112.80.136.213

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
112.80.136.135	attackspam	Unauthorized connection attempt detected from IP address 112.80.136.135 to port 8088	2020-06-01 00:45:42
112.80.136.245	attack	Unauthorized connection attempt detected from IP address 112.80.136.245 to port 3389 [J]	2020-03-02 21:35:54
112.80.136.176	attack	Unauthorized connection attempt detected from IP address 112.80.136.176 to port 8081 [J]	2020-03-02 18:41:32
112.80.136.214	attackbotsspam	Unauthorized connection attempt detected from IP address 112.80.136.214 to port 9999 [T]	2020-01-10 09:22:18
112.80.136.219	attackspam	Unauthorized connection attempt detected from IP address 112.80.136.219 to port 8118	2020-01-02 21:21:29
112.80.136.25	attack	The IP has triggered Cloudflare WAF. CF-Ray: 543405f8ef3b6cfe \| WAF_Rule_ID: 1112824 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: blog.skk.moe \| User-Agent: Mozilla/5.0 (Linux; U; Android 4.3; en-us; SM-N900T Build/JSS15J) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30 \| CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 03:33:44
112.80.136.8	attackspambots	The IP has triggered Cloudflare WAF. CF-Ray: 5415f75a7ae2288c \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: disqus.skk.moe \| User-Agent: Mozilla/5.077692140 Mozilla/5.0 (Windows NT 6.1; Trident/7.0; rv:11.0) like Gecko \| CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 04:38:18

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 112.80.136.213
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 37031
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;112.80.136.213.			IN	A

;; AUTHORITY SECTION:
.			289	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021202 1800 900 604800 86400

;; Query time: 59 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 13 13:33:11 CST 2022
;; MSG SIZE  rcvd: 107

