52.166.130.115

Basic Info

City: unknown

Region: unknown

Country: Netherlands

Internet Service Provider: Microsoft Corporation

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Unauthorized connection attempt detected from IP address 52.166.130.115 to port 9201 [T]	2020-01-27 03:29:11

Comments on same subnet:

IP	Type	Details	Datetime
52.166.130.230	attackbotsspam	Invalid user donjuanmariscos from 52.166.130.230 port 1978	2020-09-28 01:46:50
52.166.130.230	attackbotsspam	2020-09-26 UTC: (2x) - 187,245	2020-09-27 17:50:03
52.166.130.230	attackbots	failed root login	2020-09-24 21:21:19
52.166.130.230	attackbotsspam	Sep 23 17:05:36 h2865660 sshd[20571]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.166.130.230 user=root Sep 23 17:05:38 h2865660 sshd[20571]: Failed password for root from 52.166.130.230 port 44623 ssh2 Sep 24 03:50:01 h2865660 sshd[26257]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.166.130.230 user=root Sep 24 03:50:03 h2865660 sshd[26257]: Failed password for root from 52.166.130.230 port 11854 ssh2 Sep 24 06:42:44 h2865660 sshd[829]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.166.130.230 user=root Sep 24 06:42:46 h2865660 sshd[829]: Failed password for root from 52.166.130.230 port 21171 ssh2 ...	2020-09-24 13:15:57
52.166.130.230	attackspambots	Sep 23 13:43:07 propaganda sshd[4177]: Connection from 52.166.130.230 port 38496 on 10.0.0.161 port 22 rdomain "" Sep 23 13:43:08 propaganda sshd[4177]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.166.130.230 user=root Sep 23 13:43:11 propaganda sshd[4177]: Failed password for root from 52.166.130.230 port 38496 ssh2	2020-09-24 04:45:13
52.166.130.230	attackbotsspam	Icarus honeypot on github	2020-07-25 06:01:25
52.166.130.230	attack	Unauthorized connection attempt detected from IP address 52.166.130.230 to port 1433	2020-07-22 02:43:33
52.166.130.230	attackbotsspam	Jul 15 13:01:18 mail sshd\[30220\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.166.130.230 user=root ...	2020-07-16 01:03:39
52.166.130.230	attackbots	Jul 14 22:10:54 r.ca sshd[7697]: Failed password for admin from 52.166.130.230 port 20381 ssh2	2020-07-15 10:42:35
52.166.130.230	attack	Jul 14 12:41:46 km20725 sshd[19672]: Invalid user youth from 52.166.130.230 port 61416 Jul 14 12:41:46 km20725 sshd[19671]: Invalid user youth from 52.166.130.230 port 61415 Jul 14 12:41:46 km20725 sshd[19672]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.166.130.230 Jul 14 12:41:46 km20725 sshd[19671]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.166.130.230 Jul 14 12:41:46 km20725 sshd[19681]: Invalid user youth-fm.de from 52.166.130.230 port 61423 Jul 14 12:41:46 km20725 sshd[19678]: Invalid user youth from 52.166.130.230 port 61421 Jul 14 12:41:46 km20725 sshd[19681]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.166.130.230 Jul 14 12:41:46 km20725 sshd[19678]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.166.130.230 Jul 14 12:41:46 km20725 sshd[19677]: Invalid user youth from 52.16........ -------------------------------	2020-07-14 23:05:19
52.166.130.112	attackspam	Jun 22 15:56:26 srv-ubuntu-dev3 sshd[129569]: Invalid user tester from 52.166.130.112 Jun 22 15:56:26 srv-ubuntu-dev3 sshd[129569]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.166.130.112 Jun 22 15:56:26 srv-ubuntu-dev3 sshd[129569]: Invalid user tester from 52.166.130.112 Jun 22 15:56:28 srv-ubuntu-dev3 sshd[129569]: Failed password for invalid user tester from 52.166.130.112 port 48784 ssh2 Jun 22 16:00:23 srv-ubuntu-dev3 sshd[130203]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.166.130.112 user=sys Jun 22 16:00:26 srv-ubuntu-dev3 sshd[130203]: Failed password for sys from 52.166.130.112 port 51344 ssh2 Jun 22 16:04:18 srv-ubuntu-dev3 sshd[130783]: Invalid user tzy from 52.166.130.112 Jun 22 16:04:18 srv-ubuntu-dev3 sshd[130783]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.166.130.112 Jun 22 16:04:18 srv-ubuntu-dev3 sshd[130783]: Invalid user t ...	2020-06-22 22:05:03

