112.80.136.25 - IPInfo

Basic Info

City: Nanjing

Region: Jiangsu

Country: China

Internet Service Provider: China Unicom Jiangsu Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	The IP has triggered Cloudflare WAF. CF-Ray: 543405f8ef3b6cfe \| WAF_Rule_ID: 1112824 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: blog.skk.moe \| User-Agent: Mozilla/5.0 (Linux; U; Android 4.3; en-us; SM-N900T Build/JSS15J) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30 \| CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 03:33:44

Type

Details

Datetime

attack

The IP has triggered Cloudflare WAF. CF-Ray: 543405f8ef3b6cfe | WAF_Rule_ID: 1112824 | WAF_Kind: firewall | CF_Action: challenge | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: blog.skk.moe | User-Agent: Mozilla/5.0 (Linux; U; Android 4.3; en-us; SM-N900T Build/JSS15J) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30 | CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-12 03:33:44

Comments on same subnet:

IP	Type	Details	Datetime
112.80.136.135	attackspam	Unauthorized connection attempt detected from IP address 112.80.136.135 to port 8088	2020-06-01 00:45:42
112.80.136.245	attack	Unauthorized connection attempt detected from IP address 112.80.136.245 to port 3389 [J]	2020-03-02 21:35:54
112.80.136.176	attack	Unauthorized connection attempt detected from IP address 112.80.136.176 to port 8081 [J]	2020-03-02 18:41:32
112.80.136.214	attackbotsspam	Unauthorized connection attempt detected from IP address 112.80.136.214 to port 9999 [T]	2020-01-10 09:22:18
112.80.136.219	attackspam	Unauthorized connection attempt detected from IP address 112.80.136.219 to port 8118	2020-01-02 21:21:29
112.80.136.8	attackspambots	The IP has triggered Cloudflare WAF. CF-Ray: 5415f75a7ae2288c \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: disqus.skk.moe \| User-Agent: Mozilla/5.077692140 Mozilla/5.0 (Windows NT 6.1; Trident/7.0; rv:11.0) like Gecko \| CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 04:38:18

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 112.80.136.25
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 54029
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;112.80.136.25.			IN	A

;; AUTHORITY SECTION:
.			542	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121101 1800 900 604800 86400

