180.97.80.55 - IPInfo

基本信息:

城市(city): Shanghai

省份(region): Shanghai

国家(country): China

运营商(isp): ChinaNet Jiangsu Province Network

主机名(hostname): unknown

机构(organization): AS Number for CHINANET jiangsu province backbone

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Nov 11 11:25:58 ns37 sshd[3350]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.97.80.55	2019-11-11 20:02:03
attackbots	2019-11-11T05:44:13.525735shield sshd\[26755\]: Invalid user baquiro from 180.97.80.55 port 55112 2019-11-11T05:44:13.529970shield sshd\[26755\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.97.80.55 2019-11-11T05:44:15.829497shield sshd\[26755\]: Failed password for invalid user baquiro from 180.97.80.55 port 55112 ssh2 2019-11-11T05:48:27.422107shield sshd\[27348\]: Invalid user zhushiyang from 180.97.80.55 port 34624 2019-11-11T05:48:27.426227shield sshd\[27348\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.97.80.55	2019-11-11 13:58:02
attack	fail2ban	2019-10-20 20:20:39
attackspambots	Invalid user brc from 180.97.80.55 port 50450	2019-10-18 16:55:23
attack	Oct 11 05:51:16 meumeu sshd[9721]: Failed password for root from 180.97.80.55 port 54796 ssh2 Oct 11 05:55:29 meumeu sshd[10259]: Failed password for root from 180.97.80.55 port 34206 ssh2 ...	2019-10-11 12:00:55
attackbotsspam	Oct 9 08:13:56 pkdns2 sshd\[13977\]: Invalid user P@ssw0rd01 from 180.97.80.55Oct 9 08:13:57 pkdns2 sshd\[13977\]: Failed password for invalid user P@ssw0rd01 from 180.97.80.55 port 55474 ssh2Oct 9 08:18:39 pkdns2 sshd\[14192\]: Invalid user P@ssw0rd01 from 180.97.80.55Oct 9 08:18:40 pkdns2 sshd\[14192\]: Failed password for invalid user P@ssw0rd01 from 180.97.80.55 port 35820 ssh2Oct 9 08:23:17 pkdns2 sshd\[14402\]: Invalid user Voiture1@3 from 180.97.80.55Oct 9 08:23:19 pkdns2 sshd\[14402\]: Failed password for invalid user Voiture1@3 from 180.97.80.55 port 44380 ssh2 ...	2019-10-09 13:24:32
attack	Oct 3 07:20:11 TORMINT sshd\[29601\]: Invalid user cloudstack from 180.97.80.55 Oct 3 07:20:11 TORMINT sshd\[29601\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.97.80.55 Oct 3 07:20:13 TORMINT sshd\[29601\]: Failed password for invalid user cloudstack from 180.97.80.55 port 39004 ssh2 ...	2019-10-03 19:23:15
