54.249.221.80 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Japan

运营商(isp): Amazon.com Inc.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	$f2bV_matches	2020-07-19 06:51:40
attackspambots	ssh brute force	2020-07-14 20:52:02

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 54.249.221.80
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 20573
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;54.249.221.80.			IN	A

;; AUTHORITY SECTION:
.			263	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020071400 1800 900 604800 86400

;; Query time: 63 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jul 14 20:51:51 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

80.221.249.54.in-addr.arpa domain name pointer ec2-54-249-221-80.ap-northeast-1.compute.amazonaws.com.

NSLOOKUP信息:

Server:		100.100.2.138
Address:	100.100.2.138#53

Non-authoritative answer:
80.221.249.54.in-addr.arpa	name = ec2-54-249-221-80.ap-northeast-1.compute.amazonaws.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
202.54.157.6	attackspambots	pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.54.157.6 user=root Failed password for root from 202.54.157.6 port 57500 ssh2 Invalid user mysql from 202.54.157.6 port 36994 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.54.157.6 Failed password for invalid user mysql from 202.54.157.6 port 36994 ssh2	2019-11-22 07:27:43
139.198.18.120	attack	Nov 21 13:11:48 sachi sshd\[19277\]: Invalid user vcsa from 139.198.18.120 Nov 21 13:11:48 sachi sshd\[19277\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.18.120 Nov 21 13:11:50 sachi sshd\[19277\]: Failed password for invalid user vcsa from 139.198.18.120 port 40164 ssh2 Nov 21 13:16:04 sachi sshd\[19630\]: Invalid user trommald from 139.198.18.120 Nov 21 13:16:04 sachi sshd\[19630\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.18.120	2019-11-22 07:30:51
139.155.90.36	attackbots	Triggered by Fail2Ban at Ares web server	2019-11-22 07:35:23
185.162.235.107	attack	Nov 21 23:56:19 mail postfix/smtpd[27403]: warning: unknown[185.162.235.107]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 21 23:56:49 mail postfix/smtpd[27330]: warning: unknown[185.162.235.107]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 21 23:57:13 mail postfix/smtpd[27362]: warning: unknown[185.162.235.107]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-11-22 07:35:02
193.31.24.113	attack	11/22/2019-00:22:02.514063 193.31.24.113 Protocol: 6 SURICATA TLS invalid record/traffic	2019-11-22 07:29:43
128.199.224.215	attackbots	$f2bV_matches	2019-11-22 07:46:23
176.79.82.119	attack	Automatic report - Port Scan Attack	2019-11-22 07:28:08
182.151.37.230	attack	Automatic report - Banned IP Access	2019-11-22 07:25:51
187.141.71.27	attack	Invalid user rodoni from 187.141.71.27 port 46428	2019-11-22 07:24:58
