JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 3.80.206.39

3.80.206.39 was found in our database!

This IP was reported 75 times. Confidence of Abuse is 100%: ?

100%

ISP	Amazon Data Services Northern Virginia
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14618
Hostname(s)	ec2-3-80-206-39.compute-1.amazonaws.com
Domain Name	amazon.com
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 3.80.206.39

Whois 3.80.206.39

IP Abuse Reports for 3.80.206.39:

This IP address has been reported a total of 75 times from 61 distinct sources. 3.80.206.39 was first reported on May 28th 2026, and the most recent report was 4 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 cwytech	2026-06-04 22:09:47 (4 hours ago)	Fleet-wide ban from the Ghostfleet 👻. Triggered by scenario: cwy/web-asn-lockdown-high.	Bad Web Bot Web App Attack
Anonymous	2026-06-04 21:27:35 (4 hours ago)	Drop from IP address 3.80.206.39 to tcp-port 80	Port Scan
🇨🇭 blinx	2026-06-04 16:30:26 (9 hours ago)	2026-06-04T18:30:25.174417+02:00 blinx-rpi4 endlessh[359]: 2026-06-04T16:30:25.174Z CLOSE host=::fff ... show more 2026-06-04T18:30:25.174417+02:00 blinx-rpi4 endlessh[359]: 2026-06-04T16:30:25.174Z CLOSE host=::ffff:3.80.206.39 port=39816 fd=4 time=70.062 bytes=105 ... show less	Brute-Force SSH
🇺🇸 Xarcotic	2026-06-04 14:07:58 (12 hours ago)	SSH login on honeypot.	Brute-Force SSH
🇺🇸 rellim.com	2026-06-04 09:13:33 (17 hours ago)	Jun 4 02:13:30 alice kernel: HACK IN=enp3s0 OUT=enp1s0f1 MAC=68:05:ca:2e:ce:bc:00:24:dc:78:a0:01:08 ... show more Jun 4 02:13:30 alice kernel: HACK IN=enp3s0 OUT=enp1s0f1 MAC=68:05:ca:2e:ce:bc:00:24:dc:78:a0:01:08:00 SRC=3.80.206.39 DST=204.17.205.254 LEN=60 TOS=0x00 PREC=0x00 TTL=109 ID=38893 DF PROTO=TCP SPT=61350 DPT=9200 WINDOW=62727 RES=0x00 SYN URGP=0 Jun 4 02:13:31 alice kernel: HACK IN=enp3s0 OUT=enp1s0f1 MAC=68:05:ca:2e:ce:bc:00:24:dc:78:a0:01:08:00 SRC=3.80.206.39 DST=204.17.205.254 LEN=60 TOS=0x00 PREC=0x00 TTL=109 ID=38894 DF PROTO=TCP SPT=61350 DPT=9200 WINDOW=62727 RES=0x00 SYN URGP=0 Jun 4 02:13:33 alice kernel: HACK IN=enp3s0 OUT=enp1s0f1 MAC=68:05:ca:2e:ce:bc:00:24:dc:78:a0:01:08:00 SRC=3.80.206.39 DST=204.17.205.254 LEN=60 TOS=0x00 PREC=0x00 TTL=109 ID=38895 DF PROTO=TCP SPT=61350 DPT=9200 WINDOW=62727 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇷🇸 Smel	2026-06-04 08:30:45 (17 hours ago)	MH/MP Probe, Scan, Hack -	Port Scan Hacking
🇺🇸 Cyber Crusader	2026-06-04 07:14:11 (19 hours ago)	Hundreds of Attempts (at least) to Connect to and Access Firewall Ports	Port Scan Hacking Brute-Force
🇩🇪 ISPLtd	2026-06-04 03:57:38 (22 hours ago)	Jun 4 00:57:35 3.80.206.39 TCP SPT=21836 DPT=10443 SYN Jun 4 00:57:36 3.80.206.39 TCP SPT=21836 DP ... show more Jun 4 00:57:35 3.80.206.39 TCP SPT=21836 DPT=10443 SYN Jun 4 00:57:36 3.80.206.39 TCP SPT=21836 DPT=10443 SYN Jun 4 00:57:38 3.80.206.39 TCP SPT=21836 DPT=10443 ... show less	Port Scan
🇺🇸 aks4226	2026-06-03 23:10:27 (1 day ago)	Attacking common web applications. (n01)	Web App Attack
🇺🇸 conrad10781	2026-06-03 22:20:59 (1 day ago)	nginx-direct-ip	Port Scan
🇳🇱 BIV	2026-06-03 21:13:28 (1 day ago)	Honeypot multi-source hit. Sources: dshield:fw,tpot:Honeytrap,tpot:P0f,tpot:Suricata. Ports: 13443. ... show more Honeypot multi-source hit. Sources: dshield:fw,tpot:Honeytrap,tpot:P0f,tpot:Suricata. Ports: 13443. Automated tiered (T-Pot+DShield). show less	Port Scan Hacking Bad Web Bot
🇩🇪 check-the-sum.fr	2026-06-03 20:56:23 (1 day ago)	Port Scanning	Port Scan
Anonymous	2026-06-03 20:49:53 (1 day ago)	unsolicited connect TCP dport 13443 (sport 58326)	Hacking
🇳🇱 StopAbuse	2026-06-03 20:26:09 (1 day ago)	tcp/8443	Port Scan
🇺🇸 cwytech	2026-06-03 18:34:23 (1 day ago)	Fleet-wide ban from the Ghostfleet 👻. Triggered by scenario: cwy/web-asn-lockdown-high.	Bad Web Bot Web App Attack

Showing 1 to 15 of 75 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 152.32.205.7

🇮🇳 122.176.122.24

🇨🇳 121.229.9.110

🇫🇷 81.65.89.86

🇳🇱 45.148.10.230

🇧🇪 198.235.24.232

🇺🇸 162.216.149.177

🇻🇳 125.253.121.228

🇨🇳 122.115.224.56

🇹🇼 111.248.235.141

🇱🇺 46.151.182.186

🇨🇳 221.229.218.50

🇺🇸 192.3.218.12

🇩🇪 185.220.101.105

🇮🇳 182.95.42.130

🇨🇳 180.76.98.88

🇺🇸 162.216.150.138

🇮🇩 116.197.133.25

🇱🇹 45.227.254.170

🇬🇧 35.203.210.224