Must be a valid IPv4 or IPv6 ip address, e.g. 127.0.0.1 or 2001:DB8:0:0:8:800:200C:417A
Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: China Unicom Jiangsu Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:
Type Details Datetime
attack
Unauthorized connection attempt detected from IP address 112.80.136.245 to port 3389 [J]
2020-03-02 21:35:54
Comments on same subnet:
IP Type Details Datetime
112.80.136.135 attackspam
Unauthorized connection attempt detected from IP address 112.80.136.135 to port 8088
2020-06-01 00:45:42
112.80.136.176 attack
Unauthorized connection attempt detected from IP address 112.80.136.176 to port 8081 [J]
2020-03-02 18:41:32
112.80.136.214 attackbotsspam
Unauthorized connection attempt detected from IP address 112.80.136.214 to port 9999 [T]
2020-01-10 09:22:18
112.80.136.219 attackspam
Unauthorized connection attempt detected from IP address 112.80.136.219 to port 8118
2020-01-02 21:21:29
112.80.136.25 attack
The IP has triggered Cloudflare WAF. CF-Ray: 543405f8ef3b6cfe | WAF_Rule_ID: 1112824 | WAF_Kind: firewall | CF_Action: challenge | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: blog.skk.moe | User-Agent: Mozilla/5.0 (Linux; U; Android 4.3; en-us; SM-N900T Build/JSS15J) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30 | CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).
2019-12-12 03:33:44
112.80.136.8 attackspambots
The IP has triggered Cloudflare WAF. CF-Ray: 5415f75a7ae2288c | WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 | WAF_Kind: firewall | CF_Action: challenge | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: disqus.skk.moe | User-Agent: Mozilla/5.077692140 Mozilla/5.0 (Windows NT 6.1; Trident/7.0; rv:11.0) like Gecko | CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).
2019-12-08 04:38:18
Whois info:
b
Dig info:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 112.80.136.245
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26673
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;112.80.136.245.			IN	A

;; AUTHORITY SECTION:
.			298	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020030200 1800 900 604800 86400

;; Query time: 364 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Mar 02 21:35:49 CST 2020
;; MSG SIZE  rcvd: 118
Host info
Host 245.136.80.112.in-addr.arpa. not found: 3(NXDOMAIN)
Nslookup info:
Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 245.136.80.112.in-addr.arpa: NXDOMAIN
Related IP info:
Related comments:
IP Type Details Datetime
140.143.122.13 attack
Jun 20 05:55:09 amit sshd\[5007\]: Invalid user todus from 140.143.122.13
Jun 20 05:55:09 amit sshd\[5007\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.122.13
Jun 20 05:55:10 amit sshd\[5007\]: Failed password for invalid user todus from 140.143.122.13 port 39734 ssh2
...
2020-06-20 13:07:56
51.145.128.128 attackbots
Invalid user test from 51.145.128.128 port 58718
2020-06-20 13:03:42
142.93.223.25 attack
Jun 20 06:47:49 ift sshd\[33992\]: Invalid user test from 142.93.223.25Jun 20 06:47:51 ift sshd\[33992\]: Failed password for invalid user test from 142.93.223.25 port 49120 ssh2Jun 20 06:51:26 ift sshd\[34517\]: Invalid user sinusbot from 142.93.223.25Jun 20 06:51:28 ift sshd\[34517\]: Failed password for invalid user sinusbot from 142.93.223.25 port 49200 ssh2Jun 20 06:55:02 ift sshd\[34757\]: Invalid user priya from 142.93.223.25
...
2020-06-20 13:14:03
49.234.212.177 attackspambots
Jun 19 23:55:03 Tower sshd[7450]: Connection from 49.234.212.177 port 52122 on 192.168.10.220 port 22 rdomain ""
Jun 19 23:55:08 Tower sshd[7450]: Failed password for root from 49.234.212.177 port 52122 ssh2
Jun 19 23:55:09 Tower sshd[7450]: Received disconnect from 49.234.212.177 port 52122:11: Bye Bye [preauth]
Jun 19 23:55:09 Tower sshd[7450]: Disconnected from authenticating user root 49.234.212.177 port 52122 [preauth]
2020-06-20 12:51:41
114.237.109.32 attackbots
2020-06-20 12:37:34
168.194.207.58 attack
Jun 20 04:32:43 vps1 sshd[1759605]: Invalid user vps from 168.194.207.58 port 48157
Jun 20 04:32:45 vps1 sshd[1759605]: Failed password for invalid user vps from 168.194.207.58 port 48157 ssh2
...
2020-06-20 13:04:57
106.54.184.153 attackspam
Invalid user lishuai from 106.54.184.153 port 41794
2020-06-20 12:48:51
110.184.11.29 attackbotsspam
1592625359 - 06/20/2020 05:55:59 Host: 110.184.11.29/110.184.11.29 Port: 445 TCP Blocked
2020-06-20 12:34:30
146.185.163.81 attackspam
10 attempts against mh-misc-ban on heat
2020-06-20 13:12:31
45.148.10.141 attackbots
SRC=45.148.10.141 DST=162.224.109.xxx TTL=240 PROTO=TCP DPT=8089 Drop Unknown Incoming Packet
2020-06-20 13:10:44
178.246.45.198 attackspambots
20/6/19@23:55:22: FAIL: Alarm-Network address from=178.246.45.198
20/6/19@23:55:23: FAIL: Alarm-Network address from=178.246.45.198
...
2020-06-20 12:59:28
142.93.124.210 attackbotsspam
HTTP DDOS
2020-06-20 13:12:46
222.134.240.219 attack
2020-06-20T05:54:45.190626www postfix/smtpd[18377]: warning: unknown[222.134.240.219]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
2020-06-20T05:55:00.155205www postfix/smtpd[18377]: warning: unknown[222.134.240.219]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
2020-06-20T05:55:14.102182www postfix/smtpd[18377]: warning: unknown[222.134.240.219]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
...
2020-06-20 13:07:07
192.99.5.94 attackspambots
192.99.5.94 - - [20/Jun/2020:05:21:38 +0100] "POST /wp-login.php HTTP/1.1" 200 5603 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36"
192.99.5.94 - - [20/Jun/2020:05:23:42 +0100] "POST /wp-login.php HTTP/1.1" 200 5603 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36"
192.99.5.94 - - [20/Jun/2020:05:26:21 +0100] "POST /wp-login.php HTTP/1.1" 200 5603 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36"
...
2020-06-20 12:43:38
115.84.91.78 attack
Dovecot Invalid User Login Attempt.
2020-06-20 13:08:12

Recently Reported IPs

53.103.77.48 4.47.77.196 137.6.167.80 65.76.174.0
112.66.96.51 96.34.41.150 91.108.162.30 105.56.48.3
89.137.59.135 122.89.105.101 204.137.178.232 98.51.184.132
23.246.208.160 218.250.80.34 35.203.176.155 125.55.97.241
218.147.27.169 178.109.5.143 222.124.80.253 93.201.22.86