attackspam	Sep 21 16:03:54 tux-35-217 sshd\[25973\]: Invalid user mfg from 180.97.80.55 port 36924 Sep 21 16:03:54 tux-35-217 sshd\[25973\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.97.80.55 Sep 21 16:03:56 tux-35-217 sshd\[25973\]: Failed password for invalid user mfg from 180.97.80.55 port 36924 ssh2 Sep 21 16:09:37 tux-35-217 sshd\[26029\]: Invalid user msmith from 180.97.80.55 port 49878 Sep 21 16:09:37 tux-35-217 sshd\[26029\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.97.80.55 ...	2019-09-21 22:25:25
attackspam	Aug 13 23:11:20 lcl-usvr-01 sshd[7894]: Invalid user divya from 180.97.80.55 Aug 13 23:11:20 lcl-usvr-01 sshd[7894]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.97.80.55 Aug 13 23:11:20 lcl-usvr-01 sshd[7894]: Invalid user divya from 180.97.80.55 Aug 13 23:11:22 lcl-usvr-01 sshd[7894]: Failed password for invalid user divya from 180.97.80.55 port 33282 ssh2 Aug 13 23:17:04 lcl-usvr-01 sshd[9272]: Invalid user jboss from 180.97.80.55	2019-08-14 02:24:19
attack	2019-07-23T04:53:04.885101lon01.zurich-datacenter.net sshd\[27932\]: Invalid user dummy from 180.97.80.55 port 46014 2019-07-23T04:53:04.889646lon01.zurich-datacenter.net sshd\[27932\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.97.80.55 2019-07-23T04:53:06.880415lon01.zurich-datacenter.net sshd\[27932\]: Failed password for invalid user dummy from 180.97.80.55 port 46014 ssh2 2019-07-23T04:58:17.772880lon01.zurich-datacenter.net sshd\[28018\]: Invalid user dog from 180.97.80.55 port 40040 2019-07-23T04:58:17.777443lon01.zurich-datacenter.net sshd\[28018\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.97.80.55 ...	2019-07-23 11:11:30
attackspam	Jun 28 08:04:09 vps200512 sshd\[15807\]: Invalid user la from 180.97.80.55 Jun 28 08:04:09 vps200512 sshd\[15807\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.97.80.55 Jun 28 08:04:11 vps200512 sshd\[15807\]: Failed password for invalid user la from 180.97.80.55 port 37234 ssh2 Jun 28 08:06:28 vps200512 sshd\[15847\]: Invalid user iy from 180.97.80.55 Jun 28 08:06:28 vps200512 sshd\[15847\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.97.80.55	2019-06-28 20:06:39
attackbotsspam	Jun 25 10:01:43 server01 sshd\[12672\]: Invalid user fs5 from 180.97.80.55 Jun 25 10:01:43 server01 sshd\[12672\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.97.80.55 Jun 25 10:01:44 server01 sshd\[12672\]: Failed password for invalid user fs5 from 180.97.80.55 port 48050 ssh2 ...	2019-06-25 17:25:45

