166.62.125.137

Basic Info

City: Scottsdale

Region: Arizona

Country: United States

Internet Service Provider: GoDaddy.com LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	lfd: (smtpauth) Failed SMTP AUTH login from 166.62.125.137 (US/United States/ip-166-62-125-137.ip.secureserver.net): 5 in the last 3600 secs - Sun Nov 25 05:23:47 2018	2020-02-07 05:17:19

Comments on same subnet:

IP	Type	Details	Datetime
166.62.125.130	attack	WordPress brute force	2019-09-14 05:18:52

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 166.62.125.137
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38180
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;166.62.125.137.			IN	A

;; AUTHORITY SECTION:
.			152	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020020601 1800 900 604800 86400

;; Query time: 120 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 07 05:17:15 CST 2020
;; MSG SIZE  rcvd: 118

Host info

137.125.62.166.in-addr.arpa domain name pointer ip-166-62-125-137.ip.secureserver.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
137.125.62.166.in-addr.arpa	name = ip-166-62-125-137.ip.secureserver.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
218.92.0.158	attackspambots	$f2bV_matches	2020-05-29 16:33:38
138.97.239.9	attackbots	May 29 07:02:35 OPSO sshd\[5528\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.97.239.9 user=root May 29 07:02:37 OPSO sshd\[5528\]: Failed password for root from 138.97.239.9 port 43243 ssh2 May 29 07:07:14 OPSO sshd\[6477\]: Invalid user ff from 138.97.239.9 port 45946 May 29 07:07:14 OPSO sshd\[6477\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.97.239.9 May 29 07:07:16 OPSO sshd\[6477\]: Failed password for invalid user ff from 138.97.239.9 port 45946 ssh2	2020-05-29 16:49:56
14.126.29.214	attackspam	2020-05-29T05:50:43.958975 X postfix/smtpd[583267]: NOQUEUE: reject: RCPT from unknown[14.126.29.214]: 554 5.7.1 Service unavailable; Client host [14.126.29.214] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/14.126.29.214; from= to= proto=SMTP helo=	2020-05-29 17:11:20
160.153.146.165	attackspam	Attempts to probe web pages for vulnerable PHP or other applications	2020-05-29 16:42:38
157.230.239.99	attackbotsspam	Invalid user squid from 157.230.239.99 port 37786	2020-05-29 16:41:25
120.53.27.233	attack	May 29 07:55:34 MainVPS sshd[10142]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.53.27.233 user=root May 29 07:55:37 MainVPS sshd[10142]: Failed password for root from 120.53.27.233 port 46866 ssh2 May 29 07:59:32 MainVPS sshd[13488]: Invalid user edwin from 120.53.27.233 port 40352 May 29 07:59:32 MainVPS sshd[13488]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.53.27.233 May 29 07:59:32 MainVPS sshd[13488]: Invalid user edwin from 120.53.27.233 port 40352 May 29 07:59:35 MainVPS sshd[13488]: Failed password for invalid user edwin from 120.53.27.233 port 40352 ssh2 ...	2020-05-29 16:30:43
159.89.129.36	attackspam	May 29 07:51:37 lukav-desktop sshd\[29737\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.129.36 user=root May 29 07:51:39 lukav-desktop sshd\[29737\]: Failed password for root from 159.89.129.36 port 56854 ssh2 May 29 07:53:54 lukav-desktop sshd\[29770\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.129.36 user=root May 29 07:53:56 lukav-desktop sshd\[29770\]: Failed password for root from 159.89.129.36 port 40236 ssh2 May 29 07:56:15 lukav-desktop sshd\[29788\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.129.36 user=root	2020-05-29 16:53:13
45.14.150.51	attack	<6 unauthorized SSH connections	2020-05-29 16:38:15
110.50.53.12	attack	DATE:2020-05-29 05:51:33, IP:110.50.53.12, PORT:1433 MSSQL brute force auth on honeypot server (epe-honey1-hq)	2020-05-29 16:37:47
174.138.18.157	attack	2020-05-29T10:37:43.585503mail.broermann.family sshd[11810]: Failed password for root from 174.138.18.157 port 38744 ssh2 2020-05-29T10:41:30.909016mail.broermann.family sshd[11962]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.18.157 user=root 2020-05-29T10:41:33.523532mail.broermann.family sshd[11962]: Failed password for root from 174.138.18.157 port 42974 ssh2 2020-05-29T10:45:19.418609mail.broermann.family sshd[12112]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.18.157 user=root 2020-05-29T10:45:21.802422mail.broermann.family sshd[12112]: Failed password for root from 174.138.18.157 port 47198 ssh2 ...	2020-05-29 16:50:53
222.186.180.17	attackbotsspam	May 29 10:35:24 eventyay sshd[10932]: Failed password for root from 222.186.180.17 port 20852 ssh2 May 29 10:35:36 eventyay sshd[10932]: error: maximum authentication attempts exceeded for root from 222.186.180.17 port 20852 ssh2 [preauth] May 29 10:35:42 eventyay sshd[10937]: Failed password for root from 222.186.180.17 port 19876 ssh2 ...	2020-05-29 17:03:25
122.117.210.119	attackspambots	port 23	2020-05-29 16:52:17
138.68.230.39	attackspambots	138.68.230.39 - - \[29/May/2020:05:51:14 +0200\] "POST /wp-login.php HTTP/1.0" 200 6390 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 138.68.230.39 - - \[29/May/2020:05:51:15 +0200\] "POST /wp-login.php HTTP/1.0" 200 6390 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 138.68.230.39 - - \[29/May/2020:05:51:16 +0200\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-05-29 16:49:25
113.142.134.193	attackbotsspam	Invalid user ppo from 113.142.134.193 port 57434	2020-05-29 16:38:40
37.59.55.14	attackspam	Invalid user mzs from 37.59.55.14 port 43897	2020-05-29 16:56:28

Recently Reported IPs

160.19.98.75	109.194.110.67	204.28.110.250	64.20.60.67
87.216.34.143	75.79.77.76	190.138.120.121	217.147.17.174
69.61.18.203	111.233.209.41	138.219.98.131	37.214.141.212
67.177.100.125	78.37.70.214	86.217.186.245	78.64.93.123
41.218.203.205	104.39.78.62	190.214.236.10	73.236.124.165