Must be a valid IPv4 or IPv6 ip address, e.g. 127.0.0.1 or 2001:DB8:0:0:8:800:200C:417A
Basic Info

City: Washington

Region: Virginia

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:
No discussion about this IP yet. Click above link to make one.
Comments on same subnet:
IP Type Details Datetime
52.149.134.66 attack
Invalid user localhost from 52.149.134.66 port 53251
2020-09-28 06:05:56
52.149.134.66 attack
Invalid user 162 from 52.149.134.66 port 19013
2020-09-27 22:27:47
52.149.134.66 attack
2020-09-27 00:50:32.343294-0500  localhost sshd[20428]: Failed password for invalid user 163 from 52.149.134.66 port 15876 ssh2
2020-09-27 14:19:27
52.149.134.66 attackspambots
2020-09-26T23:46:52.645890ks3355764 sshd[17249]: Invalid user rimes from 52.149.134.66 port 29563
2020-09-26T23:46:54.461242ks3355764 sshd[17249]: Failed password for invalid user rimes from 52.149.134.66 port 29563 ssh2
...
2020-09-27 05:57:45
52.149.134.66 attack
Sep 26 16:12:01 rancher-0 sshd[314705]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.149.134.66  user=root
Sep 26 16:12:03 rancher-0 sshd[314705]: Failed password for root from 52.149.134.66 port 42403 ssh2
...
2020-09-26 22:17:21
52.149.134.66 attackspambots
Sep 26 07:08:01 *hidden* sshd[24325]: Invalid user admin from 52.149.134.66 port 60912 Sep 26 07:08:01 *hidden* sshd[24325]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.149.134.66 Sep 26 07:08:03 *hidden* sshd[24325]: Failed password for invalid user admin from 52.149.134.66 port 60912 ssh2
2020-09-26 14:01:17
52.149.134.66 attack
2020-09-24T20:30:12.132592ks3355764 sshd[32225]: Invalid user ityx from 52.149.134.66 port 26538
2020-09-24T20:30:14.584632ks3355764 sshd[32225]: Failed password for invalid user ityx from 52.149.134.66 port 26538 ssh2
...
2020-09-25 02:30:57
52.149.134.66 attack
Lines containing failures of 52.149.134.66 (max 1000)
Sep 23 12:05:54 UTC__SANYALnet-Labs__cac12 sshd[19035]: Connection from 52.149.134.66 port 22729 on 64.137.176.96 port 22
Sep 23 12:05:54 UTC__SANYALnet-Labs__cac12 sshd[19036]: Connection from 52.149.134.66 port 22728 on 64.137.176.104 port 22
Sep 23 12:05:55 UTC__SANYALnet-Labs__cac12 sshd[19035]: User r.r from 52.149.134.66 not allowed because not listed in AllowUsers
Sep 23 12:05:55 UTC__SANYALnet-Labs__cac12 sshd[19036]: User r.r from 52.149.134.66 not allowed because not listed in AllowUsers
Sep 23 12:05:55 UTC__SANYALnet-Labs__cac12 sshd[19035]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.149.134.66  user=r.r
Sep 23 12:05:55 UTC__SANYALnet-Labs__cac12 sshd[19036]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.149.134.66  user=r.r
Sep 23 12:05:57 UTC__SANYALnet-Labs__cac12 sshd[19035]: Failed password for invalid user r.r........
------------------------------
2020-09-24 18:11:46
52.149.134.26 attack
Unauthorized connection attempt detected from IP address 52.149.134.26 to port 1433 [T]
2020-07-22 03:45:08
52.149.134.26 attackbotsspam
Jul 18 09:28:31 nextcloud sshd\[24783\]: Invalid user admin from 52.149.134.26
Jul 18 09:28:31 nextcloud sshd\[24783\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.149.134.26
Jul 18 09:28:32 nextcloud sshd\[24783\]: Failed password for invalid user admin from 52.149.134.26 port 5283 ssh2
2020-07-18 15:48:51
52.149.134.26 attackbots
Jul 18 02:43:57 rancher-0 sshd[424664]: Invalid user admin from 52.149.134.26 port 42830
...
2020-07-18 08:49:36
52.149.134.26 attackspambots
Unauthorized SSH login attempts
2020-07-17 00:38:55
52.149.134.26 attackbotsspam
Jul 15 11:11:25 nextcloud sshd\[30208\]: Invalid user admin from 52.149.134.26
Jul 15 11:11:25 nextcloud sshd\[30208\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.149.134.26
Jul 15 11:11:27 nextcloud sshd\[30208\]: Failed password for invalid user admin from 52.149.134.26 port 20149 ssh2
2020-07-15 17:12:09
52.149.134.171 attack
Jul 15 02:05:08 fhem-rasp sshd[3277]: Disconnected from invalid user admin 52.149.134.171 port 33126 [preauth]
Jul 15 04:12:48 fhem-rasp sshd[19673]: Invalid user admin from 52.149.134.171 port 17854
...
2020-07-15 10:50:55
52.149.134.171 attack
Jul 14 20:27:51 odroid64 sshd\[25506\]: Invalid user 123 from 52.149.134.171
Jul 14 20:27:51 odroid64 sshd\[25506\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.149.134.171
...
2020-07-15 03:49:39
Whois info:
b
Dig info:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 52.149.134.28
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 28444
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;52.149.134.28.			IN	A

