106.13.30.80 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Beijing Baidu Netcom Science and Technology Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Search Engine Spider

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Invalid user tsf from 106.13.30.80 port 57910	2020-02-15 08:43:40
attackbots	Unauthorized connection attempt detected from IP address 106.13.30.80 to port 2220 [J]	2020-01-22 20:53:34
attackbotsspam	Invalid user bandel from 106.13.30.80 port 35940 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.30.80 Failed password for invalid user bandel from 106.13.30.80 port 35940 ssh2 Invalid user el from 106.13.30.80 port 57032 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.30.80	2019-12-25 01:42:33
attackbots	Nov 26 20:56:55 game-panel sshd[16997]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.30.80 Nov 26 20:56:57 game-panel sshd[16997]: Failed password for invalid user meineke from 106.13.30.80 port 51780 ssh2 Nov 26 21:04:09 game-panel sshd[17216]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.30.80	2019-11-27 05:20:24
attack	Oct 21 12:41:38 penfold sshd[18648]: Invalid user Adminixxxr from 106.13.30.80 port 40146 Oct 21 12:41:38 penfold sshd[18648]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.30.80 Oct 21 12:41:40 penfold sshd[18648]: Failed password for invalid user Adminixxxr from 106.13.30.80 port 40146 ssh2 Oct 21 12:41:42 penfold sshd[18648]: Received disconnect from 106.13.30.80 port 40146:11: Bye Bye [preauth] Oct 21 12:41:42 penfold sshd[18648]: Disconnected from 106.13.30.80 port 40146 [preauth] Oct 21 13:06:44 penfold sshd[19601]: Invalid user dev from 106.13.30.80 port 54170 Oct 21 13:06:44 penfold sshd[19601]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.30.80 Oct 21 13:06:46 penfold sshd[19601]: Failed password for invalid user dev from 106.13.30.80 port 54170 ssh2 Oct 21 13:06:47 penfold sshd[19601]: Received disconnect from 106.13.30.80 port 54170:11: Bye Bye [preauth] Oct 2........ -------------------------------	2019-10-26 16:24:20
attackspam	Automatic report - Banned IP Access	2019-10-24 15:57:51
attack	Oct 21 12:41:38 penfold sshd[18648]: Invalid user Adminixxxr from 106.13.30.80 port 40146 Oct 21 12:41:38 penfold sshd[18648]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.30.80 Oct 21 12:41:40 penfold sshd[18648]: Failed password for invalid user Adminixxxr from 106.13.30.80 port 40146 ssh2 Oct 21 12:41:42 penfold sshd[18648]: Received disconnect from 106.13.30.80 port 40146:11: Bye Bye [preauth] Oct 21 12:41:42 penfold sshd[18648]: Disconnected from 106.13.30.80 port 40146 [preauth] Oct 21 13:06:44 penfold sshd[19601]: Invalid user dev from 106.13.30.80 port 54170 Oct 21 13:06:44 penfold sshd[19601]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.30.80 Oct 21 13:06:46 penfold sshd[19601]: Failed password for invalid user dev from 106.13.30.80 port 54170 ssh2 Oct 21 13:06:47 penfold sshd[19601]: Received disconnect from 106.13.30.80 port 54170:11: Bye Bye [preauth] Oct 2........ -------------------------------	2019-10-24 00:31:26

Comments on same subnet:

