52.138.86.80 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: Microsoft Corporation

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Unauthorized connection attempt detected from IP address 52.138.86.80 to port 1433	2020-07-22 19:24:46
attack	Unauthorized connection attempt detected from IP address 52.138.86.80 to port 1433	2020-07-21 23:52:37
attackspambots	Jul 15 05:15:25 fhem-rasp sshd[12046]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.138.86.80 Jul 15 05:15:27 fhem-rasp sshd[12046]: Failed password for invalid user admin from 52.138.86.80 port 32685 ssh2 ...	2020-07-15 11:23:20
attack	Jul 14 16:51:21 site3 sshd\[239275\]: Invalid user palvelukanava from 52.138.86.80 Jul 14 16:51:21 site3 sshd\[239275\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.138.86.80 Jul 14 16:51:21 site3 sshd\[239276\]: Invalid user palvelukanava.fi from 52.138.86.80 Jul 14 16:51:21 site3 sshd\[239276\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.138.86.80 Jul 14 16:51:24 site3 sshd\[239275\]: Failed password for invalid user palvelukanava from 52.138.86.80 port 18785 ssh2 ...	2020-07-14 22:18:07

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 52.138.86.80
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 14485
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;52.138.86.80.			IN	A

;; AUTHORITY SECTION:
.			474	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020071400 1800 900 604800 86400

