106.12.80.87 - IPInfo

基本信息:

城市(city): unknown

省份(region): Beijing

国家(country): China

运营商(isp): Beijing Baidu Netcom Science and Technology Co. Ltd.

主机名(hostname): unknown

机构(organization): Beijing Baidu Netcom Science and Technology Co., Ltd.

使用类型(Usage Type): Search Engine Spider

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Dec 1 14:42:40 php1 sshd\[13761\]: Invalid user admin from 106.12.80.87 Dec 1 14:42:40 php1 sshd\[13761\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.80.87 Dec 1 14:42:42 php1 sshd\[13761\]: Failed password for invalid user admin from 106.12.80.87 port 52250 ssh2 Dec 1 14:49:30 php1 sshd\[14627\]: Invalid user smmsp from 106.12.80.87 Dec 1 14:49:30 php1 sshd\[14627\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.80.87	2019-12-02 08:59:54
attackbots	SSH Brute-Force reported by Fail2Ban	2019-11-27 19:21:16
attackbots	CyberHackers.eu > SSH Bruteforce attempt!	2019-11-27 09:00:32
attackbotsspam	2019-11-22T23:27:26.314918abusebot-5.cloudsearch.cf sshd\[2879\]: Invalid user administrator from 106.12.80.87 port 49034	2019-11-23 07:58:44
attack	2019-10-22T04:28:12.176170abusebot-5.cloudsearch.cf sshd\[14391\]: Invalid user support from 106.12.80.87 port 60694	2019-10-22 15:07:25
attackbotsspam	Oct 5 00:09:23 plusreed sshd[27966]: Invalid user gp from 106.12.80.87 ...	2019-10-05 14:44:38
attack	Lines containing failures of 106.12.80.87 Sep 30 14:00:54 dns01 sshd[22721]: Invalid user usuario from 106.12.80.87 port 41320 Sep 30 14:00:54 dns01 sshd[22721]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.80.87 Sep 30 14:00:56 dns01 sshd[22721]: Failed password for invalid user usuario from 106.12.80.87 port 41320 ssh2 Sep 30 14:00:56 dns01 sshd[22721]: Received disconnect from 106.12.80.87 port 41320:11: Bye Bye [preauth] Sep 30 14:00:56 dns01 sshd[22721]: Disconnected from invalid user usuario 106.12.80.87 port 41320 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=106.12.80.87	2019-10-04 06:29:51
attackspambots	Automatic report - Banned IP Access	2019-10-01 02:29:55
attackbots	Sep 21 00:57:35 plusreed sshd[1533]: Invalid user ayden from 106.12.80.87 ...	2019-09-21 16:55:13
attackspam	Sep 16 16:18:40 TORMINT sshd\[3953\]: Invalid user factoria from 106.12.80.87 Sep 16 16:18:40 TORMINT sshd\[3953\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.80.87 Sep 16 16:18:42 TORMINT sshd\[3953\]: Failed password for invalid user factoria from 106.12.80.87 port 44062 ssh2 ...	2019-09-17 05:28:12
attack	Sep 11 10:50:20 aiointranet sshd\[15539\]: Invalid user user3 from 106.12.80.87 Sep 11 10:50:20 aiointranet sshd\[15539\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.80.87 Sep 11 10:50:22 aiointranet sshd\[15539\]: Failed password for invalid user user3 from 106.12.80.87 port 57078 ssh2 Sep 11 10:52:46 aiointranet sshd\[15712\]: Invalid user student from 106.12.80.87 Sep 11 10:52:46 aiointranet sshd\[15712\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.80.87	2019-09-12 04:56:15
attack	Sep 3 10:52:46 lcdev sshd\[30488\]: Invalid user nishant from 106.12.80.87 Sep 3 10:52:46 lcdev sshd\[30488\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.80.87 Sep 3 10:52:48 lcdev sshd\[30488\]: Failed password for invalid user nishant from 106.12.80.87 port 49236 ssh2 Sep 3 10:55:27 lcdev sshd\[30734\]: Invalid user scan from 106.12.80.87 Sep 3 10:55:27 lcdev sshd\[30734\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.80.87	2019-09-04 07:14:21
attackspam	$f2bV_matches	2019-08-27 11:21:54
attackbotsspam	Aug 14 15:10:29 bouncer sshd\[12019\]: Invalid user ftp from 106.12.80.87 port 38698 Aug 14 15:10:29 bouncer sshd\[12019\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.80.87 Aug 14 15:10:31 bouncer sshd\[12019\]: Failed password for invalid user ftp from 106.12.80.87 port 38698 ssh2 ...	2019-08-15 00:13:05
attack	Aug 12 08:36:59 microserver sshd[28078]: Invalid user sef from 106.12.80.87 port 58916 Aug 12 08:36:59 microserver sshd[28078]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.80.87 Aug 12 08:37:00 microserver sshd[28078]: Failed password for invalid user sef from 106.12.80.87 port 58916 ssh2 Aug 12 08:42:12 microserver sshd[28725]: Invalid user sonar from 106.12.80.87 port 51146 Aug 12 08:42:12 microserver sshd[28725]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.80.87 Aug 12 08:52:40 microserver sshd[30019]: Invalid user bluecore from 106.12.80.87 port 35618 Aug 12 08:52:40 microserver sshd[30019]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.80.87 Aug 12 08:52:42 microserver sshd[30019]: Failed password for invalid user bluecore from 106.12.80.87 port 35618 ssh2 Aug 12 08:57:54 microserver sshd[30665]: Invalid user zk from 106.12.80.87 port 56090 Aug 12 08:57:54	2019-08-12 17:23:34
attackbotsspam	ssh failed login	2019-08-10 11:25:34
attackspambots	Aug 7 08:58:06 vpn01 sshd\[4438\]: Invalid user test from 106.12.80.87 Aug 7 08:58:06 vpn01 sshd\[4438\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.80.87 Aug 7 08:58:08 vpn01 sshd\[4438\]: Failed password for invalid user test from 106.12.80.87 port 50748 ssh2	2019-08-07 18:52:44
attack	Jun 4 02:30:28 ubuntu sshd[18165]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.80.87 Jun 4 02:30:31 ubuntu sshd[18165]: Failed password for invalid user web from 106.12.80.87 port 41836 ssh2 Jun 4 02:32:47 ubuntu sshd[18230]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.80.87	2019-07-31 16:26:02
attackspam	Triggered by Fail2Ban at Ares web server	2019-06-29 23:15:10

