52.250.116.142

Basic Info

City: unknown

Region: Washington

Country: United States

Internet Service Provider: Microsoft Corporation

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	<6 unauthorized SSH connections	2020-06-29 15:10:10
attack	SSH brute-force attempt	2020-06-28 14:05:03
attack	Jun 26 23:26:33 IngegnereFirenze sshd[6287]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.250.116.142 user=root ...	2020-06-27 07:29:02

Type

Details

Datetime

attackspambots

<6 unauthorized SSH connections

2020-06-29 15:10:10

attack

SSH brute-force attempt

2020-06-28 14:05:03

attack

Jun 26 23:26:33 IngegnereFirenze sshd[6287]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.250.116.142  user=root
...

2020-06-27 07:29:02

Comments on same subnet:

IP	Type	Details	Datetime
52.250.116.198	attackbotsspam	spam (f2b h2)	2020-07-27 07:47:56

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 52.250.116.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1064
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;52.250.116.142.			IN	A

;; AUTHORITY SECTION:
.			451	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020062602 1800 900 604800 86400

;; Query time: 186 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jun 27 07:28:59 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 142.116.250.52.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 142.116.250.52.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
200.236.114.5	attackspam	Automatic report - Port Scan Attack	2020-02-21 17:11:34
138.197.213.233	attackbotsspam	(sshd) Failed SSH login from 138.197.213.233 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Feb 21 05:28:47 elude sshd[16958]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.213.233 user=list Feb 21 05:28:49 elude sshd[16958]: Failed password for list from 138.197.213.233 port 35020 ssh2 Feb 21 05:50:26 elude sshd[18354]: Invalid user Michelle from 138.197.213.233 port 43278 Feb 21 05:50:28 elude sshd[18354]: Failed password for invalid user Michelle from 138.197.213.233 port 43278 ssh2 Feb 21 05:53:07 elude sshd[18495]: Invalid user cpanelphpmyadmin from 138.197.213.233 port 44140	2020-02-21 17:12:44
218.92.0.173	attackspambots	Feb 21 10:01:07 lock-38 sshd[32407]: Failed password for root from 218.92.0.173 port 54374 ssh2 Feb 21 10:01:08 lock-38 sshd[32407]: Failed password for root from 218.92.0.173 port 54374 ssh2 Feb 21 10:01:09 lock-38 sshd[32407]: Failed password for root from 218.92.0.173 port 54374 ssh2 Feb 21 10:01:09 lock-38 sshd[32407]: error: maximum authentication attempts exceeded for root from 218.92.0.173 port 54374 ssh2 [preauth] ...	2020-02-21 17:03:54
209.17.97.10	attack	Automatic report - Banned IP Access	2020-02-21 17:05:41
222.186.180.130	attackspam	Feb 21 09:55:52 localhost sshd\[28579\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.130 user=root Feb 21 09:55:55 localhost sshd\[28579\]: Failed password for root from 222.186.180.130 port 18793 ssh2 Feb 21 09:55:57 localhost sshd\[28579\]: Failed password for root from 222.186.180.130 port 18793 ssh2	2020-02-21 17:10:06
81.183.222.181	attack	Feb 21 07:47:40 pornomens sshd\[18547\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.183.222.181 user=lp Feb 21 07:47:42 pornomens sshd\[18547\]: Failed password for lp from 81.183.222.181 port 51570 ssh2 Feb 21 07:53:02 pornomens sshd\[18587\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.183.222.181 user=games ...	2020-02-21 16:55:41
122.51.130.21	attackbotsspam	20 attempts against mh-ssh on cloud	2020-02-21 16:35:58
94.245.132.131	attackspambots	Feb 21 05:53:22 grey postfix/smtpd\[16111\]: NOQUEUE: reject: RCPT from unknown\[94.245.132.131\]: 554 5.7.1 Service unavailable\; Client host \[94.245.132.131\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[94.245.132.131\]\; from=\ to=\ proto=SMTP helo=\ ...	2020-02-21 17:06:32
123.23.26.82	attack	1582260795 - 02/21/2020 05:53:15 Host: 123.23.26.82/123.23.26.82 Port: 445 TCP Blocked	2020-02-21 17:10:53
222.186.30.209	attack	Feb 21 09:33:51 MK-Soft-VM3 sshd[20677]: Failed password for root from 222.186.30.209 port 62209 ssh2 Feb 21 09:33:53 MK-Soft-VM3 sshd[20677]: Failed password for root from 222.186.30.209 port 62209 ssh2 ...	2020-02-21 16:50:24
49.146.38.243	attack	Port probing on unauthorized port 445	2020-02-21 16:41:00
210.13.96.74	attackbotsspam	Feb 21 05:01:15 firewall sshd[21634]: Invalid user mailman from 210.13.96.74 Feb 21 05:01:18 firewall sshd[21634]: Failed password for invalid user mailman from 210.13.96.74 port 31012 ssh2 Feb 21 05:04:17 firewall sshd[21721]: Invalid user falcon2 from 210.13.96.74 ...	2020-02-21 16:50:52
138.68.136.152	attack	xmlrpc attack	2020-02-21 16:55:11
222.186.169.194	attack	Feb 16 15:50:15 mail sshd[28153]: Failed password for root from 222.186.169.194 port 32588 ssh2 Feb 16 15:50:19 mail sshd[28153]: Failed password for root from 222.186.169.194 port 32588 ssh2 Feb 16 15:50:25 mail sshd[28153]: Failed password for root from 222.186.169.194 port 32588 ssh2 Feb 16 15:50:30 mail sshd[28153]: Failed password for root from 222.186.169.194 port 32588 ssh2	2020-02-21 16:35:26
51.68.174.177	attackbotsspam	Feb 20 20:29:55 sachi sshd\[24772\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.ip-51-68-174.eu user=irc Feb 20 20:29:57 sachi sshd\[24772\]: Failed password for irc from 51.68.174.177 port 46112 ssh2 Feb 20 20:31:20 sachi sshd\[24884\]: Invalid user guest from 51.68.174.177 Feb 20 20:31:20 sachi sshd\[24884\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.ip-51-68-174.eu Feb 20 20:31:22 sachi sshd\[24884\]: Failed password for invalid user guest from 51.68.174.177 port 57916 ssh2	2020-02-21 17:13:10

Recently Reported IPs

91.82.108.13	171.8.242.107	176.98.137.244	144.2.139.126
151.83.119.20	219.91.233.10	121.16.118.89	75.158.148.93
170.106.121.141	198.110.38.203	196.111.251.116	193.146.123.104
2.101.17.149	116.129.138.23	90.212.243.104	2.96.147.124
121.172.240.142	184.98.11.125	212.225.189.134	14.156.147.33