106.86.80.2 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): ChinaNet Chongqing Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Nov 29 16:53:11 mail kernel: [62538.656150] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3d:86:ee:00:08:e3:ff:fd:90:08:00 SRC=106.86.80.2 DST=91.205.173.180 LEN=48 TOS=0x00 PREC=0x00 TTL=113 ID=19843 DF PROTO=TCP SPT=30334 DPT=1433 WINDOW=8192 RES=0x00 SYN URGP=0 Nov 29 16:53:14 mail kernel: [62541.746645] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3d:86:ee:00:08:e3:ff:fd:90:08:00 SRC=106.86.80.2 DST=91.205.173.180 LEN=48 TOS=0x00 PREC=0x00 TTL=113 ID=22236 DF PROTO=TCP SPT=30334 DPT=1433 WINDOW=8192 RES=0x00 SYN URGP=0 Nov 29 16:53:20 mail kernel: [62547.846170] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3d:86:ee:00:08:e3:ff:fd:90:08:00 SRC=106.86.80.2 DST=91.205.173.180 LEN=48 TOS=0x00 PREC=0x00 TTL=113 ID=26016 DF PROTO=TCP SPT=30334 DPT=1433 WINDOW=8192 RES=0x00 SYN URGP=0	2019-11-30 01:31:32

类型

评论内容

时间

attack

Nov 29 16:53:11 mail kernel: [62538.656150] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3d:86:ee:00:08:e3:ff:fd:90:08:00 SRC=106.86.80.2 DST=91.205.173.180 LEN=48 TOS=0x00 PREC=0x00 TTL=113 ID=19843 DF PROTO=TCP SPT=30334 DPT=1433 WINDOW=8192 RES=0x00 SYN URGP=0 
Nov 29 16:53:14 mail kernel: [62541.746645] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3d:86:ee:00:08:e3:ff:fd:90:08:00 SRC=106.86.80.2 DST=91.205.173.180 LEN=48 TOS=0x00 PREC=0x00 TTL=113 ID=22236 DF PROTO=TCP SPT=30334 DPT=1433 WINDOW=8192 RES=0x00 SYN URGP=0 
Nov 29 16:53:20 mail kernel: [62547.846170] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3d:86:ee:00:08:e3:ff:fd:90:08:00 SRC=106.86.80.2 DST=91.205.173.180 LEN=48 TOS=0x00 PREC=0x00 TTL=113 ID=26016 DF PROTO=TCP SPT=30334 DPT=1433 WINDOW=8192 RES=0x00 SYN URGP=0

2019-11-30 01:31:32

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.86.80.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 46626
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.86.80.2.			IN	A

;; AUTHORITY SECTION:
.			596	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019112900 1800 900 604800 86400

;; Query time: 112 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Nov 30 01:31:28 CST 2019
;; MSG SIZE  rcvd: 115

HOST信息:

