112.16.80.154 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: China Mobile Communications Corporation

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Brute force blocker - service: proftpd1 - aantal: 115 - Sat Apr 21 04:05:14 2018	2020-03-09 02:22:14

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 112.16.80.154
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 41347
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;112.16.80.154.			IN	A

;; AUTHORITY SECTION:
.			567	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020030801 1800 900 604800 86400

;; Query time: 94 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Mar 09 02:22:10 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 154.80.16.112.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 100.100.2.138, trying next server
;; Got SERVFAIL reply from 100.100.2.138, trying next server
Server:		100.100.2.136
Address:	100.100.2.136#53

** server can't find 154.80.16.112.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
51.77.200.62	attackbotsspam	51.77.200.62 - - [07/Sep/2019:12:42:58 +0200] "GET /wp-login.php HTTP/1.1" 200 1301 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 51.77.200.62 - - [07/Sep/2019:12:43:00 +0200] "POST /wp-login.php HTTP/1.1" 200 1704 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 51.77.200.62 - - [07/Sep/2019:12:43:01 +0200] "GET /wp-login.php HTTP/1.1" 200 1301 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 51.77.200.62 - - [07/Sep/2019:12:43:03 +0200] "POST /wp-login.php HTTP/1.1" 200 1684 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 51.77.200.62 - - [07/Sep/2019:12:43:04 +0200] "GET /wp-login.php HTTP/1.1" 200 1301 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 51.77.200.62 - - [07/Sep/2019:12:43:07 +0200] "POST /wp-login.php HTTP/1.1" 200 1688 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-09-08 02:38:42
218.98.26.185	attack	Sep 7 20:31:55 MainVPS sshd[14577]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.98.26.185 user=root Sep 7 20:31:57 MainVPS sshd[14577]: Failed password for root from 218.98.26.185 port 33820 ssh2 Sep 7 20:31:59 MainVPS sshd[14577]: Failed password for root from 218.98.26.185 port 33820 ssh2 Sep 7 20:31:55 MainVPS sshd[14577]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.98.26.185 user=root Sep 7 20:31:57 MainVPS sshd[14577]: Failed password for root from 218.98.26.185 port 33820 ssh2 Sep 7 20:31:59 MainVPS sshd[14577]: Failed password for root from 218.98.26.185 port 33820 ssh2 Sep 7 20:31:55 MainVPS sshd[14577]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.98.26.185 user=root Sep 7 20:31:57 MainVPS sshd[14577]: Failed password for root from 218.98.26.185 port 33820 ssh2 Sep 7 20:31:59 MainVPS sshd[14577]: Failed password for root from 218.98.26.185 port 338	2019-09-08 02:44:40
145.239.10.217	attackbots	Sep 7 07:12:13 auw2 sshd\[17202\]: Invalid user web5 from 145.239.10.217 Sep 7 07:12:13 auw2 sshd\[17202\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns3088253.ip-145-239-10.eu Sep 7 07:12:14 auw2 sshd\[17202\]: Failed password for invalid user web5 from 145.239.10.217 port 33986 ssh2 Sep 7 07:16:33 auw2 sshd\[17563\]: Invalid user admin from 145.239.10.217 Sep 7 07:16:33 auw2 sshd\[17563\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns3088253.ip-145-239-10.eu	2019-09-08 03:08:57
51.38.236.255	attackbots	Sep 7 08:36:13 hcbb sshd\[18804\]: Invalid user 123456 from 51.38.236.255 Sep 7 08:36:13 hcbb sshd\[18804\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=255.ip-51-38-236.eu Sep 7 08:36:15 hcbb sshd\[18804\]: Failed password for invalid user 123456 from 51.38.236.255 port 42262 ssh2 Sep 7 08:40:15 hcbb sshd\[19213\]: Invalid user 123321 from 51.38.236.255 Sep 7 08:40:15 hcbb sshd\[19213\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=255.ip-51-38-236.eu	2019-09-08 02:51:20
