52.82.49.150 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Ningxia West Cloud Data Technology Co.Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	ICMP MH Probe, Scan /Distributed -	2020-08-20 18:23:58
attackbots	1 Attack(s) Detected [DoS Attack: Ping Sweep] from source: 52.82.49.150, Tuesday, August 11, 2020 16:52:18	2020-08-13 15:32:00

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 52.82.49.150
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 16826
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;52.82.49.150.			IN	A

;; AUTHORITY SECTION:
.			469	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020081300 1800 900 604800 86400

;; Query time: 71 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Aug 13 15:31:50 CST 2020
;; MSG SIZE  rcvd: 116

Host info

150.49.82.52.in-addr.arpa domain name pointer ec2-52-82-49-150.cn-northwest-1.compute.amazonaws.com.cn.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
150.49.82.52.in-addr.arpa	name = ec2-52-82-49-150.cn-northwest-1.compute.amazonaws.com.cn.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
62.234.144.135	attackspambots	Oct 15 06:14:04 SilenceServices sshd[25158]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.144.135 Oct 15 06:14:06 SilenceServices sshd[25158]: Failed password for invalid user ubuntu from 62.234.144.135 port 34396 ssh2 Oct 15 06:18:50 SilenceServices sshd[26466]: Failed password for root from 62.234.144.135 port 44470 ssh2	2019-10-15 12:21:58
212.237.22.95	attackspam	Oct 15 06:47:22 site1 sshd\[5032\]: Invalid user je from 212.237.22.95Oct 15 06:47:24 site1 sshd\[5032\]: Failed password for invalid user je from 212.237.22.95 port 42564 ssh2Oct 15 06:51:03 site1 sshd\[5173\]: Invalid user roseanne from 212.237.22.95Oct 15 06:51:05 site1 sshd\[5173\]: Failed password for invalid user roseanne from 212.237.22.95 port 53306 ssh2Oct 15 06:54:36 site1 sshd\[5794\]: Invalid user v from 212.237.22.95Oct 15 06:54:38 site1 sshd\[5794\]: Failed password for invalid user v from 212.237.22.95 port 35818 ssh2 ...	2019-10-15 12:13:32
181.198.86.24	attackbots	Oct 15 06:45:44 intra sshd\[28346\]: Invalid user dentrez from 181.198.86.24Oct 15 06:45:46 intra sshd\[28346\]: Failed password for invalid user dentrez from 181.198.86.24 port 40175 ssh2Oct 15 06:50:03 intra sshd\[28399\]: Invalid user tester123456 from 181.198.86.24Oct 15 06:50:05 intra sshd\[28399\]: Failed password for invalid user tester123456 from 181.198.86.24 port 61078 ssh2Oct 15 06:54:20 intra sshd\[28600\]: Invalid user winne from 181.198.86.24Oct 15 06:54:22 intra sshd\[28600\]: Failed password for invalid user winne from 181.198.86.24 port 27781 ssh2 ...	2019-10-15 12:25:22
140.207.114.222	attackspambots	Oct 14 18:00:01 web9 sshd\[7886\]: Invalid user vinci from 140.207.114.222 Oct 14 18:00:01 web9 sshd\[7886\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.207.114.222 Oct 14 18:00:03 web9 sshd\[7886\]: Failed password for invalid user vinci from 140.207.114.222 port 22085 ssh2 Oct 14 18:04:13 web9 sshd\[8456\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.207.114.222 user=root Oct 14 18:04:16 web9 sshd\[8456\]: Failed password for root from 140.207.114.222 port 61664 ssh2	2019-10-15 12:04:40
75.31.93.181	attackspambots	Oct 15 05:50:50 ns381471 sshd[17743]: Failed password for root from 75.31.93.181 port 11614 ssh2 Oct 15 05:54:54 ns381471 sshd[17854]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=75.31.93.181 Oct 15 05:54:57 ns381471 sshd[17854]: Failed password for invalid user alpha from 75.31.93.181 port 51446 ssh2	2019-10-15 12:05:43