相同子网IP讨论:

IP	类型	评论内容	时间
180.97.80.12	attackbots	2020-10-12T07:19:56.3188321495-001 sshd[2832]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.97.80.12 2020-10-12T07:19:56.3151111495-001 sshd[2832]: Invalid user raju from 180.97.80.12 port 47676 2020-10-12T07:19:58.5407921495-001 sshd[2832]: Failed password for invalid user raju from 180.97.80.12 port 47676 ssh2 2020-10-12T07:21:53.7778231495-001 sshd[2977]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.97.80.12 user=root 2020-10-12T07:21:55.7288241495-001 sshd[2977]: Failed password for root from 180.97.80.12 port 46994 ssh2 2020-10-12T07:23:58.3685111495-001 sshd[3060]: Invalid user ed from 180.97.80.12 port 46306 ...	2020-10-13 03:45:59
180.97.80.12	attack	2020-10-12T06:14:52.7666331495-001 sshd[64420]: Invalid user gabriella from 180.97.80.12 port 43104 2020-10-12T06:14:54.7066281495-001 sshd[64420]: Failed password for invalid user gabriella from 180.97.80.12 port 43104 ssh2 2020-10-12T06:17:01.3873181495-001 sshd[64580]: Invalid user carol from 180.97.80.12 port 42424 2020-10-12T06:17:01.4140391495-001 sshd[64580]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.97.80.12 2020-10-12T06:17:01.3873181495-001 sshd[64580]: Invalid user carol from 180.97.80.12 port 42424 2020-10-12T06:17:03.3955161495-001 sshd[64580]: Failed password for invalid user carol from 180.97.80.12 port 42424 ssh2 ...	2020-10-12 19:19:54
180.97.80.12	attack	Sep 18 09:14:07 ajax sshd[10907]: Failed password for root from 180.97.80.12 port 35352 ssh2 Sep 18 09:18:30 ajax sshd[12475]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.97.80.12	2020-09-19 02:25:57
180.97.80.12	attack	Sep 18 09:14:07 ajax sshd[10907]: Failed password for root from 180.97.80.12 port 35352 ssh2 Sep 18 09:18:30 ajax sshd[12475]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.97.80.12	2020-09-18 18:24:16
180.97.80.246	attack	Port Scan ...	2020-09-01 03:18:27
180.97.80.246	attackbotsspam	Aug 24 13:37:11 roki sshd[3222]: Invalid user syn from 180.97.80.246 Aug 24 13:37:11 roki sshd[3222]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.97.80.246 Aug 24 13:37:13 roki sshd[3222]: Failed password for invalid user syn from 180.97.80.246 port 38512 ssh2 Aug 24 13:53:45 roki sshd[4388]: Invalid user mario from 180.97.80.246 Aug 24 13:53:45 roki sshd[4388]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.97.80.246 ...	2020-08-24 20:04:28
180.97.80.12	attackspam	Aug 23 07:31:02 XXX sshd[7425]: Invalid user discovery from 180.97.80.12 port 49114	2020-08-23 17:46:02
180.97.80.246	attackspam	Aug 21 20:21:47 plex-server sshd[1100695]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.97.80.246 Aug 21 20:21:47 plex-server sshd[1100695]: Invalid user apptest from 180.97.80.246 port 37556 Aug 21 20:21:49 plex-server sshd[1100695]: Failed password for invalid user apptest from 180.97.80.246 port 37556 ssh2 Aug 21 20:25:30 plex-server sshd[1102244]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.97.80.246 user=root Aug 21 20:25:32 plex-server sshd[1102244]: Failed password for root from 180.97.80.246 port 36940 ssh2 ...	2020-08-22 04:43:22
180.97.80.246	attackspambots	Invalid user alameda from 180.97.80.246 port 50218	2020-08-21 18:25:39
180.97.80.12	attackbots	$f2bV_matches	2020-08-21 16:09:29
180.97.80.246	attackspam	Unauthorised connection attempt detected at AUO NODE 4. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-08-15 18:59:39
180.97.80.12	attackspambots	Aug 14 23:07:43 OPSO sshd\[4649\]: Invalid user \~!@QWE123 from 180.97.80.12 port 42314 Aug 14 23:07:43 OPSO sshd\[4649\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.97.80.12 Aug 14 23:07:45 OPSO sshd\[4649\]: Failed password for invalid user \~!@QWE123 from 180.97.80.12 port 42314 ssh2 Aug 14 23:10:21 OPSO sshd\[5362\]: Invalid user china666 from 180.97.80.12 port 58240 Aug 14 23:10:21 OPSO sshd\[5362\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.97.80.12	2020-08-15 05:44:56
180.97.80.12	attackspam	Aug 14 01:15:01 vpn01 sshd[3613]: Failed password for root from 180.97.80.12 port 36340 ssh2 ...	2020-08-14 07:58:14
180.97.80.246	attackspambots	Aug 13 06:46:44 firewall sshd[3893]: Failed password for root from 180.97.80.246 port 48218 ssh2 Aug 13 06:51:23 firewall sshd[4064]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.97.80.246 user=root Aug 13 06:51:25 firewall sshd[4064]: Failed password for root from 180.97.80.246 port 42404 ssh2 ...	2020-08-13 18:59:17
180.97.80.246	attackbotsspam	Aug 6 21:34:50 webhost01 sshd[15122]: Failed password for root from 180.97.80.246 port 57528 ssh2 ...	2020-08-07 00:58:30

