34.80.55.211 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America

运营商(isp): Google LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Apr 21 23:16:39 haigwepa sshd[12208]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=34.80.55.211 Apr 21 23:16:40 haigwepa sshd[12208]: Failed password for invalid user yw from 34.80.55.211 port 35832 ssh2 ...	2020-04-22 06:36:40

类型

评论内容

时间

attack

Apr 21 23:16:39 haigwepa sshd[12208]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=34.80.55.211 
Apr 21 23:16:40 haigwepa sshd[12208]: Failed password for invalid user yw from 34.80.55.211 port 35832 ssh2
...

2020-04-22 06:36:40

相同子网IP讨论:

IP	类型	评论内容	时间
34.80.55.216	attackspambots	WordPress (CMS) attack attempts. Date: 2019 Jul 30. 22:26:52 Source IP: 34.80.55.216 Portion of the log(s): 34.80.55.216 - [30/Jul/2019:22:26:51 +0200] "GET /wp-login.php HTTP/1.1" 404 118 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 34.80.55.216 - [30/Jul/2019:22:26:51 +0200] "POST /wp-login.php HTTP/1.1" 404 118 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 34.80.55.216 - [30/Jul/2019:22:26:49 +0200] "GET /wp-login.php HTTP/1.1" 404 118 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 34.80.55.216 - [30/Jul/2019:22:26:48 +0200] "POST /wp-login.php HTTP/1.1" 404 118 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 34.80.55.216 - [30/Jul/2019:22:26:47 +0200] "GET /wp-login.php HTTP/1.1" 404 118 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 34.80.55.216 - [30/Jul/2019:22:26:46 +0200] "POST /wp-login.php	2019-07-31 13:28:28

类型

评论内容

时间

34.80.55.216

attackspambots

WordPress (CMS) attack attempts.
Date: 2019 Jul 30. 22:26:52
Source IP: 34.80.55.216

Portion of the log(s):
34.80.55.216 - [30/Jul/2019:22:26:51 +0200] "GET /wp-login.php HTTP/1.1" 404 118 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
34.80.55.216 - [30/Jul/2019:22:26:51 +0200] "POST /wp-login.php HTTP/1.1" 404 118 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
34.80.55.216 - [30/Jul/2019:22:26:49 +0200] "GET /wp-login.php HTTP/1.1" 404 118 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
34.80.55.216 - [30/Jul/2019:22:26:48 +0200] "POST /wp-login.php HTTP/1.1" 404 118 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
34.80.55.216 - [30/Jul/2019:22:26:47 +0200] "GET /wp-login.php HTTP/1.1" 404 118 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
34.80.55.216 - [30/Jul/2019:22:26:46 +0200] "POST /wp-login.php

2019-07-31 13:28:28

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 34.80.55.211
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6028
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;34.80.55.211.			IN	A

;; AUTHORITY SECTION:
.			599	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020042101 1800 900 604800 86400

;; Query time: 219 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Apr 22 06:36:32 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

