34.80.55.211 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America

运营商(isp): Google LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Apr 21 23:16:39 haigwepa sshd[12208]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=34.80.55.211 Apr 21 23:16:40 haigwepa sshd[12208]: Failed password for invalid user yw from 34.80.55.211 port 35832 ssh2 ...	2020-04-22 06:36:40

类型

评论内容

时间

attack

Apr 21 23:16:39 haigwepa sshd[12208]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=34.80.55.211 
Apr 21 23:16:40 haigwepa sshd[12208]: Failed password for invalid user yw from 34.80.55.211 port 35832 ssh2
...

2020-04-22 06:36:40

相同子网IP讨论:

IP	类型	评论内容	时间
34.80.55.216	attackspambots	WordPress (CMS) attack attempts. Date: 2019 Jul 30. 22:26:52 Source IP: 34.80.55.216 Portion of the log(s): 34.80.55.216 - [30/Jul/2019:22:26:51 +0200] "GET /wp-login.php HTTP/1.1" 404 118 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 34.80.55.216 - [30/Jul/2019:22:26:51 +0200] "POST /wp-login.php HTTP/1.1" 404 118 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 34.80.55.216 - [30/Jul/2019:22:26:49 +0200] "GET /wp-login.php HTTP/1.1" 404 118 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 34.80.55.216 - [30/Jul/2019:22:26:48 +0200] "POST /wp-login.php HTTP/1.1" 404 118 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 34.80.55.216 - [30/Jul/2019:22:26:47 +0200] "GET /wp-login.php HTTP/1.1" 404 118 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 34.80.55.216 - [30/Jul/2019:22:26:46 +0200] "POST /wp-login.php	2019-07-31 13:28:28

类型

评论内容

时间

34.80.55.216

attackspambots

WordPress (CMS) attack attempts.
Date: 2019 Jul 30. 22:26:52
Source IP: 34.80.55.216

Portion of the log(s):
34.80.55.216 - [30/Jul/2019:22:26:51 +0200] "GET /wp-login.php HTTP/1.1" 404 118 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
34.80.55.216 - [30/Jul/2019:22:26:51 +0200] "POST /wp-login.php HTTP/1.1" 404 118 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
34.80.55.216 - [30/Jul/2019:22:26:49 +0200] "GET /wp-login.php HTTP/1.1" 404 118 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
34.80.55.216 - [30/Jul/2019:22:26:48 +0200] "POST /wp-login.php HTTP/1.1" 404 118 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
34.80.55.216 - [30/Jul/2019:22:26:47 +0200] "GET /wp-login.php HTTP/1.1" 404 118 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
34.80.55.216 - [30/Jul/2019:22:26:46 +0200] "POST /wp-login.php

2019-07-31 13:28:28

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 34.80.55.211
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6028
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;34.80.55.211.			IN	A

;; AUTHORITY SECTION:
.			599	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020042101 1800 900 604800 86400

;; Query time: 219 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Apr 22 06:36:32 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

