34.80.55.211 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America

运营商(isp): Google LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Apr 21 23:16:39 haigwepa sshd[12208]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=34.80.55.211 Apr 21 23:16:40 haigwepa sshd[12208]: Failed password for invalid user yw from 34.80.55.211 port 35832 ssh2 ...	2020-04-22 06:36:40

类型

评论内容

时间

attack

Apr 21 23:16:39 haigwepa sshd[12208]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=34.80.55.211 
Apr 21 23:16:40 haigwepa sshd[12208]: Failed password for invalid user yw from 34.80.55.211 port 35832 ssh2
...

2020-04-22 06:36:40

相同子网IP讨论:

IP	类型	评论内容	时间
34.80.55.216	attackspambots	WordPress (CMS) attack attempts. Date: 2019 Jul 30. 22:26:52 Source IP: 34.80.55.216 Portion of the log(s): 34.80.55.216 - [30/Jul/2019:22:26:51 +0200] "GET /wp-login.php HTTP/1.1" 404 118 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 34.80.55.216 - [30/Jul/2019:22:26:51 +0200] "POST /wp-login.php HTTP/1.1" 404 118 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 34.80.55.216 - [30/Jul/2019:22:26:49 +0200] "GET /wp-login.php HTTP/1.1" 404 118 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 34.80.55.216 - [30/Jul/2019:22:26:48 +0200] "POST /wp-login.php HTTP/1.1" 404 118 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 34.80.55.216 - [30/Jul/2019:22:26:47 +0200] "GET /wp-login.php HTTP/1.1" 404 118 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 34.80.55.216 - [30/Jul/2019:22:26:46 +0200] "POST /wp-login.php	2019-07-31 13:28:28

类型

评论内容

时间

34.80.55.216

attackspambots

WordPress (CMS) attack attempts.
Date: 2019 Jul 30. 22:26:52
Source IP: 34.80.55.216

Portion of the log(s):
34.80.55.216 - [30/Jul/2019:22:26:51 +0200] "GET /wp-login.php HTTP/1.1" 404 118 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
34.80.55.216 - [30/Jul/2019:22:26:51 +0200] "POST /wp-login.php HTTP/1.1" 404 118 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
34.80.55.216 - [30/Jul/2019:22:26:49 +0200] "GET /wp-login.php HTTP/1.1" 404 118 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
34.80.55.216 - [30/Jul/2019:22:26:48 +0200] "POST /wp-login.php HTTP/1.1" 404 118 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
34.80.55.216 - [30/Jul/2019:22:26:47 +0200] "GET /wp-login.php HTTP/1.1" 404 118 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
34.80.55.216 - [30/Jul/2019:22:26:46 +0200] "POST /wp-login.php

2019-07-31 13:28:28

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 34.80.55.211
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6028
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;34.80.55.211.			IN	A

;; AUTHORITY SECTION:
.			599	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020042101 1800 900 604800 86400

;; Query time: 219 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Apr 22 06:36:32 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

