61.53.54.117 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 61.53.54.117
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55697
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;61.53.54.117.			IN	A

;; AUTHORITY SECTION:
.			599	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020702 1800 900 604800 86400

;; Query time: 59 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 08 06:45:37 CST 2022
;; MSG SIZE  rcvd: 105

HOST信息:

117.54.53.61.in-addr.arpa domain name pointer hn.kd.dhcp.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
117.54.53.61.in-addr.arpa	name = hn.kd.dhcp.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
91.200.124.185	attack	[ThuOct0314:38:21.5564322019][:error][pid4756:tid46955524249344][client91.200.124.185:43185][client91.200.124.185]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"\\\\\\\\.sql\$"atREQUEST_FILENAME.[file"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf"][line"1288"][id"350590"][rev"2"][msg"Atomicorp.comWAFRules:AttackBlocked-Dataleakage-attempttoaccessrawSQLfiles$disablethisruleifyourequireaccesstofilesthatendwith.sql$"][severity"CRITICAL"][hostname"www.ilgiornaledelticino.ch"][uri"/table.sql"][unique_id"XZXrvR0DfoWRNu9fw9VB0gAAABE"][ThuOct0314:38:23.6467562019][:error][pid4884:tid46955499034368][client91.200.124.185:43406][client91.200.124.185]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"\\\\\\\\.sql\$"atREQUEST_FILENAME.[file"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf"][line"1288"][id"350590"][rev"2"][msg"Atomicorp.comWAFRules:AttackBlocked-Dataleakage-attempttoaccessrawSQLfiles$disablethisruleifyourequireaccesstofilesthatendwith.sql$"][se	2019-10-04 03:01:01
95.172.79.220	attackspambots	ICMP MP Probe, Scan -	2019-10-04 02:53:33
185.209.0.58	attackbotsspam	10/03/2019-19:54:06.339559 185.209.0.58 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-10-04 03:08:29
188.165.240.15	attackspambots	188.165.240.15 - - [03/Oct/2019:18:56:06 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 188.165.240.15 - - [03/Oct/2019:18:56:07 +0200] "POST /wp-login.php HTTP/1.1" 200 1503 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 188.165.240.15 - - [03/Oct/2019:18:56:07 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 188.165.240.15 - - [03/Oct/2019:18:56:07 +0200] "POST /wp-login.php HTTP/1.1" 200 1489 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 188.165.240.15 - - [03/Oct/2019:18:56:07 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 188.165.240.15 - - [03/Oct/2019:18:56:08 +0200] "POST /wp-login.php HTTP/1.1" 200 1491 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-10-04 02:44:39
222.186.15.18	attack	Oct 3 14:36:14 ny01 sshd[8284]: Failed password for root from 222.186.15.18 port 11215 ssh2 Oct 3 14:36:57 ny01 sshd[8388]: Failed password for root from 222.186.15.18 port 28941 ssh2	2019-10-04 03:12:35
113.230.48.47	attackspambots	Unauthorised access (Oct 3) SRC=113.230.48.47 LEN=40 TTL=49 ID=47058 TCP DPT=8080 WINDOW=40546 SYN Unauthorised access (Oct 3) SRC=113.230.48.47 LEN=40 TTL=49 ID=31453 TCP DPT=8080 WINDOW=40546 SYN Unauthorised access (Oct 3) SRC=113.230.48.47 LEN=40 TTL=49 ID=2639 TCP DPT=8080 WINDOW=40546 SYN Unauthorised access (Oct 1) SRC=113.230.48.47 LEN=40 TTL=49 ID=34744 TCP DPT=8080 WINDOW=8111 SYN Unauthorised access (Sep 30) SRC=113.230.48.47 LEN=40 TTL=49 ID=60632 TCP DPT=8080 WINDOW=8111 SYN Unauthorised access (Sep 30) SRC=113.230.48.47 LEN=40 TTL=49 ID=10740 TCP DPT=8080 WINDOW=8111 SYN	2019-10-04 03:16:10
95.172.79.222	attack	ICMP MP Probe, Scan -	2019-10-04 02:50:49
95.85.48.19	attackspam	ICMP MP Probe, Scan -	2019-10-04 02:39:28
159.203.201.79	attackspam	10/03/2019-19:09:53.423622 159.203.201.79 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-10-04 02:55:47
143.204.199.197	attackspam	TCP Port: 443 _ invalid blocked zen-spamhaus also rbldns-ru _ _ Client xx.xx.4.90 _ _ (441)	2019-10-04 02:47:48
104.37.169.192	attackspambots	Oct 3 09:27:56 vtv3 sshd\[23081\]: Invalid user nicholas from 104.37.169.192 port 58514 Oct 3 09:27:56 vtv3 sshd\[23081\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.37.169.192 Oct 3 09:27:58 vtv3 sshd\[23081\]: Failed password for invalid user nicholas from 104.37.169.192 port 58514 ssh2 Oct 3 09:37:23 vtv3 sshd\[28025\]: Invalid user ld from 104.37.169.192 port 41739 Oct 3 09:37:23 vtv3 sshd\[28025\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.37.169.192 Oct 3 09:49:44 vtv3 sshd\[1564\]: Invalid user bei from 104.37.169.192 port 36671 Oct 3 09:49:44 vtv3 sshd\[1564\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.37.169.192 Oct 3 09:49:46 vtv3 sshd\[1564\]: Failed password for invalid user bei from 104.37.169.192 port 36671 ssh2 Oct 3 09:53:53 vtv3 sshd\[3799\]: Invalid user user from 104.37.169.192 port 35688 Oct 3 09:53:53 vtv3 sshd\[3799\]: pam	2019-10-04 02:39:59
49.88.112.78	attack	Oct 3 20:50:24 ns41 sshd[13900]: Failed password for root from 49.88.112.78 port 26298 ssh2 Oct 3 20:50:24 ns41 sshd[13900]: Failed password for root from 49.88.112.78 port 26298 ssh2 Oct 3 20:50:26 ns41 sshd[13900]: Failed password for root from 49.88.112.78 port 26298 ssh2	2019-10-04 02:51:15
51.79.129.237	attack	$f2bV_matches	2019-10-04 03:12:52
92.31.112.129	attackspambots	Automated reporting of SSH Vulnerability scanning	2019-10-04 03:17:06
23.254.230.179	attack	TCP Port: 25 _ invalid blocked spamcop also zen-spamhaus _ _ _ _ (439)	2019-10-04 03:11:10

最近上报的IP列表

124.43.64.115	188.124.30.46	112.187.194.154	45.113.249.217
118.195.146.83	116.16.120.51	85.239.61.173	58.33.88.170
193.189.100.198	42.226.1.70	45.83.64.36	81.163.52.199
115.200.237.245	115.226.212.111	163.47.158.46	197.40.29.111
189.123.199.113	13.235.189.201	43.255.166.70	1.160.157.236