165.22.26.117	attack	Sep 7 03:15:05 vtv3 sshd\[21798\]: Invalid user ts3server from 165.22.26.117 port 54406 Sep 7 03:15:05 vtv3 sshd\[21798\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.26.117 Sep 7 03:15:07 vtv3 sshd\[21798\]: Failed password for invalid user ts3server from 165.22.26.117 port 54406 ssh2 Sep 7 03:21:43 vtv3 sshd\[25518\]: Invalid user vbox from 165.22.26.117 port 58296 Sep 7 03:21:43 vtv3 sshd\[25518\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.26.117 Sep 7 03:33:44 vtv3 sshd\[31480\]: Invalid user christian from 165.22.26.117 port 42388 Sep 7 03:33:44 vtv3 sshd\[31480\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.26.117 Sep 7 03:33:46 vtv3 sshd\[31480\]: Failed password for invalid user christian from 165.22.26.117 port 42388 ssh2 Sep 7 03:37:44 vtv3 sshd\[1060\]: Invalid user bot from 165.22.26.117 port 55904 Sep 7 03:37:44 vtv3 sshd\[10	2019-09-08 02:46:44
138.197.179.111	attack	Sep 7 08:37:12 sachi sshd\[10586\]: Invalid user 1234 from 138.197.179.111 Sep 7 08:37:12 sachi sshd\[10586\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.179.111 Sep 7 08:37:14 sachi sshd\[10586\]: Failed password for invalid user 1234 from 138.197.179.111 port 53562 ssh2 Sep 7 08:41:24 sachi sshd\[11016\]: Invalid user 123 from 138.197.179.111 Sep 7 08:41:24 sachi sshd\[11016\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.179.111	2019-09-08 02:48:00
193.169.255.137	attackspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-09-07 17:03:01,553 INFO [amun_request_handler] PortScan Detected on Port: 25 (193.169.255.137)	2019-09-08 02:57:53
3.0.111.11	attackbots	3.0.111.11 - - [07/Sep/2019:15:39:22 +0200] "GET /wp-login.php HTTP/1.1" 200 1301 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 3.0.111.11 - - [07/Sep/2019:15:39:23 +0200] "POST /wp-login.php HTTP/1.1" 200 1704 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 3.0.111.11 - - [07/Sep/2019:15:39:24 +0200] "GET /wp-login.php HTTP/1.1" 200 1301 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 3.0.111.11 - - [07/Sep/2019:15:39:25 +0200] "POST /wp-login.php HTTP/1.1" 200 1710 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 3.0.111.11 - - [07/Sep/2019:15:39:25 +0200] "GET /wp-login.php HTTP/1.1" 200 1301 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 3.0.111.11 - - [07/Sep/2019:15:39:26 +0200] "POST /wp-login.php HTTP/1.1" 200 1710 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-09-08 02:40:19
178.128.87.28	attack	Sep 7 13:40:09 aat-srv002 sshd[17374]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.87.28 Sep 7 13:40:10 aat-srv002 sshd[17374]: Failed password for invalid user 12345 from 178.128.87.28 port 53600 ssh2 Sep 7 13:47:54 aat-srv002 sshd[17490]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.87.28 Sep 7 13:47:57 aat-srv002 sshd[17490]: Failed password for invalid user appuser@123 from 178.128.87.28 port 60288 ssh2 ...	2019-09-08 02:54:35
42.230.213.149	attackbotsspam	SSH authentication failure x 6 reported by Fail2Ban ...	2019-09-08 03:11:29
134.175.59.235	attackbots	Sep 7 13:13:53 OPSO sshd\[8180\]: Invalid user 12345 from 134.175.59.235 port 53679 Sep 7 13:13:53 OPSO sshd\[8180\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.59.235 Sep 7 13:13:55 OPSO sshd\[8180\]: Failed password for invalid user 12345 from 134.175.59.235 port 53679 ssh2 Sep 7 13:18:49 OPSO sshd\[8921\]: Invalid user sysadmin from 134.175.59.235 port 45032 Sep 7 13:18:49 OPSO sshd\[8921\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.59.235	2019-09-08 03:12:23
14.251.212.190	attackspambots	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-09-07 10:07:13,365 INFO [amun_request_handler] PortScan Detected on Port: 445 (14.251.212.190)	2019-09-08 02:35:53
84.241.196.235	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-09-07 10:08:21,661 INFO [amun_request_handler] PortScan Detected on Port: 445 (84.241.196.235)	2019-09-08 02:35:22
158.69.126.112	attackspambots	Several messages per day! Never subscribed to any of their mailings, unsubscribing through the link only seems to result in more spam. Getting really sick of this!	2019-09-08 03:07:29
51.38.234.54	attackspam	SSH Brute Force, server-1 sshd[6490]: Failed password for invalid user test2 from 51.38.234.54 port 58140 ssh2	2019-09-08 02:51:56

Recently Reported IPs

203.70.219.189	223.206.238.63	122.227.203.38	111.59.124.151
61.156.215.196	188.208.121.79	223.206.246.136	82.116.32.94
242.204.139.207	166.70.28.201	165.22.8.208	14.189.38.67
89.46.12.28	77.40.77.221	183.82.142.26	175.13.109.143
125.214.58.154	196.132.157.41	201.210.181.111	114.249.216.199