40.73.76.102	attack	Oct 15 05:38:39 mail1 sshd\[21709\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.73.76.102 user=root Oct 15 05:38:41 mail1 sshd\[21709\]: Failed password for root from 40.73.76.102 port 41102 ssh2 Oct 15 05:55:33 mail1 sshd\[29342\]: Invalid user cr from 40.73.76.102 port 57006 Oct 15 05:55:33 mail1 sshd\[29342\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.73.76.102 Oct 15 05:55:35 mail1 sshd\[29342\]: Failed password for invalid user cr from 40.73.76.102 port 57006 ssh2 ...	2019-10-15 12:14:07
139.59.13.51	attack	Oct 15 06:45:23 www2 sshd\[10682\]: Failed password for root from 139.59.13.51 port 58914 ssh2Oct 15 06:49:46 www2 sshd\[10998\]: Failed password for mail from 139.59.13.51 port 25894 ssh2Oct 15 06:54:09 www2 sshd\[11559\]: Failed password for root from 139.59.13.51 port 49438 ssh2 ...	2019-10-15 12:34:51
202.137.20.58	attackspam	2019-10-14T23:50:44.591957ns525875 sshd\[27144\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.137.20.58 user=root 2019-10-14T23:50:46.656681ns525875 sshd\[27144\]: Failed password for root from 202.137.20.58 port 10050 ssh2 2019-10-14T23:55:00.172237ns525875 sshd\[32345\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.137.20.58 user=root 2019-10-14T23:55:02.713772ns525875 sshd\[32345\]: Failed password for root from 202.137.20.58 port 30016 ssh2 ...	2019-10-15 12:02:43
107.170.234.157	attackbots	Fail2Ban Ban Triggered SMTP Abuse Attempt	2019-10-15 12:34:09
111.38.26.152	attack	port scan and connect, tcp 23 (telnet)	2019-10-15 12:28:43
102.68.17.48	attack	Automatic report - SSH Brute-Force Attack	2019-10-15 12:17:48
94.23.0.64	attack	Oct 14 18:06:00 php1 sshd\[650\]: Invalid user telnetd from 94.23.0.64 Oct 14 18:06:00 php1 sshd\[650\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns341101.ip-94-23-0.eu Oct 14 18:06:02 php1 sshd\[650\]: Failed password for invalid user telnetd from 94.23.0.64 port 39499 ssh2 Oct 14 18:09:55 php1 sshd\[1488\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns341101.ip-94-23-0.eu user=root Oct 14 18:09:58 php1 sshd\[1488\]: Failed password for root from 94.23.0.64 port 59257 ssh2	2019-10-15 12:19:11
125.162.227.100	attackbots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/125.162.227.100/ ID - 1H : (38) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : ID NAME ASN : ASN7713 IP : 125.162.227.100 CIDR : 125.162.224.0/22 PREFIX COUNT : 2255 UNIQUE IP COUNT : 2765312 WYKRYTE ATAKI Z ASN7713 : 1H - 1 3H - 1 6H - 4 12H - 8 24H - 9 DateTime : 2019-10-15 05:54:37 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-10-15 12:14:42
171.241.5.235	attackspambots	3L5THbo2qvTzgLQFxEBNhPNkYp8bxJASgz	2019-10-15 12:28:32
81.149.211.134	attackbotsspam	Oct 15 05:54:42 tuxlinux sshd[22488]: Invalid user admin from 81.149.211.134 port 34512 Oct 15 05:54:42 tuxlinux sshd[22488]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.149.211.134 Oct 15 05:54:42 tuxlinux sshd[22488]: Invalid user admin from 81.149.211.134 port 34512 Oct 15 05:54:42 tuxlinux sshd[22488]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.149.211.134 ...	2019-10-15 12:13:01

Recently Reported IPs

60.174.228.220	192.34.108.130	197.221.129.110	178.49.156.106
223.149.187.206	125.165.224.27	187.242.185.106	200.121.91.74
169.135.243.15	177.107.36.2	31.17.243.54	144.91.65.110
36.90.177.60	91.201.247.202	14.190.155.232	116.105.93.162
185.191.126.241	34.80.77.28	82.83.192.123	50.112.9.123