;; AUTHORITY SECTION:
.			121	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2024103002 1800 900 604800 86400

;; Query time: 23 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Oct 31 12:42:57 CST 2024
;; MSG SIZE  rcvd: 106
Host info
Host 28.134.149.52.in-addr.arpa. not found: 3(NXDOMAIN)
Nslookup info:
Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 28.134.149.52.in-addr.arpa: NXDOMAIN
Related IP info:
Related comments:
IP Type Details Datetime
200.56.60.5 attack
Oct 24 18:33:32 friendsofhawaii sshd\[10712\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.56.60.5  user=root
Oct 24 18:33:34 friendsofhawaii sshd\[10712\]: Failed password for root from 200.56.60.5 port 49163 ssh2
Oct 24 18:37:33 friendsofhawaii sshd\[11006\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.56.60.5  user=root
Oct 24 18:37:35 friendsofhawaii sshd\[11006\]: Failed password for root from 200.56.60.5 port 47629 ssh2
Oct 24 18:41:33 friendsofhawaii sshd\[11455\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.56.60.5  user=root
2019-10-25 16:09:09
92.119.160.107 attackbots
Oct 25 09:49:27 h2177944 kernel: \[4865592.164164\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.119.160.107 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=6641 PROTO=TCP SPT=57085 DPT=30419 WINDOW=1024 RES=0x00 SYN URGP=0 
Oct 25 09:49:29 h2177944 kernel: \[4865594.871997\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.119.160.107 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=3502 PROTO=TCP SPT=57085 DPT=30389 WINDOW=1024 RES=0x00 SYN URGP=0 
Oct 25 09:51:03 h2177944 kernel: \[4865688.289467\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.119.160.107 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=15555 PROTO=TCP SPT=57085 DPT=29989 WINDOW=1024 RES=0x00 SYN URGP=0 
Oct 25 09:52:58 h2177944 kernel: \[4865803.832829\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.119.160.107 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=24863 PROTO=TCP SPT=57085 DPT=30087 WINDOW=1024 RES=0x00 SYN URGP=0 
Oct 25 09:55:06 h2177944 kernel: \[4865931.922106\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=92.119.160.107 DST=85.21
2019-10-25 15:59:11
222.186.175.220 attackspam
10/25/2019-03:33:11.837526 222.186.175.220 Protocol: 6 ET SCAN Potential SSH Scan
2019-10-25 15:38:56
185.234.216.229 attackbotsspam
postfix-failedauth jail [ma]
2019-10-25 16:10:46
118.193.31.20 attackspambots
Oct 24 20:51:38 friendsofhawaii sshd\[22019\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.193.31.20  user=root
Oct 24 20:51:41 friendsofhawaii sshd\[22019\]: Failed password for root from 118.193.31.20 port 60812 ssh2
Oct 24 20:57:05 friendsofhawaii sshd\[22444\]: Invalid user gate from 118.193.31.20
Oct 24 20:57:05 friendsofhawaii sshd\[22444\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.193.31.20
Oct 24 20:57:07 friendsofhawaii sshd\[22444\]: Failed password for invalid user gate from 118.193.31.20 port 43188 ssh2
2019-10-25 15:40:16
61.164.96.98 attack
10/25/2019-02:23:01.075990 61.164.96.98 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 62
2019-10-25 16:02:36
111.93.235.210 attackspambots
$f2bV_matches
2019-10-25 16:11:42
94.102.57.169 attackbotsspam
110/tcp 110/tcp 110/tcp
[2019-10-25]3pkt
2019-10-25 15:47:25
86.194.66.80 attack
2019-10-25T04:23:09.252546abusebot-2.cloudsearch.cf sshd\[17331\]: Invalid user com from 86.194.66.80 port 46386
2019-10-25 16:07:35
51.77.91.152 attackbotsspam
Oct 22 16:21:00 www sshd[20761]: Invalid user ubnt from 51.77.91.152
Oct 22 16:21:02 www sshd[20761]: Failed password for invalid user ubnt from 51.77.91.152 port 43906 ssh2
Oct 22 16:21:02 www sshd[20767]: Invalid user admin from 51.77.91.152
Oct 22 16:21:03 www sshd[20767]: Failed password for invalid user admin from 51.77.91.152 port 45006 ssh2
Oct 22 16:21:05 www sshd[20769]: Failed password for r.r from 51.77.91.152 port 45870 ssh2
Oct 22 16:21:05 www sshd[20771]: Invalid user 1234 from 51.77.91.152
Oct 22 16:21:07 www sshd[20771]: Failed password for invalid user 1234 from 51.77.91.152 port 46784 ssh2
Oct 22 16:21:07 www sshd[20773]: Invalid user usuario from 51.77.91.152
Oct 22 16:21:09 www sshd[20773]: Failed password for invalid user usuario from 51.77.91.152 port 48348 ssh2
Oct 22 16:21:09 www sshd[20777]: Invalid user support from 51.77.91.152