211.55.80.34.in-addr.arpa domain name pointer 211.55.80.34.bc.googleusercontent.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
211.55.80.34.in-addr.arpa	name = 211.55.80.34.bc.googleusercontent.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
36.112.134.215	attack	Apr 8 14:52:13 Ubuntu-1404-trusty-64-minimal sshd\[23263\]: Invalid user user from 36.112.134.215 Apr 8 14:52:13 Ubuntu-1404-trusty-64-minimal sshd\[23263\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.112.134.215 Apr 8 14:52:15 Ubuntu-1404-trusty-64-minimal sshd\[23263\]: Failed password for invalid user user from 36.112.134.215 port 45592 ssh2 Apr 8 14:57:00 Ubuntu-1404-trusty-64-minimal sshd\[26905\]: Invalid user ubuntu from 36.112.134.215 Apr 8 14:57:00 Ubuntu-1404-trusty-64-minimal sshd\[26905\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.112.134.215	2020-04-08 21:42:36
163.172.163.226	attackbotsspam	2020-04-08 x@x 2020-04-08 x@x 2020-04-08 x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=163.172.163.226	2020-04-08 21:47:02
52.130.76.130	attackspam	(sshd) Failed SSH login from 52.130.76.130 (CN/China/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Apr 8 08:42:54 host sshd[36554]: Invalid user esbuser from 52.130.76.130 port 33054	2020-04-08 21:46:06
23.106.219.169	attackbots	(From claudiauclement@yahoo.com)(From claudiauclement@yahoo.com) Hi, We are wondering if you would be interested in our service, where we can provide you with a dofollow link from Amazon (DA 96) back to nhchiropractors.com? The price is just $67 per link, via Paypal. To explain what DA is and the benefit for your website, along with a sample of an existing link, please read here: https://textuploader.com/16bnu If you'd be interested in learning more, reply to this email but please make sure you include the word INTERESTED in the subject line field, so we can get to your reply sooner. Kind Regards, Claudia	2020-04-08 22:03:36
111.230.141.189	attackspambots	Automatic report - SSH Brute-Force Attack	2020-04-08 21:40:19
39.110.213.198	attackbotsspam	Apr 8 15:27:55 srv-ubuntu-dev3 sshd[9824]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=39.110.213.198 user=root Apr 8 15:27:56 srv-ubuntu-dev3 sshd[9824]: Failed password for root from 39.110.213.198 port 62434 ssh2 Apr 8 15:31:55 srv-ubuntu-dev3 sshd[10488]: Invalid user testftp from 39.110.213.198 Apr 8 15:31:55 srv-ubuntu-dev3 sshd[10488]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=39.110.213.198 Apr 8 15:31:55 srv-ubuntu-dev3 sshd[10488]: Invalid user testftp from 39.110.213.198 Apr 8 15:31:57 srv-ubuntu-dev3 sshd[10488]: Failed password for invalid user testftp from 39.110.213.198 port 60387 ssh2 Apr 8 15:36:00 srv-ubuntu-dev3 sshd[11121]: Invalid user clark from 39.110.213.198 Apr 8 15:36:00 srv-ubuntu-dev3 sshd[11121]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=39.110.213.198 Apr 8 15:36:00 srv-ubuntu-dev3 sshd[11121]: Invalid user clark ...	2020-04-08 21:57:03
167.172.238.159	attackspambots	Lines containing failures of 167.172.238.159 Apr 8 14:23:59 linuxrulz sshd[14067]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.172.238.159 user=postgres Apr 8 14:24:01 linuxrulz sshd[14067]: Failed password for postgres from 167.172.238.159 port 52258 ssh2 Apr 8 14:24:01 linuxrulz sshd[14067]: Received disconnect from 167.172.238.159 port 52258:11: Bye Bye [preauth] Apr 8 14:24:01 linuxrulz sshd[14067]: Disconnected from authenticating user postgres 167.172.238.159 port 52258 [preauth] Apr 8 14:25:08 linuxrulz sshd[14402]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.172.238.159 user=postgres Apr 8 14:25:10 linuxrulz sshd[14402]: Failed password for postgres from 167.172.238.159 port 34920 ssh2 Apr 8 14:25:10 linuxrulz sshd[14402]: Received disconnect from 167.172.238.159 port 34920:11: Bye Bye [preauth] Apr 8 14:25:10 linuxrulz sshd[14402]: Disconnected from authenti........ ------------------------------	2020-04-08 22:02:39
83.4.218.237	attack	Apr 8 15:34:00 master sshd[26769]: Failed password for invalid user pi from 83.4.218.237 port 60300 ssh2 Apr 8 15:34:00 master sshd[26771]: Failed password for invalid user pi from 83.4.218.237 port 60304 ssh2	2020-04-08 21:56:33
85.99.228.42	attackspambots	" "	2020-04-08 22:15:54
5.196.197.77	attackbotsspam	Apr 8 sshd[10346]: Invalid user postgres from 5.196.197.77 port 56556	2020-04-08 22:05:35
2a00:1098:84::4	attackspambots	Apr 8 14:25:54 l03 sshd[16718]: Invalid user user2 from 2a00:1098:84::4 port 32944 ...	2020-04-08 21:30:56
106.12.136.242	attackbotsspam	Apr 8 08:40:09 ny01 sshd[12888]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.136.242 Apr 8 08:40:10 ny01 sshd[12888]: Failed password for invalid user test from 106.12.136.242 port 57924 ssh2 Apr 8 08:42:51 ny01 sshd[13174]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.136.242	2020-04-08 21:52:03
79.40.208.172	attackspambots	Automatic report - Port Scan Attack	2020-04-08 22:00:00
38.83.106.148	attackbotsspam	Apr 8 15:30:57 OPSO sshd\[10026\]: Invalid user hduser from 38.83.106.148 port 40128 Apr 8 15:30:57 OPSO sshd\[10026\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=38.83.106.148 Apr 8 15:30:59 OPSO sshd\[10026\]: Failed password for invalid user hduser from 38.83.106.148 port 40128 ssh2 Apr 8 15:35:00 OPSO sshd\[10755\]: Invalid user deploy from 38.83.106.148 port 50764 Apr 8 15:35:00 OPSO sshd\[10755\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=38.83.106.148	2020-04-08 21:48:51
107.170.37.74	attackspambots	Apr 8 15:05:42 plex sshd[5025]: Invalid user developer from 107.170.37.74 port 39217	2020-04-08 21:55:55

最近上报的IP列表

200.119.112.204	114.76.192.74	196.86.178.20	221.227.119.99
201.230.83.202	104.63.181.38	1.146.234.24	189.213.138.7
97.37.41.117	208.36.85.154	173.246.204.250	139.186.71.224
112.83.38.12	24.52.88.12	145.63.14.81	221.89.75.222
107.150.2.181	108.122.78.135	41.114.160.112	187.18.108.120