112.16.80.154 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: China Mobile Communications Corporation

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Brute force blocker - service: proftpd1 - aantal: 115 - Sat Apr 21 04:05:14 2018	2020-03-09 02:22:14

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 112.16.80.154
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 41347
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;112.16.80.154.			IN	A

;; AUTHORITY SECTION:
.			567	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020030801 1800 900 604800 86400

;; Query time: 94 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Mar 09 02:22:10 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 154.80.16.112.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 100.100.2.138, trying next server
;; Got SERVFAIL reply from 100.100.2.138, trying next server
Server:		100.100.2.136
Address:	100.100.2.136#53

** server can't find 154.80.16.112.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
185.176.27.98	attackspam	firewall-block, port(s): 50617/tcp, 50618/tcp, 53374/tcp, 53375/tcp, 53376/tcp	2020-08-09 14:33:25
52.229.113.144	attackbotsspam	(smtpauth) Failed SMTP AUTH login from 52.229.113.144 (CA/Canada/-): 5 in the last 3600 secs	2020-08-09 14:13:13
107.175.150.83	attackbotsspam	(sshd) Failed SSH login from 107.175.150.83 (US/United States/8200eisp.org): 10 in the last 3600 secs	2020-08-09 14:26:00
49.88.112.110	attackbotsspam	Icarus honeypot on github	2020-08-09 14:44:59
84.180.236.164	attackbotsspam	Aug 9 08:03:10 OPSO sshd\[16006\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=84.180.236.164 user=root Aug 9 08:03:12 OPSO sshd\[16006\]: Failed password for root from 84.180.236.164 port 34103 ssh2 Aug 9 08:06:15 OPSO sshd\[16727\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=84.180.236.164 user=root Aug 9 08:06:17 OPSO sshd\[16727\]: Failed password for root from 84.180.236.164 port 55377 ssh2 Aug 9 08:09:10 OPSO sshd\[17026\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=84.180.236.164 user=root	2020-08-09 14:17:17
159.89.237.235	attackbots	159.89.237.235 - - [09/Aug/2020:05:53:50 +0200] "GET /wp-login.php HTTP/1.1" 200 5738 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.89.237.235 - - [09/Aug/2020:05:53:51 +0200] "POST /wp-login.php HTTP/1.1" 200 5989 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.89.237.235 - - [09/Aug/2020:05:53:52 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-09 14:05:06
200.186.127.210	attack	20 attempts against mh-ssh on cloud	2020-08-09 14:00:55
184.147.154.34	attackspambots	2020-08-09T08:47:44.135781mail.standpoint.com.ua sshd[12936]: Failed password for root from 184.147.154.34 port 38098 ssh2 2020-08-09T08:50:26.704831mail.standpoint.com.ua sshd[13281]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=okvlon0102w-lp130-02-184-147-154-34.dsl.bell.ca user=root 2020-08-09T08:50:29.195325mail.standpoint.com.ua sshd[13281]: Failed password for root from 184.147.154.34 port 39844 ssh2 2020-08-09T08:53:08.645382mail.standpoint.com.ua sshd[13629]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=okvlon0102w-lp130-02-184-147-154-34.dsl.bell.ca user=root 2020-08-09T08:53:10.955318mail.standpoint.com.ua sshd[13629]: Failed password for root from 184.147.154.34 port 41202 ssh2 ...	2020-08-09 14:15:35
185.157.222.47	attackspam	185.157.222.47 - - [09/Aug/2020:08:24:55 +0200] "GET /wp-login.php HTTP/1.1" 200 6060 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 185.157.222.47 - - [09/Aug/2020:08:24:57 +0200] "POST /wp-login.php HTTP/1.1" 200 6311 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 185.157.222.47 - - [09/Aug/2020:08:24:58 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-09 14:41:27
157.230.230.152	attack	$f2bV_matches	2020-08-09 14:15:05
82.65.27.68	attackspam	Aug 9 06:48:17 buvik sshd[5555]: Failed password for root from 82.65.27.68 port 33648 ssh2 Aug 9 06:52:12 buvik sshd[6177]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.65.27.68 user=root Aug 9 06:52:14 buvik sshd[6177]: Failed password for root from 82.65.27.68 port 44310 ssh2 ...	2020-08-09 14:18:34
123.126.106.88	attackspambots	prod6 ...	2020-08-09 14:16:20
106.13.206.183	attackbotsspam	Aug 9 03:51:21 vlre-nyc-1 sshd\[14805\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.206.183 user=root Aug 9 03:51:23 vlre-nyc-1 sshd\[14805\]: Failed password for root from 106.13.206.183 port 51096 ssh2 Aug 9 03:56:16 vlre-nyc-1 sshd\[14884\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.206.183 user=root Aug 9 03:56:18 vlre-nyc-1 sshd\[14884\]: Failed password for root from 106.13.206.183 port 53602 ssh2 Aug 9 04:00:47 vlre-nyc-1 sshd\[14968\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.206.183 user=root ...	2020-08-09 14:23:20
104.131.57.95	attackbots	104.131.57.95 - - [09/Aug/2020:07:01:17 +0100] "POST /wp-login.php HTTP/1.1" 200 4434 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.131.57.95 - - [09/Aug/2020:07:01:19 +0100] "POST /wp-login.php HTTP/1.1" 200 4434 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.131.57.95 - - [09/Aug/2020:07:01:19 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-09 14:44:09
200.56.17.5	attackspambots	2020-08-09T06:57:25.936202vps751288.ovh.net sshd\[5132\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200-56-17-5.dynamic.axtel.net user=root 2020-08-09T06:57:27.949380vps751288.ovh.net sshd\[5132\]: Failed password for root from 200.56.17.5 port 60838 ssh2 2020-08-09T07:01:31.563560vps751288.ovh.net sshd\[5162\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200-56-17-5.dynamic.axtel.net user=root 2020-08-09T07:01:34.012089vps751288.ovh.net sshd\[5162\]: Failed password for root from 200.56.17.5 port 43438 ssh2 2020-08-09T07:05:33.766768vps751288.ovh.net sshd\[5191\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200-56-17-5.dynamic.axtel.net user=root	2020-08-09 14:13:28

Recently Reported IPs

203.70.219.189	223.206.238.63	122.227.203.38	111.59.124.151
61.156.215.196	188.208.121.79	223.206.246.136	82.116.32.94
242.204.139.207	166.70.28.201	165.22.8.208	14.189.38.67
89.46.12.28	77.40.77.221	183.82.142.26	175.13.109.143
125.214.58.154	196.132.157.41	201.210.181.111	114.249.216.199