180.97.80.55 - IPInfo

基本信息:

城市(city): Shanghai

省份(region): Shanghai

国家(country): China

运营商(isp): ChinaNet Jiangsu Province Network

主机名(hostname): unknown

机构(organization): AS Number for CHINANET jiangsu province backbone

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Nov 11 11:25:58 ns37 sshd[3350]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.97.80.55	2019-11-11 20:02:03
attackbots	2019-11-11T05:44:13.525735shield sshd\[26755\]: Invalid user baquiro from 180.97.80.55 port 55112 2019-11-11T05:44:13.529970shield sshd\[26755\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.97.80.55 2019-11-11T05:44:15.829497shield sshd\[26755\]: Failed password for invalid user baquiro from 180.97.80.55 port 55112 ssh2 2019-11-11T05:48:27.422107shield sshd\[27348\]: Invalid user zhushiyang from 180.97.80.55 port 34624 2019-11-11T05:48:27.426227shield sshd\[27348\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.97.80.55	2019-11-11 13:58:02
attack	fail2ban	2019-10-20 20:20:39
attackspambots	Invalid user brc from 180.97.80.55 port 50450	2019-10-18 16:55:23
attack	Oct 11 05:51:16 meumeu sshd[9721]: Failed password for root from 180.97.80.55 port 54796 ssh2 Oct 11 05:55:29 meumeu sshd[10259]: Failed password for root from 180.97.80.55 port 34206 ssh2 ...	2019-10-11 12:00:55
attackbotsspam	Oct 9 08:13:56 pkdns2 sshd\[13977\]: Invalid user P@ssw0rd01 from 180.97.80.55Oct 9 08:13:57 pkdns2 sshd\[13977\]: Failed password for invalid user P@ssw0rd01 from 180.97.80.55 port 55474 ssh2Oct 9 08:18:39 pkdns2 sshd\[14192\]: Invalid user P@ssw0rd01 from 180.97.80.55Oct 9 08:18:40 pkdns2 sshd\[14192\]: Failed password for invalid user P@ssw0rd01 from 180.97.80.55 port 35820 ssh2Oct 9 08:23:17 pkdns2 sshd\[14402\]: Invalid user Voiture1@3 from 180.97.80.55Oct 9 08:23:19 pkdns2 sshd\[14402\]: Failed password for invalid user Voiture1@3 from 180.97.80.55 port 44380 ssh2 ...	2019-10-09 13:24:32
attack	Oct 3 07:20:11 TORMINT sshd\[29601\]: Invalid user cloudstack from 180.97.80.55 Oct 3 07:20:11 TORMINT sshd\[29601\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.97.80.55 Oct 3 07:20:13 TORMINT sshd\[29601\]: Failed password for invalid user cloudstack from 180.97.80.55 port 39004 ssh2 ...	2019-10-03 19:23:15
