54.193.68.193 - IPInfo

基本信息:

城市(city): San Jose

省份(region): California

国家(country): United States

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 54.193.68.193
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 34829
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;54.193.68.193.			IN	A

;; AUTHORITY SECTION:
.			377	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019100300 1800 900 604800 86400

;; Query time: 159 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Oct 03 20:18:27 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

193.68.193.54.in-addr.arpa domain name pointer ec2-54-193-68-193.us-west-1.compute.amazonaws.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
193.68.193.54.in-addr.arpa	name = ec2-54-193-68-193.us-west-1.compute.amazonaws.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
59.126.69.60	attack	Nov 5 12:02:24 ingram sshd[23995]: Failed password for r.r from 59.126.69.60 port 57162 ssh2 Nov 5 12:18:55 ingram sshd[24173]: Failed password for r.r from 59.126.69.60 port 48002 ssh2 Nov 5 12:23:04 ingram sshd[24223]: Invalid user oracle2 from 59.126.69.60 Nov 5 12:23:04 ingram sshd[24223]: Failed password for invalid user oracle2 from 59.126.69.60 port 58726 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=59.126.69.60	2019-11-07 16:02:47
103.23.224.121	attackbots	11/07/2019-07:29:17.299389 103.23.224.121 Protocol: 6 ET POLICY Cleartext WordPress Login	2019-11-07 15:51:13
125.78.17.252	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/125.78.17.252/ AU - 1H : (25) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : AU NAME ASN : ASN4134 IP : 125.78.17.252 CIDR : 125.78.0.0/15 PREFIX COUNT : 5430 UNIQUE IP COUNT : 106919680 ATTACKS DETECTED ASN4134 : 1H - 19 3H - 56 6H - 101 12H - 163 24H - 297 DateTime : 2019-11-07 07:29:26 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-11-07 15:45:20
36.89.241.162	attack	36.89.241.162 - - [07/Nov/2019:07:29:29 +0100] "GET /wp-login.php HTTP/1.1" 200 1238 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 36.89.241.162 - - [07/Nov/2019:07:29:32 +0100] "POST /wp-login.php HTTP/1.1" 200 1632 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 36.89.241.162 - - [07/Nov/2019:07:29:32 +0100] "GET /wp-login.php HTTP/1.1" 200 1238 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 36.89.241.162 - - [07/Nov/2019:07:29:33 +0100] "POST /wp-login.php HTTP/1.1" 200 1608 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 36.89.241.162 - - [07/Nov/2019:07:29:34 +0100] "GET /wp-login.php HTTP/1.1" 200 1238 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 36.89.241.162 - - [07/Nov/2019:07:29:36 +0100] "POST /wp-login.php HTTP/1.1" 200 1608 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 36.89.241.162	2019-11-07 15:40:58
92.118.38.54	attack	brute force attack on mail server for almost a week now. blocked ip and complete subnet.	2019-11-07 15:34:29
103.84.108.234	attackbotsspam	xmlrpc attack	2019-11-07 15:43:49
118.121.201.83	attackspambots	Nov 7 09:32:04 server sshd\[9648\]: User root from 118.121.201.83 not allowed because listed in DenyUsers Nov 7 09:32:04 server sshd\[9648\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.121.201.83 user=root Nov 7 09:32:06 server sshd\[9648\]: Failed password for invalid user root from 118.121.201.83 port 45988 ssh2 Nov 7 09:37:03 server sshd\[4416\]: User root from 118.121.201.83 not allowed because listed in DenyUsers Nov 7 09:37:03 server sshd\[4416\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.121.201.83 user=root	2019-11-07 15:39:10
121.58.231.39	attackbots	Automatic report - Port Scan	2019-11-07 16:01:20
54.39.21.54	attackspam	"Fail2Ban detected SSH brute force attempt"	2019-11-07 16:01:39
220.130.10.13	attackbotsspam	Nov 7 07:26:00 localhost sshd\[77059\]: Invalid user QWERasdf from 220.130.10.13 port 18168 Nov 7 07:26:00 localhost sshd\[77059\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.130.10.13 Nov 7 07:26:02 localhost sshd\[77059\]: Failed password for invalid user QWERasdf from 220.130.10.13 port 18168 ssh2 Nov 7 07:30:03 localhost sshd\[77158\]: Invalid user pimpin from 220.130.10.13 port 55382 Nov 7 07:30:03 localhost sshd\[77158\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.130.10.13 ...	2019-11-07 15:47:04
202.58.91.38	attack	Forged login request.	2019-11-07 15:39:36
64.252.183.154	attackbotsspam	Automatic report generated by Wazuh	2019-11-07 15:42:56
158.69.110.31	attack	Nov 7 07:50:26 vps01 sshd[18099]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=158.69.110.31 Nov 7 07:50:29 vps01 sshd[18099]: Failed password for invalid user monitor from 158.69.110.31 port 55780 ssh2	2019-11-07 16:05:16
60.176.150.138	attackspambots	Nov 6 10:29:47 rb06 sshd[22745]: reveeclipse mapping checking getaddrinfo for 138.150.176.60.broad.hz.zj.dynamic.163data.com.cn [60.176.150.138] failed - POSSIBLE BREAK-IN ATTEMPT! Nov 6 10:29:50 rb06 sshd[22745]: Failed password for invalid user lovesucks from 60.176.150.138 port 57306 ssh2 Nov 6 10:29:52 rb06 sshd[22745]: Received disconnect from 60.176.150.138: 11: Bye Bye [preauth] Nov 6 10:34:44 rb06 sshd[29288]: reveeclipse mapping checking getaddrinfo for 138.150.176.60.broad.hz.zj.dynamic.163data.com.cn [60.176.150.138] failed - POSSIBLE BREAK-IN ATTEMPT! Nov 6 10:34:46 rb06 sshd[29288]: Failed password for invalid user 1q1q1q from 60.176.150.138 port 27059 ssh2 Nov 6 10:34:46 rb06 sshd[29288]: Received disconnect from 60.176.150.138: 11: Bye Bye [preauth] Nov 6 10:39:11 rb06 sshd[31267]: reveeclipse mapping checking getaddrinfo for 138.150.176.60.broad.hz.zj.dynamic.163data.com.cn [60.176.150.138] failed - POSSIBLE BREAK-IN ATTEMPT! Nov 6 10:39:13 rb06 ........ -------------------------------	2019-11-07 15:53:45
14.3.153.80	attack	SSH-bruteforce attempts	2019-11-07 15:41:53

最近上报的IP列表

88.205.135.111	88.147.115.17	118.241.194.92	62.75.154.100
214.51.239.246	13.20.41.130	126.35.142.59	79.255.86.206
139.215.115.41	214.205.227.60	36.145.190.87	142.225.163.247
69.206.89.32	160.203.115.113	200.13.16.142	218.70.252.49
88.28.18.219	54.64.41.127	196.118.157.121	102.49.63.68