183.80.112.55 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Viet Nam

运营商(isp): FPT Telecom

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	(Oct 3) LEN=40 TTL=46 ID=10204 TCP DPT=8080 WINDOW=23361 SYN (Oct 2) LEN=40 TTL=46 ID=48529 TCP DPT=8080 WINDOW=23361 SYN (Oct 2) LEN=40 TTL=46 ID=43531 TCP DPT=8080 WINDOW=4604 SYN (Oct 2) LEN=40 TTL=46 ID=28080 TCP DPT=8080 WINDOW=23361 SYN (Oct 2) LEN=40 TTL=46 ID=37974 TCP DPT=8080 WINDOW=4604 SYN (Oct 1) LEN=40 TTL=46 ID=21968 TCP DPT=8080 WINDOW=4604 SYN (Oct 1) LEN=40 TTL=46 ID=5565 TCP DPT=8080 WINDOW=23361 SYN (Sep 30) LEN=40 TTL=42 ID=2467 TCP DPT=8080 WINDOW=23361 SYN (Sep 30) LEN=40 TTL=42 ID=61151 TCP DPT=8080 WINDOW=4604 SYN (Sep 30) LEN=40 TTL=46 ID=32510 TCP DPT=8080 WINDOW=23361 SYN	2019-10-03 05:46:51

类型

评论内容

时间

attackbotsspam

(Oct  3)  LEN=40 TTL=46 ID=10204 TCP DPT=8080 WINDOW=23361 SYN 
 (Oct  2)  LEN=40 TTL=46 ID=48529 TCP DPT=8080 WINDOW=23361 SYN 
 (Oct  2)  LEN=40 TTL=46 ID=43531 TCP DPT=8080 WINDOW=4604 SYN 
 (Oct  2)  LEN=40 TTL=46 ID=28080 TCP DPT=8080 WINDOW=23361 SYN 
 (Oct  2)  LEN=40 TTL=46 ID=37974 TCP DPT=8080 WINDOW=4604 SYN 
 (Oct  1)  LEN=40 TTL=46 ID=21968 TCP DPT=8080 WINDOW=4604 SYN 
 (Oct  1)  LEN=40 TTL=46 ID=5565 TCP DPT=8080 WINDOW=23361 SYN 
 (Sep 30)  LEN=40 TTL=42 ID=2467 TCP DPT=8080 WINDOW=23361 SYN 
 (Sep 30)  LEN=40 TTL=42 ID=61151 TCP DPT=8080 WINDOW=4604 SYN 
 (Sep 30)  LEN=40 TTL=46 ID=32510 TCP DPT=8080 WINDOW=23361 SYN

2019-10-03 05:46:51

相同子网IP讨论:

IP	类型	评论内容	时间
183.80.112.140	attackspam	1591501646 - 06/07/2020 05:47:26 Host: 183.80.112.140/183.80.112.140 Port: 445 TCP Blocked	2020-06-07 19:09:37
183.80.112.57	attackbots	Unauthorized connection attempt detected from IP address 183.80.112.57 to port 23	2020-01-01 20:48:08

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 183.80.112.55
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 8861
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;183.80.112.55.			IN	A

;; AUTHORITY SECTION:
.			490	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019100203 1800 900 604800 86400

