15666\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.66.7 user=root Sep 23 10:46:05 abendstille sshd\[15666\]: Failed password for root from 54.37.66.7 port 33330 ssh2 Sep 23 10:49:41 abendstille sshd\[19182\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.66.7 user=root Sep 23 10:49:43 abendstille sshd\[19182\]: Failed password for root from 54.37.66.7 port 42364 ssh2 Sep 23 10:53:24 abendstille sshd\[22626\]: Invalid user userftp from 54.37.66.7 ...	2020-09-23 18:05:36
31.163.146.181	attackbotsspam	Found on CINS badguys / proto=6 . srcport=39785 . dstport=23 . (3056)	2020-09-23 17:54:18
41.66.194.141	attackbotsspam	TCP (SYN) 41.66.194.141:49560 -> port 1433, len 40	2020-09-23 17:55:18
95.79.104.203	attackspambots	prod8 ...	2020-09-23 18:14:05

Recently Reported IPs

104.149.93.189	50.253.12.212	176.100.228.109	96.42.45.26
88.230.46.239	176.59.196.188	168.227.19.63	176.99.124.32
176.59.52.74	72.46.80.254	36.92.195.219	35.198.243.204
14.98.252.200	189.110.250.47	189.154.95.212	194.182.72.52
195.154.164.44	36.71.213.219	197.234.242.4	198.199.122.199