52.80.29.39 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Beijing Guanghuan Xinwang Digital Technology Co.Ltd

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Jan 25 08:03:23 MainVPS sshd[8428]: Invalid user arif from 52.80.29.39 port 54362 Jan 25 08:03:23 MainVPS sshd[8428]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.80.29.39 Jan 25 08:03:23 MainVPS sshd[8428]: Invalid user arif from 52.80.29.39 port 54362 Jan 25 08:03:25 MainVPS sshd[8428]: Failed password for invalid user arif from 52.80.29.39 port 54362 ssh2 Jan 25 08:13:12 MainVPS sshd[26717]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.80.29.39 user=root Jan 25 08:13:14 MainVPS sshd[26717]: Failed password for root from 52.80.29.39 port 54176 ssh2 ...	2020-01-25 16:07:29

Type

Details

Datetime

attackspam

Jan 25 08:03:23 MainVPS sshd[8428]: Invalid user arif from 52.80.29.39 port 54362
Jan 25 08:03:23 MainVPS sshd[8428]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.80.29.39
Jan 25 08:03:23 MainVPS sshd[8428]: Invalid user arif from 52.80.29.39 port 54362
Jan 25 08:03:25 MainVPS sshd[8428]: Failed password for invalid user arif from 52.80.29.39 port 54362 ssh2
Jan 25 08:13:12 MainVPS sshd[26717]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.80.29.39  user=root
Jan 25 08:13:14 MainVPS sshd[26717]: Failed password for root from 52.80.29.39 port 54176 ssh2
...

2020-01-25 16:07:29

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 52.80.29.39
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 19791
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;52.80.29.39.			IN	A

;; AUTHORITY SECTION:
.			269	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020012500 1800 900 604800 86400

;; Query time: 115 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jan 25 16:07:27 CST 2020
;; MSG SIZE  rcvd: 115

