112.80.136.25 - IPInfo

Basic Info

City: Nanjing

Region: Jiangsu

Country: China

Internet Service Provider: China Unicom Jiangsu Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	The IP has triggered Cloudflare WAF. CF-Ray: 543405f8ef3b6cfe \| WAF_Rule_ID: 1112824 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: blog.skk.moe \| User-Agent: Mozilla/5.0 (Linux; U; Android 4.3; en-us; SM-N900T Build/JSS15J) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30 \| CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 03:33:44

Type

Details

Datetime

attack

The IP has triggered Cloudflare WAF. CF-Ray: 543405f8ef3b6cfe | WAF_Rule_ID: 1112824 | WAF_Kind: firewall | CF_Action: challenge | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: blog.skk.moe | User-Agent: Mozilla/5.0 (Linux; U; Android 4.3; en-us; SM-N900T Build/JSS15J) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30 | CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-12 03:33:44

Comments on same subnet:

IP	Type	Details	Datetime
112.80.136.135	attackspam	Unauthorized connection attempt detected from IP address 112.80.136.135 to port 8088	2020-06-01 00:45:42
112.80.136.245	attack	Unauthorized connection attempt detected from IP address 112.80.136.245 to port 3389 [J]	2020-03-02 21:35:54
112.80.136.176	attack	Unauthorized connection attempt detected from IP address 112.80.136.176 to port 8081 [J]	2020-03-02 18:41:32
112.80.136.214	attackbotsspam	Unauthorized connection attempt detected from IP address 112.80.136.214 to port 9999 [T]	2020-01-10 09:22:18
112.80.136.219	attackspam	Unauthorized connection attempt detected from IP address 112.80.136.219 to port 8118	2020-01-02 21:21:29
112.80.136.8	attackspambots	The IP has triggered Cloudflare WAF. CF-Ray: 5415f75a7ae2288c \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: disqus.skk.moe \| User-Agent: Mozilla/5.077692140 Mozilla/5.0 (Windows NT 6.1; Trident/7.0; rv:11.0) like Gecko \| CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 04:38:18

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 112.80.136.25
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 54029
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;112.80.136.25.			IN	A

;; AUTHORITY SECTION:
.			542	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121101 1800 900 604800 86400

;; Query time: 123 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Dec 12 03:33:41 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 25.136.80.112.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 25.136.80.112.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
111.223.140.238	attackspam	Unauthorized connection attempt from IP address 111.223.140.238 on Port 445(SMB)	2019-12-27 05:29:18
69.94.143.17	attackspambots	Dec 26 16:48:11 grey postfix/smtpd\[2043\]: NOQUEUE: reject: RCPT from tatter.nabhaa.com\[69.94.143.17\]: 554 5.7.1 Service unavailable\; Client host \[69.94.143.17\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[69.94.143.17\]\; from=\ to=\ proto=ESMTP helo=\ ...	2019-12-27 05:21:44
198.108.66.228	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-12-27 05:34:19
117.211.161.171	attack	SSH-bruteforce attempts	2019-12-27 05:14:25
183.82.3.248	attackbots	Dec 26 20:58:58 herz-der-gamer sshd[11151]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.82.3.248 user=mysql Dec 26 20:59:00 herz-der-gamer sshd[11151]: Failed password for mysql from 183.82.3.248 port 48616 ssh2 Dec 26 21:09:26 herz-der-gamer sshd[11362]: Invalid user rpc from 183.82.3.248 port 54638 ...	2019-12-27 05:00:43
118.143.198.3	attackspam	invalid user	2019-12-27 05:31:11
152.204.128.190	attack	2019-12-26 09:33:25 H=(tjscpa.com) [152.204.128.190]:41272 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.4, 127.0.0.3) (https://www.spamhaus.org/query/ip/152.204.128.190) 2019-12-26 09:33:26 H=(tjscpa.com) [152.204.128.190]:41272 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3, 127.0.0.4) (https://www.spamhaus.org/query/ip/152.204.128.190) 2019-12-26 09:33:29 H=(tjscpa.com) [152.204.128.190]:41272 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3, 127.0.0.4) (https://www.spamhaus.org/query/ip/152.204.128.190) ...	2019-12-27 05:02:39
45.117.82.166	attack	Thu Dec 26 16:47:35 2019 \[pid 27641\] \[elektron\] FTP response: Client "45.117.82.166", "530 Permission denied." Thu Dec 26 16:47:38 2019 \[pid 27646\] \[elektron.lv\] FTP response: Client "45.117.82.166", "530 Permission denied." Thu Dec 26 16:47:41 2019 \[pid 27648\] \[elektron\] FTP response: Client "45.117.82.166", "530 Permission denied."	2019-12-27 05:35:59
185.156.73.57	attack	firewall-block, port(s): 3839/tcp, 5555/tcp, 6818/tcp, 7200/tcp, 33933/tcp, 59999/tcp	2019-12-27 05:35:41
79.112.8.2	attack	firewall-block, port(s): 8181/tcp, 60001/tcp	2019-12-27 05:34:02
206.81.7.42	attackspambots	Dec 26 19:02:08 ns381471 sshd[28445]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.81.7.42 Dec 26 19:02:09 ns381471 sshd[28445]: Failed password for invalid user chilin from 206.81.7.42 port 46628 ssh2	2019-12-27 05:06:01
141.101.143.17	attackbotsspam	(From kozak.lurlene@gmail.com) https://www.monkeydigital.io/product/edu-backlinks/	2019-12-27 05:11:37
198.108.66.25	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-12-27 05:26:55
188.121.57.35	attackbotsspam	Port scan on 1 port(s): 21	2019-12-27 05:23:28
90.49.248.244	attackbotsspam	ssh failed login	2019-12-27 05:00:20

Recently Reported IPs

111.175.56.221	223.27.217.50	110.229.220.42	110.177.77.16
168.177.132.18	110.80.154.150	189.46.138.42	79.200.26.151
64.161.32.90	110.80.153.167	176.189.112.63	106.45.0.98
176.157.182.39	188.59.54.132	106.39.189.242	208.103.182.109
80.221.152.113	90.235.243.106	103.57.190.188	68.122.226.69