;; Query time: 12 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jul 14 22:18:02 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 80.86.138.52.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 80.86.138.52.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
118.24.37.81	attackbots	Aug 15 00:53:07 master sshd[27301]: Failed password for invalid user sims from 118.24.37.81 port 34814 ssh2 Aug 15 01:14:13 master sshd[27618]: Failed password for invalid user avid from 118.24.37.81 port 46756 ssh2 Aug 15 01:19:38 master sshd[27636]: Failed password for invalid user a1 from 118.24.37.81 port 37560 ssh2 Aug 15 01:24:47 master sshd[27642]: Failed password for invalid user sales from 118.24.37.81 port 56576 ssh2 Aug 15 01:30:10 master sshd[27948]: Failed password for root from 118.24.37.81 port 47378 ssh2 Aug 15 01:35:29 master sshd[27954]: Failed password for invalid user admin from 118.24.37.81 port 38172 ssh2 Aug 15 01:40:40 master sshd[27958]: Failed password for invalid user hdfs from 118.24.37.81 port 57192 ssh2 Aug 15 01:45:51 master sshd[27971]: Failed password for invalid user postgresql from 118.24.37.81 port 47976 ssh2 Aug 15 01:51:08 master sshd[27975]: Failed password for invalid user testing from 118.24.37.81 port 38768 ssh2 Aug 15 01:56:22 master sshd[27983]: Failed password for	2019-08-15 15:14:25
193.169.252.174	attack	Aug 15 07:43:03 mail postfix/smtpd\[32437\]: warning: unknown\[193.169.252.174\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Aug 15 08:01:40 mail postfix/smtpd\[6072\]: warning: unknown\[193.169.252.174\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Aug 15 08:20:24 mail postfix/smtpd\[7109\]: warning: unknown\[193.169.252.174\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Aug 15 08:57:29 mail postfix/smtpd\[8402\]: warning: unknown\[193.169.252.174\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\	2019-08-15 15:11:42
103.78.74.254	attackbots	Aug 14 19:20:39 ACSRAD auth.info sshd[8530]: Invalid user ajmal from 103.78.74.254 port 31582 Aug 14 19:20:39 ACSRAD auth.info sshd[8530]: Failed password for invalid user ajmal from 103.78.74.254 port 31582 ssh2 Aug 14 19:20:39 ACSRAD auth.info sshd[8530]: Received disconnect from 103.78.74.254 port 31582:11: Bye Bye [preauth] Aug 14 19:20:39 ACSRAD auth.info sshd[8530]: Disconnected from 103.78.74.254 port 31582 [preauth] Aug 14 19:20:40 ACSRAD auth.notice sshguard[29299]: Attack from "103.78.74.254" on service 100 whostnameh danger 10. Aug 14 19:20:40 ACSRAD auth.notice sshguard[29299]: Attack from "103.78.74.254" on service 100 whostnameh danger 10. Aug 14 19:20:40 ACSRAD auth.notice sshguard[29299]: Attack from "103.78.74.254" on service 100 whostnameh danger 10. Aug 14 19:20:40 ACSRAD auth.warn sshguard[29299]: Blocking "103.78.74.254/32" forever (3 attacks in 0 secs, after 2 abuses over 2326 secs.) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=103.7	2019-08-15 14:36:13
85.99.120.218	attackbotsspam	Honeypot attack, port: 23, PTR: 85.99.120.218.static.ttnet.com.tr.	2019-08-15 14:42:01
218.60.67.23	attackbots	2019-08-15T02:19:58.3339671240 sshd\[20962\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.60.67.23 user=root 2019-08-15T02:20:00.1934301240 sshd\[20962\]: Failed password for root from 218.60.67.23 port 3998 ssh2 2019-08-15T02:20:03.0633281240 sshd\[20963\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.60.67.23 user=root ...	2019-08-15 15:20:43
179.56.21.114	attackbots	Honeypot attack, port: 445, PTR: PTR record not found	2019-08-15 14:48:07
203.230.6.175	attack	Aug 15 07:28:35 debian sshd\[12216\]: Invalid user racquel from 203.230.6.175 port 50622 Aug 15 07:28:35 debian sshd\[12216\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.230.6.175 ...	2019-08-15 14:37:45
185.2.5.24	attack	185.2.5.24 - - [15/Aug/2019:06:15:56 +0200] "GET /wp-login.php HTTP/1.1" 200 1129 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 185.2.5.24 - - [15/Aug/2019:06:15:57 +0200] "POST /wp-login.php HTTP/1.1" 200 1524 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 185.2.5.24 - - [15/Aug/2019:06:15:57 +0200] "GET /wp-login.php HTTP/1.1" 200 1129 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 185.2.5.24 - - [15/Aug/2019:06:15:57 +0200] "POST /wp-login.php HTTP/1.1" 200 1507 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 185.2.5.24 - - [15/Aug/2019:06:15:58 +0200] "GET /wp-login.php HTTP/1.1" 200 1129 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 185.2.5.24 - - [15/Aug/2019:06:15:58 +0200] "POST /wp-login.php HTTP/1.1" 200 1503 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-08-15 14:30:21
201.178.65.68	attackbotsspam	Honeypot attack, port: 23, PTR: 201-178-65-68.speedy.com.ar.	2019-08-15 14:36:33
138.68.226.175	attackbotsspam	Aug 15 07:36:12 h2177944 sshd\[2171\]: Failed password for invalid user seymour from 138.68.226.175 port 45508 ssh2 Aug 15 08:36:46 h2177944 sshd\[4589\]: Invalid user dp from 138.68.226.175 port 44768 Aug 15 08:36:46 h2177944 sshd\[4589\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.226.175 Aug 15 08:36:47 h2177944 sshd\[4589\]: Failed password for invalid user dp from 138.68.226.175 port 44768 ssh2 ...	2019-08-15 14:42:34
157.157.77.168	attack	Aug 15 08:09:15 mail1 sshd\[19836\]: Invalid user aaa from 157.157.77.168 port 59553 Aug 15 08:09:15 mail1 sshd\[19836\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.157.77.168 Aug 15 08:09:17 mail1 sshd\[19836\]: Failed password for invalid user aaa from 157.157.77.168 port 59553 ssh2 Aug 15 08:14:00 mail1 sshd\[21992\]: Invalid user maie from 157.157.77.168 port 57065 Aug 15 08:14:00 mail1 sshd\[21992\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.157.77.168 ...	2019-08-15 15:21:13
212.47.238.207	attackbotsspam	Aug 15 07:24:10 vps691689 sshd[18866]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.47.238.207 Aug 15 07:24:12 vps691689 sshd[18866]: Failed password for invalid user hadoop from 212.47.238.207 port 56012 ssh2 Aug 15 07:29:03 vps691689 sshd[19037]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.47.238.207 ...	2019-08-15 14:33:12
212.237.5.42	attackspambots	firewall-block, port(s): 23/tcp	2019-08-15 14:56:59
35.185.239.108	attackspambots	Aug 15 12:29:52 areeb-Workstation sshd\[8410\]: Invalid user steam from 35.185.239.108 Aug 15 12:29:52 areeb-Workstation sshd\[8410\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.185.239.108 Aug 15 12:29:53 areeb-Workstation sshd\[8410\]: Failed password for invalid user steam from 35.185.239.108 port 45578 ssh2 ...	2019-08-15 15:01:27
23.129.64.190	attackspam	Automatic report - Banned IP Access	2019-08-15 14:49:33

Recently Reported IPs

68.190.118.137	109.167.240.147	206.189.177.101	103.6.207.147
40.114.214.239	110.77.146.113	104.208.223.13	52.228.31.194
52.152.171.30	43.84.56.45	70.37.92.56	191.7.85.173
152.38.148.128	45.69.213.43	60.164.168.68	141.34.107.160
14.1.126.143	176.6.147.43	86.114.72.199	227.249.33.227