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 180.97.80.55
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 50938
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;180.97.80.55.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019041200 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Fri Apr 12 22:53:21 +08 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 55.80.97.180.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 55.80.97.180.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
108.58.41.139	attackbotsspam	Brute-force attempt banned	2020-01-08 06:47:52
200.194.36.177	attackspambots	port scan and connect, tcp 23 (telnet)	2020-01-08 07:00:01
167.99.203.202	attack	Jan 7 23:26:50 ourumov-web sshd\[16618\]: Invalid user capanni from 167.99.203.202 port 60364 Jan 7 23:26:50 ourumov-web sshd\[16618\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.203.202 Jan 7 23:26:52 ourumov-web sshd\[16618\]: Failed password for invalid user capanni from 167.99.203.202 port 60364 ssh2 ...	2020-01-08 06:44:36
77.88.191.126	attackbotsspam	1578431949 - 01/07/2020 22:19:09 Host: 77.88.191.126/77.88.191.126 Port: 23 TCP Blocked	2020-01-08 06:43:31
103.5.150.16	attackbotsspam	Automatic report - XMLRPC Attack	2020-01-08 06:32:06
159.65.157.194	attackspambots	Unauthorized connection attempt detected from IP address 159.65.157.194 to port 2220 [J]	2020-01-08 06:57:07
112.85.42.178	attackbots	2020-01-07T22:32:31.667012dmca.cloudsearch.cf sshd[16202]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.178 user=root 2020-01-07T22:32:33.219578dmca.cloudsearch.cf sshd[16202]: Failed password for root from 112.85.42.178 port 55436 ssh2 2020-01-07T22:32:36.495897dmca.cloudsearch.cf sshd[16202]: Failed password for root from 112.85.42.178 port 55436 ssh2 2020-01-07T22:32:31.667012dmca.cloudsearch.cf sshd[16202]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.178 user=root 2020-01-07T22:32:33.219578dmca.cloudsearch.cf sshd[16202]: Failed password for root from 112.85.42.178 port 55436 ssh2 2020-01-07T22:32:36.495897dmca.cloudsearch.cf sshd[16202]: Failed password for root from 112.85.42.178 port 55436 ssh2 2020-01-07T22:32:31.667012dmca.cloudsearch.cf sshd[16202]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.178 user=root 2020-01- ...	2020-01-08 06:33:25
116.7.17.191	attackbots	Automatic report - Port Scan	2020-01-08 07:00:48
111.231.72.231	attackspambots	Jan 7 18:58:23 vps46666688 sshd[12955]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.72.231 Jan 7 18:58:25 vps46666688 sshd[12955]: Failed password for invalid user et from 111.231.72.231 port 55838 ssh2 ...	2020-01-08 06:54:10
117.2.104.240	attackspambots	1578431936 - 01/07/2020 22:18:56 Host: 117.2.104.240/117.2.104.240 Port: 445 TCP Blocked	2020-01-08 06:53:01
188.12.49.153	attackbots	Hits on port : 88	2020-01-08 06:47:31
51.91.120.155	attackspambots	Jan 7 22:59:17 debian-2gb-nbg1-2 kernel: \[693674.088512\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=51.91.120.155 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=238 ID=54321 PROTO=TCP SPT=52924 DPT=23 WINDOW=65535 RES=0x00 SYN URGP=0	2020-01-08 06:56:21
198.27.90.106	attackbotsspam	Unauthorized connection attempt detected from IP address 198.27.90.106 to port 2220 [J]	2020-01-08 06:35:39
112.85.42.227	attackspambots	Jan 7 17:08:32 TORMINT sshd\[789\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.227 user=root Jan 7 17:08:34 TORMINT sshd\[789\]: Failed password for root from 112.85.42.227 port 13685 ssh2 Jan 7 17:09:34 TORMINT sshd\[852\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.227 user=root ...	2020-01-08 06:26:08
222.186.173.142	attackbotsspam	Jan 7 22:16:42 hcbbdb sshd\[8555\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.142 user=root Jan 7 22:16:45 hcbbdb sshd\[8555\]: Failed password for root from 222.186.173.142 port 64350 ssh2 Jan 7 22:17:07 hcbbdb sshd\[8599\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.142 user=root Jan 7 22:17:09 hcbbdb sshd\[8599\]: Failed password for root from 222.186.173.142 port 45080 ssh2 Jan 7 22:17:12 hcbbdb sshd\[8599\]: Failed password for root from 222.186.173.142 port 45080 ssh2	2020-01-08 06:25:12

最近上报的IP列表

116.250.198.242	91.250.48.221	170.0.124.173	82.209.197.102
103.102.239.113	125.114.5.163	216.244.66.246	185.141.60.213
189.110.109.126	106.124.137.86	193.19.118.101	103.216.60.85
58.235.77.222	167.249.76.19	156.209.38.6	60.246.2.156
69.114.137.189	188.15.116.164	191.243.244.14	2a02:27b0:4501:de80:d8af:8bee:ab1b:e73c