52.80.3.2 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
52.80.32.140	attack	The IP has triggered Cloudflare WAF. CF-Ray: 5431c29e0e4a7940 \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: d.skk.moe \| User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 06:34:37

Type

Details

Datetime

52.80.32.140

attack

The IP has triggered Cloudflare WAF. CF-Ray: 5431c29e0e4a7940 | WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 | WAF_Kind: firewall | CF_Action: drop | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: d.skk.moe | User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36 | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-12 06:34:37

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 52.80.3.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 65479
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;52.80.3.2.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025012400 1800 900 604800 86400

;; Query time: 14 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jan 24 17:10:27 CST 2025
;; MSG SIZE  rcvd: 102

Host info

2.3.80.52.in-addr.arpa domain name pointer ec2-52-80-3-2.cn-north-1.compute.amazonaws.com.cn.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
2.3.80.52.in-addr.arpa	name = ec2-52-80-3-2.cn-north-1.compute.amazonaws.com.cn.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
187.189.141.160	attackspambots	trying to access non-authorized port	2020-09-02 12:04:55
41.141.250.135	attackbotsspam	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-09-02 12:21:57
212.83.163.170	attackbotsspam	[2020-09-01 21:27:31] NOTICE[1185] chan_sip.c: Registration from '"485"' failed for '212.83.163.170:5668' - Wrong password [2020-09-01 21:27:31] SECURITY[1203] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-09-01T21:27:31.604-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="485",SessionID="0x7f10c4539a48",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/212.83.163.170/5668",Challenge="5871d87a",ReceivedChallenge="5871d87a",ReceivedHash="97ceb849a9c7d777cff266756ab06e5d" [2020-09-01 21:27:33] NOTICE[1185] chan_sip.c: Registration from '"486"' failed for '212.83.163.170:5720' - Wrong password [2020-09-01 21:27:33] SECURITY[1203] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-09-01T21:27:33.056-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="486",SessionID="0x7f10c4208538",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/212.83. ...	2020-09-02 09:45:42
117.107.213.246	attackbots	Invalid user scott from 117.107.213.246 port 41906	2020-09-02 12:02:10
193.112.93.2	attack	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-09-02 12:12:16
115.238.65.36	attack	Invalid user wxl from 115.238.65.36 port 36690	2020-09-02 12:16:12
180.126.50.141	attackspam	Icarus honeypot on github	2020-09-02 12:01:54
51.68.11.199	attackbots	Brute force attack stopped by firewall	2020-09-02 12:04:42
37.187.54.67	attack	Invalid user postgres from 37.187.54.67 port 42376	2020-09-02 09:45:20
37.139.23.222	attackspambots	Sep 1 20:02:11 ws19vmsma01 sshd[227313]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.23.222 Sep 1 20:02:13 ws19vmsma01 sshd[227313]: Failed password for invalid user isha from 37.139.23.222 port 35812 ssh2 ...	2020-09-02 09:43:20
82.65.27.68	attackspambots	Sep 2 05:54:42 OPSO sshd\[10103\]: Invalid user anurag from 82.65.27.68 port 44588 Sep 2 05:54:42 OPSO sshd\[10103\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.65.27.68 Sep 2 05:54:44 OPSO sshd\[10103\]: Failed password for invalid user anurag from 82.65.27.68 port 44588 ssh2 Sep 2 05:58:22 OPSO sshd\[10730\]: Invalid user ajay from 82.65.27.68 port 51626 Sep 2 05:58:22 OPSO sshd\[10730\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.65.27.68	2020-09-02 12:07:59
189.85.146.85	attackbotsspam	Sep 2 05:21:06 lnxmail61 sshd[31123]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.85.146.85	2020-09-02 12:07:16
112.85.42.173	attackbotsspam	Sep 2 03:24:00 router sshd[23012]: Failed password for root from 112.85.42.173 port 33495 ssh2 Sep 2 03:24:04 router sshd[23012]: Failed password for root from 112.85.42.173 port 33495 ssh2 Sep 2 03:24:08 router sshd[23012]: Failed password for root from 112.85.42.173 port 33495 ssh2 Sep 2 03:24:13 router sshd[23012]: Failed password for root from 112.85.42.173 port 33495 ssh2 ...	2020-09-02 09:29:09
37.129.241.145	attackspambots	1598978956 - 09/01/2020 18:49:16 Host: 37.129.241.145/37.129.241.145 Port: 445 TCP Blocked	2020-09-02 12:01:32
147.50.135.171	attackbotsspam	Invalid user hxeadm from 147.50.135.171 port 48392	2020-09-02 12:15:04

Recently Reported IPs

236.164.118.85	151.74.53.159	224.197.116.43	8.233.1.114
58.218.61.159	200.50.181.174	161.252.226.181	242.111.188.145
178.24.6.17	140.149.106.248	176.69.39.3	5.14.185.149
185.50.224.27	146.154.158.186	146.83.246.217	137.178.59.171
189.174.214.141	173.140.18.105	123.171.245.49	234.94.219.89