IP	Type	Details	Datetime
106.13.30.99	attackbotsspam	fail2ban	2020-08-11 01:27:11
106.13.30.99	attackbotsspam	2020-08-07T14:03:04.532300amanda2.illicoweb.com sshd\[43453\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.30.99 user=root 2020-08-07T14:03:06.503975amanda2.illicoweb.com sshd\[43453\]: Failed password for root from 106.13.30.99 port 59930 ssh2 2020-08-07T14:05:27.781028amanda2.illicoweb.com sshd\[43867\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.30.99 user=root 2020-08-07T14:05:29.049938amanda2.illicoweb.com sshd\[43867\]: Failed password for root from 106.13.30.99 port 39308 ssh2 2020-08-07T14:07:41.497539amanda2.illicoweb.com sshd\[44189\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.30.99 user=root ...	2020-08-07 21:33:15
106.13.30.99	attack	Jul 30 09:07:14 plex-server sshd[2407821]: Invalid user zhangjunzhe from 106.13.30.99 port 48186 Jul 30 09:07:14 plex-server sshd[2407821]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.30.99 Jul 30 09:07:14 plex-server sshd[2407821]: Invalid user zhangjunzhe from 106.13.30.99 port 48186 Jul 30 09:07:16 plex-server sshd[2407821]: Failed password for invalid user zhangjunzhe from 106.13.30.99 port 48186 ssh2 Jul 30 09:10:17 plex-server sshd[2409402]: Invalid user huyi from 106.13.30.99 port 57990 ...	2020-07-30 17:17:09
106.13.30.99	attackbotsspam	SSH BruteForce Attack	2020-07-19 12:11:59
106.13.30.99	attackbots	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-07-11T11:56:38Z and 2020-07-11T12:01:39Z	2020-07-11 20:44:40
106.13.30.99	attack	$f2bV_matches	2020-07-09 18:10:38
106.13.30.99	attack	Jul 7 00:40:53 vps647732 sshd[10432]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.30.99 Jul 7 00:40:55 vps647732 sshd[10432]: Failed password for invalid user tanghua from 106.13.30.99 port 45332 ssh2 ...	2020-07-07 06:59:50
106.13.30.99	attack	2020-06-29T04:39:32 t 22d[54496]: pam_unix(22d:auth): authentication failure, logname= uid=0 euid=0 tty=22 ruser= rhost=106.13.30.99 ", "Jun 29 04:39:35 t 22d[54496]: Failed password for invalid user jenkins from 106.13.30.99 port 35344 222"], "failures": 3, "mlfid": " t 22d[54496]: ", "user": "jenkins", "ip4": "106.13.30.99"}	2020-06-29 22:51:33
106.13.30.143	attackbots	2019-08-07T00:08:49.648892abusebot-2.cloudsearch.cf sshd\[10594\]: Invalid user lines from 106.13.30.143 port 39444	2019-08-07 08:38:48
106.13.30.143	attackbotsspam	Automatic report - Banned IP Access	2019-07-29 15:53:07

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.13.30.80
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 46645
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.13.30.80.			IN	A

;; AUTHORITY SECTION:
.			553	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102300 1800 900 604800 86400

