52.166.134.250

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: Microsoft Corporation

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Invalid user wp from 52.166.134.250 port 35696	2019-08-12 10:17:43
attack	Aug 5 06:41:29 root sshd[10765]: Failed password for root from 52.166.134.250 port 57000 ssh2 Aug 5 06:46:15 root sshd[10795]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.166.134.250 Aug 5 06:46:17 root sshd[10795]: Failed password for invalid user deployer from 52.166.134.250 port 54932 ssh2 ...	2019-08-05 13:52:26

Type

Details

Datetime

attackspambots

Invalid user wp from 52.166.134.250 port 35696

2019-08-12 10:17:43

attack

Aug  5 06:41:29 root sshd[10765]: Failed password for root from 52.166.134.250 port 57000 ssh2
Aug  5 06:46:15 root sshd[10795]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.166.134.250 
Aug  5 06:46:17 root sshd[10795]: Failed password for invalid user deployer from 52.166.134.250 port 54932 ssh2
...

2019-08-05 13:52:26

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 52.166.134.250
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 76
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;52.166.134.250.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080501 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Aug 05 13:52:20 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 250.134.166.52.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 250.134.166.52.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
78.101.154.35	attack	Unauthorised access (Mar 25) SRC=78.101.154.35 LEN=40 TTL=57 ID=770 TCP DPT=8080 WINDOW=11090 SYN	2020-03-25 17:23:29
182.72.104.106	attackbots	k+ssh-bruteforce	2020-03-25 17:08:42
195.239.217.130	attack	20/3/25@03:00:02: FAIL: Alarm-Network address from=195.239.217.130 ...	2020-03-25 17:19:30
137.74.193.225	attackspam	SSH login attempts.	2020-03-25 17:04:29
152.136.76.230	attackbots	Mar 25 09:19:36 mout sshd[16898]: Invalid user de from 152.136.76.230 port 38729	2020-03-25 17:05:27
14.232.243.10	attackbotsspam	B: Abusive ssh attack	2020-03-25 17:22:39
45.119.212.14	attack	CMS (WordPress or Joomla) login attempt.	2020-03-25 16:42:13
114.234.200.232	attackspam	Unauthorised access (Mar 25) SRC=114.234.200.232 LEN=40 TTL=52 ID=47171 TCP DPT=8080 WINDOW=21766 SYN Unauthorised access (Mar 25) SRC=114.234.200.232 LEN=40 TTL=52 ID=60628 TCP DPT=8080 WINDOW=17982 SYN Unauthorised access (Mar 24) SRC=114.234.200.232 LEN=40 TTL=52 ID=26027 TCP DPT=8080 WINDOW=35998 SYN	2020-03-25 16:57:05
156.200.198.122	attackspambots	Brute force attempt	2020-03-25 16:40:21
8.14.149.127	attackspambots	Invalid user takagi from 8.14.149.127 port 8676	2020-03-25 16:49:20
72.167.224.135	attackbotsspam	$f2bV_matches	2020-03-25 16:46:02
79.109.239.218	attackbots	Invalid user philyra from 79.109.239.218 port 35410	2020-03-25 16:36:15
54.36.163.141	attackspam	$f2bV_matches	2020-03-25 16:29:42
129.211.55.6	attackspambots	(sshd) Failed SSH login from 129.211.55.6 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Mar 25 09:56:34 amsweb01 sshd[19645]: Invalid user shanna from 129.211.55.6 port 37426 Mar 25 09:56:35 amsweb01 sshd[19645]: Failed password for invalid user shanna from 129.211.55.6 port 37426 ssh2 Mar 25 10:02:26 amsweb01 sshd[20461]: Invalid user postgres from 129.211.55.6 port 56700 Mar 25 10:02:28 amsweb01 sshd[20461]: Failed password for invalid user postgres from 129.211.55.6 port 56700 ssh2 Mar 25 10:08:05 amsweb01 sshd[21355]: Invalid user zq from 129.211.55.6 port 39832	2020-03-25 17:21:51
79.184.133.138	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/79.184.133.138/ PL - 1H : (56) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : PL NAME ASN : ASN5617 IP : 79.184.133.138 CIDR : 79.184.0.0/14 PREFIX COUNT : 183 UNIQUE IP COUNT : 5363456 ATTACKS DETECTED ASN5617 : 1H - 2 3H - 2 6H - 2 12H - 5 24H - 5 DateTime : 2020-03-25 04:51:03 INFO : Looking for resource vulnerabilities 403 Detected and Blocked by ADMIN - data recovery	2020-03-25 16:48:30

Recently Reported IPs

89.210.157.52	89.210.143.54	89.206.44.82	89.181.45.127
160.153.245.247	89.176.40.117	89.163.152.184	89.163.141.16
89.159.101.24	89.157.18.233	89.154.37.160	85.204.78.28
172.68.46.212	89.153.25.60	121.160.21.6	53.245.37.227
89.153.225.177	89.152.228.249	38.64.178.194	89.152.204.31