Host info

Host 213.136.80.112.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 213.136.80.112.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
218.92.0.207	attack	2020-10-03T15:31:02.952454xentho-1 sshd[1157245]: Failed password for root from 218.92.0.207 port 50906 ssh2 2020-10-03T15:31:00.772314xentho-1 sshd[1157245]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.207 user=root 2020-10-03T15:31:02.952454xentho-1 sshd[1157245]: Failed password for root from 218.92.0.207 port 50906 ssh2 2020-10-03T15:31:05.889374xentho-1 sshd[1157245]: Failed password for root from 218.92.0.207 port 50906 ssh2 2020-10-03T15:31:00.772314xentho-1 sshd[1157245]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.207 user=root 2020-10-03T15:31:02.952454xentho-1 sshd[1157245]: Failed password for root from 218.92.0.207 port 50906 ssh2 2020-10-03T15:31:05.889374xentho-1 sshd[1157245]: Failed password for root from 218.92.0.207 port 50906 ssh2 2020-10-03T15:31:09.700330xentho-1 sshd[1157245]: Failed password for root from 218.92.0.207 port 50906 ssh2 2020-10-03T15:34:03.87 ...	2020-10-04 03:52:12
190.85.163.46	attack	2020-10-03T10:07:13.993947shield sshd\[19806\]: Invalid user ansible from 190.85.163.46 port 49765 2020-10-03T10:07:14.005630shield sshd\[19806\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.85.163.46 2020-10-03T10:07:16.468801shield sshd\[19806\]: Failed password for invalid user ansible from 190.85.163.46 port 49765 ssh2 2020-10-03T10:11:28.705758shield sshd\[20209\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.85.163.46 user=root 2020-10-03T10:11:30.366648shield sshd\[20209\]: Failed password for root from 190.85.163.46 port 53818 ssh2	2020-10-04 03:40:35
202.73.24.188	attackspambots	2020-10-03T15:51:13.898478ns385565 sshd[30478]: Disconnected from authenticating user root 202.73.24.188 port 49008 [preauth] 2020-10-03T15:52:05.897665ns385565 sshd[30518]: Invalid user haldaemon from 202.73.24.188 port 54752 2020-10-03T15:52:06.095831ns385565 sshd[30518]: Disconnected from invalid user haldaemon 202.73.24.188 port 54752 [preauth] ...	2020-10-04 03:35:05
159.203.165.156	attack	[N3.H3.VM3] Port Scanner Detected Blocked by UFW	2020-10-04 03:19:44
103.141.174.130	attackspam	srvr2: (mod_security) mod_security (id:920350) triggered by 103.141.174.130 (BD/-/-): 1 in the last 600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/10/02 22:33:37 [error] 142888#0: 187758 [client 103.141.174.130] ModSecurity: Access denied with code 406 (phase 2). Matched "Operator `Rx' with parameter `^[\d.:]+$' against variable `REQUEST_HEADERS:Host' [redacted] [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "718"] [id "920350"] [rev ""] [msg "Host header is a numeric IP address"] [redacted] [severity "4"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [redacted] [uri "/"] [unique_id "160167081795.491896"] [ref "o0,15v21,15"], client: 103.141.174.130, [redacted] request: "GET / HTTP/1.1" [redacted]	2020-10-04 03:51:15
111.68.98.169	attack	1601670872 - 10/02/2020 22:34:32 Host: 111.68.98.169/111.68.98.169 Port: 445 TCP Blocked ...	2020-10-04 03:23:50
61.148.56.158	attackbots	(sshd) Failed SSH login from 61.148.56.158 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 3 14:42:22 jbs1 sshd[18034]: Invalid user haldaemon from 61.148.56.158 Oct 3 14:42:22 jbs1 sshd[18034]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.148.56.158 Oct 3 14:42:24 jbs1 sshd[18034]: Failed password for invalid user haldaemon from 61.148.56.158 port 3353 ssh2 Oct 3 14:47:47 jbs1 sshd[20487]: Invalid user router from 61.148.56.158 Oct 3 14:47:47 jbs1 sshd[20487]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.148.56.158	2020-10-04 03:49:12
193.247.213.196	attackspambots	SSH login attempts.	2020-10-04 03:39:42
5.154.243.131	attack	Oct 3 20:29:01 meumeu sshd[1337605]: Invalid user alexandre from 5.154.243.131 port 54096 Oct 3 20:29:01 meumeu sshd[1337605]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.154.243.131 Oct 3 20:29:01 meumeu sshd[1337605]: Invalid user alexandre from 5.154.243.131 port 54096 Oct 3 20:29:03 meumeu sshd[1337605]: Failed password for invalid user alexandre from 5.154.243.131 port 54096 ssh2 Oct 3 20:32:40 meumeu sshd[1337803]: Invalid user rr from 5.154.243.131 port 57853 Oct 3 20:32:40 meumeu sshd[1337803]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.154.243.131 Oct 3 20:32:40 meumeu sshd[1337803]: Invalid user rr from 5.154.243.131 port 57853 Oct 3 20:32:43 meumeu sshd[1337803]: Failed password for invalid user rr from 5.154.243.131 port 57853 ssh2 Oct 3 20:36:16 meumeu sshd[1337922]: Invalid user info from 5.154.243.131 port 33374 ...	2020-10-04 03:30:38
123.31.29.14	attack	Oct 3 19:04:46 game-panel sshd[23213]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.31.29.14 Oct 3 19:04:49 game-panel sshd[23213]: Failed password for invalid user export from 123.31.29.14 port 56058 ssh2 Oct 3 19:08:20 game-panel sshd[23363]: Failed password for root from 123.31.29.14 port 53326 ssh2	2020-10-04 03:17:27
52.188.69.174	attack	2020-10-03T19:42:59.954918snf-827550 sshd[31725]: Invalid user vendas from 52.188.69.174 port 59624 2020-10-03T19:43:02.531890snf-827550 sshd[31725]: Failed password for invalid user vendas from 52.188.69.174 port 59624 ssh2 2020-10-03T19:48:05.712850snf-827550 sshd[31744]: Invalid user admin from 52.188.69.174 port 38778 ...	2020-10-04 03:19:22
200.208.101.228	attackspambots	TCP (SYN) 200.208.101.228:56801 -> port 445, len 40	2020-10-04 03:36:25
51.83.69.142	attack	2020-10-01 11:04:30 server sshd[92804]: Failed password for invalid user test from 51.83.69.142 port 55186 ssh2	2020-10-04 03:44:51
74.102.39.43	attackspambots	Attempted Administrator Privilege Gain	2020-10-04 03:19:01
94.180.25.152	attackspam	Telnet/23 MH Probe, Scan, BF, Hack -	2020-10-04 03:25:39

Recently Reported IPs

112.80.136.234	112.80.136.229	112.80.136.45	112.80.136.236
112.80.136.243	112.80.136.79	112.80.136.81	112.80.136.83
112.80.137.103	112.80.136.242	112.80.136.95	112.80.136.76
112.80.137.125	112.80.137.126	112.80.136.75	112.80.137.162
112.80.137.107	112.80.137.0	112.80.137.192	112.80.137.179