;; Query time: 110 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Oct 24 00:31:17 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 80.30.13.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 80.30.13.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
172.67.186.102	attack	https://firmeette.xyz/?troy_xoiLpOkM4d3tToEM0bfqxYkMR_Aq73iL7anM4Qoh7GTMBGr-	2020-05-31 15:43:09
106.124.137.130	attackspambots	Failed password for invalid user miket from 106.124.137.130 port 53532 ssh2	2020-05-31 16:06:10
80.13.87.178	attackspam	May 31 07:30:24 localhost sshd\[30795\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.13.87.178 user=root May 31 07:30:26 localhost sshd\[30795\]: Failed password for root from 80.13.87.178 port 34802 ssh2 May 31 07:34:00 localhost sshd\[30849\]: Invalid user support from 80.13.87.178 May 31 07:34:00 localhost sshd\[30849\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.13.87.178 May 31 07:34:02 localhost sshd\[30849\]: Failed password for invalid user support from 80.13.87.178 port 38744 ssh2 ...	2020-05-31 15:50:40
20.188.32.46	attackspam	Wordpress malicious attack:[octablocked]	2020-05-31 16:08:07
120.71.145.189	attackspam	SSH Brute Force	2020-05-31 16:07:45
140.143.136.41	attackbots	[ssh] SSH attack	2020-05-31 15:30:31
223.187.161.200	attackbots	1590897123 - 05/31/2020 05:52:03 Host: 223.187.161.200/223.187.161.200 Port: 445 TCP Blocked	2020-05-31 15:42:50
164.77.117.10	attackspambots	May 31 09:23:41 abendstille sshd\[8321\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.77.117.10 user=root May 31 09:23:43 abendstille sshd\[8321\]: Failed password for root from 164.77.117.10 port 45436 ssh2 May 31 09:28:03 abendstille sshd\[12970\]: Invalid user secretariat from 164.77.117.10 May 31 09:28:03 abendstille sshd\[12970\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.77.117.10 May 31 09:28:06 abendstille sshd\[12970\]: Failed password for invalid user secretariat from 164.77.117.10 port 51240 ssh2 ...	2020-05-31 15:48:52
222.186.15.62	attack	Unauthorized connection attempt detected from IP address 222.186.15.62 to port 22	2020-05-31 15:32:07
200.54.51.124	attackbots	(sshd) Failed SSH login from 200.54.51.124 (CL/Chile/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: May 31 09:14:45 amsweb01 sshd[20948]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.54.51.124 user=root May 31 09:14:47 amsweb01 sshd[20948]: Failed password for root from 200.54.51.124 port 37618 ssh2 May 31 09:23:07 amsweb01 sshd[21565]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.54.51.124 user=root May 31 09:23:08 amsweb01 sshd[21565]: Failed password for root from 200.54.51.124 port 50510 ssh2 May 31 09:26:09 amsweb01 sshd[21788]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.54.51.124 user=root	2020-05-31 15:27:55
178.62.26.232	attackspam	178.62.26.232 - - [31/May/2020:09:16:52 +0200] "GET /wp-login.php HTTP/1.1" 200 6364 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 178.62.26.232 - - [31/May/2020:09:16:58 +0200] "POST /wp-login.php HTTP/1.1" 200 6615 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 178.62.26.232 - - [31/May/2020:09:17:00 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-05-31 15:40:03
176.107.187.224	attack	[SunMay3105:41:29.3895602020][:error][pid5581:tid47395496449792][client176.107.187.224:37063][client176.107.187.224]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"$\?:\(\?:beastilality\\|bestiallity$[-_.\,\\\\"\\\\\\\\'\\\\\\\\\\|]\?stor$\?:y\\|ies$\\|bounce[-_.\,\\\\"\\\\\\\\'\\\\\\\\\\|]\?your[-_.\,\\\\"\\\\\\\\'\\\\\\\\\\|]\?boob\\|\\\\\\\\bshow[-_.\,\\\\"\\\\\\\\'\\\\\\\\\\|]\?your[-_.\,\\\\"\\\\\\\\'\\\\\\\\\\|]\?$\?:pussy\\|cunt\\|cock$\\\\\\\\b\\|dailyorbit\\|i-horny\\|filthserver\\|milf[-_.\,\\\\"\\\\\\\\'\\\\\\\\\\|].{1\,100}\(\?:hunter\\|cruiser\\|mo..."atARGS:jform[contact_message].[file"/usr/local/apache.ea3/conf/modsec_rules/30_asl_antispam.conf"][line"318"][id"300004"][rev"7"][msg"Atomicorp.comWAFAntiSpamRules:Spam:Adult"][data"1434foundwithinARGS:jform[contact_message]:wow\,waswirhierangeilepovbildereinesnacktenteengirlszusehenbekommen\,istjamalwasrichtiggeiles.solchsexyfotosvonnackteteenshabeichzuletztinallerruheaufhttps://wubj.host\?a2vuytfabgl2zs5kzszzpwptbgzkaw==ang	2020-05-31 15:28:12
217.199.161.244	attackspam	217.199.161.244 - - [31/May/2020:08:23:41 +0200] "POST /xmlrpc.php HTTP/1.1" 403 146 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 217.199.161.244 - - [31/May/2020:08:47:30 +0200] "POST /xmlrpc.php HTTP/1.1" 403 146 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-05-31 15:35:24
87.246.7.70	attack	May 31 09:58:26 srv01 postfix/smtpd\[11217\]: warning: unknown\[87.246.7.70\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 31 09:58:36 srv01 postfix/smtpd\[22314\]: warning: unknown\[87.246.7.70\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 31 09:58:38 srv01 postfix/smtpd\[25420\]: warning: unknown\[87.246.7.70\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 31 09:58:39 srv01 postfix/smtpd\[11217\]: warning: unknown\[87.246.7.70\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 31 09:59:12 srv01 postfix/smtpd\[11217\]: warning: unknown\[87.246.7.70\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-05-31 16:01:08
117.6.95.52	attack	2020-05-31T03:47:42.405359shield sshd\[7065\]: Invalid user backups from 117.6.95.52 port 33730 2020-05-31T03:47:42.408811shield sshd\[7065\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.6.95.52 2020-05-31T03:47:44.768312shield sshd\[7065\]: Failed password for invalid user backups from 117.6.95.52 port 33730 ssh2 2020-05-31T03:52:00.301796shield sshd\[8091\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.6.95.52 user=root 2020-05-31T03:52:02.415863shield sshd\[8091\]: Failed password for root from 117.6.95.52 port 38652 ssh2	2020-05-31 15:43:50

Recently Reported IPs

16.170.72.68	119.189.194.185	190.175.194.180	240.176.156.225
19.62.137.2	81.114.202.103	24.114.91.236	72.227.46.236
90.151.205.14	27.2.140.222	2.50.157.63	178.42.26.176
176.115.72.112	51.15.197.128	2.61.169.71	114.34.107.208
106.54.213.7	200.248.82.130	117.35.118.214	197.50.233.86