Host info

39.29.80.52.in-addr.arpa domain name pointer ec2-52-80-29-39.cn-north-1.compute.amazonaws.com.cn.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
39.29.80.52.in-addr.arpa	name = ec2-52-80-29-39.cn-north-1.compute.amazonaws.com.cn.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
92.246.216.10	attackbotsspam	"URL Encoding Abuse Attack Attempt - wp.getUsersBlogsadmin-sdosadmin-sdos%"	2020-06-18 20:49:16
167.114.203.73	attackbots	$f2bV_matches	2020-06-18 20:57:16
218.92.0.223	attackbotsspam	Jun 18 15:05:28 sso sshd[26538]: Failed password for root from 218.92.0.223 port 24824 ssh2 Jun 18 15:05:31 sso sshd[26538]: Failed password for root from 218.92.0.223 port 24824 ssh2 ...	2020-06-18 21:06:57
138.68.236.50	attackspam	Jun 18 14:09:26 tuxlinux sshd[27938]: Invalid user test from 138.68.236.50 port 42248 Jun 18 14:09:26 tuxlinux sshd[27938]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.236.50 Jun 18 14:09:26 tuxlinux sshd[27938]: Invalid user test from 138.68.236.50 port 42248 Jun 18 14:09:26 tuxlinux sshd[27938]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.236.50 Jun 18 14:09:26 tuxlinux sshd[27938]: Invalid user test from 138.68.236.50 port 42248 Jun 18 14:09:26 tuxlinux sshd[27938]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.236.50 Jun 18 14:09:28 tuxlinux sshd[27938]: Failed password for invalid user test from 138.68.236.50 port 42248 ssh2 ...	2020-06-18 20:54:12
95.255.14.141	attackbotsspam	2020-06-18T12:43:52.636927mail.csmailer.org sshd[31161]: Invalid user admin123 from 95.255.14.141 port 58548 2020-06-18T12:43:52.639860mail.csmailer.org sshd[31161]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=host-95-255-14-141.business.telecomitalia.it 2020-06-18T12:43:52.636927mail.csmailer.org sshd[31161]: Invalid user admin123 from 95.255.14.141 port 58548 2020-06-18T12:43:54.591842mail.csmailer.org sshd[31161]: Failed password for invalid user admin123 from 95.255.14.141 port 58548 ssh2 2020-06-18T12:46:55.137104mail.csmailer.org sshd[31589]: Invalid user pc from 95.255.14.141 port 59752 ...	2020-06-18 21:03:20
51.38.231.11	attackbotsspam	Jun 18 13:10:20 game-panel sshd[5667]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.231.11 Jun 18 13:10:22 game-panel sshd[5667]: Failed password for invalid user user from 51.38.231.11 port 46122 ssh2 Jun 18 13:13:49 game-panel sshd[5815]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.231.11	2020-06-18 21:16:47
46.200.73.236	attack	Jun 18 12:06:28 jumpserver sshd[129438]: Failed password for invalid user zzzz from 46.200.73.236 port 59304 ssh2 Jun 18 12:09:42 jumpserver sshd[129478]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.200.73.236 user=root Jun 18 12:09:44 jumpserver sshd[129478]: Failed password for root from 46.200.73.236 port 58786 ssh2 ...	2020-06-18 20:38:53
122.114.189.58	attack	2020-06-18T15:57:13.446085mail.standpoint.com.ua sshd[14728]: Invalid user linker from 122.114.189.58 port 51351 2020-06-18T15:57:13.448866mail.standpoint.com.ua sshd[14728]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.114.189.58 2020-06-18T15:57:13.446085mail.standpoint.com.ua sshd[14728]: Invalid user linker from 122.114.189.58 port 51351 2020-06-18T15:57:15.356996mail.standpoint.com.ua sshd[14728]: Failed password for invalid user linker from 122.114.189.58 port 51351 ssh2 2020-06-18T16:01:11.192217mail.standpoint.com.ua sshd[15384]: Invalid user ts3 from 122.114.189.58 port 48649 ...	2020-06-18 21:04:04
154.117.126.249	attackspambots	Jun 18 14:28:24 vps647732 sshd[8178]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.117.126.249 Jun 18 14:28:26 vps647732 sshd[8178]: Failed password for invalid user steam from 154.117.126.249 port 1959 ssh2 ...	2020-06-18 20:32:23
119.28.134.218	attack	Jun 18 14:02:29 server sshd[5282]: Failed password for root from 119.28.134.218 port 53340 ssh2 Jun 18 14:06:01 server sshd[8461]: Failed password for root from 119.28.134.218 port 53102 ssh2 Jun 18 14:09:27 server sshd[12649]: Failed password for root from 119.28.134.218 port 52862 ssh2	2020-06-18 20:55:07
139.155.13.93	attackspam	Jun 18 14:38:58 abendstille sshd\[19653\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.13.93 user=root Jun 18 14:39:00 abendstille sshd\[19653\]: Failed password for root from 139.155.13.93 port 40594 ssh2 Jun 18 14:43:22 abendstille sshd\[24241\]: Invalid user testphp from 139.155.13.93 Jun 18 14:43:22 abendstille sshd\[24241\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.13.93 Jun 18 14:43:24 abendstille sshd\[24241\]: Failed password for invalid user testphp from 139.155.13.93 port 60762 ssh2 ...	2020-06-18 20:59:13
212.55.74.114	attack	"URL Encoding Abuse Attack Attempt - wp.getUsersBlogsadmin-sdosadmin-sdos%"	2020-06-18 20:45:34
89.248.160.150	attack	89.248.160.150 was recorded 11 times by 5 hosts attempting to connect to the following ports: 36693,37959,40619. Incident counter (4h, 24h, all-time): 11, 54, 13672	2020-06-18 20:33:41
187.243.6.106	attackspam	Jun 18 14:02:56 meumeu sshd[844520]: Invalid user admin from 187.243.6.106 port 37636 Jun 18 14:02:56 meumeu sshd[844520]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.243.6.106 Jun 18 14:02:56 meumeu sshd[844520]: Invalid user admin from 187.243.6.106 port 37636 Jun 18 14:02:58 meumeu sshd[844520]: Failed password for invalid user admin from 187.243.6.106 port 37636 ssh2 Jun 18 14:06:20 meumeu sshd[844627]: Invalid user gitlab-runner from 187.243.6.106 port 36186 Jun 18 14:06:20 meumeu sshd[844627]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.243.6.106 Jun 18 14:06:20 meumeu sshd[844627]: Invalid user gitlab-runner from 187.243.6.106 port 36186 Jun 18 14:06:22 meumeu sshd[844627]: Failed password for invalid user gitlab-runner from 187.243.6.106 port 36186 ssh2 Jun 18 14:09:39 meumeu sshd[844776]: Invalid user hardware from 187.243.6.106 port 34738 ...	2020-06-18 20:45:05
189.68.156.10	attackbotsspam	Jun 18 12:05:48 ip-172-31-61-156 sshd[8318]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.68.156.10 Jun 18 12:05:48 ip-172-31-61-156 sshd[8318]: Invalid user oracle from 189.68.156.10 Jun 18 12:05:50 ip-172-31-61-156 sshd[8318]: Failed password for invalid user oracle from 189.68.156.10 port 52771 ssh2 Jun 18 12:09:44 ip-172-31-61-156 sshd[8658]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.68.156.10 user=root Jun 18 12:09:46 ip-172-31-61-156 sshd[8658]: Failed password for root from 189.68.156.10 port 52656 ssh2 ...	2020-06-18 20:34:53

Recently Reported IPs

75.202.30.45	37.0.162.145	99.146.189.134	92.25.130.214
45.225.195.33	151.199.84.128	166.206.187.212	220.235.100.43
80.230.36.232	86.16.142.253	88.35.164.82	42.151.80.97
161.103.201.172	170.88.223.109	78.9.28.241	24.115.16.222
165.171.65.30	244.197.150.212	40.87.51.150	43.227.58.145