34.80.9.55 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: Google LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Invalid user developer from 34.80.9.55 port 46914	2020-02-23 07:18:04
attackbotsspam	Feb 21 04:31:15 web1 sshd\[11707\]: Invalid user gitlab-runner from 34.80.9.55 Feb 21 04:31:15 web1 sshd\[11707\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=34.80.9.55 Feb 21 04:31:17 web1 sshd\[11707\]: Failed password for invalid user gitlab-runner from 34.80.9.55 port 46910 ssh2 Feb 21 04:34:59 web1 sshd\[12000\]: Invalid user ubuntu from 34.80.9.55 Feb 21 04:34:59 web1 sshd\[12000\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=34.80.9.55	2020-02-22 01:23:49
attack	Feb 20 22:09:33 kapalua sshd\[15055\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=55.9.80.34.bc.googleusercontent.com user=mail Feb 20 22:09:36 kapalua sshd\[15055\]: Failed password for mail from 34.80.9.55 port 33416 ssh2 Feb 20 22:11:35 kapalua sshd\[15254\]: Invalid user daniel from 34.80.9.55 Feb 20 22:11:35 kapalua sshd\[15254\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=55.9.80.34.bc.googleusercontent.com Feb 20 22:11:37 kapalua sshd\[15254\]: Failed password for invalid user daniel from 34.80.9.55 port 50776 ssh2	2020-02-21 16:54:18

Type

Details

Datetime

attackbotsspam

Invalid user developer from 34.80.9.55 port 46914

2020-02-23 07:18:04

attackbotsspam

Feb 21 04:31:15 web1 sshd\[11707\]: Invalid user gitlab-runner from 34.80.9.55
Feb 21 04:31:15 web1 sshd\[11707\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=34.80.9.55
Feb 21 04:31:17 web1 sshd\[11707\]: Failed password for invalid user gitlab-runner from 34.80.9.55 port 46910 ssh2
Feb 21 04:34:59 web1 sshd\[12000\]: Invalid user ubuntu from 34.80.9.55
Feb 21 04:34:59 web1 sshd\[12000\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=34.80.9.55

2020-02-22 01:23:49

attack

Feb 20 22:09:33 kapalua sshd\[15055\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=55.9.80.34.bc.googleusercontent.com  user=mail
Feb 20 22:09:36 kapalua sshd\[15055\]: Failed password for mail from 34.80.9.55 port 33416 ssh2
Feb 20 22:11:35 kapalua sshd\[15254\]: Invalid user daniel from 34.80.9.55
Feb 20 22:11:35 kapalua sshd\[15254\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=55.9.80.34.bc.googleusercontent.com
Feb 20 22:11:37 kapalua sshd\[15254\]: Failed password for invalid user daniel from 34.80.9.55 port 50776 ssh2

2020-02-21 16:54:18

Comments on same subnet:

IP	Type	Details	Datetime
34.80.93.245	attackspam	34.80.93.245 - - [21/Jul/2020:22:52:56 +0100] "POST /wp-login.php HTTP/1.1" 200 2121 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 34.80.93.245 - - [21/Jul/2020:22:52:59 +0100] "POST /wp-login.php HTTP/1.1" 200 2091 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 34.80.93.245 - - [21/Jul/2020:22:53:02 +0100] "POST /wp-login.php HTTP/1.1" 200 2092 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-07-22 06:34:04
34.80.93.190	attack	Attempt to hack Wordpress Login, XMLRPC or other login	2020-06-07 01:29:41

Type

Details

Datetime

34.80.93.245

attackspam

34.80.93.245 - - [21/Jul/2020:22:52:56 +0100] "POST /wp-login.php HTTP/1.1" 200 2121 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
34.80.93.245 - - [21/Jul/2020:22:52:59 +0100] "POST /wp-login.php HTTP/1.1" 200 2091 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
34.80.93.245 - - [21/Jul/2020:22:53:02 +0100] "POST /wp-login.php HTTP/1.1" 200 2092 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
...

2020-07-22 06:34:04

34.80.93.190

attack

Attempt to hack Wordpress Login, XMLRPC or other login

2020-06-07 01:29:41

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 34.80.9.55
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58973
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;34.80.9.55.			IN	A

;; AUTHORITY SECTION:
.			270	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020022100 1800 900 604800 86400

;; Query time: 126 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 21 16:54:14 CST 2020
;; MSG SIZE  rcvd: 114

