52.167.144.65 - IPInfo

Basic Info

City: Boydton

Region: Virginia

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
52.167.144.79	spamattack	Automatic report - Banned IP Access	2023-02-18 15:43:00

Whois info:

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2025, American Registry for Internet Numbers, Ltd.
#


NetRange:       52.145.0.0 - 52.191.255.255
CIDR:           52.148.0.0/14, 52.146.0.0/15, 52.152.0.0/13, 52.160.0.0/11, 52.145.0.0/16
NetName:        MSFT
NetHandle:      NET-52-145-0-0-1
Parent:         NET52 (NET-52-0-0-0-0)
NetType:        Direct Allocation
OriginAS:       
Organization:   Microsoft Corporation (MSFT)
RegDate:        2015-11-24
Updated:        2021-12-14
Ref:            https://rdap.arin.net/registry/ip/52.145.0.0



OrgName:        Microsoft Corporation
OrgId:          MSFT
Address:        One Microsoft Way
City:           Redmond
StateProv:      WA
PostalCode:     98052
Country:        US
RegDate:        1998-07-10
Updated:        2025-06-10
Comment:        To report suspected security issues specific to traffic emanating from Microsoft online services, including the distribution of malicious content or other illicit or illegal material through a Microsoft online service, please submit reports to:
Comment:        * https://cert.microsoft.com.  
Comment:        
Comment:        For SPAM and other abuse issues, such as Microsoft Accounts, please contact:
Comment:        * abuse@microsoft.com.  
Comment:        
Comment:        To report security vulnerabilities in Microsoft products and services, please contact:
Comment:        * secure@microsoft.com.  
Comment:        
Comment:        For legal and law enforcement-related requests, please contact:
Comment:        * msndcc@microsoft.com
Comment:        
Comment:        For routing, peering or DNS issues, please 
Comment:        contact:
Comment:        * IOC@microsoft.com
Ref:            https://rdap.arin.net/registry/entity/MSFT


OrgTechHandle: BEDAR6-ARIN
OrgTechName:   Bedard, Dawn 
OrgTechPhone:  +1-425-538-6637 
OrgTechEmail:  dabedard@microsoft.com
OrgTechRef:    https://rdap.arin.net/registry/entity/BEDAR6-ARIN

OrgRoutingHandle: CHATU3-ARIN
OrgRoutingName:   Chaturmohta, Somesh 
OrgRoutingPhone:  +1-425-882-8080 
OrgRoutingEmail:  someshch@microsoft.com
OrgRoutingRef:    https://rdap.arin.net/registry/entity/CHATU3-ARIN

OrgAbuseHandle: MAC74-ARIN
OrgAbuseName:   Microsoft Abuse Contact
OrgAbusePhone:  +1-425-882-8080 
OrgAbuseEmail:  abuse@microsoft.com
OrgAbuseRef:    https://rdap.arin.net/registry/entity/MAC74-ARIN

OrgTechHandle: MRPD-ARIN
OrgTechName:   Microsoft Routing, Peering, and DNS
OrgTechPhone:  +1-425-882-8080 
OrgTechEmail:  IOC@microsoft.com
OrgTechRef:    https://rdap.arin.net/registry/entity/MRPD-ARIN

OrgTechHandle: SINGH683-ARIN
OrgTechName:   Singh, Prachi 
OrgTechPhone:  +1-425-707-5601 
OrgTechEmail:  pracsin@microsoft.com
OrgTechRef:    https://rdap.arin.net/registry/entity/SINGH683-ARIN

OrgTechHandle: IPHOS5-ARIN
OrgTechName:   IPHostmaster, IPHostmaster 
OrgTechPhone:  +1-425-538-6637 
OrgTechEmail:  iphostmaster@microsoft.com
OrgTechRef:    https://rdap.arin.net/registry/entity/IPHOS5-ARIN


#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2025, American Registry for Internet Numbers, Ltd.
#

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 52.167.144.65
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 65201
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;52.167.144.65.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025111000 1800 900 604800 86400

;; Query time: 33 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Nov 10 22:37:27 CST 2025
;; MSG SIZE  rcvd: 106

