Must be a valid IPv4 or IPv6 ip address, e.g. 127.0.0.1 or 2001:DB8:0:0:8:800:200C:417A
Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: Microsoft Corporation

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:
Type Details Datetime
attackbotsspam
Unauthorized connection attempt detected from IP address 52.138.86.80 to port 1433
2020-07-22 19:24:46
attack
Unauthorized connection attempt detected from IP address 52.138.86.80 to port 1433
2020-07-21 23:52:37
attackspambots
Jul 15 05:15:25 fhem-rasp sshd[12046]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.138.86.80
Jul 15 05:15:27 fhem-rasp sshd[12046]: Failed password for invalid user admin from 52.138.86.80 port 32685 ssh2
...
2020-07-15 11:23:20
attack
Jul 14 16:51:21 site3 sshd\[239275\]: Invalid user palvelukanava from 52.138.86.80
Jul 14 16:51:21 site3 sshd\[239275\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.138.86.80
Jul 14 16:51:21 site3 sshd\[239276\]: Invalid user palvelukanava.fi from 52.138.86.80
Jul 14 16:51:21 site3 sshd\[239276\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.138.86.80
Jul 14 16:51:24 site3 sshd\[239275\]: Failed password for invalid user palvelukanava from 52.138.86.80 port 18785 ssh2
...
2020-07-14 22:18:07
Comments on same subnet:
No discussion about this subnet yet..
Whois info:
b
Dig info:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 52.138.86.80
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 14485
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;52.138.86.80.			IN	A

;; AUTHORITY SECTION:
.			474	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020071400 1800 900 604800 86400

;; Query time: 12 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jul 14 22:18:02 CST 2020
;; MSG SIZE  rcvd: 116
Host info
Host 80.86.138.52.in-addr.arpa. not found: 3(NXDOMAIN)
Nslookup info:
Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 80.86.138.52.in-addr.arpa: NXDOMAIN
Related IP info:
Related comments:
IP Type Details Datetime
118.24.37.81 attackbots
Aug 15 00:53:07 master sshd[27301]: Failed password for invalid user sims from 118.24.37.81 port 34814 ssh2
Aug 15 01:14:13 master sshd[27618]: Failed password for invalid user avid from 118.24.37.81 port 46756 ssh2
Aug 15 01:19:38 master sshd[27636]: Failed password for invalid user a1 from 118.24.37.81 port 37560 ssh2
Aug 15 01:24:47 master sshd[27642]: Failed password for invalid user sales from 118.24.37.81 port 56576 ssh2
Aug 15 01:30:10 master sshd[27948]: Failed password for root from 118.24.37.81 port 47378 ssh2
Aug 15 01:35:29 master sshd[27954]: Failed password for invalid user admin from 118.24.37.81 port 38172 ssh2
Aug 15 01:40:40 master sshd[27958]: Failed password for invalid user hdfs from 118.24.37.81 port 57192 ssh2
Aug 15 01:45:51 master sshd[27971]: Failed password for invalid user postgresql from 118.24.37.81 port 47976 ssh2
Aug 15 01:51:08 master sshd[27975]: Failed password for invalid user testing from 118.24.37.81 port 38768 ssh2
Aug 15 01:56:22 master sshd[27983]: Failed password for
2019-08-15 15:14:25
193.169.252.174 attack
Aug 15 07:43:03 mail postfix/smtpd\[32437\]: warning: unknown\[193.169.252.174\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\
Aug 15 08:01:40 mail postfix/smtpd\[6072\]: warning: unknown\[193.169.252.174\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\
Aug 15 08:20:24 mail postfix/smtpd\[7109\]: warning: unknown\[193.169.252.174\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\
Aug 15 08:57:29 mail postfix/smtpd\[8402\]: warning: unknown\[193.169.252.174\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\
2019-08-15 15:11:42
103.78.74.254 attackbots
Aug 14 19:20:39 ACSRAD auth.info sshd[8530]: Invalid user ajmal from 103.78.74.254 port 31582
Aug 14 19:20:39 ACSRAD auth.info sshd[8530]: Failed password for invalid user ajmal from 103.78.74.254 port 31582 ssh2
Aug 14 19:20:39 ACSRAD auth.info sshd[8530]: Received disconnect from 103.78.74.254 port 31582:11: Bye Bye [preauth]
Aug 14 19:20:39 ACSRAD auth.info sshd[8530]: Disconnected from 103.78.74.254 port 31582 [preauth]
Aug 14 19:20:40 ACSRAD auth.notice sshguard[29299]: Attack from "103.78.74.254" on service 100 whostnameh danger 10.
Aug 14 19:20:40 ACSRAD auth.notice sshguard[29299]: Attack from "103.78.74.254" on service 100 whostnameh danger 10.
Aug 14 19:20:40 ACSRAD auth.notice sshguard[29299]: Attack from "103.78.74.254" on service 100 whostnameh danger 10.
Aug 14 19:20:40 ACSRAD auth.warn sshguard[29299]: Blocking "103.78.74.254/32" forever (3 attacks in 0 secs, after 2 abuses over 2326 secs.)


