Go
120.52.152.17
is a
Hacker
100 %
China
Report Abuse
715attacks reported
366Port Scan
163
90Port ScanHacking
23Port ScanHackingExploited Host
14uncategorized
10Brute-Force
9Port ScanHackingBrute-ForceExploited Host
6Hacking
5Port ScanBrute-Force
4Port ScanExploited Host
...
307abuse reported
303Email SpamHacking
2uncategorized
1Email SpamBrute-Force
1Email Spam
4reputation reported
4uncategorized
2anonymizers reported
1VPN IPPort Scan
1VPN IP
2spam reported
2Email Spam
1malware reported
1Exploited Host
from 45 distinct reporters
and 8 distinct sources : blocklist.net.ua, DShield.org, FireHOL, GreenSnow.co, NormShield.com, Taichung Education Center, BadIPs.com, AbuseIPDB
120.52.152.17 was first signaled at 2018-12-24 04:17 and last record was at 2019-06-24 02:30.
IP

120.52.152.17

Organization
China Unicom IP network
Localisation
China
Beijing, Beijing
NetRange : First & Last IP
120.52.0.0 - 120.52.255.255
Network CIDR
120.52.0.0/16

Cybercrime IP Feeds

Date UTC Category Sub Categories Source List Source Logs
2019-04-06 12:40 attacks Port ScanHacking AbuseIPDB MultiHost/MultiPort Probe, Scan, Hack -
2019-04-06 12:10 attacks Port Scan AbuseIPDB firewall-block, port(s): 1027/tcp, 2480/tcp, 5555/tcp, 8087/tcp
2019-04-06 06:43 attacks Port Scan AbuseIPDB firewall-block, port(s): 515/tcp, 2152/tcp, 2332/tcp, 3542/tcp
2019-04-06 04:10 attacks Port Scan AbuseIPDB firewall-block, port(s): 1701/tcp
2019-04-06 03:37 attacks Port Scan AbuseIPDB  
2019-04-06 02:21 attacks Port Scan AbuseIPDB Multiport scan : 6 ports scanned 91 2598 3079 3093 3567 20950
2019-04-06 01:22 attacks HackingWeb App Attack AbuseIPDB IP: 120.52.152.17 ASN: AS133119 China Unicom IP network Port: http protocol over TLS/SSL 443 Found in one or more Blacklists Date: 6/04/2019 10:22:30
2019-04-05 22:30 attacks Port Scan AbuseIPDB firewall-block, port(s): 11211/tcp
2019-04-05 22:25 attacks Port ScanHacking AbuseIPDB MultiHost/MultiPort Probe, Scan, Hack -
2019-04-05 16:01 attacks Port Scan AbuseIPDB :
2019-04-05 14:40 attacks Port Scan AbuseIPDB firewall-block, port(s): 1025/tcp, 10333/tcp
2019-04-05 13:15 attacks Port Scan AbuseIPDB Port scan attempt detected by AWS-CCS, CTS, India
2019-04-05 10:33 attacks Port Scan AbuseIPDB firewall-block, port(s): 21/tcp, 69/tcp, 4712/tcp, 5353/tcp, 12345/tcp
2019-04-05 04:10 attacks Port Scan AbuseIPDB firewall-block, port(s): 1993/tcp
2019-04-04 23:54 attacks Port Scan AbuseIPDB firewall-block, port(s): 179/tcp, 1177/tcp, 1962/tcp, 5678/tcp, 7071/tcp
2019-04-04 23:20 attacks Port Scan AbuseIPDB firewall-block, port(s): 880/tcp, 11001/tcp
2019-04-04 23:10 attacks Port ScanHacking AbuseIPDB MultiHost/MultiPort Probe, Scan, Hack -
2019-04-04 18:07 attacks Port Scan AbuseIPDB 2019-04-04T13:52:31.665252stt-1.[munged] kernel: [155016.038211] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:97:36:58:84:78:ac:57:aa:c1:08:00 SRC
2019-04-04 17:31 attacks FTP Brute-ForcePort ScanWeb App AttackBrute-Force AbuseIPDB  
2019-04-04 15:40 attacks Port Scan AbuseIPDB 5000/tcp 9418/tcp 1967/tcp... [2019-02-04/04-04]2122pkt,318pt.(tcp),3pt.(udp)
2019-04-04 15:20 attacks Port Scan AbuseIPDB firewall-block, port(s): 5060/tcp
2019-04-04 15:02 attacks Port ScanHackingBrute-ForceEmail Spam AbuseIPDB Unauthorized access on Port 443 [https]
2019-04-04 14:47 attacks Port Scan AbuseIPDB firewall-block, port(s): 1812/tcp, 7077/tcp, 8008/tcp
2019-04-04 08:56 attacks Port Scan AbuseIPDB firewall-block, port(s): 6000/tcp
2019-04-04 08:40 attacks Port Scan AbuseIPDB firewall-block, port(s): 902/tcp
2019-04-04 06:03 attacks Port Scan AbuseIPDB Port scan attempt detected by AWS-CCS, CTS, India
2019-04-04 04:17 attacks Fraud VoIPBrute-Force AbuseIPDB SIP brute force
2019-04-04 00:20 attacks Port Scan AbuseIPDB firewall-block, port(s): 1099/tcp, 5554/tcp
2019-04-03 22:25 attacks Port ScanHacking AbuseIPDB MultiHost/MultiPort Probe, Scan, Hack -
2019-04-03 15:10 attacks Port Scan AbuseIPDB firewall-block, port(s): 7000/tcp, 9443/tcp
2019-04-03 14:15 abuse Email SpamBrute-Force AbuseIPDB proto=tcp . spt=47067 . dpt=3389 . src=120.52.152.17 . dst=xx.xx.4.1 . Block CINS-badguys (24)
2019-04-03 08:40 attacks Port Scan AbuseIPDB firewall-block, port(s): 9003/tcp, 9100/tcp
2019-04-03 07:33 attacks Port Scan AbuseIPDB firewall-block, port(s): 1521/tcp, 14147/tcp, 23023/tcp, 27017/tcp, 32400/tcp, 37777/tcp, 50070/tcp
2019-04-03 05:42 attacks Port Scan AbuseIPDB Port scan attempt detected by AWS-CCS, CTS, India
2019-04-02 22:10 attacks Port Scan AbuseIPDB firewall-block, port(s): 9051/tcp, 12345/tcp