211.55.80.34.in-addr.arpa domain name pointer 211.55.80.34.bc.googleusercontent.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
211.55.80.34.in-addr.arpa	name = 211.55.80.34.bc.googleusercontent.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
195.239.162.94	attack	Oct 30 12:48:37 ns41 sshd[13274]: Failed password for root from 195.239.162.94 port 34702 ssh2 Oct 30 12:49:46 ns41 sshd[13306]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.239.162.94 Oct 30 12:49:47 ns41 sshd[13306]: Failed password for invalid user jesse from 195.239.162.94 port 34062 ssh2	2019-10-31 01:08:17
82.196.14.222	attackspambots	SSH invalid-user multiple login try	2019-10-31 01:00:33
45.136.110.44	attack	Oct 30 17:11:05 h2177944 kernel: \[5327606.780482\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.110.44 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=65226 PROTO=TCP SPT=54188 DPT=2371 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 30 17:13:24 h2177944 kernel: \[5327746.102609\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.110.44 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=58505 PROTO=TCP SPT=54188 DPT=3297 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 30 17:37:29 h2177944 kernel: \[5329190.110979\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.110.44 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=14085 PROTO=TCP SPT=54188 DPT=3321 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 30 17:54:14 h2177944 kernel: \[5330195.103883\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.110.44 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=11800 PROTO=TCP SPT=54188 DPT=2101 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 30 17:55:14 h2177944 kernel: \[5330255.501575\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.110.44 DST=85.214.117.9	2019-10-31 01:02:21
163.172.157.162	attackspambots	Oct 30 14:13:02 meumeu sshd[19270]: Failed password for root from 163.172.157.162 port 47552 ssh2 Oct 30 14:17:14 meumeu sshd[19816]: Failed password for root from 163.172.157.162 port 58238 ssh2 ...	2019-10-31 00:23:53
175.23.70.106	attack	firewall-block, port(s): 60001/tcp	2019-10-31 00:43:05
40.73.116.245	attack	Oct 30 11:45:07 yesfletchmain sshd\[17184\]: Invalid user nyx from 40.73.116.245 port 48978 Oct 30 11:45:07 yesfletchmain sshd\[17184\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.73.116.245 Oct 30 11:45:10 yesfletchmain sshd\[17184\]: Failed password for invalid user nyx from 40.73.116.245 port 48978 ssh2 Oct 30 11:50:28 yesfletchmain sshd\[17374\]: User root from 40.73.116.245 not allowed because not listed in AllowUsers Oct 30 11:50:28 yesfletchmain sshd\[17374\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.73.116.245 user=root ...	2019-10-31 00:35:02
106.13.130.146	attackbotsspam	2019-10-30T16:31:37.891235abusebot-3.cloudsearch.cf sshd\[1153\]: Invalid user test from 106.13.130.146 port 46474	2019-10-31 00:46:14
49.235.243.246	attackbots	5x Failed Password	2019-10-31 00:34:44
92.222.181.159	attackbotsspam	Oct 30 14:25:20 server sshd\[3870\]: Invalid user 123\#TradeLinuxKi!l\\|iN6\#Th3Ph03$%nix@NdR3b!irD from 92.222.181.159 port 52961 Oct 30 14:25:20 server sshd\[3870\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.222.181.159 Oct 30 14:25:22 server sshd\[3870\]: Failed password for invalid user 123\#TradeLinuxKi!l\\|iN6\#Th3Ph03$%nix@NdR3b!irD from 92.222.181.159 port 52961 ssh2 Oct 30 14:29:16 server sshd\[24950\]: Invalid user tijdelijk from 92.222.181.159 port 44395 Oct 30 14:29:16 server sshd\[24950\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.222.181.159	2019-10-31 00:57:50
195.143.103.194	attackspambots	Oct 30 12:03:17 web8 sshd\[13293\]: Invalid user Else from 195.143.103.194 Oct 30 12:03:17 web8 sshd\[13293\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.143.103.194 Oct 30 12:03:19 web8 sshd\[13293\]: Failed password for invalid user Else from 195.143.103.194 port 43886 ssh2 Oct 30 12:07:55 web8 sshd\[15295\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.143.103.194 user=root Oct 30 12:07:57 web8 sshd\[15295\]: Failed password for root from 195.143.103.194 port 35738 ssh2	2019-10-31 01:07:46
218.92.0.157	attack	Oct 30 16:21:48 amit sshd\[4678\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.157 user=root Oct 30 16:21:50 amit sshd\[4678\]: Failed password for root from 218.92.0.157 port 29688 ssh2 Oct 30 16:22:12 amit sshd\[4680\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.157 user=root ...	2019-10-31 00:57:33
45.136.110.47	attackbots	Oct 30 15:32:53 h2177944 kernel: \[5321715.802565\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.110.47 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=37512 PROTO=TCP SPT=48368 DPT=7709 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 30 15:33:12 h2177944 kernel: \[5321734.927479\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.110.47 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=5322 PROTO=TCP SPT=48368 DPT=7137 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 30 15:42:51 h2177944 kernel: \[5322313.931056\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.110.47 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=41193 PROTO=TCP SPT=48368 DPT=8117 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 30 15:54:39 h2177944 kernel: \[5323021.898462\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.110.47 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=11402 PROTO=TCP SPT=48368 DPT=7225 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 30 16:16:15 h2177944 kernel: \[5324317.687129\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.110.47 DST=85.214.117.9	2019-10-31 01:00:55
171.118.149.61	attackspam	firewall-block, port(s): 23/tcp	2019-10-31 00:44:53
79.126.209.108	attackspam	445/tcp [2019-10-30]1pkt	2019-10-31 00:29:47
23.129.64.169	attack	blacklist username 0 Invalid user 0 from 23.129.64.169 port 21777	2019-10-31 00:41:27

最近上报的IP列表

200.119.112.204	114.76.192.74	196.86.178.20	221.227.119.99
201.230.83.202	104.63.181.38	1.146.234.24	189.213.138.7
97.37.41.117	208.36.85.154	173.246.204.250	139.186.71.224
112.83.38.12	24.52.88.12	145.63.14.81	221.89.75.222
107.150.2.181	108.122.78.135	41.114.160.112	187.18.108.120