52.80.20.85 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
52.80.20.135	attack	Automatic report - Banned IP Access	2020-07-21 13:27:01
52.80.20.135	attack	WordPress vulnerability sniffing (looking for /wp-login.php)	2020-07-13 02:01:42
52.80.20.135	attackbotsspam	52.80.20.135 - - \[08/Jul/2020:03:25:12 +0200\] "POST /wp-login.php HTTP/1.0" 200 4409 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 52.80.20.135 - - \[08/Jul/2020:03:25:15 +0200\] "POST /wp-login.php HTTP/1.0" 200 4241 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 52.80.20.135 - - \[08/Jul/2020:03:25:17 +0200\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-07-08 10:21:17
52.80.20.135	attack	2020/06/24 00:53:29 [error] 2039889#2039889: 410103 open() "/usr/share/nginx/html/wp-login.php" failed (2: No such file or directory), client: 52.80.20.135, server: _, request: "GET /wp-login.php HTTP/1.1", host: "boersch-ibak-panoramo.de", referrer: "http://www.xn--mobiles-wc-brsch-xwb.de/wp-login.php" 2020/06/24 00:53:29 [error] 2039889#2039889: 410103 open() "/usr/share/nginx/html/wp-login.php" failed (2: No such file or directory), client: 52.80.20.135, server: _, request: "GET /wp-login.php HTTP/1.1", host: "boersch-ibak-panoramo.de", referrer: "http://www.xn--mobiles-wc-brsch-xwb.de/wp-login.php" 2020/06/24 00:53:29 [error] 2039889#2039889: *410103 open() "/usr/share/nginx/html/wp-login.php" failed (2: No such file or directory), client: 52.80.20.135, server: _, request: "GET /wp-login.php HTTP/1.1", host: "boersch-ibak-panoramo.de", referrer: "http://www.xn--mobiles-wc-brsch-xwb.de/wp-login.php"	2020-06-24 17:28:19
52.80.20.135	attack	xmlrpc attack	2020-06-22 15:42:05
52.80.20.135	attackspambots	Trolling for resource vulnerabilities	2020-06-16 14:43:18
52.80.20.135	attackspam	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-06-15 04:27:53

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 52.80.20.85
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61367
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;52.80.20.85.			IN	A

;; AUTHORITY SECTION:
.			404	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022010900 1800 900 604800 86400

;; Query time: 20 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jan 09 18:22:10 CST 2022
;; MSG SIZE  rcvd: 104

Host info

85.20.80.52.in-addr.arpa domain name pointer ec2-52-80-20-85.cn-north-1.compute.amazonaws.com.cn.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
85.20.80.52.in-addr.arpa	name = ec2-52-80-20-85.cn-north-1.compute.amazonaws.com.cn.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
117.50.13.170	attack	k+ssh-bruteforce	2020-04-03 16:47:35
106.12.139.137	attackspambots	Automatic report - SSH Brute-Force Attack	2020-04-03 16:35:24
87.98.190.42	attackspambots	Apr 1 01:04:47 hgb10301 sshd[25170]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=87.98.190.42 user=r.r Apr 1 01:04:49 hgb10301 sshd[25170]: Failed password for r.r from 87.98.190.42 port 52077 ssh2 Apr 1 01:04:51 hgb10301 sshd[25170]: Received disconnect from 87.98.190.42 port 52077:11: Bye Bye [preauth] Apr 1 01:04:51 hgb10301 sshd[25170]: Disconnected from authenticating user r.r 87.98.190.42 port 52077 [preauth] Apr 1 01:09:04 hgb10301 sshd[25286]: Invalid user shubh from 87.98.190.42 port 58926 Apr 1 01:09:04 hgb10301 sshd[25286]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=87.98.190.42 Apr 1 01:09:06 hgb10301 sshd[25286]: Failed password for invalid user shubh from 87.98.190.42 port 58926 ssh2 Apr 1 01:09:07 hgb10301 sshd[25286]: Received disconnect from 87.98.190.42 port 58926:11: Bye Bye [preauth] Apr 1 01:09:07 hgb10301 sshd[25286]: Disconnected from invalid user s........ -------------------------------	2020-04-03 16:36:48
210.249.92.244	attackbotsspam	Apr 3 04:20:05 game-panel sshd[22891]: Failed password for root from 210.249.92.244 port 46264 ssh2 Apr 3 04:24:25 game-panel sshd[23149]: Failed password for root from 210.249.92.244 port 56340 ssh2	2020-04-03 17:04:02
54.65.253.129	attack	Fail2Ban Ban Triggered	2020-04-03 16:36:16
115.217.225.45	attackspam	Unauthorised access (Apr 3) SRC=115.217.225.45 LEN=40 TTL=52 ID=46312 TCP DPT=8080 WINDOW=53736 SYN Unauthorised access (Apr 3) SRC=115.217.225.45 LEN=40 TTL=52 ID=9337 TCP DPT=8080 WINDOW=58328 SYN Unauthorised access (Apr 2) SRC=115.217.225.45 LEN=40 TTL=52 ID=30153 TCP DPT=8080 WINDOW=53736 SYN Unauthorised access (Apr 1) SRC=115.217.225.45 LEN=40 TTL=52 ID=12364 TCP DPT=8080 WINDOW=53736 SYN Unauthorised access (Mar 31) SRC=115.217.225.45 LEN=40 TTL=52 ID=51398 TCP DPT=8080 WINDOW=53736 SYN	2020-04-03 17:06:07
88.91.13.216	attackspambots	Apr 3 08:39:36 sshgateway sshd\[5514\]: Invalid user ju from 88.91.13.216 Apr 3 08:39:36 sshgateway sshd\[5514\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ti2999a430-0215.bb.online.no Apr 3 08:39:38 sshgateway sshd\[5514\]: Failed password for invalid user ju from 88.91.13.216 port 40440 ssh2	2020-04-03 16:44:21
2001:1600:4:b:4ed9:8fff:fe45:b500	attack	xmlrpc attack	2020-04-03 16:24:56
180.66.207.67	attackbotsspam	SSH bruteforce	2020-04-03 16:59:17
106.12.166.167	attack	$f2bV_matches	2020-04-03 16:37:05
185.9.226.28	attackbots	<6 unauthorized SSH connections	2020-04-03 17:02:42
182.61.21.155	attackspambots	Invalid user dxx from 182.61.21.155 port 54768	2020-04-03 16:30:31
37.220.36.76	attackspambots	(smtpauth) Failed SMTP AUTH login from 37.220.36.76 (NL/Netherlands/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-04-03 08:20:28 login authenticator failed for (ADMIN) [37.220.36.76]: 535 Incorrect authentication data (set_id=a.m.bekhradi@srooyesh.com)	2020-04-03 17:00:20
222.186.190.14	attackspam	DATE:2020-04-03 10:50:47, IP:222.186.190.14, PORT:ssh SSH brute force auth on honeypot server (epe-honey1-hq)	2020-04-03 16:51:27
185.176.27.162	attackbotsspam	Port-scan: detected 102 distinct ports within a 24-hour window.	2020-04-03 16:28:43

Recently Reported IPs

173.11.63.191	88.50.123.161	150.162.130.19	230.40.136.145
121.3.217.197	82.40.128.63	138.45.237.188	93.120.76.248
4.225.114.221	199.176.214.32	49.183.54.82	227.189.105.34
237.155.161.117	10.137.144.24	60.206.204.253	109.215.75.103
102.22.137.163	249.211.111.85	3.249.146.12	215.188.74.51