106.86.80.2 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Chongqing Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Nov 29 16:53:11 mail kernel: [62538.656150] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3d:86:ee:00:08:e3:ff:fd:90:08:00 SRC=106.86.80.2 DST=91.205.173.180 LEN=48 TOS=0x00 PREC=0x00 TTL=113 ID=19843 DF PROTO=TCP SPT=30334 DPT=1433 WINDOW=8192 RES=0x00 SYN URGP=0 Nov 29 16:53:14 mail kernel: [62541.746645] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3d:86:ee:00:08:e3:ff:fd:90:08:00 SRC=106.86.80.2 DST=91.205.173.180 LEN=48 TOS=0x00 PREC=0x00 TTL=113 ID=22236 DF PROTO=TCP SPT=30334 DPT=1433 WINDOW=8192 RES=0x00 SYN URGP=0 Nov 29 16:53:20 mail kernel: [62547.846170] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3d:86:ee:00:08:e3:ff:fd:90:08:00 SRC=106.86.80.2 DST=91.205.173.180 LEN=48 TOS=0x00 PREC=0x00 TTL=113 ID=26016 DF PROTO=TCP SPT=30334 DPT=1433 WINDOW=8192 RES=0x00 SYN URGP=0	2019-11-30 01:31:32

Type

Details

Datetime

attack

Nov 29 16:53:11 mail kernel: [62538.656150] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3d:86:ee:00:08:e3:ff:fd:90:08:00 SRC=106.86.80.2 DST=91.205.173.180 LEN=48 TOS=0x00 PREC=0x00 TTL=113 ID=19843 DF PROTO=TCP SPT=30334 DPT=1433 WINDOW=8192 RES=0x00 SYN URGP=0 
Nov 29 16:53:14 mail kernel: [62541.746645] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3d:86:ee:00:08:e3:ff:fd:90:08:00 SRC=106.86.80.2 DST=91.205.173.180 LEN=48 TOS=0x00 PREC=0x00 TTL=113 ID=22236 DF PROTO=TCP SPT=30334 DPT=1433 WINDOW=8192 RES=0x00 SYN URGP=0 
Nov 29 16:53:20 mail kernel: [62547.846170] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3d:86:ee:00:08:e3:ff:fd:90:08:00 SRC=106.86.80.2 DST=91.205.173.180 LEN=48 TOS=0x00 PREC=0x00 TTL=113 ID=26016 DF PROTO=TCP SPT=30334 DPT=1433 WINDOW=8192 RES=0x00 SYN URGP=0

2019-11-30 01:31:32

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.86.80.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 46626
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.86.80.2.			IN	A

;; AUTHORITY SECTION:
.			596	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019112900 1800 900 604800 86400

;; Query time: 112 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Nov 30 01:31:28 CST 2019
;; MSG SIZE  rcvd: 115