;; Query time: 105 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Oct 03 05:46:48 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 55.112.80.183.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 55.112.80.183.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
61.93.201.198	attack	Repeated brute force against a port	2020-06-14 20:49:32
40.65.99.119	attackspambots	Jun 14 15:01:10 legacy sshd[25948]: Failed password for root from 40.65.99.119 port 39468 ssh2 Jun 14 15:06:08 legacy sshd[26027]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.65.99.119 Jun 14 15:06:11 legacy sshd[26027]: Failed password for invalid user admin from 40.65.99.119 port 41016 ssh2 ...	2020-06-14 21:06:14
106.13.140.33	attack	Jun 13 22:42:26 askasleikir sshd[29906]: Failed password for invalid user Administrator from 106.13.140.33 port 40856 ssh2 Jun 13 22:26:27 askasleikir sshd[29873]: Failed password for invalid user oscar from 106.13.140.33 port 43878 ssh2 Jun 13 22:36:49 askasleikir sshd[29895]: Failed password for invalid user golf from 106.13.140.33 port 51232 ssh2	2020-06-14 20:52:13
46.38.150.153	attackspam	Jun 14 14:55:39 relay postfix/smtpd\[2377\]: warning: unknown\[46.38.150.153\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 14 14:56:55 relay postfix/smtpd\[4604\]: warning: unknown\[46.38.150.153\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 14 14:57:06 relay postfix/smtpd\[29457\]: warning: unknown\[46.38.150.153\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 14 14:58:14 relay postfix/smtpd\[4604\]: warning: unknown\[46.38.150.153\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 14 14:58:30 relay postfix/smtpd\[2377\]: warning: unknown\[46.38.150.153\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-06-14 21:01:13
118.25.152.169	attackspambots	Jun 14 15:03:32 PorscheCustomer sshd[32607]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.152.169 Jun 14 15:03:35 PorscheCustomer sshd[32607]: Failed password for invalid user dongshihua from 118.25.152.169 port 52946 ssh2 Jun 14 15:12:16 PorscheCustomer sshd[420]: Failed password for root from 118.25.152.169 port 58128 ssh2 ...	2020-06-14 21:15:48
185.220.101.131	attack	Wordpress attack	2020-06-14 20:38:52
114.25.16.214	attackbots	Lines containing failures of 114.25.16.214 Jun 13 04:00:11 admin sshd[31869]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.25.16.214 user=r.r Jun 13 04:00:13 admin sshd[31869]: Failed password for r.r from 114.25.16.214 port 43336 ssh2 Jun 13 04:00:15 admin sshd[31869]: Received disconnect from 114.25.16.214 port 43336:11: Bye Bye [preauth] Jun 13 04:00:15 admin sshd[31869]: Disconnected from authenticating user r.r 114.25.16.214 port 43336 [preauth] Jun 13 04:16:17 admin sshd[32459]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.25.16.214 user=r.r Jun 13 04:16:19 admin sshd[32459]: Failed password for r.r from 114.25.16.214 port 54258 ssh2 Jun 13 04:16:20 admin sshd[32459]: Received disconnect from 114.25.16.214 port 54258:11: Bye Bye [preauth] Jun 13 04:16:20 admin sshd[32459]: Disconnected from authenticating user r.r 114.25.16.214 port 54258 [preauth] Jun 13 04:20:07 admin ........ ------------------------------	2020-06-14 20:39:56
51.83.150.210	attackspambots	Jun 14 08:49:47 lanister sshd[18640]: Invalid user hojune from 51.83.150.210 Jun 14 08:49:49 lanister sshd[18640]: Failed password for invalid user hojune from 51.83.150.210 port 59862 ssh2 Jun 14 08:53:03 lanister sshd[18652]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.150.210 user=root Jun 14 08:53:05 lanister sshd[18652]: Failed password for root from 51.83.150.210 port 33284 ssh2	2020-06-14 21:18:49
106.54.114.248	attackbotsspam	2020-06-14T08:18:41.6324131495-001 sshd[1407]: Failed password for root from 106.54.114.248 port 39012 ssh2 2020-06-14T08:23:08.0681791495-001 sshd[1555]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.114.248 user=root 2020-06-14T08:23:10.3762831495-001 sshd[1555]: Failed password for root from 106.54.114.248 port 60238 ssh2 2020-06-14T08:27:35.3162621495-001 sshd[1778]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.114.248 user=root 2020-06-14T08:27:37.2778121495-001 sshd[1778]: Failed password for root from 106.54.114.248 port 53366 ssh2 2020-06-14T08:32:06.4283571495-001 sshd[1903]: Invalid user yarn from 106.54.114.248 port 46612 ...	2020-06-14 21:03:21
220.247.237.230	attack	Jun 14 18:16:50 dhoomketu sshd[741573]: Failed password for root from 220.247.237.230 port 45164 ssh2 Jun 14 18:21:00 dhoomketu sshd[741656]: Invalid user gpr from 220.247.237.230 port 46010 Jun 14 18:21:00 dhoomketu sshd[741656]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.247.237.230 Jun 14 18:21:00 dhoomketu sshd[741656]: Invalid user gpr from 220.247.237.230 port 46010 Jun 14 18:21:03 dhoomketu sshd[741656]: Failed password for invalid user gpr from 220.247.237.230 port 46010 ssh2 ...	2020-06-14 21:06:36
107.175.33.16	attackspambots	2020-06-14T12:50:47.939194randservbullet-proofcloud-66.localdomain sshd[14010]: Invalid user fake from 107.175.33.16 port 51252 2020-06-14T12:50:47.943856randservbullet-proofcloud-66.localdomain sshd[14010]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.175.33.16 2020-06-14T12:50:47.939194randservbullet-proofcloud-66.localdomain sshd[14010]: Invalid user fake from 107.175.33.16 port 51252 2020-06-14T12:50:50.336690randservbullet-proofcloud-66.localdomain sshd[14010]: Failed password for invalid user fake from 107.175.33.16 port 51252 ssh2 ...	2020-06-14 21:18:20
51.77.213.136	attack	Jun 14 03:04:04 php1 sshd\[9942\]: Invalid user oy from 51.77.213.136 Jun 14 03:04:04 php1 sshd\[9942\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.213.136 Jun 14 03:04:06 php1 sshd\[9942\]: Failed password for invalid user oy from 51.77.213.136 port 54248 ssh2 Jun 14 03:07:23 php1 sshd\[10205\]: Invalid user sui from 51.77.213.136 Jun 14 03:07:23 php1 sshd\[10205\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.213.136	2020-06-14 21:08:02
78.38.109.37	attackbots	Unauthorized connection attempt from IP address 78.38.109.37 on Port 445(SMB)	2020-06-14 20:41:33
205.201.72.251	attack	Automatic report - Banned IP Access	2020-06-14 21:23:48
134.175.231.167	attackbotsspam	2020-06-14T14:50:45.0035811240 sshd\[14046\]: Invalid user helpdesk from 134.175.231.167 port 55732 2020-06-14T14:50:45.0073401240 sshd\[14046\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.231.167 2020-06-14T14:50:47.1244631240 sshd\[14046\]: Failed password for invalid user helpdesk from 134.175.231.167 port 55732 ssh2 ...	2020-06-14 21:19:01

最近上报的IP列表

169.183.14.104	47.74.244.144	143.171.147.204	45.95.33.124
13.124.235.225	125.188.196.113	209.212.194.123	51.38.98.23
106.16.230.136	68.88.88.228	69.207.124.83	215.211.216.188
182.133.247.238	185.129.113.227	32.31.230.193	154.70.108.201
187.159.144.17	209.107.95.174	117.143.159.12	83.13.150.206