;; Query time: 123 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Dec 12 03:33:41 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 25.136.80.112.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 25.136.80.112.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
52.136.238.53	attackspambots	Sep 7 13:12:02 game-panel sshd[13295]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.136.238.53 Sep 7 13:12:04 game-panel sshd[13295]: Failed password for invalid user test from 52.136.238.53 port 41100 ssh2 Sep 7 13:17:45 game-panel sshd[13499]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.136.238.53	2019-09-07 21:29:13
128.199.136.129	attackspambots	Sep 7 14:07:07 XXX sshd[58778]: Invalid user ofsaa from 128.199.136.129 port 45576	2019-09-07 21:44:43
35.197.113.177	attack	CloudCIX Reconnaissance Scan Detected, PTR: 177.113.197.35.bc.googleusercontent.com.	2019-09-07 21:58:09
103.215.221.159	attack	Sep 7 06:47:50 Tower sshd[26137]: Connection from 103.215.221.159 port 51626 on 192.168.10.220 port 22 Sep 7 06:48:30 Tower sshd[26137]: Invalid user testsftp from 103.215.221.159 port 51626 Sep 7 06:48:30 Tower sshd[26137]: error: Could not get shadow information for NOUSER Sep 7 06:48:30 Tower sshd[26137]: Failed password for invalid user testsftp from 103.215.221.159 port 51626 ssh2 Sep 7 06:48:30 Tower sshd[26137]: Received disconnect from 103.215.221.159 port 51626:11: Bye Bye [preauth] Sep 7 06:48:30 Tower sshd[26137]: Disconnected from invalid user testsftp 103.215.221.159 port 51626 [preauth]	2019-09-07 22:31:33
134.209.35.183	attackbotsspam	Sep 7 15:39:42 localhost sshd\[17412\]: Invalid user qwerty from 134.209.35.183 port 50121 Sep 7 15:39:42 localhost sshd\[17412\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.35.183 Sep 7 15:39:44 localhost sshd\[17412\]: Failed password for invalid user qwerty from 134.209.35.183 port 50121 ssh2	2019-09-07 21:40:34
139.59.128.97	attackbotsspam	Sep 7 02:24:03 hpm sshd\[27460\]: Invalid user mc from 139.59.128.97 Sep 7 02:24:03 hpm sshd\[27460\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=labs2.armadilloamarillo.com Sep 7 02:24:05 hpm sshd\[27460\]: Failed password for invalid user mc from 139.59.128.97 port 47032 ssh2 Sep 7 02:28:11 hpm sshd\[27793\]: Invalid user rstudio from 139.59.128.97 Sep 7 02:28:11 hpm sshd\[27793\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=labs2.armadilloamarillo.com	2019-09-07 21:56:04
79.36.214.171	attackspam	Sep 7 07:38:21 TORMINT sshd\[21646\]: Invalid user awt from 79.36.214.171 Sep 7 07:38:21 TORMINT sshd\[21646\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.36.214.171 Sep 7 07:38:23 TORMINT sshd\[21646\]: Failed password for invalid user awt from 79.36.214.171 port 54856 ssh2 ...	2019-09-07 21:47:00
117.50.20.112	attack	Sep 7 14:58:42 saschabauer sshd[24459]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.20.112 Sep 7 14:58:45 saschabauer sshd[24459]: Failed password for invalid user alex from 117.50.20.112 port 51784 ssh2	2019-09-07 22:07:37
37.187.26.207	attackspambots	Sep 7 15:40:54 SilenceServices sshd[19650]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.187.26.207 Sep 7 15:40:56 SilenceServices sshd[19650]: Failed password for invalid user teamspeak3 from 37.187.26.207 port 54266 ssh2 Sep 7 15:44:49 SilenceServices sshd[21073]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.187.26.207	2019-09-07 21:47:28
221.162.255.74	attackspam	Sep 7 07:28:00 TORMINT sshd\[20792\]: Invalid user saslauth from 221.162.255.74 Sep 7 07:28:00 TORMINT sshd\[20792\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.162.255.74 Sep 7 07:28:01 TORMINT sshd\[20792\]: Failed password for invalid user saslauth from 221.162.255.74 port 36382 ssh2 ...	2019-09-07 21:33:48
51.255.30.22	attack	Sep 7 15:22:08 SilenceServices sshd[12624]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.255.30.22 Sep 7 15:22:11 SilenceServices sshd[12624]: Failed password for invalid user test from 51.255.30.22 port 43638 ssh2 Sep 7 15:26:08 SilenceServices sshd[14084]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.255.30.22	2019-09-07 21:45:36
137.74.115.225	attackbotsspam	Automatic report - Banned IP Access	2019-09-07 22:37:02
159.65.109.148	attackbotsspam	Sep 7 03:09:27 kapalua sshd\[23907\]: Invalid user uftp from 159.65.109.148 Sep 7 03:09:27 kapalua sshd\[23907\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.109.148 Sep 7 03:09:30 kapalua sshd\[23907\]: Failed password for invalid user uftp from 159.65.109.148 port 39826 ssh2 Sep 7 03:13:02 kapalua sshd\[24222\]: Invalid user buildbot from 159.65.109.148 Sep 7 03:13:02 kapalua sshd\[24222\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.109.148	2019-09-07 21:38:13
101.109.83.140	attackbots	Sep 7 15:47:11 eventyay sshd[3158]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.109.83.140 Sep 7 15:47:13 eventyay sshd[3158]: Failed password for invalid user nagios from 101.109.83.140 port 59158 ssh2 Sep 7 15:53:10 eventyay sshd[3291]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.109.83.140 ...	2019-09-07 22:10:16
115.186.148.38	attack	Sep 7 15:41:07 eventyay sshd[2980]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.186.148.38 Sep 7 15:41:08 eventyay sshd[2980]: Failed password for invalid user tempo from 115.186.148.38 port 47463 ssh2 Sep 7 15:46:36 eventyay sshd[3133]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.186.148.38 ...	2019-09-07 21:51:45

Recently Reported IPs

111.175.56.221	223.27.217.50	110.229.220.42	110.177.77.16
168.177.132.18	110.80.154.150	189.46.138.42	79.200.26.151
64.161.32.90	110.80.153.167	176.189.112.63	106.45.0.98
176.157.182.39	188.59.54.132	106.39.189.242	208.103.182.109
80.221.152.113	90.235.243.106	103.57.190.188	68.122.226.69