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 52.166.130.115
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29474
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;52.166.130.115.			IN	A

;; AUTHORITY SECTION:
.			553	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020012601 1800 900 604800 86400

;; Query time: 53 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jan 27 03:29:08 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 115.130.166.52.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 115.130.166.52.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
196.52.43.96	attackbots	TCP (SYN) 196.52.43.96:61578 -> port 5800, len 44	2020-06-09 17:45:07
91.132.139.122	attackspam	1,80-03/04 [bc01/m24] PostRequest-Spammer scoring: luanda01	2020-06-09 17:52:47
212.83.183.57	attack	"fail2ban match"	2020-06-09 17:50:51
221.0.94.20	attackspambots	SSH/22 MH Probe, BF, Hack -	2020-06-09 17:37:32
106.54.65.228	attackbots	$f2bV_matches	2020-06-09 17:52:10
119.96.189.97	attack	Unauthorized connection attempt detected from IP address 119.96.189.97 to port 10306	2020-06-09 17:34:00
51.83.130.180	attackspam	Received: from server.jmest.org (mail.jmest.org. [51.83.130.180]) From: Journal of Multidisciplinary Engineering Science and Technology	2020-06-09 18:04:02
173.26.132.16	attackbots	Port Scan detected! ...	2020-06-09 17:31:54
62.234.145.195	attackbots	Jun 9 10:03:18 vmd48417 sshd[4691]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.145.195	2020-06-09 17:40:57
139.59.116.115	attackbots	firewall-block, port(s): 31666/tcp	2020-06-09 18:02:49
212.22.78.2	attack	Fail2Ban Ban Triggered HTTP Fake Web Crawler	2020-06-09 17:55:55
167.71.224.129	attackbots	2020-06-09T10:30:22.872041rocketchat.forhosting.nl sshd[5512]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.224.129 2020-06-09T10:30:22.869756rocketchat.forhosting.nl sshd[5512]: Invalid user tsbot from 167.71.224.129 port 46996 2020-06-09T10:30:24.481636rocketchat.forhosting.nl sshd[5512]: Failed password for invalid user tsbot from 167.71.224.129 port 46996 ssh2 ...	2020-06-09 17:40:06
101.109.246.98	attack	Unauthorised access (Jun 9) SRC=101.109.246.98 LEN=52 TTL=116 ID=26964 DF TCP DPT=445 WINDOW=8192 SYN	2020-06-09 17:36:24
14.21.7.162	attack	Failed password for invalid user monitor from 14.21.7.162 port 41809 ssh2	2020-06-09 17:32:56
58.59.30.74	attackspambots	Unauthorised access (Jun 9) SRC=58.59.30.74 LEN=48 TTL=115 ID=32520 DF TCP DPT=445 WINDOW=8192 SYN	2020-06-09 17:29:34

Recently Reported IPs

2.9.246.42	134.149.134.245	34.60.121.106	185.34.152.130
89.126.0.133	199.215.28.52	183.166.124.174	183.80.89.108
183.51.190.187	182.108.168.103	180.125.152.59	163.179.199.62
123.190.129.44	121.231.214.158	120.86.38.16	50.115.201.179
90.135.65.35	186.179.21.86	118.68.24.90	180.101.247.23