相同子网IP讨论:

IP	类型	评论内容	时间
106.12.80.246	attack	Port scan denied	2020-08-24 14:17:24
106.12.80.246	attackbotsspam	2020-08-18T00:22:54.551625vps773228.ovh.net sshd[5721]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.80.246 2020-08-18T00:22:54.534006vps773228.ovh.net sshd[5721]: Invalid user guest from 106.12.80.246 port 16588 2020-08-18T00:22:56.213108vps773228.ovh.net sshd[5721]: Failed password for invalid user guest from 106.12.80.246 port 16588 ssh2 2020-08-18T00:28:46.461957vps773228.ovh.net sshd[5820]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.80.246 user=root 2020-08-18T00:28:48.449410vps773228.ovh.net sshd[5820]: Failed password for root from 106.12.80.246 port 19193 ssh2 ...	2020-08-18 07:28:52
106.12.80.246	attack	Port scan denied	2020-08-14 14:32:29
106.12.80.62	attackbotsspam	1596055655 - 07/30/2020 03:47:35 Host: 106.12.80.62/106.12.80.62 Port: 6379 TCP Blocked ...	2020-07-30 06:10:14
106.12.80.246	attack	Invalid user nuevo from 106.12.80.246 port 17941	2020-06-21 18:14:34
106.12.80.246	attackspam	SASL PLAIN auth failed: ruser=...	2020-06-06 06:45:47
106.12.80.138	attack	2020-05-26T14:38:59.062339 sshd[20443]: Invalid user uplink from 106.12.80.138 port 57132 2020-05-26T14:38:59.077545 sshd[20443]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.80.138 2020-05-26T14:38:59.062339 sshd[20443]: Invalid user uplink from 106.12.80.138 port 57132 2020-05-26T14:39:00.517458 sshd[20443]: Failed password for invalid user uplink from 106.12.80.138 port 57132 ssh2 ...	2020-05-26 21:21:05
106.12.80.246	attack	May 16 04:41:23 PorscheCustomer sshd[22082]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.80.246 May 16 04:41:25 PorscheCustomer sshd[22082]: Failed password for invalid user test from 106.12.80.246 port 63341 ssh2 May 16 04:46:44 PorscheCustomer sshd[22277]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.80.246 ...	2020-05-16 19:24:23
106.12.80.138	attackspam	2020-05-14T14:20:11.1675111240 sshd\[2038\]: Invalid user support from 106.12.80.138 port 47392 2020-05-14T14:20:11.1723681240 sshd\[2038\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.80.138 2020-05-14T14:20:13.1762671240 sshd\[2038\]: Failed password for invalid user support from 106.12.80.138 port 47392 ssh2 ...	2020-05-15 04:09:14
106.12.80.246	attack	$f2bV_matches	2020-05-14 18:31:34
106.12.80.246	attack	$f2bV_matches	2020-05-12 13:55:55
106.12.80.246	attackspam	May 8 16:15:28 dev0-dcde-rnet sshd[27599]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.80.246 May 8 16:15:30 dev0-dcde-rnet sshd[27599]: Failed password for invalid user deb from 106.12.80.246 port 38886 ssh2 May 8 16:21:35 dev0-dcde-rnet sshd[27647]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.80.246	2020-05-08 22:54:39
106.12.80.138	attack	May 8 04:58:25 pi sshd[16206]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.80.138 May 8 04:58:27 pi sshd[16206]: Failed password for invalid user ghost from 106.12.80.138 port 33596 ssh2	2020-05-08 12:32:42
106.12.80.138	attackspam	May 5 01:14:26 haigwepa sshd[1796]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.80.138 May 5 01:14:28 haigwepa sshd[1796]: Failed password for invalid user sm from 106.12.80.138 port 45738 ssh2 ...	2020-05-05 07:22:45
106.12.80.138	attackspambots	2020-04-21T03:52:16.895090abusebot.cloudsearch.cf sshd[4800]: Invalid user oracle from 106.12.80.138 port 42120 2020-04-21T03:52:16.900642abusebot.cloudsearch.cf sshd[4800]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.80.138 2020-04-21T03:52:16.895090abusebot.cloudsearch.cf sshd[4800]: Invalid user oracle from 106.12.80.138 port 42120 2020-04-21T03:52:18.599970abusebot.cloudsearch.cf sshd[4800]: Failed password for invalid user oracle from 106.12.80.138 port 42120 ssh2 2020-04-21T03:57:37.069271abusebot.cloudsearch.cf sshd[5117]: Invalid user rz from 106.12.80.138 port 50160 2020-04-21T03:57:37.075008abusebot.cloudsearch.cf sshd[5117]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.80.138 2020-04-21T03:57:37.069271abusebot.cloudsearch.cf sshd[5117]: Invalid user rz from 106.12.80.138 port 50160 2020-04-21T03:57:38.844263abusebot.cloudsearch.cf sshd[5117]: Failed password for invalid user ...	2020-04-21 12:09:37

