34.80.239.138 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): Google LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Dec 24 06:22:46 plesk sshd[21394]: Invalid user bn from 34.80.239.138 Dec 24 06:22:49 plesk sshd[21394]: Failed password for invalid user bn from 34.80.239.138 port 27086 ssh2 Dec 24 06:22:49 plesk sshd[21394]: Received disconnect from 34.80.239.138: 11: Bye Bye [preauth] Dec 24 06:40:49 plesk sshd[26834]: Invalid user webadmin from 34.80.239.138 Dec 24 06:40:51 plesk sshd[26834]: Failed password for invalid user webadmin from 34.80.239.138 port 20396 ssh2 Dec 24 06:40:51 plesk sshd[26834]: Received disconnect from 34.80.239.138: 11: Bye Bye [preauth] Dec 24 06:43:35 plesk sshd[26977]: Invalid user tashima from 34.80.239.138 Dec 24 06:43:37 plesk sshd[26977]: Failed password for invalid user tashima from 34.80.239.138 port 47882 ssh2 Dec 24 06:43:38 plesk sshd[26977]: Received disconnect from 34.80.239.138: 11: Bye Bye [preauth] Dec 24 06:46:27 plesk sshd[27119]: Invalid user memorabilia from 34.80.239.138 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=34.8	2019-12-25 16:23:06
attack	"SSH brute force auth login attempt."	2019-12-25 06:48:00

类型

评论内容

时间

attackspam

Dec 24 06:22:46 plesk sshd[21394]: Invalid user bn from 34.80.239.138
Dec 24 06:22:49 plesk sshd[21394]: Failed password for invalid user bn from 34.80.239.138 port 27086 ssh2
Dec 24 06:22:49 plesk sshd[21394]: Received disconnect from 34.80.239.138: 11: Bye Bye [preauth]
Dec 24 06:40:49 plesk sshd[26834]: Invalid user webadmin from 34.80.239.138
Dec 24 06:40:51 plesk sshd[26834]: Failed password for invalid user webadmin from 34.80.239.138 port 20396 ssh2
Dec 24 06:40:51 plesk sshd[26834]: Received disconnect from 34.80.239.138: 11: Bye Bye [preauth]
Dec 24 06:43:35 plesk sshd[26977]: Invalid user tashima from 34.80.239.138
Dec 24 06:43:37 plesk sshd[26977]: Failed password for invalid user tashima from 34.80.239.138 port 47882 ssh2
Dec 24 06:43:38 plesk sshd[26977]: Received disconnect from 34.80.239.138: 11: Bye Bye [preauth]
Dec 24 06:46:27 plesk sshd[27119]: Invalid user memorabilia from 34.80.239.138


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=34.8

2019-12-25 16:23:06

attack

"SSH brute force auth login attempt."

2019-12-25 06:48:00

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 34.80.239.138
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31942
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;34.80.239.138.			IN	A

;; AUTHORITY SECTION:
.			550	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019122402 1800 900 604800 86400

;; Query time: 103 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Dec 25 06:47:56 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