211.55.80.34.in-addr.arpa domain name pointer 211.55.80.34.bc.googleusercontent.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
211.55.80.34.in-addr.arpa	name = 211.55.80.34.bc.googleusercontent.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
92.154.95.236	attackspambots	Port scan detected	2020-08-21 17:17:41
144.34.130.211	attackspam	$f2bV_matches	2020-08-21 17:26:13
1.119.131.102	attackspam	Aug 21 08:41:29 mellenthin sshd[12570]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.119.131.102 user=root Aug 21 08:41:31 mellenthin sshd[12570]: Failed password for invalid user root from 1.119.131.102 port 37233 ssh2	2020-08-21 17:33:13
139.99.192.189	attackspambots	[2020-08-21 05:13:12] NOTICE[1185] chan_sip.c: Registration from '"668"' failed for '139.99.192.189:49864' - Wrong password [2020-08-21 05:13:12] SECURITY[1203] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-08-21T05:13:12.224-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="668",SessionID="0x7f10c405a408",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/139.99.192.189/49864",Challenge="386eeeb8",ReceivedChallenge="386eeeb8",ReceivedHash="a9351edff0f7401f32ff36b939fd0afe" [2020-08-21 05:15:14] NOTICE[1185] chan_sip.c: Registration from '"669"' failed for '139.99.192.189:1553' - Wrong password [2020-08-21 05:15:14] SECURITY[1203] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-08-21T05:15:14.585-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="669",SessionID="0x7f10c43f67a8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/139.9 ...	2020-08-21 17:19:11
139.99.40.44	attack	Aug 20 19:35:16 sachi sshd\[22636\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.40.44 user=root Aug 20 19:35:18 sachi sshd\[22636\]: Failed password for root from 139.99.40.44 port 57522 ssh2 Aug 20 19:42:17 sachi sshd\[23250\]: Invalid user spark from 139.99.40.44 Aug 20 19:42:17 sachi sshd\[23250\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.40.44 Aug 20 19:42:19 sachi sshd\[23250\]: Failed password for invalid user spark from 139.99.40.44 port 37280 ssh2	2020-08-21 17:43:07
95.130.181.11	attackspambots	2020-08-21T15:04:06.306798billing sshd[11718]: Invalid user dedy from 95.130.181.11 port 34896 2020-08-21T15:04:08.272415billing sshd[11718]: Failed password for invalid user dedy from 95.130.181.11 port 34896 ssh2 2020-08-21T15:07:53.479652billing sshd[20303]: Invalid user rain from 95.130.181.11 port 44412 ...	2020-08-21 17:20:35
170.254.3.194	attack	20/8/20@23:52:56: FAIL: Alarm-Intrusion address from=170.254.3.194 20/8/20@23:52:56: FAIL: Alarm-Intrusion address from=170.254.3.194 ...	2020-08-21 17:24:54
147.139.130.224	attack	2020-08-21T06:42:07.968655+02:00 sshd[20680]: Failed password for invalid user planning from 147.139.130.224 port 45006 ssh2	2020-08-21 17:55:24
119.45.114.87	attack	SSH Brute-Forcing (server2)	2020-08-21 17:43:35
58.87.84.31	attackspambots	Invalid user admin from 58.87.84.31 port 54580	2020-08-21 17:38:14
182.53.6.90	attackspam	Unauthorized connection attempt from IP address 182.53.6.90 on Port 445(SMB)	2020-08-21 17:30:54
107.179.13.141	attack	Aug 21 07:44:01 *** sshd[14360]: User root from 107.179.13.141 not allowed because not listed in AllowUsers	2020-08-21 17:47:32
152.32.229.70	attackspambots	2020-08-21T12:40:02.667033mail.standpoint.com.ua sshd[10938]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.32.229.70 2020-08-21T12:40:02.664428mail.standpoint.com.ua sshd[10938]: Invalid user ts3server from 152.32.229.70 port 51270 2020-08-21T12:40:04.160920mail.standpoint.com.ua sshd[10938]: Failed password for invalid user ts3server from 152.32.229.70 port 51270 ssh2 2020-08-21T12:42:14.442066mail.standpoint.com.ua sshd[11254]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.32.229.70 user=root 2020-08-21T12:42:16.056420mail.standpoint.com.ua sshd[11254]: Failed password for root from 152.32.229.70 port 53870 ssh2 ...	2020-08-21 17:53:07
65.185.153.162	spamattack	sofia tell laney to unblock me and you unblock me	2020-08-21 17:33:36
122.245.90.125	attack	37215/tcp 37215/tcp 37215/tcp [2020-08-19/21]3pkt	2020-08-21 17:34:20

最近上报的IP列表

200.119.112.204	114.76.192.74	196.86.178.20	221.227.119.99
201.230.83.202	104.63.181.38	1.146.234.24	189.213.138.7
97.37.41.117	208.36.85.154	173.246.204.250	139.186.71.224
112.83.38.12	24.52.88.12	145.63.14.81	221.89.75.222
107.150.2.181	108.122.78.135	41.114.160.112	187.18.108.120