2019-04-02 18:44 attacks Port ScanHacking AbuseIPDB MultiHost/MultiPort Probe, Scan, Hack -
2019-04-02 15:13 attacks Port Scan AbuseIPDB 47808/tcp 2087/tcp 8009/tcp... [2019-02-02/04-02]2111pkt,316pt.(tcp),3pt.(udp)
2019-04-02 11:16 attacks Port Scan AbuseIPDB firewall-block, port(s): 1200/tcp, 3780/tcp, 5554/tcp, 8098/tcp, 8161/tcp, 8889/tcp, 9443/tcp, 49155/tcp
2019-04-02 07:20 attacks Port Scan AbuseIPDB firewall-block, port(s): 1967/tcp, 2080/tcp, 8200/tcp, 49152/tcp, 62078/tcp
2019-04-02 05:07 attacks Port Scan AbuseIPDB Multiport scan : 6 ports scanned 1602 3377 3390 3391 3393 3399
2019-04-01 23:17 attacks Brute-Force AbuseIPDB Telnet Server BruteForce Attack
2019-04-01 21:28 attacks Port Scan AbuseIPDB firewall-block, port(s): 3306/tcp, 5555/tcp
2019-04-01 20:20 attacks Port Scan AbuseIPDB firewall-block, port(s): 3306/tcp
2019-04-01 18:40 attacks Hacking AbuseIPDB Honeypot attack, port: 23, PTR: PTR record not found
2019-04-01 17:44 attacks Port ScanHacking AbuseIPDB MultiHost/MultiPort Probe, Scan, Hack -
2019-04-01 11:28 attacks Port Scan AbuseIPDB firewall-block, port(s): 873/tcp, 1026/tcp, 8443/tcp, 9653/tcp, 9944/tcp, 61616/tcp
2019-04-01 10:01 attacks Port Scan AbuseIPDB :
2019-04-01 08:20 attacks Port Scan AbuseIPDB firewall-block, port(s): 175/tcp, 389/tcp, 1234/tcp, 7779/tcp, 8060/tcp, 8334/tcp, 9653/tcp
2019-04-01 08:10 attacks Port Scan AbuseIPDB 1554138650 - 04/01/2019 19:10:50 Host: 120.52.152.17/120.52.152.17 Port: 119 TCP Blocked
2019-04-01 07:49 attacks Port ScanHackingExploited Host AbuseIPDB Port scan: Attack repeated for 24 hours
2018-12-24 04:17 attacks AbuseIPDB  
2018-12-24 04:40 attacks Port ScanHackingExploited Host AbuseIPDB Honeypot hit.
2018-12-24 05:01 attacks Port Scan AbuseIPDB 1545663690 - 12/24/2018 16:01:30 Host: 120.52.152.17/120.52.152.17 Port: 59110 UDP Blocked
2018-12-24 05:11 attacks Port Scan AbuseIPDB 1993/udp [2018-12-24]1pkt
2018-12-24 05:24 attacks Port Scan AbuseIPDB 120.52.152.17 was recorded 5 times by 4 hosts attempting to connect to the following ports: 500,162,5683,9602,5060. Incident counter (4h, 24h, all-tim
2018-12-24 06:02 attacks Port ScanHackingExploited Host AbuseIPDB scan z
2018-12-24 06:37 attacks Brute-Force AbuseIPDB 3389BruteforceFW22
2018-12-24 06:46 attacks Port Scan AbuseIPDB CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found.
2018-12-24 08:47 attacks Port Scan AbuseIPDB 2018-12-24T11:09:36.079554stt-1.victorbiro.com kernel: [3251008.967277] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:97:36:58:84:78:ac:57:aa:c1:08
2019-02-07 19:16 attacks Port Scan AbuseIPDB  
2019-03-29 18:18 reputation alienvault_reputation  
2019-03-29 18:21 abuse Email Spam blocklist_net_ua blocklist.net.ua  
2019-03-29 18:22 reputation ciarmy  
2019-03-29 18:23 attacks dshield_top_1000 DShield.org  
2019-03-29 18:27 attacks firehol_level2 FireHOL  
2019-03-29 18:34 attacks greensnow GreenSnow.co  
2019-03-29 18:36 reputation iblocklist_ciarmy_malicious  
2019-03-29 18:41 attacks normshield_all_attack NormShield.com  
2019-03-29 18:41 attacks DDoS Attack normshield_all_ddosbot NormShield.com  
2019-03-29 18:41 attacks DNS Attack normshield_all_dnsscan NormShield.com  
2019-03-29 18:41 abuse normshield_all_suspicious NormShield.com  
2019-03-29 18:41 attacks normshield_all_webscan NormShield.com  
2019-03-29 18:41 attacks normshield_high_attack NormShield.com  
2019-03-29 18:41 attacks DDoS Attack normshield_high_ddosbot NormShield.com  
2019-03-29 18:41 attacks DNS Attack normshield_high_dnsscan NormShield.com  
2019-03-29 18:41 abuse normshield_high_suspicious NormShield.com  
2019-03-29 18:52 attacks taichung Taichung Education Center  
2019-03-29 18:53 reputation turris_greylist  
2019-05-28 23:37 attacks Brute-Force normshield_all_bruteforce NormShield.com  
2019-05-28 23:38 attacks Brute-Force normshield_high_bruteforce NormShield.com  
2019-05-28 23:38 attacks normshield_high_webscan NormShield.com  
2019-05-30 09:43 spam Email Spam normshield_all_spam  
2019-05-30 09:43 spam Email Spam normshield_high_spam  
2019-06-03 22:43 attacks bi_any_0_1d BadIPs.com  
2019-06-03 22:43 attacks bi_assp_0_1d BadIPs.com  
2019-06-03 22:44 attacks Brute-ForceMailserver Attack bi_mail_0_1d BadIPs.com  
2019-06-24 02:30 attacks Web App AttackApache Attack bi_apache_0_1d BadIPs.com  
2019-06-24 02:30 attacks bi_http_0_1d BadIPs.com  
2019-03-29 18:23 attacks dshield_30d DShield.org  
2019-03-29 18:27 attacks firehol_level4 FireHOL  
2019-05-28 23:31 attacks firehol_level4 FireHOL  
only last 50 and first 10 AbuseIPDB logs are shown