138.239.80.34.in-addr.arpa domain name pointer 138.239.80.34.bc.googleusercontent.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
138.239.80.34.in-addr.arpa	name = 138.239.80.34.bc.googleusercontent.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
36.67.88.27	attackbotsspam	445/tcp 1433/tcp... [2020-02-08/03-30]8pkt,2pt.(tcp)	2020-03-31 06:45:08
88.157.229.58	attack	SSH Brute-Force reported by Fail2Ban	2020-03-31 06:36:21
111.229.123.125	attack	SSH invalid-user multiple login try	2020-03-31 06:11:51
103.145.12.34	attackbotsspam	[2020-03-30 18:19:27] NOTICE[1148][C-000192e4] chan_sip.c: Call from '' (103.145.12.34:9402) to extension '121301046812410072' rejected because extension not found in context 'public'. [2020-03-30 18:19:27] SECURITY[1163] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-03-30T18:19:27.260-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="121301046812410072",SessionID="0x7fd82cdb8718",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/103.145.12.34/9402",ACLName="no_extension_match" [2020-03-30 18:25:18] NOTICE[1148][C-000192eb] chan_sip.c: Call from '' (103.145.12.34:19982) to extension '12140046812410072' rejected because extension not found in context 'public'. [2020-03-30 18:25:18] SECURITY[1163] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-03-30T18:25:18.357-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="12140046812410072",SessionID="0x7fd82cdb8718",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="I ...	2020-03-31 06:33:43
107.172.68.43	attack	Unauthorized access detected from black listed ip!	2020-03-31 06:23:15
14.29.249.248	attackspam	Mar 31 00:18:04 sso sshd[29977]: Failed password for root from 14.29.249.248 port 54104 ssh2 Mar 31 00:34:29 sso sshd[32143]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.29.249.248 ...	2020-03-31 06:35:14
80.211.9.57	attackbotsspam	Mar 31 00:34:20 host sshd[17171]: Invalid user dl from 80.211.9.57 port 42756 ...	2020-03-31 06:47:50
222.173.81.22	attackspam	Brute force SMTP login attempted. ...	2020-03-31 06:23:55
91.211.250.91	attackspambots	Mar 31 00:34:20 debian-2gb-nbg1-2 kernel: \[7866716.205717\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=91.211.250.91 DST=195.201.40.59 LEN=44 TOS=0x00 PREC=0x00 TTL=55 ID=0 DF PROTO=TCP SPT=80 DPT=20264 WINDOW=29200 RES=0x00 ACK SYN URGP=0	2020-03-31 06:46:23
106.12.34.32	attackspambots	Invalid user ujk from 106.12.34.32 port 41626	2020-03-31 06:19:17
85.93.211.130	attack	Mar 28 15:15:33 yolandtech-ams3 sshd\[9465\]: Invalid user NetLinx from 85.93.211.130 Mar 28 15:15:33 yolandtech-ams3 sshd\[9467\]: Invalid user nexthink from 85.93.211.130 Mar 28 15:15:33 yolandtech-ams3 sshd\[9469\]: Invalid user misp from 85.93.211.130 Mar 28 15:15:33 yolandtech-ams3 sshd\[9471\]: Invalid user osbash from 85.93.211.130 Mar 28 15:15:37 yolandtech-ams3 sshd\[9551\]: Invalid user admin from 85.93.211.130 Mar 28 15:15:37 yolandtech-ams3 sshd\[9553\]: Invalid user admin from 85.93.211.130 Mar 28 15:15:37 yolandtech-ams3 sshd\[9555\]: Invalid user admin from 85.93.211.130 Mar 28 15:15:37 yolandtech-ams3 sshd\[9557\]: Invalid user admin from 85.93.211.130 Mar 28 15:15:37 yolandtech-ams3 sshd\[9559\]: Invalid user admin from 85.93.211.130 Mar 28 15:15:37 yolandtech-ams3 sshd\[9561\]: Invalid user admin from 85.93.211.130 Mar 28 15:15:37 yolandtech-ams3 sshd\[9563\]: Invalid user pi from 85.93.211.130 Mar 28 15:15:37 yolandtech-ams3 sshd\[9565\]: Invalid user pi from 85.93.2 ...	2020-03-31 06:25:14
222.170.63.27	attack	Brute force SMTP login attempted. ...	2020-03-31 06:28:13
106.52.134.88	attack	Mar 30 21:32:11 ewelt sshd[27277]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.134.88 user=root Mar 30 21:32:13 ewelt sshd[27277]: Failed password for root from 106.52.134.88 port 47450 ssh2 Mar 30 21:35:10 ewelt sshd[27436]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.134.88 user=root Mar 30 21:35:12 ewelt sshd[27436]: Failed password for root from 106.52.134.88 port 53762 ssh2 ...	2020-03-31 06:10:33
139.99.84.85	attackbotsspam	Mar 31 00:26:07 srv-ubuntu-dev3 sshd[15533]: Invalid user www from 139.99.84.85 Mar 31 00:26:07 srv-ubuntu-dev3 sshd[15533]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.84.85 Mar 31 00:26:07 srv-ubuntu-dev3 sshd[15533]: Invalid user www from 139.99.84.85 Mar 31 00:26:08 srv-ubuntu-dev3 sshd[15533]: Failed password for invalid user www from 139.99.84.85 port 44946 ssh2 Mar 31 00:30:07 srv-ubuntu-dev3 sshd[16151]: Invalid user apex from 139.99.84.85 Mar 31 00:30:07 srv-ubuntu-dev3 sshd[16151]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.84.85 Mar 31 00:30:07 srv-ubuntu-dev3 sshd[16151]: Invalid user apex from 139.99.84.85 Mar 31 00:30:09 srv-ubuntu-dev3 sshd[16151]: Failed password for invalid user apex from 139.99.84.85 port 57172 ssh2 Mar 31 00:34:18 srv-ubuntu-dev3 sshd[16813]: Invalid user iy from 139.99.84.85 ...	2020-03-31 06:48:30
87.4.51.24	attackspam	Telnet/23 MH Probe, Scan, BF, Hack -	2020-03-31 06:09:53

最近上报的IP列表

166.251.30.141	113.181.120.54	122.173.41.245	196.219.144.102
182.232.117.134	208.110.64.150	119.76.190.126	192.137.158.21
171.33.248.174	140.206.184.170	82.211.131.102	82.54.80.44
80.64.29.9	80.144.237.28	122.154.251.22	148.245.68.13
39.98.59.149	13.234.11.10	198.50.180.175	106.54.114.143