222.186.175.182	attackspambots	Nov 21 20:47:15 firewall sshd[17628]: Failed password for root from 222.186.175.182 port 4154 ssh2 Nov 21 20:47:15 firewall sshd[17628]: error: maximum authentication attempts exceeded for root from 222.186.175.182 port 4154 ssh2 [preauth] Nov 21 20:47:15 firewall sshd[17628]: Disconnecting: Too many authentication failures [preauth] ...	2019-11-22 07:51:22
134.175.178.153	attack	Nov 21 13:11:51 kapalua sshd\[23657\]: Invalid user tongyu2011$@ from 134.175.178.153 Nov 21 13:11:51 kapalua sshd\[23657\]: pam_unix\(sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.178.153 Nov 21 13:11:53 kapalua sshd\[23657\]: Failed password for invalid user tongyu2011$@ from 134.175.178.153 port 54013 ssh2 Nov 21 13:16:02 kapalua sshd\[24032\]: Invalid user adachi from 134.175.178.153 Nov 21 13:16:02 kapalua sshd\[24032\]: pam_unix\(sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.178.153	2019-11-22 07:26:22
46.38.144.32	attackspam	Nov 22 00:44:06 webserver postfix/smtpd\[643\]: warning: unknown\[46.38.144.32\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 22 00:45:15 webserver postfix/smtpd\[2662\]: warning: unknown\[46.38.144.32\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 22 00:46:26 webserver postfix/smtpd\[2662\]: warning: unknown\[46.38.144.32\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 22 00:47:38 webserver postfix/smtpd\[643\]: warning: unknown\[46.38.144.32\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 22 00:48:49 webserver postfix/smtpd\[2662\]: warning: unknown\[46.38.144.32\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-11-22 07:48:54
103.22.250.194	attack	103.22.250.194 - - [21/Nov/2019:23:59:12 +0100] "POST /wp-login.php HTTP/1.1" 200 3123 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 103.22.250.194 - - [21/Nov/2019:23:59:13 +0100] "POST /wp-login.php HTTP/1.1" 200 3102 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-11-22 07:29:18
192.145.122.140	attackspambots	\[2019-11-21 23:19:13\] SECURITY\[15511\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-11-21T23:19:13.865+0100",Severity="Error",Service="SIP",EventVersion="2",AccountID="201",SessionID="0x7fcd8c34fd28",LocalAddress="IPV4/UDP/204.8.216.89/5060",RemoteAddress="IPV4/UDP/192.145.122.140/5062",Challenge="3d553407",ReceivedChallenge="3d553407",ReceivedHash="8fed5d22b20da7f6b8e4519b2458b604" \[2019-11-21 23:28:14\] SECURITY\[15511\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-11-21T23:28:14.789+0100",Severity="Error",Service="SIP",EventVersion="2",AccountID="201",SessionID="0x7fcd8c2917b8",LocalAddress="IPV4/UDP/204.8.216.89/5060",RemoteAddress="IPV4/UDP/192.145.122.140/5060",Challenge="39fe7b61",ReceivedChallenge="39fe7b61",ReceivedHash="9ae5fbeb52bb7d658dbe756b440fe763" \[2019-11-21 23:41:29\] SECURITY\[15511\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-11-21T23:41:29.883+0100",Severity="Error",Service="SIP",EventVersion="2" ...	2019-11-22 07:40:50
109.94.125.51	attack	Automatic report - Port Scan Attack	2019-11-22 07:42:24