Host info

55.9.80.34.in-addr.arpa domain name pointer 55.9.80.34.bc.googleusercontent.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
55.9.80.34.in-addr.arpa	name = 55.9.80.34.bc.googleusercontent.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
218.92.0.179	attackbotsspam	Jan 1 09:05:29 markkoudstaal sshd[16643]: Failed password for root from 218.92.0.179 port 32529 ssh2 Jan 1 09:05:43 markkoudstaal sshd[16643]: error: maximum authentication attempts exceeded for root from 218.92.0.179 port 32529 ssh2 [preauth] Jan 1 09:05:49 markkoudstaal sshd[16667]: Failed password for root from 218.92.0.179 port 7221 ssh2	2020-01-01 16:12:19
217.165.204.150	attackbotsspam	Jan 1 07:27:27 vps647732 sshd[13264]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.165.204.150 Jan 1 07:27:29 vps647732 sshd[13264]: Failed password for invalid user admin from 217.165.204.150 port 41164 ssh2 ...	2020-01-01 16:10:36
79.137.86.205	attackspambots	Jan 1 06:26:23 sw2 sshd[12463]: Failed password for invalid user ortensia from 79.137.86.205 port 34448 ssh2 Jan 1 06:27:24 sw2 sshd[12465]: Failed password for invalid user nagios from 79.137.86.205 port 40802 ssh2 Jan 1 06:27:54 sw2 sshd[12467]: Failed password for invalid user fqa from 79.137.86.205 port 44474 ssh2	2020-01-01 15:59:03
121.229.1.13	attack	Jan 1 08:44:04 host postfix/smtpd[51545]: warning: unknown[121.229.1.13]: SASL LOGIN authentication failed: authentication failure Jan 1 08:44:07 host postfix/smtpd[51545]: warning: unknown[121.229.1.13]: SASL LOGIN authentication failed: authentication failure ...	2020-01-01 16:09:07
183.238.53.242	attack	failed_logins	2020-01-01 16:04:17
197.50.38.130	attack	Automatic report - Port Scan Attack	2020-01-01 15:57:18
178.128.86.127	attackbotsspam	Jan 1 07:16:24 server sshd[3669]: Failed password for invalid user saint from 178.128.86.127 port 42126 ssh2 Jan 1 07:25:03 server sshd[3923]: Failed password for invalid user admin from 178.128.86.127 port 39250 ssh2 Jan 1 07:27:42 server sshd[3972]: Failed password for invalid user gamm from 178.128.86.127 port 34256 ssh2	2020-01-01 16:06:07
37.49.230.86	attack	\[2020-01-01 02:20:31\] NOTICE\[2839\] chan_sip.c: Registration from '"1" \' failed for '37.49.230.86:6940' - Wrong password \[2020-01-01 02:20:31\] SECURITY\[2857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-01-01T02:20:31.400-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="1",SessionID="0x7f0fb40a4b28",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/37.49.230.86/6940",Challenge="28426a75",ReceivedChallenge="28426a75",ReceivedHash="518e151094b9c5e55a39afd9f32a9a72" \[2020-01-01 02:20:31\] NOTICE\[2839\] chan_sip.c: Registration from '"1" \' failed for '37.49.230.86:6940' - Wrong password \[2020-01-01 02:20:31\] SECURITY\[2857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-01-01T02:20:31.505-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="1",SessionID="0x7f0fb40d3ec8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/37.49.230.86/6940",	2020-01-01 16:07:02
103.10.29.199	attack	Host Scan	2020-01-01 16:08:41
222.186.190.2	attack	$f2bV_matches	2020-01-01 16:02:07
201.192.152.202	attackspam	Jan 1 07:27:49 ns381471 sshd[1196]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.192.152.202 Jan 1 07:27:52 ns381471 sshd[1196]: Failed password for invalid user mdnsd from 201.192.152.202 port 53014 ssh2	2020-01-01 16:00:51
190.201.132.69	attackspam	1577860033 - 01/01/2020 07:27:13 Host: 190.201.132.69/190.201.132.69 Port: 445 TCP Blocked	2020-01-01 16:19:54
81.4.123.26	attackspam	20 attempts against mh-ssh on echoip.magehost.pro	2020-01-01 16:11:36
103.107.101.189	attackbotsspam	Jan 1 07:27:01 [host] sshd[17415]: Invalid user P4ss[at]w0rd! from 103.107.101.189 Jan 1 07:27:01 [host] sshd[17415]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.107.101.189 Jan 1 07:27:04 [host] sshd[17415]: Failed password for invalid user P4ss[at]w0rd! from 103.107.101.189 port 33282 ssh2	2020-01-01 16:24:46
66.249.64.208	attack	Automatic report - Banned IP Access	2020-01-01 16:03:42

Recently Reported IPs

54.189.61.52	5.56.133.236	146.120.97.55	94.245.132.131
85.224.198.0	152.140.54.196	49.234.43.39	79.101.58.66
193.148.64.124	34.83.166.192	161.117.10.233	123.23.26.82
200.236.114.5	159.203.184.225	8.211.242.184	37.114.141.26
212.124.0.243	139.239.186.223	110.104.32.156	201.92.233.189