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=103.7
2019-08-15 14:36:13
85.99.120.218 attackbotsspam
Honeypot attack, port: 23, PTR: 85.99.120.218.static.ttnet.com.tr.
2019-08-15 14:42:01
218.60.67.23 attackbots
2019-08-15T02:19:58.3339671240 sshd\[20962\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.60.67.23  user=root
2019-08-15T02:20:00.1934301240 sshd\[20962\]: Failed password for root from 218.60.67.23 port 3998 ssh2
2019-08-15T02:20:03.0633281240 sshd\[20963\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.60.67.23  user=root
...
2019-08-15 15:20:43
179.56.21.114 attackbots
Honeypot attack, port: 445, PTR: PTR record not found
2019-08-15 14:48:07
203.230.6.175 attack
Aug 15 07:28:35 debian sshd\[12216\]: Invalid user racquel from 203.230.6.175 port 50622
Aug 15 07:28:35 debian sshd\[12216\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.230.6.175
...
2019-08-15 14:37:45
185.2.5.24 attack
185.2.5.24 - - [15/Aug/2019:06:15:56 +0200] "GET /wp-login.php HTTP/1.1" 200 1129 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
185.2.5.24 - - [15/Aug/2019:06:15:57 +0200] "POST /wp-login.php HTTP/1.1" 200 1524 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
185.2.5.24 - - [15/Aug/2019:06:15:57 +0200] "GET /wp-login.php HTTP/1.1" 200 1129 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
185.2.5.24 - - [15/Aug/2019:06:15:57 +0200] "POST /wp-login.php HTTP/1.1" 200 1507 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
185.2.5.24 - - [15/Aug/2019:06:15:58 +0200] "GET /wp-login.php HTTP/1.1" 200 1129 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
185.2.5.24 - - [15/Aug/2019:06:15:58 +0200] "POST /wp-login.php HTTP/1.1" 200 1503 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
...
2019-08-15 14:30:21
201.178.65.68 attackbotsspam
Honeypot attack, port: 23, PTR: 201-178-65-68.speedy.com.ar.
2019-08-15 14:36:33
138.68.226.175 attackbotsspam
Aug 15 07:36:12 h2177944 sshd\[2171\]: Failed password for invalid user seymour from 138.68.226.175 port 45508 ssh2
Aug 15 08:36:46 h2177944 sshd\[4589\]: Invalid user dp from 138.68.226.175 port 44768
Aug 15 08:36:46 h2177944 sshd\[4589\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.226.175
Aug 15 08:36:47 h2177944 sshd\[4589\]: Failed password for invalid user dp from 138.68.226.175 port 44768 ssh2
...
2019-08-15 14:42:34
157.157.77.168 attack
Aug 15 08:09:15 mail1 sshd\[19836\]: Invalid user aaa from 157.157.77.168 port 59553
Aug 15 08:09:15 mail1 sshd\[19836\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.157.77.168
Aug 15 08:09:17 mail1 sshd\[19836\]: Failed password for invalid user aaa from 157.157.77.168 port 59553 ssh2
Aug 15 08:14:00 mail1 sshd\[21992\]: Invalid user maie from 157.157.77.168 port 57065
Aug 15 08:14:00 mail1 sshd\[21992\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.157.77.168
...
2019-08-15 15:21:13
212.47.238.207 attackbotsspam
Aug 15 07:24:10 vps691689 sshd[18866]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.47.238.207
Aug 15 07:24:12 vps691689 sshd[18866]: Failed password for invalid user hadoop from 212.47.238.207 port 56012 ssh2
Aug 15 07:29:03 vps691689 sshd[19037]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.47.238.207
...
2019-08-15 14:33:12
212.237.5.42 attackspambots
firewall-block, port(s): 23/tcp
2019-08-15 14:56:59
35.185.239.108 attackspambots
Aug 15 12:29:52 areeb-Workstation sshd\[8410\]: Invalid user steam from 35.185.239.108
Aug 15 12:29:52 areeb-Workstation sshd\[8410\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.185.239.108
Aug 15 12:29:53 areeb-Workstation sshd\[8410\]: Failed password for invalid user steam from 35.185.239.108 port 45578 ssh2
...
2019-08-15 15:01:27
23.129.64.190 attackspam
Automatic report - Banned IP Access
2019-08-15 14:49:33

Recently Reported IPs

68.190.118.137 109.167.240.147 206.189.177.101 103.6.207.147
40.114.214.239 110.77.146.113 104.208.223.13 52.228.31.194
52.152.171.30 43.84.56.45 70.37.92.56 191.7.85.173
152.38.148.128 45.69.213.43 60.164.168.68 141.34.107.160
14.1.126.143 176.6.147.43 86.114.72.199 227.249.33.227