Host info

65.144.167.52.in-addr.arpa domain name pointer msnbot-52-167-144-65.search.msn.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
65.144.167.52.in-addr.arpa	name = msnbot-52-167-144-65.search.msn.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
202.134.160.253	attackspam	Sep 12 12:09:42 dignus sshd[2521]: Failed password for root from 202.134.160.253 port 51862 ssh2 Sep 12 12:12:31 dignus sshd[2820]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.134.160.253 user=root Sep 12 12:12:33 dignus sshd[2820]: Failed password for root from 202.134.160.253 port 39992 ssh2 Sep 12 12:15:25 dignus sshd[3131]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.134.160.253 user=root Sep 12 12:15:28 dignus sshd[3131]: Failed password for root from 202.134.160.253 port 56354 ssh2 ...	2020-09-13 04:15:31
179.187.129.104	attackspam	Sep 12 20:05:52 *** sshd[30459]: Invalid user map from 179.187.129.104	2020-09-13 04:34:19
35.175.212.58	attack	Sep 12 20:35:20 roki sshd[1923]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.175.212.58 user=root Sep 12 20:35:21 roki sshd[1923]: Failed password for root from 35.175.212.58 port 54434 ssh2 Sep 12 21:03:44 roki sshd[3942]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.175.212.58 user=root Sep 12 21:03:47 roki sshd[3942]: Failed password for root from 35.175.212.58 port 37208 ssh2 Sep 12 21:08:33 roki sshd[4291]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.175.212.58 user=root ...	2020-09-13 04:27:28
111.229.50.131	attackbots	Sep 12 16:13:05 XXXXXX sshd[49540]: Invalid user cloud-user from 111.229.50.131 port 46204	2020-09-13 04:21:37
213.32.122.80	attackspambots	TCP (SYN) 213.32.122.80:41968 -> port 443, len 40	2020-09-13 04:13:14
222.186.175.182	attackbotsspam	Sep 12 16:33:22 plusreed sshd[16291]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.182 user=root Sep 12 16:33:24 plusreed sshd[16291]: Failed password for root from 222.186.175.182 port 59526 ssh2 ...	2020-09-13 04:39:17
58.213.134.6	attackspambots	Port Scan ...	2020-09-13 04:06:54
49.233.152.7	attack	TCP (SYN) 49.233.152.7:58193 -> port 1433, len 52	2020-09-13 04:36:00
94.102.51.28	attack	[H1.VM4] Blocked by UFW	2020-09-13 04:45:53
40.117.73.218	attack	WordPress XMLRPC scan :: 40.117.73.218 0.404 - [12/Sep/2020:16:59:47 0000] www.[censored_1] "POST //xmlrpc.php HTTP/1.1" 503 18233 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" "HTTP/1.1"	2020-09-13 04:32:36
68.183.19.84	attackbotsspam	Sep 12 20:52:50 ajax sshd[17027]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.19.84 Sep 12 20:52:52 ajax sshd[17027]: Failed password for invalid user aaliyah from 68.183.19.84 port 34436 ssh2	2020-09-13 04:22:10
222.186.173.215	attackbots	Sep 12 21:33:50 ajax sshd[32078]: Failed password for root from 222.186.173.215 port 1094 ssh2 Sep 12 21:33:54 ajax sshd[32078]: Failed password for root from 222.186.173.215 port 1094 ssh2	2020-09-13 04:44:47
85.193.105.131	attackbotsspam	[SatSep1218:59:29.3808252020][:error][pid28505:tid47701851145984][client85.193.105.131:27159][client85.193.105.131]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch"connector\\\\\\\\.minimal\\\\\\\\.php"atREQUEST_URI.[file"/usr/local/apache.ea3/conf/modsec_rules/99_asl_jitp.conf"][line"321"][id"393781"][rev"1"][msg"Atomicorp.comWAFRules-VirtualJustInTimePatch:WordPressFileManagerPluginattackblocked"][hostname"cser.ch"][uri"/wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php"][unique_id"X1z@cTbbrScj3AJnEXcdzgAAAEk"]\,referer:http://cser.ch/wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php[SatSep1218:59:31.6406472020][:error][pid28728:tid47701842740992][client85.193.105.131:24220][client85.193.105.131]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch"connector\\\\\\\\.minimal\\\\\\\\.php"atREQUEST_URI.[file"/usr/local/apache.ea3/conf/modsec_rules/99_asl_jitp.conf"][line"321"][id"393781"][rev"1"][msg"Atomicorp.comWAFRules-VirtualJustInTi	2020-09-13 04:40:21
218.92.0.248	attackspambots	Sep 12 20:32:11 scw-6657dc sshd[26015]: Failed password for root from 218.92.0.248 port 32022 ssh2 Sep 12 20:32:11 scw-6657dc sshd[26015]: Failed password for root from 218.92.0.248 port 32022 ssh2 Sep 12 20:32:13 scw-6657dc sshd[26015]: Failed password for root from 218.92.0.248 port 32022 ssh2 ...	2020-09-13 04:37:58
5.188.62.147	attackbots	xmlrpc	2020-09-13 04:12:59

Recently Reported IPs

118.26.105.113	118.26.105.155	138.84.35.154	152.173.180.135
47.250.147.151	165.227.46.19	179.57.105.63	179.60.76.217
181.160.58.47	216.167.91.95	181.190.9.170	181.212.118.122
181.42.145.15	181.43.36.223	186.10.44.58	186.107.68.137
186.67.228.154	208.137.20.190	186.121.7.154	190.121.7.154