attackspam	Sep 21 16:03:54 tux-35-217 sshd\[25973\]: Invalid user mfg from 180.97.80.55 port 36924 Sep 21 16:03:54 tux-35-217 sshd\[25973\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.97.80.55 Sep 21 16:03:56 tux-35-217 sshd\[25973\]: Failed password for invalid user mfg from 180.97.80.55 port 36924 ssh2 Sep 21 16:09:37 tux-35-217 sshd\[26029\]: Invalid user msmith from 180.97.80.55 port 49878 Sep 21 16:09:37 tux-35-217 sshd\[26029\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.97.80.55 ...	2019-09-21 22:25:25
attackspam	Aug 13 23:11:20 lcl-usvr-01 sshd[7894]: Invalid user divya from 180.97.80.55 Aug 13 23:11:20 lcl-usvr-01 sshd[7894]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.97.80.55 Aug 13 23:11:20 lcl-usvr-01 sshd[7894]: Invalid user divya from 180.97.80.55 Aug 13 23:11:22 lcl-usvr-01 sshd[7894]: Failed password for invalid user divya from 180.97.80.55 port 33282 ssh2 Aug 13 23:17:04 lcl-usvr-01 sshd[9272]: Invalid user jboss from 180.97.80.55	2019-08-14 02:24:19
attack	2019-07-23T04:53:04.885101lon01.zurich-datacenter.net sshd\[27932\]: Invalid user dummy from 180.97.80.55 port 46014 2019-07-23T04:53:04.889646lon01.zurich-datacenter.net sshd\[27932\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.97.80.55 2019-07-23T04:53:06.880415lon01.zurich-datacenter.net sshd\[27932\]: Failed password for invalid user dummy from 180.97.80.55 port 46014 ssh2 2019-07-23T04:58:17.772880lon01.zurich-datacenter.net sshd\[28018\]: Invalid user dog from 180.97.80.55 port 40040 2019-07-23T04:58:17.777443lon01.zurich-datacenter.net sshd\[28018\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.97.80.55 ...	2019-07-23 11:11:30
attackspam	Jun 28 08:04:09 vps200512 sshd\[15807\]: Invalid user la from 180.97.80.55 Jun 28 08:04:09 vps200512 sshd\[15807\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.97.80.55 Jun 28 08:04:11 vps200512 sshd\[15807\]: Failed password for invalid user la from 180.97.80.55 port 37234 ssh2 Jun 28 08:06:28 vps200512 sshd\[15847\]: Invalid user iy from 180.97.80.55 Jun 28 08:06:28 vps200512 sshd\[15847\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.97.80.55	2019-06-28 20:06:39
attackbotsspam	Jun 25 10:01:43 server01 sshd\[12672\]: Invalid user fs5 from 180.97.80.55 Jun 25 10:01:43 server01 sshd\[12672\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.97.80.55 Jun 25 10:01:44 server01 sshd\[12672\]: Failed password for invalid user fs5 from 180.97.80.55 port 48050 ssh2 ...	2019-06-25 17:25:45