Threats Categories :

abuse
IPs used to spam forum, boards, blogs or smtp servers, automated web scripts or scrappers (bad bots)
anonymizer
Onion Router IP addresses. TOR network IPs, TOR exit points, socks or ssl proxy.
attacks
bruteforce ssh/ftp/system account, IPs that have been detected by fail2ban, ports scan, vulnerabilities scan, DDoS.
malware
Addresses that have been identified distributing malware, form-grabber and stealer, Viruses, Worms, Trojans, Ransomware, Adware, Spyware

Whois

inetnum: 120.52.0.0 - 120.52.255.255
netname: CU-CDC
descr: CHINA UNICOM CLOUD DATA COMPANY LIMITED
descr: A133, Xidan North Avenue, Xicheng District, Beijing.
admin-c: ZM909-AP
tech-c: ZM909-AP
country: CN
mnt-by: MAINT-CNNIC-AP
mnt-lower: MAINT-CNNIC-AP
mnt-routes: MAINT-CNNIC-AP
mnt-irt: IRT-CNNIC-CN
status: ALLOCATED PORTABLE
last-modified: 2014-06-26T01:26:01Z
source: APNIC

irt: IRT-CNNIC-CN
address: Beijing, China
e-mail: ipas@cnnic.cn
abuse-mailbox: ipas@cnnic.cn
admin-c: IP50-AP
tech-c: IP50-AP
auth: # Filtered
remarks: Please note that CNNIC is not an ISP and is not
remarks: empowered to investigate complaints of network abuse.
remarks: Please contact the tech-c or admin-c of the network.
mnt-by: MAINT-CNNIC-AP
last-modified: 2017-11-01T08:57:39Z
source: APNIC

person: Xin Xing
address: A133,Xidan North Avenue, Xicheng District, Beijing
country: CN
phone: +86-18618215599
e-mail: xingxin2@chinaunicom.cn
nic-hdl: ZM909-AP
mnt-by: MAINT-CNNIC-AP
last-modified: 2013-10-12T09:06:01Z
source: APNIC
most specific ip range is highlighted
Updated : 2019-07-01