112.80.136.25 - IPInfo

基本信息:

城市(city): Nanjing

省份(region): Jiangsu

国家(country): China

运营商(isp): China Unicom Jiangsu Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	The IP has triggered Cloudflare WAF. CF-Ray: 543405f8ef3b6cfe \| WAF_Rule_ID: 1112824 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: blog.skk.moe \| User-Agent: Mozilla/5.0 (Linux; U; Android 4.3; en-us; SM-N900T Build/JSS15J) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30 \| CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 03:33:44

类型

评论内容

时间

attack

The IP has triggered Cloudflare WAF. CF-Ray: 543405f8ef3b6cfe | WAF_Rule_ID: 1112824 | WAF_Kind: firewall | CF_Action: challenge | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: blog.skk.moe | User-Agent: Mozilla/5.0 (Linux; U; Android 4.3; en-us; SM-N900T Build/JSS15J) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30 | CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-12 03:33:44

相同子网IP讨论:

IP	类型	评论内容	时间
112.80.136.135	attackspam	Unauthorized connection attempt detected from IP address 112.80.136.135 to port 8088	2020-06-01 00:45:42
112.80.136.245	attack	Unauthorized connection attempt detected from IP address 112.80.136.245 to port 3389 [J]	2020-03-02 21:35:54
112.80.136.176	attack	Unauthorized connection attempt detected from IP address 112.80.136.176 to port 8081 [J]	2020-03-02 18:41:32
112.80.136.214	attackbotsspam	Unauthorized connection attempt detected from IP address 112.80.136.214 to port 9999 [T]	2020-01-10 09:22:18
112.80.136.219	attackspam	Unauthorized connection attempt detected from IP address 112.80.136.219 to port 8118	2020-01-02 21:21:29
112.80.136.8	attackspambots	The IP has triggered Cloudflare WAF. CF-Ray: 5415f75a7ae2288c \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: disqus.skk.moe \| User-Agent: Mozilla/5.077692140 Mozilla/5.0 (Windows NT 6.1; Trident/7.0; rv:11.0) like Gecko \| CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 04:38:18

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 112.80.136.25
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 54029
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;112.80.136.25.			IN	A

;; AUTHORITY SECTION:
.			542	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121101 1800 900 604800 86400

;; Query time: 123 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Dec 12 03:33:41 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 25.136.80.112.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 25.136.80.112.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
212.70.149.35	attackspambots	2020-07-23 17:35:23 dovecot_login authenticator failed for $User$ \[212.70.149.35\]: 535 Incorrect authentication data $set_id=revista@no-server.de$ 2020-07-23 17:40:22 dovecot_login authenticator failed for $User$ \[212.70.149.35\]: 535 Incorrect authentication data 2020-07-23 17:40:23 dovecot_login authenticator failed for $User$ \[212.70.149.35\]: 535 Incorrect authentication data 2020-07-23 17:42:51 dovecot_login authenticator failed for $User$ \[212.70.149.35\]: 535 Incorrect authentication data $set_id=oakland@no-server.de$ 2020-07-23 17:42:58 dovecot_login authenticator failed for $User$ \[212.70.149.35\]: 535 Incorrect authentication data $set_id=srv14@no-server.de$ ...	2020-07-23 23:55:32
5.196.158.24	attack	Auto Detect Rule! proto TCP (SYN), 5.196.158.24:51179->gjan.info:1433, len 40	2020-07-24 00:41:16
112.35.62.225	attack	Jul 23 17:20:18 vpn01 sshd[13524]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.35.62.225 Jul 23 17:20:20 vpn01 sshd[13524]: Failed password for invalid user nginx from 112.35.62.225 port 38874 ssh2 ...	2020-07-24 00:21:06
216.218.206.88	attack	firewall-block, port(s): 3389/tcp	2020-07-24 00:32:52
213.87.44.152	attack	Jul 23 15:29:43 server sshd[55355]: Failed password for invalid user ryan from 213.87.44.152 port 46104 ssh2 Jul 23 15:34:28 server sshd[57167]: Failed password for invalid user lsa from 213.87.44.152 port 33542 ssh2 Jul 23 15:39:11 server sshd[58969]: Failed password for invalid user frappe from 213.87.44.152 port 49196 ssh2	2020-07-23 23:56:51
37.214.40.60	attackbots	Unauthorized connection attempt from IP address 37.214.40.60 on Port 445(SMB)	2020-07-24 00:31:15
51.255.168.254	attackspam	2020-07-23T17:52:47.273884sd-86998 sshd[22015]: Invalid user er from 51.255.168.254 port 54736 2020-07-23T17:52:47.279218sd-86998 sshd[22015]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=254.ip-51-255-168.eu 2020-07-23T17:52:47.273884sd-86998 sshd[22015]: Invalid user er from 51.255.168.254 port 54736 2020-07-23T17:52:49.524278sd-86998 sshd[22015]: Failed password for invalid user er from 51.255.168.254 port 54736 ssh2 2020-07-23T17:54:42.108562sd-86998 sshd[22286]: Invalid user dsa from 51.255.168.254 port 58048 ...	2020-07-24 00:26:01
144.217.70.190	attack	144.217.70.190 - - [23/Jul/2020:16:19:56 +0200] "GET /wp-login.php HTTP/1.1" 200 6310 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 144.217.70.190 - - [23/Jul/2020:16:19:58 +0200] "POST /wp-login.php HTTP/1.1" 200 6561 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 144.217.70.190 - - [23/Jul/2020:16:19:59 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-07-24 00:06:32
85.57.172.252	attackbots	Unauthorized connection attempt from IP address 85.57.172.252 on Port 445(SMB)	2020-07-24 00:16:25
222.186.30.59	attackspam	Jul 23 21:11:49 gw1 sshd[17233]: Failed password for root from 222.186.30.59 port 56291 ssh2 Jul 23 21:11:52 gw1 sshd[17233]: Failed password for root from 222.186.30.59 port 56291 ssh2 ...	2020-07-24 00:26:29
181.206.76.66	attackspam	SMB Server BruteForce Attack	2020-07-24 00:20:34
78.188.15.227	attack	Port probing on unauthorized port 23	2020-07-24 00:07:39
192.144.218.46	attackbotsspam	Jul 23 11:09:23 firewall sshd[5312]: Invalid user admin from 192.144.218.46 Jul 23 11:09:25 firewall sshd[5312]: Failed password for invalid user admin from 192.144.218.46 port 54082 ssh2 Jul 23 11:13:34 firewall sshd[5370]: Invalid user ats from 192.144.218.46 ...	2020-07-24 00:39:08
165.22.187.76	attackspambots	TCP (SYN) 165.22.187.76:49152 -> port 12531, len 44	2020-07-24 00:40:42
193.112.48.79	attackspam	$f2bV_matches	2020-07-23 23:55:00

最近上报的IP列表

111.175.56.221	223.27.217.50	110.229.220.42	110.177.77.16
168.177.132.18	110.80.154.150	189.46.138.42	79.200.26.151
64.161.32.90	110.80.153.167	176.189.112.63	106.45.0.98
176.157.182.39	188.59.54.132	106.39.189.242	208.103.182.109
80.221.152.113	90.235.243.106	103.57.190.188	68.122.226.69