Host info

Host 2.80.86.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 2.80.86.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
49.235.140.231	attackbots	Dec 16 18:30:34 vpn01 sshd[16027]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.140.231 Dec 16 18:30:36 vpn01 sshd[16027]: Failed password for invalid user korenke from 49.235.140.231 port 58888 ssh2 ...	2019-12-17 01:31:31
119.203.240.76	attack	Dec 8 19:53:37 microserver sshd[4015]: Invalid user mcninch from 119.203.240.76 port 36352 Dec 8 19:53:37 microserver sshd[4015]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.203.240.76 Dec 8 19:53:38 microserver sshd[4015]: Failed password for invalid user mcninch from 119.203.240.76 port 36352 ssh2 Dec 8 20:00:48 microserver sshd[5374]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.203.240.76 user=root Dec 8 20:00:50 microserver sshd[5374]: Failed password for root from 119.203.240.76 port 50795 ssh2 Dec 8 20:12:16 microserver sshd[7013]: Invalid user francoise from 119.203.240.76 port 48123 Dec 8 20:12:16 microserver sshd[7013]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.203.240.76 Dec 8 20:12:18 microserver sshd[7013]: Failed password for invalid user francoise from 119.203.240.76 port 48123 ssh2 Dec 8 20:18:05 microserver sshd[7868]: Invalid user wwwrun f	2019-12-17 01:19:23
111.72.193.216	attackbots	2019-12-16 08:44:16 H=(ylmf-pc) [111.72.193.216]:53318 I=[192.147.25.65]:25 rejected EHLO or HELO ylmf-pc: CHECK_HELO: ylmf-pc 2019-12-16 08:44:16 H=(ylmf-pc) [111.72.193.216]:53310 I=[192.147.25.65]:25 rejected EHLO or HELO ylmf-pc: CHECK_HELO: ylmf-pc 2019-12-16 08:44:17 H=(ylmf-pc) [111.72.193.216]:57336 I=[192.147.25.65]:25 rejected EHLO or HELO ylmf-pc: CHECK_HELO: ylmf-pc ...	2019-12-17 01:19:58
140.143.193.52	attackbotsspam	Dec 16 16:23:26 sso sshd[31381]: Failed password for root from 140.143.193.52 port 59106 ssh2 ...	2019-12-17 01:32:35
73.124.236.66	attack	fraudulent SSH attempt	2019-12-17 01:34:33
200.167.184.84	attack	Unauthorized connection attempt detected from IP address 200.167.184.84 to port 445	2019-12-17 01:01:38
187.176.33.44	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2019-12-17 00:57:57
159.203.201.142	attackbots	22562/tcp 22785/tcp 1400/tcp... [2019-10-16/12-15]58pkt,51pt.(tcp),1pt.(udp)	2019-12-17 01:08:21
129.28.88.77	attack	Dec 16 15:29:39 extapp sshd[26257]: Invalid user yaumun from 129.28.88.77 Dec 16 15:29:41 extapp sshd[26257]: Failed password for invalid user yaumun from 129.28.88.77 port 44932 ssh2 Dec 16 15:38:40 extapp sshd[30302]: Invalid user esaki from 129.28.88.77 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=129.28.88.77	2019-12-17 01:18:54
108.75.217.101	attack	Dec 16 17:46:50 v22018076622670303 sshd\[12377\]: Invalid user fougere from 108.75.217.101 port 43236 Dec 16 17:46:50 v22018076622670303 sshd\[12377\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=108.75.217.101 Dec 16 17:46:53 v22018076622670303 sshd\[12377\]: Failed password for invalid user fougere from 108.75.217.101 port 43236 ssh2 ...	2019-12-17 01:35:58
80.211.171.78	attack	Dec 16 06:50:25 sachi sshd\[12856\]: Invalid user operator12 from 80.211.171.78 Dec 16 06:50:25 sachi sshd\[12856\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.171.78 Dec 16 06:50:28 sachi sshd\[12856\]: Failed password for invalid user operator12 from 80.211.171.78 port 34832 ssh2 Dec 16 06:56:15 sachi sshd\[13405\]: Invalid user dillemuth from 80.211.171.78 Dec 16 06:56:15 sachi sshd\[13405\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.171.78	2019-12-17 01:07:00
121.182.166.82	attackspambots	2019-12-16T14:36:57.525020abusebot-5.cloudsearch.cf sshd\[5424\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.182.166.82 user=root 2019-12-16T14:36:59.455398abusebot-5.cloudsearch.cf sshd\[5424\]: Failed password for root from 121.182.166.82 port 61915 ssh2 2019-12-16T14:44:24.808880abusebot-5.cloudsearch.cf sshd\[5512\]: Invalid user admin from 121.182.166.82 port 13141 2019-12-16T14:44:24.814949abusebot-5.cloudsearch.cf sshd\[5512\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.182.166.82	2019-12-17 01:11:36
139.59.92.117	attackspam	Dec 16 17:47:16 cvbnet sshd[16702]: Failed password for root from 139.59.92.117 port 48344 ssh2 ...	2019-12-17 01:37:42
185.156.177.22	attack	RDP brute force attack detected by fail2ban	2019-12-17 01:07:58
198.211.110.116	attackbots	Fail2Ban - SSH Bruteforce Attempt	2019-12-17 01:17:17

Recently Reported IPs

61.147.53.99	167.172.236.75	103.206.62.92	41.85.255.66
189.76.205.246	140.175.100.161	200.164.124.164	124.8.139.7
5.48.215.178	84.119.143.183	79.12.136.69	116.239.252.65
37.49.229.168	69.94.140.123	159.89.165.7	103.118.49.11
39.94.78.198	165.22.76.53	212.69.18.7	151.32.181.135