相同子网IP讨论:

IP	类型	评论内容	时间
180.97.80.12	attackbots	2020-10-12T07:19:56.3188321495-001 sshd[2832]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.97.80.12 2020-10-12T07:19:56.3151111495-001 sshd[2832]: Invalid user raju from 180.97.80.12 port 47676 2020-10-12T07:19:58.5407921495-001 sshd[2832]: Failed password for invalid user raju from 180.97.80.12 port 47676 ssh2 2020-10-12T07:21:53.7778231495-001 sshd[2977]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.97.80.12 user=root 2020-10-12T07:21:55.7288241495-001 sshd[2977]: Failed password for root from 180.97.80.12 port 46994 ssh2 2020-10-12T07:23:58.3685111495-001 sshd[3060]: Invalid user ed from 180.97.80.12 port 46306 ...	2020-10-13 03:45:59
180.97.80.12	attack	2020-10-12T06:14:52.7666331495-001 sshd[64420]: Invalid user gabriella from 180.97.80.12 port 43104 2020-10-12T06:14:54.7066281495-001 sshd[64420]: Failed password for invalid user gabriella from 180.97.80.12 port 43104 ssh2 2020-10-12T06:17:01.3873181495-001 sshd[64580]: Invalid user carol from 180.97.80.12 port 42424 2020-10-12T06:17:01.4140391495-001 sshd[64580]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.97.80.12 2020-10-12T06:17:01.3873181495-001 sshd[64580]: Invalid user carol from 180.97.80.12 port 42424 2020-10-12T06:17:03.3955161495-001 sshd[64580]: Failed password for invalid user carol from 180.97.80.12 port 42424 ssh2 ...	2020-10-12 19:19:54
180.97.80.12	attack	Sep 18 09:14:07 ajax sshd[10907]: Failed password for root from 180.97.80.12 port 35352 ssh2 Sep 18 09:18:30 ajax sshd[12475]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.97.80.12	2020-09-19 02:25:57
180.97.80.12	attack	Sep 18 09:14:07 ajax sshd[10907]: Failed password for root from 180.97.80.12 port 35352 ssh2 Sep 18 09:18:30 ajax sshd[12475]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.97.80.12	2020-09-18 18:24:16
180.97.80.246	attack	Port Scan ...	2020-09-01 03:18:27
180.97.80.246	attackbotsspam	Aug 24 13:37:11 roki sshd[3222]: Invalid user syn from 180.97.80.246 Aug 24 13:37:11 roki sshd[3222]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.97.80.246 Aug 24 13:37:13 roki sshd[3222]: Failed password for invalid user syn from 180.97.80.246 port 38512 ssh2 Aug 24 13:53:45 roki sshd[4388]: Invalid user mario from 180.97.80.246 Aug 24 13:53:45 roki sshd[4388]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.97.80.246 ...	2020-08-24 20:04:28
180.97.80.12	attackspam	Aug 23 07:31:02 XXX sshd[7425]: Invalid user discovery from 180.97.80.12 port 49114	2020-08-23 17:46:02
180.97.80.246	attackspam	Aug 21 20:21:47 plex-server sshd[1100695]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.97.80.246 Aug 21 20:21:47 plex-server sshd[1100695]: Invalid user apptest from 180.97.80.246 port 37556 Aug 21 20:21:49 plex-server sshd[1100695]: Failed password for invalid user apptest from 180.97.80.246 port 37556 ssh2 Aug 21 20:25:30 plex-server sshd[1102244]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.97.80.246 user=root Aug 21 20:25:32 plex-server sshd[1102244]: Failed password for root from 180.97.80.246 port 36940 ssh2 ...	2020-08-22 04:43:22
180.97.80.246	attackspambots	Invalid user alameda from 180.97.80.246 port 50218	2020-08-21 18:25:39
180.97.80.12	attackbots	$f2bV_matches	2020-08-21 16:09:29
180.97.80.246	attackspam	Unauthorised connection attempt detected at AUO NODE 4. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-08-15 18:59:39
180.97.80.12	attackspambots	Aug 14 23:07:43 OPSO sshd\[4649\]: Invalid user \~!@QWE123 from 180.97.80.12 port 42314 Aug 14 23:07:43 OPSO sshd\[4649\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.97.80.12 Aug 14 23:07:45 OPSO sshd\[4649\]: Failed password for invalid user \~!@QWE123 from 180.97.80.12 port 42314 ssh2 Aug 14 23:10:21 OPSO sshd\[5362\]: Invalid user china666 from 180.97.80.12 port 58240 Aug 14 23:10:21 OPSO sshd\[5362\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.97.80.12	2020-08-15 05:44:56
180.97.80.12	attackspam	Aug 14 01:15:01 vpn01 sshd[3613]: Failed password for root from 180.97.80.12 port 36340 ssh2 ...	2020-08-14 07:58:14
180.97.80.246	attackspambots	Aug 13 06:46:44 firewall sshd[3893]: Failed password for root from 180.97.80.246 port 48218 ssh2 Aug 13 06:51:23 firewall sshd[4064]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.97.80.246 user=root Aug 13 06:51:25 firewall sshd[4064]: Failed password for root from 180.97.80.246 port 42404 ssh2 ...	2020-08-13 18:59:17
180.97.80.246	attackbotsspam	Aug 6 21:34:50 webhost01 sshd[15122]: Failed password for root from 180.97.80.246 port 57528 ssh2 ...	2020-08-07 00:58:30