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=51.77.91.152
2019-10-25 15:54:30
106.12.195.41 attackbots
Lines containing failures of 106.12.195.41
Oct 25 06:06:37 nextcloud sshd[12694]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.195.41  user=r.r
Oct 25 06:06:39 nextcloud sshd[12694]: Failed password for r.r from 106.12.195.41 port 52414 ssh2
Oct 25 06:06:39 nextcloud sshd[12694]: Received disconnect from 106.12.195.41 port 52414:11: Bye Bye [preauth]
Oct 25 06:06:39 nextcloud sshd[12694]: Disconnected from authenticating user r.r 106.12.195.41 port 52414 [preauth]
Oct 25 06:26:31 nextcloud sshd[15931]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.195.41  user=r.r
Oct 25 06:26:33 nextcloud sshd[15931]: Failed password for r.r from 106.12.195.41 port 47302 ssh2
Oct 25 06:26:33 nextcloud sshd[15931]: Received disconnect from 106.12.195.41 port 47302:11: Bye Bye [preauth]
Oct 25 06:26:33 nextcloud sshd[15931]: Disconnected from authenticating user r.r 106.12.195.41 port 47302 ........
------------------------------
2019-10-25 15:45:18
165.22.241.227 attack
Automatic report - Banned IP Access
2019-10-25 15:57:04
109.109.42.77 attackbotsspam
Oct 25 05:52:12 sso sshd[28757]: Failed password for root from 109.109.42.77 port 38698 ssh2
Oct 25 05:52:14 sso sshd[28757]: Failed password for root from 109.109.42.77 port 38698 ssh2
...
2019-10-25 16:06:53
142.93.241.93 attackspam
Oct 25 09:10:17 vmd17057 sshd\[14550\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.241.93  user=root
Oct 25 09:10:19 vmd17057 sshd\[14550\]: Failed password for root from 142.93.241.93 port 57712 ssh2
Oct 25 09:14:29 vmd17057 sshd\[14888\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.241.93  user=root
...
2019-10-25 15:55:44
124.251.6.63 attackspambots
IP Ban Report :  
 https://help-dysk.pl/wordpress-firewall-plugins/ip/124.251.6.63/ 
 
 CN - 1H : (1862)  
 Protection Against DDoS WordPress plugin :  
 "odzyskiwanie danych help-dysk" 
 IP Address Ranges by Country : CN 
 NAME ASN : ASN23724 
 
 IP : 124.251.6.63 
 
 CIDR : 124.251.0.0/21 
 
 PREFIX COUNT : 884 
 
 UNIQUE IP COUNT : 1977344 
 
 
 ATTACKS DETECTED ASN23724 :  
  1H - 1 
  3H - 3 
  6H - 6 
 12H - 11 
 24H - 11 
 
 DateTime : 2019-10-25 05:52:39 
 
 INFO :  HACK ! - Looking for resource vulnerabilities Scan Detected and Blocked by ADMIN  - data recovery
2019-10-25 15:50:52

Recently Reported IPs

182.169.49.185 38.76.146.23 172.11.30.2 99.77.139.99
10.12.6.248 23.225.223.200 103.193.151.149 45.155.42.89
143.244.204.68 124.222.130.164 180.161.218.121 120.237.87.26
45.143.166.233 40.107.222.92 23.225.223.197 23.225.223.188
23.225.223.117 185.62.253.27 112.184.184.96 1.4.198.85