52.82.49.150 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Ningxia West Cloud Data Technology Co.Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	ICMP MH Probe, Scan /Distributed -	2020-08-20 18:23:58
attackbots	1 Attack(s) Detected [DoS Attack: Ping Sweep] from source: 52.82.49.150, Tuesday, August 11, 2020 16:52:18	2020-08-13 15:32:00

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 52.82.49.150
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 16826
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;52.82.49.150.			IN	A

;; AUTHORITY SECTION:
.			469	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020081300 1800 900 604800 86400

;; Query time: 71 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Aug 13 15:31:50 CST 2020
;; MSG SIZE  rcvd: 116

Host info

150.49.82.52.in-addr.arpa domain name pointer ec2-52-82-49-150.cn-northwest-1.compute.amazonaws.com.cn.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
150.49.82.52.in-addr.arpa	name = ec2-52-82-49-150.cn-northwest-1.compute.amazonaws.com.cn.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
128.199.87.229	attackbotsspam	Invalid user lisa from 128.199.87.229 port 46950	2020-05-03 17:37:58
122.225.230.10	attack	2020-05-03T09:25:00.338141abusebot-6.cloudsearch.cf sshd[28975]: Invalid user git from 122.225.230.10 port 39262 2020-05-03T09:25:00.345384abusebot-6.cloudsearch.cf sshd[28975]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.225.230.10 2020-05-03T09:25:00.338141abusebot-6.cloudsearch.cf sshd[28975]: Invalid user git from 122.225.230.10 port 39262 2020-05-03T09:25:02.336742abusebot-6.cloudsearch.cf sshd[28975]: Failed password for invalid user git from 122.225.230.10 port 39262 ssh2 2020-05-03T09:27:49.275963abusebot-6.cloudsearch.cf sshd[29120]: Invalid user mininet from 122.225.230.10 port 36308 2020-05-03T09:27:49.282290abusebot-6.cloudsearch.cf sshd[29120]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.225.230.10 2020-05-03T09:27:49.275963abusebot-6.cloudsearch.cf sshd[29120]: Invalid user mininet from 122.225.230.10 port 36308 2020-05-03T09:27:51.143003abusebot-6.cloudsearch.cf sshd[29120]: F ...	2020-05-03 17:30:29
123.150.47.142	attackspambots	Unauthorized connection attempt detected from IP address 123.150.47.142 to port 1433	2020-05-03 17:08:20
218.92.0.199	attack	May 3 10:45:07 dcd-gentoo sshd[26127]: User root from 218.92.0.199 not allowed because none of user's groups are listed in AllowGroups May 3 10:45:10 dcd-gentoo sshd[26127]: error: PAM: Authentication failure for illegal user root from 218.92.0.199 May 3 10:45:07 dcd-gentoo sshd[26127]: User root from 218.92.0.199 not allowed because none of user's groups are listed in AllowGroups May 3 10:45:10 dcd-gentoo sshd[26127]: error: PAM: Authentication failure for illegal user root from 218.92.0.199 May 3 10:45:07 dcd-gentoo sshd[26127]: User root from 218.92.0.199 not allowed because none of user's groups are listed in AllowGroups May 3 10:45:10 dcd-gentoo sshd[26127]: error: PAM: Authentication failure for illegal user root from 218.92.0.199 May 3 10:45:10 dcd-gentoo sshd[26127]: Failed keyboard-interactive/pam for invalid user root from 218.92.0.199 port 47101 ssh2 ...	2020-05-03 17:00:37
106.13.232.26	attackspambots	May 2 22:32:28 php1 sshd\[32658\]: Invalid user aiden from 106.13.232.26 May 2 22:32:28 php1 sshd\[32658\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.232.26 May 2 22:32:30 php1 sshd\[32658\]: Failed password for invalid user aiden from 106.13.232.26 port 47588 ssh2 May 2 22:36:54 php1 sshd\[639\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.232.26 user=root May 2 22:36:56 php1 sshd\[639\]: Failed password for root from 106.13.232.26 port 42906 ssh2	2020-05-03 17:04:53
211.67.66.214	attackspambots	(imapd) Failed IMAP login from 211.67.66.214 (CN/China/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: May 3 08:20:25 ir1 dovecot[264309]: imap-login: Disconnected (auth failed, 1 attempts in 6 secs): user=, method=PLAIN, rip=211.67.66.214, lip=5.63.12.44, TLS: Connection closed, session=	2020-05-03 17:01:01
106.12.47.216	attack	Unauthorized connection attempt detected from IP address 106.12.47.216 to port 1026 [T]	2020-05-03 17:35:47
183.60.227.177	attack	[Sun May 03 10:20:06 2020] - Syn Flood From IP: 183.60.227.177 Port: 6000	2020-05-03 17:26:53
106.13.131.80	attackspambots	$f2bV_matches	2020-05-03 17:03:17
144.76.40.222	attackspam	20 attempts against mh-misbehave-ban on ice	2020-05-03 17:01:32
182.71.221.78	attack	Cowrie Honeypot: Unauthorised SSH/Telnet login attempt with user "ferenc" at 2020-05-03T09:25:09Z	2020-05-03 17:37:06
129.211.51.65	attackbotsspam	Failed password for invalid user nagios from 129.211.51.65 port 62971 ssh2	2020-05-03 17:09:06
106.12.175.38	attackbots	k+ssh-bruteforce	2020-05-03 17:18:11
66.249.70.60	attackbotsspam	...	2020-05-03 17:11:58
218.92.0.212	attack	May 3 11:06:40 pve1 sshd[20950]: Failed password for root from 218.92.0.212 port 12478 ssh2 May 3 11:06:44 pve1 sshd[20950]: Failed password for root from 218.92.0.212 port 12478 ssh2 ...	2020-05-03 17:07:25

Recently Reported IPs

60.174.228.220	192.34.108.130	197.221.129.110	178.49.156.106
223.149.187.206	125.165.224.27	187.242.185.106	200.121.91.74
169.135.243.15	177.107.36.2	31.17.243.54	144.91.65.110
36.90.177.60	91.201.247.202	14.190.155.232	116.105.93.162
185.191.126.241	34.80.77.28	82.83.192.123	50.112.9.123