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.12.80.87
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44636
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.12.80.87.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040201 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Wed Apr 03 10:13:38 +08 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 87.80.12.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 87.80.12.106.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
121.144.177.230	attack	Honeypot attack, port: 5555, PTR: PTR record not found	2020-03-05 03:00:57
167.114.3.105	attackspambots	Mar 4 20:33:21 lukav-desktop sshd\[13191\]: Invalid user minecraft from 167.114.3.105 Mar 4 20:33:21 lukav-desktop sshd\[13191\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.114.3.105 Mar 4 20:33:23 lukav-desktop sshd\[13191\]: Failed password for invalid user minecraft from 167.114.3.105 port 39396 ssh2 Mar 4 20:41:24 lukav-desktop sshd\[13276\]: Invalid user dping from 167.114.3.105 Mar 4 20:41:24 lukav-desktop sshd\[13276\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.114.3.105	2020-03-05 02:57:57
200.85.214.149	attack	suspicious action Wed, 04 Mar 2020 10:33:41 -0300	2020-03-05 03:18:16
5.237.9.30	attackbotsspam	Port probing on unauthorized port 445	2020-03-05 03:27:20
177.71.34.178	attack	attempted connection to port 23	2020-03-05 02:57:43
187.35.129.125	attackspambots	Mar 4 13:47:38 NPSTNNYC01T sshd[10654]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.35.129.125 Mar 4 13:47:40 NPSTNNYC01T sshd[10654]: Failed password for invalid user thomas from 187.35.129.125 port 50114 ssh2 Mar 4 13:52:40 NPSTNNYC01T sshd[10852]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.35.129.125 ...	2020-03-05 02:55:30
202.159.28.2	attackbots	Honeypot attack, port: 445, PTR: gwkcity01.indo.net.id.	2020-03-05 03:24:57
87.2.167.223	attackspambots	Wordpress attack	2020-03-05 03:17:48
194.255.101.212	attack	attempted connection to port 23	2020-03-05 02:49:14
47.244.228.65	attack	Automatic report - XMLRPC Attack	2020-03-05 03:05:01
211.181.237.44	attack	Unauthorised access (Mar 4) SRC=211.181.237.44 LEN=52 TTL=114 ID=14901 DF TCP DPT=445 WINDOW=8192 SYN	2020-03-05 03:22:41
201.130.105.138	attack	attempted connection to port 23	2020-03-05 02:48:58
223.71.139.98	attackspambots	2020-03-04T17:55:15.358204shield sshd\[14470\]: Invalid user michael from 223.71.139.98 port 56850 2020-03-04T17:55:15.362982shield sshd\[14470\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.71.139.98 2020-03-04T17:55:17.684411shield sshd\[14470\]: Failed password for invalid user michael from 223.71.139.98 port 56850 ssh2 2020-03-04T18:01:54.905937shield sshd\[15746\]: Invalid user web from 223.71.139.98 port 52166 2020-03-04T18:01:54.911634shield sshd\[15746\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.71.139.98	2020-03-05 03:15:02
114.80.178.221	attackspambots	Portscan or hack attempt detected by psad/fwsnort	2020-03-05 03:06:05
101.200.53.232	attackbotsspam	(smtpauth) Failed SMTP AUTH login from 101.200.53.232 (CN/China/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-03-04 17:03:19 login authenticator failed for (ADMIN) [101.200.53.232]: 535 Incorrect authentication data (set_id=user@spadanaco.com)	2020-03-05 03:31:08

最近上报的IP列表

125.209.86.172	93.46.196.223	67.187.30.77	114.237.109.72
94.230.135.230	74.82.47.55	42.113.173.137	141.136.50.63
200.29.146.242	36.25.79.24	196.52.43.121	37.79.118.96
92.50.249.166	47.100.50.82	36.82.104.132	193.112.181.186
187.217.205.50	89.25.21.170	78.85.25.20	58.242.83.15