112.80.137.51 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
112.80.137.153	attackspambots	Web Server Scan. RayID: 590c5cc7ee296e42, UA: Mozilla/4.049897920 Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729), Country: CN	2020-05-21 04:11:37
112.80.137.72	attack	Unauthorized connection attempt detected from IP address 112.80.137.72 to port 22 [J]	2020-03-02 19:32:51
112.80.137.30	attackspam	Unauthorized connection attempt detected from IP address 112.80.137.30 to port 9991 [T]	2020-01-27 15:42:09
112.80.137.97	attackbotsspam	Unauthorized connection attempt detected from IP address 112.80.137.97 to port 8081 [T]	2020-01-10 08:56:25
112.80.137.144	attack	CN_APNIC-HM_<177>1578575004 [1:2013053:1] ET WEB_SERVER PyCurl Suspicious User Agent Inbound [Classification: Attempted Information Leak] [Priority: 2]: {TCP} 112.80.137.144:59730	2020-01-10 03:04:32
112.80.137.119	attackspam	Unauthorized connection attempt detected from IP address 112.80.137.119 to port 3128	2019-12-31 08:08:24
112.80.137.14	attackbots	HTTP/80/443 Probe, BF, WP, Hack -	2019-12-26 05:16:33
112.80.137.34	attackspam	The IP has triggered Cloudflare WAF. CF-Ray: 54101e30ae016e18 \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: theme-suka.skk.moe \| User-Agent: Mozilla/5.051975669 Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36 \| CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 06:43:04
112.80.137.117	attack	The IP has triggered Cloudflare WAF. CF-Ray: 54147ae5dbc76bb4 \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: d.skk.moe \| User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Mobile Safari/537.36 \| CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 06:04:43
112.80.137.189	attackspambots	The IP has triggered Cloudflare WAF. CF-Ray: 541570716d3c9641 \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: d.skk.moe \| User-Agent: Mozilla/5.062334851 Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36 \| CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 05:07:54
112.80.137.13	attackbots	The IP has triggered Cloudflare WAF. CF-Ray: 541062388e246c56 \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: d.skk.moe \| User-Agent: Mozilla/5.051975669 Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36 \| CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 03:17:30
112.80.137.39	attackbotsspam	The IP has triggered Cloudflare WAF. CF-Ray: 54104ef0f857ed47 \| WAF_Rule_ID: 1025440 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: blog.skk.moe \| User-Agent: Mozilla/5.0 (iPad; CPU OS 9_1 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Version/9.0 Mobile/13B143 Safari/601.1 \| CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 01:34:56

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 112.80.137.51
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17512
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;112.80.137.51.			IN	A

;; AUTHORITY SECTION:
.			151	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021202 1800 900 604800 86400

;; Query time: 109 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 13 13:33:22 CST 2022
;; MSG SIZE  rcvd: 106