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 180.97.80.55
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 50938
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;180.97.80.55.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019041200 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Fri Apr 12 22:53:21 +08 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 55.80.97.180.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 55.80.97.180.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
206.189.137.113	attackspambots	Aug 17 02:49:49 ncomp sshd[11521]: Invalid user hadoop from 206.189.137.113 Aug 17 02:49:49 ncomp sshd[11521]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.137.113 Aug 17 02:49:49 ncomp sshd[11521]: Invalid user hadoop from 206.189.137.113 Aug 17 02:49:51 ncomp sshd[11521]: Failed password for invalid user hadoop from 206.189.137.113 port 55148 ssh2	2019-08-17 08:50:17
210.221.220.68	attack	Aug 16 14:48:56 eddieflores sshd\[31021\]: Invalid user service from 210.221.220.68 Aug 16 14:48:56 eddieflores sshd\[31021\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.221.220.68 Aug 16 14:48:59 eddieflores sshd\[31021\]: Failed password for invalid user service from 210.221.220.68 port 32813 ssh2 Aug 16 14:54:01 eddieflores sshd\[31471\]: Invalid user radiusd from 210.221.220.68 Aug 16 14:54:01 eddieflores sshd\[31471\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.221.220.68	2019-08-17 09:01:37
67.163.131.76	attack	Russian criminal botnet operating from exploited host. Temporary ban.	2019-08-17 08:49:57
89.159.27.226	attack	Aug 16 15:03:30 hanapaa sshd\[19918\]: Invalid user craft from 89.159.27.226 Aug 16 15:03:30 hanapaa sshd\[19918\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89-159-27-226.rev.numericable.fr Aug 16 15:03:31 hanapaa sshd\[19918\]: Failed password for invalid user craft from 89.159.27.226 port 43310 ssh2 Aug 16 15:07:42 hanapaa sshd\[20330\]: Invalid user erika from 89.159.27.226 Aug 16 15:07:42 hanapaa sshd\[20330\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=89-159-27-226.rev.numericable.fr	2019-08-17 09:09:39
175.211.116.238	attack	blacklist username rasa Invalid user rasa from 175.211.116.238 port 56840	2019-08-17 09:03:50
77.87.77.12	attackbotsspam	SMB Server BruteForce Attack	2019-08-17 08:48:41
112.186.77.126	attackspam	Automatic report - Banned IP Access	2019-08-17 09:09:06
5.62.41.113	attack	\[2019-08-16 20:51:59\] NOTICE\[2288\] chan_sip.c: Registration from '\' failed for '5.62.41.113:11629' - Wrong password \[2019-08-16 20:51:59\] SECURITY\[2326\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-08-16T20:51:59.691-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="3555",SessionID="0x7ff4d07952f8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/5.62.41.113/49964",Challenge="012dbed9",ReceivedChallenge="012dbed9",ReceivedHash="eeb32da8ab2ffe51f4ebcbb2934eff9d" \[2019-08-16 20:56:38\] NOTICE\[2288\] chan_sip.c: Registration from '\' failed for '5.62.41.113:11750' - Wrong password \[2019-08-16 20:56:38\] SECURITY\[2326\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-08-16T20:56:38.437-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="1174",SessionID="0x7ff4d0348688",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/5.62.41.113/542	2019-08-17 09:07:16
117.2.104.3	attack	Aug 16 14:26:31 *** sshd[20942]: Failed password for invalid user tit0nich from 117.2.104.3 port 60003 ssh2	2019-08-17 09:14:25
193.56.28.158	attackspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-08-16 19:32:32,671 INFO [amun_request_handler] unknown vuln (Attacker: 193.56.28.158 Port: 1080, Mess: ['\x05\x01\x00'] (3) Stages: ['MYDOOM_STAGE1'])	2019-08-17 08:41:46
180.182.47.132	attackspam	Aug 17 01:44:03 lnxmysql61 sshd[5574]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.182.47.132	2019-08-17 08:45:06
103.80.117.214	attack	Aug 16 20:02:06 marvibiene sshd[30730]: Invalid user rafael from 103.80.117.214 port 34584 Aug 16 20:02:06 marvibiene sshd[30730]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.80.117.214 Aug 16 20:02:06 marvibiene sshd[30730]: Invalid user rafael from 103.80.117.214 port 34584 Aug 16 20:02:08 marvibiene sshd[30730]: Failed password for invalid user rafael from 103.80.117.214 port 34584 ssh2 ...	2019-08-17 08:50:53
76.104.243.253	attackspambots	Aug 17 00:42:04 XXX sshd[28945]: Invalid user ofsaa from 76.104.243.253 port 56782	2019-08-17 09:05:24
138.197.221.114	attack	Aug 16 21:43:06 XXX sshd[25671]: Invalid user testadmin from 138.197.221.114 port 52240	2019-08-17 09:00:45
59.127.1.126	attackspam	23/tcp 23/tcp [2019-08-12/16]2pkt	2019-08-17 08:36:34

最近上报的IP列表

116.250.198.242	91.250.48.221	170.0.124.173	82.209.197.102
103.102.239.113	125.114.5.163	216.244.66.246	185.141.60.213
189.110.109.126	106.124.137.86	193.19.118.101	103.216.60.85
58.235.77.222	167.249.76.19	156.209.38.6	60.246.2.156
69.114.137.189	188.15.116.164	191.243.244.14	2a02:27b0:4501:de80:d8af:8bee:ab1b:e73c