最近上报的IP列表

141.148.154.46	188.92.54.163	191.43.136.81	75.26.101.22
155.92.119.188	59.203.5.148	35.34.198.111	137.137.251.182
94.24.114.87	103.69.125.74	95.82.124.31	66.112.218.245
52.246.251.241	58.154.226.163	1.142.64.236	227.88.32.125
75.226.77.160	229.108.53.83	253.248.214.65	166.183.141.204

IP	类型	评论内容	时间
202.54.157.6	attackspambots	pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.54.157.6 user=root Failed password for root from 202.54.157.6 port 57500 ssh2 Invalid user mysql from 202.54.157.6 port 36994 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.54.157.6 Failed password for invalid user mysql from 202.54.157.6 port 36994 ssh2	2019-11-22 07:27:43
139.198.18.120	attack	Nov 21 13:11:48 sachi sshd\[19277\]: Invalid user vcsa from 139.198.18.120 Nov 21 13:11:48 sachi sshd\[19277\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.18.120 Nov 21 13:11:50 sachi sshd\[19277\]: Failed password for invalid user vcsa from 139.198.18.120 port 40164 ssh2 Nov 21 13:16:04 sachi sshd\[19630\]: Invalid user trommald from 139.198.18.120 Nov 21 13:16:04 sachi sshd\[19630\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.18.120	2019-11-22 07:30:51
139.155.90.36	attackbots	Triggered by Fail2Ban at Ares web server	2019-11-22 07:35:23
185.162.235.107	attack	Nov 21 23:56:19 mail postfix/smtpd[27403]: warning: unknown[185.162.235.107]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 21 23:56:49 mail postfix/smtpd[27330]: warning: unknown[185.162.235.107]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 21 23:57:13 mail postfix/smtpd[27362]: warning: unknown[185.162.235.107]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-11-22 07:35:02
193.31.24.113	attack	11/22/2019-00:22:02.514063 193.31.24.113 Protocol: 6 SURICATA TLS invalid record/traffic	2019-11-22 07:29:43
128.199.224.215	attackbots	$f2bV_matches	2019-11-22 07:46:23
176.79.82.119	attack	Automatic report - Port Scan Attack	2019-11-22 07:28:08
182.151.37.230	attack	Automatic report - Banned IP Access	2019-11-22 07:25:51
187.141.71.27	attack	Invalid user rodoni from 187.141.71.27 port 46428	2019-11-22 07:24:58
222.186.175.182	attackspambots	Nov 21 20:47:15 firewall sshd[17628]: Failed password for root from 222.186.175.182 port 4154 ssh2 Nov 21 20:47:15 firewall sshd[17628]: error: maximum authentication attempts exceeded for root from 222.186.175.182 port 4154 ssh2 [preauth] Nov 21 20:47:15 firewall sshd[17628]: Disconnecting: Too many authentication failures [preauth] ...	2019-11-22 07:51:22
134.175.178.153	attack	Nov 21 13:11:51 kapalua sshd\[23657\]: Invalid user tongyu2011\(@ from 134.175.178.153 Nov 21 13:11:51 kapalua sshd\[23657\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.178.153 Nov 21 13:11:53 kapalua sshd\[23657\]: Failed password for invalid user tongyu2011\(@ from 134.175.178.153 port 54013 ssh2 Nov 21 13:16:02 kapalua sshd\[24032\]: Invalid user adachi from 134.175.178.153 Nov 21 13:16:02 kapalua sshd\[24032\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.178.153	2019-11-22 07:26:22
46.38.144.32	attackspam	Nov 22 00:44:06 webserver postfix/smtpd\[643\]: warning: unknown\[46.38.144.32\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 22 00:45:15 webserver postfix/smtpd\[2662\]: warning: unknown\[46.38.144.32\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 22 00:46:26 webserver postfix/smtpd\[2662\]: warning: unknown\[46.38.144.32\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 22 00:47:38 webserver postfix/smtpd\[643\]: warning: unknown\[46.38.144.32\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 22 00:48:49 webserver postfix/smtpd\[2662\]: warning: unknown\[46.38.144.32\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-11-22 07:48:54
103.22.250.194	attack	103.22.250.194 - - [21/Nov/2019:23:59:12 +0100] "POST /wp-login.php HTTP/1.1" 200 3123 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 103.22.250.194 - - [21/Nov/2019:23:59:13 +0100] "POST /wp-login.php HTTP/1.1" 200 3102 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-11-22 07:29:18
192.145.122.140	attackspambots	\[2019-11-21 23:19:13\] SECURITY\[15511\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-11-21T23:19:13.865+0100",Severity="Error",Service="SIP",EventVersion="2",AccountID="201",SessionID="0x7fcd8c34fd28",LocalAddress="IPV4/UDP/204.8.216.89/5060",RemoteAddress="IPV4/UDP/192.145.122.140/5062",Challenge="3d553407",ReceivedChallenge="3d553407",ReceivedHash="8fed5d22b20da7f6b8e4519b2458b604" \[2019-11-21 23:28:14\] SECURITY\[15511\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-11-21T23:28:14.789+0100",Severity="Error",Service="SIP",EventVersion="2",AccountID="201",SessionID="0x7fcd8c2917b8",LocalAddress="IPV4/UDP/204.8.216.89/5060",RemoteAddress="IPV4/UDP/192.145.122.140/5060",Challenge="39fe7b61",ReceivedChallenge="39fe7b61",ReceivedHash="9ae5fbeb52bb7d658dbe756b440fe763" \[2019-11-21 23:41:29\] SECURITY\[15511\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-11-21T23:41:29.883+0100",Severity="Error",Service="SIP",EventVersion="2" ...	2019-11-22 07:40:50
109.94.125.51	attack	Automatic report - Port Scan Attack	2019-11-22 07:42:24