Host info

Host 51.137.80.112.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 51.137.80.112.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
105.96.15.104	attack	1577946470 - 01/02/2020 07:27:50 Host: 105.96.15.104/105.96.15.104 Port: 445 TCP Blocked	2020-01-02 16:59:36
80.211.177.213	attack	$f2bV_matches	2020-01-02 16:43:31
119.90.61.10	attackspam	Jan 2 08:07:04 silence02 sshd[19990]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.90.61.10 Jan 2 08:07:06 silence02 sshd[19990]: Failed password for invalid user http from 119.90.61.10 port 36806 ssh2 Jan 2 08:09:26 silence02 sshd[20081]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.90.61.10	2020-01-02 16:46:41
112.85.42.173	attackspam	Dec 22 04:17:51 microserver sshd[32111]: Failed none for root from 112.85.42.173 port 38766 ssh2 Dec 22 04:17:52 microserver sshd[32111]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.173 user=root Dec 22 04:17:54 microserver sshd[32111]: Failed password for root from 112.85.42.173 port 38766 ssh2 Dec 22 04:17:56 microserver sshd[32111]: Failed password for root from 112.85.42.173 port 38766 ssh2 Dec 22 04:18:00 microserver sshd[32111]: Failed password for root from 112.85.42.173 port 38766 ssh2 Dec 22 09:28:27 microserver sshd[12904]: Failed none for root from 112.85.42.173 port 23420 ssh2 Dec 22 09:28:27 microserver sshd[12904]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.173 user=root Dec 22 09:28:29 microserver sshd[12904]: Failed password for root from 112.85.42.173 port 23420 ssh2 Dec 22 09:28:33 microserver sshd[12904]: Failed password for root from 112.85.42.173 port 23420 ssh2 Dec 22 09:28:37 m	2020-01-02 16:31:22
45.80.65.1	attackspam	Dec 30 01:16:29 nbi-636 sshd[1962]: Invalid user rpc from 45.80.65.1 port 35730 Dec 30 01:16:31 nbi-636 sshd[1962]: Failed password for invalid user rpc from 45.80.65.1 port 35730 ssh2 Dec 30 01:16:31 nbi-636 sshd[1962]: Received disconnect from 45.80.65.1 port 35730:11: Bye Bye [preauth] Dec 30 01:16:31 nbi-636 sshd[1962]: Disconnected from 45.80.65.1 port 35730 [preauth] Dec 30 01:25:12 nbi-636 sshd[3959]: User r.r from 45.80.65.1 not allowed because not listed in AllowUsers Dec 30 01:25:12 nbi-636 sshd[3959]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.80.65.1 user=r.r Dec 30 01:25:13 nbi-636 sshd[3959]: Failed password for invalid user r.r from 45.80.65.1 port 37078 ssh2 Dec 30 01:25:13 nbi-636 sshd[3959]: Received disconnect from 45.80.65.1 port 37078:11: Bye Bye [preauth] Dec 30 01:25:13 nbi-636 sshd[3959]: Disconnected from 45.80.65.1 port 37078 [preauth] Dec 30 01:27:38 nbi-636 sshd[4359]: Invalid user nanett from ........ -------------------------------	2020-01-02 17:00:24
124.128.46.50	attack	RDP brute force attack detected by fail2ban	2020-01-02 16:58:20
36.65.100.18	attack	Host Scan	2020-01-02 16:35:14
103.48.83.128	attack	01/02/2020-01:28:18.784544 103.48.83.128 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2020-01-02 16:39:34
117.239.56.146	attackbotsspam	firewall-block, port(s): 1433/tcp	2020-01-02 16:52:51
45.55.145.31	attack	$f2bV_matches	2020-01-02 16:36:13
51.75.23.242	attack	Invalid user fabio from 51.75.23.242 port 36700	2020-01-02 16:52:36
185.176.27.118	attackspam	01/02/2020-03:30:58.902976 185.176.27.118 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-01-02 16:32:32
106.51.153.9	attackspam	Honeypot attack, port: 445, PTR: broadband.actcorp.in.	2020-01-02 16:33:14
122.155.11.89	attackspambots	Jan 2 09:17:50 server sshd\[3969\]: Invalid user stmoe from 122.155.11.89 Jan 2 09:17:50 server sshd\[3969\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.155.11.89 Jan 2 09:17:52 server sshd\[3969\]: Failed password for invalid user stmoe from 122.155.11.89 port 43352 ssh2 Jan 2 09:28:31 server sshd\[5699\]: Invalid user pidge from 122.155.11.89 Jan 2 09:28:31 server sshd\[5699\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.155.11.89 ...	2020-01-02 16:27:14
51.38.112.45	attackbots	Dec 31 11:01:08 serwer sshd\[27834\]: Invalid user roswitha from 51.38.112.45 port 40410 Dec 31 11:01:08 serwer sshd\[27834\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.112.45 Dec 31 11:01:10 serwer sshd\[27834\]: Failed password for invalid user roswitha from 51.38.112.45 port 40410 ssh2 ...	2020-01-02 16:59:18

Recently Reported IPs

112.80.137.45	112.80.137.60	112.80.137.48	112.80.137.54
112.80.137.86	112.80.138.103	112.80.138.105	112.80.137.69
112.80.138.130	112.80.137.78	112.80.138.141	112.80.138.138
112.80.138.117	112.80.138.151	112.80.138.191	112.80.138.209
112.80.138.250	112.80.138.29	112.80.138.162	112.80.138.48