Host 2.80.86.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 2.80.86.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
88.99.84.129	attack	2020-06-08T13:08:24.801517shield sshd\[32394\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=static.129.84.99.88.clients.your-server.de user=root 2020-06-08T13:08:27.350632shield sshd\[32394\]: Failed password for root from 88.99.84.129 port 38540 ssh2 2020-06-08T13:12:41.904527shield sshd\[1999\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=static.129.84.99.88.clients.your-server.de user=root 2020-06-08T13:12:44.068128shield sshd\[1999\]: Failed password for root from 88.99.84.129 port 54406 ssh2 2020-06-08T13:16:44.656565shield sshd\[4218\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=static.129.84.99.88.clients.your-server.de user=root	2020-06-08 21:28:03
181.52.249.177	attackbotsspam	Jun 8 05:08:33 propaganda sshd[9498]: Connection from 181.52.249.177 port 56105 on 10.0.0.160 port 22 rdomain "" Jun 8 05:08:34 propaganda sshd[9498]: Connection closed by 181.52.249.177 port 56105 [preauth]	2020-06-08 21:37:26
45.112.205.175	attack	" "	2020-06-08 21:44:04
185.213.155.169	attack	(mod_security) mod_security (id:210492) triggered by 185.213.155.169 (DE/Germany/-): 5 in the last 3600 secs	2020-06-08 21:53:31
193.112.244.218	attackspam	Jun 8 13:57:09 h2646465 sshd[16393]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.244.218 user=root Jun 8 13:57:11 h2646465 sshd[16393]: Failed password for root from 193.112.244.218 port 33532 ssh2 Jun 8 14:02:55 h2646465 sshd[17093]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.244.218 user=root Jun 8 14:02:58 h2646465 sshd[17093]: Failed password for root from 193.112.244.218 port 59666 ssh2 Jun 8 14:04:55 h2646465 sshd[17156]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.244.218 user=root Jun 8 14:04:57 h2646465 sshd[17156]: Failed password for root from 193.112.244.218 port 50042 ssh2 Jun 8 14:06:51 h2646465 sshd[17312]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.244.218 user=root Jun 8 14:06:53 h2646465 sshd[17312]: Failed password for root from 193.112.244.218 port 40420 ssh2 Jun 8 14:08	2020-06-08 21:30:04
188.68.35.63	attackbots	5x Failed Password	2020-06-08 21:55:04
96.125.168.246	attackspam	96.125.168.246 - - [08/Jun/2020:16:04:44 +0200] "GET /wp-login.php HTTP/1.1" 200 6433 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 96.125.168.246 - - [08/Jun/2020:16:04:45 +0200] "POST /wp-login.php HTTP/1.1" 200 6684 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 96.125.168.246 - - [08/Jun/2020:16:04:47 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-06-08 22:06:29
222.186.42.136	attack	06/08/2020-09:47:08.017164 222.186.42.136 Protocol: 6 ET SCAN Potential SSH Scan	2020-06-08 21:49:41
222.128.117.144	attackspam	Jun 8 08:08:40 Tower sshd[8525]: Connection from 222.128.117.144 port 41538 on 192.168.10.220 port 22 rdomain "" Jun 8 08:08:42 Tower sshd[8525]: Failed password for root from 222.128.117.144 port 41538 ssh2 Jun 8 08:08:42 Tower sshd[8525]: Received disconnect from 222.128.117.144 port 41538:11: Bye Bye [preauth] Jun 8 08:08:42 Tower sshd[8525]: Disconnected from authenticating user root 222.128.117.144 port 41538 [preauth]	2020-06-08 21:22:55
112.85.42.181	attackspam	v+ssh-bruteforce	2020-06-08 21:53:07
83.159.194.187	attackbots	web-1 [ssh_2] SSH Attack	2020-06-08 21:59:37
95.34.174.73	attack	phishing	2020-06-08 21:27:34
45.227.255.208	attackspambots	Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2020-06-08T10:19:41Z and 2020-06-08T12:08:23Z	2020-06-08 21:43:27
50.3.60.61	attackbotsspam	2020-06-08 07:12:04.618001-0500 localhost smtpd[66999]: NOQUEUE: reject: RCPT from unknown[50.3.60.61]: 554 5.7.1 Service unavailable; Client host [50.3.60.61] blocked using zen.spamhaus.org; https://www.spamhaus.org/sbl/query/SBLCSS; from= to= proto=ESMTP helo=<00c60bfc.survivalpro.guru>	2020-06-08 21:39:52
103.48.193.7	attackbotsspam	Jun 8 14:26:10 DAAP sshd[28653]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.48.193.7 user=root Jun 8 14:26:12 DAAP sshd[28653]: Failed password for root from 103.48.193.7 port 40922 ssh2 Jun 8 14:30:07 DAAP sshd[28717]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.48.193.7 user=root Jun 8 14:30:08 DAAP sshd[28717]: Failed password for root from 103.48.193.7 port 50274 ssh2 Jun 8 14:33:45 DAAP sshd[28743]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.48.193.7 user=root Jun 8 14:33:47 DAAP sshd[28743]: Failed password for root from 103.48.193.7 port 59598 ssh2 ...	2020-06-08 21:58:55

最近上报的IP列表

61.147.53.99	167.172.236.75	103.206.62.92	41.85.255.66
189.76.205.246	140.175.100.161	200.164.124.164	124.8.139.7
5.48.215.178	84.119.143.183	79.12.136.69	116.239.252.65
37.49.229.168	69.94.140.123	159.89.165.7	103.118.49.11
39.94.78.198	165.22.76.53	212.69.18.7	151.32.181.135