2.132.254.54 - IPInfo

基本信息:

城市(city): Nur-Sultan

省份(region): Nur-Sultan

国家(country): Kazakhstan

运营商(isp): Ust Kamenogorsk

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Commercial

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Oct 5 19:35:15 gospond sshd[26916]: Failed password for root from 2.132.254.54 port 48298 ssh2 Oct 5 19:35:13 gospond sshd[26916]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.132.254.54 user=root Oct 5 19:35:15 gospond sshd[26916]: Failed password for root from 2.132.254.54 port 48298 ssh2 ...	2020-10-06 03:04:33
attack	2020-10-04T20:36:17.3812821495-001 sshd[15161]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.132.254.54 user=root 2020-10-04T20:36:19.3810371495-001 sshd[15161]: Failed password for root from 2.132.254.54 port 59016 ssh2 2020-10-04T20:40:15.3053521495-001 sshd[15356]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.132.254.54 user=root 2020-10-04T20:40:17.3102871495-001 sshd[15356]: Failed password for root from 2.132.254.54 port 38016 ssh2 2020-10-04T20:44:16.6605071495-001 sshd[15611]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.132.254.54 user=root 2020-10-04T20:44:18.7511571495-001 sshd[15611]: Failed password for root from 2.132.254.54 port 45076 ssh2 ...	2020-10-05 18:55:36
attack	$f2bV_matches	2020-09-16 23:51:15
attackbotsspam	Sep 16 06:53:13 rocket sshd[20819]: Failed password for mysql from 2.132.254.54 port 48928 ssh2 Sep 16 06:57:40 rocket sshd[21420]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.132.254.54 ...	2020-09-16 16:08:14
attack	Sep 15 19:56:22 ny01 sshd[15314]: Failed password for root from 2.132.254.54 port 33348 ssh2 Sep 15 20:00:25 ny01 sshd[16087]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.132.254.54 Sep 15 20:00:27 ny01 sshd[16087]: Failed password for invalid user Admin from 2.132.254.54 port 38694 ssh2	2020-09-16 08:07:58
attackbotsspam	2020-08-29T08:58:30.2230271495-001 sshd[12376]: Invalid user mico from 2.132.254.54 port 40596 2020-08-29T08:58:30.2267631495-001 sshd[12376]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.132.254.54 2020-08-29T08:58:30.2230271495-001 sshd[12376]: Invalid user mico from 2.132.254.54 port 40596 2020-08-29T08:58:32.2014801495-001 sshd[12376]: Failed password for invalid user mico from 2.132.254.54 port 40596 ssh2 2020-08-29T09:02:44.2291111495-001 sshd[12620]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.132.254.54 user=mysql 2020-08-29T09:02:46.0733661495-001 sshd[12620]: Failed password for mysql from 2.132.254.54 port 47412 ssh2 ...	2020-08-29 23:47:38
attack	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-08-29T04:39:42Z and 2020-08-29T04:52:03Z	2020-08-29 14:08:25
attackspambots	Aug 25 23:53:18 [host] sshd[3112]: pam_unix(sshd:a Aug 25 23:53:20 [host] sshd[3112]: Failed password Aug 25 23:57:27 [host] sshd[3265]: Invalid user ab	2020-08-26 08:21:51

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 2.132.254.54
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17186
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;2.132.254.54.			IN	A

;; AUTHORITY SECTION:
.			154	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020082501 1800 900 604800 86400

;; Query time: 70 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Aug 26 08:21:48 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 54.254.132.2.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 54.254.132.2.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
162.246.214.201	attack	SpamReport	2019-09-09 08:14:55
185.255.96.99	attack	This IP address was blacklisted for the following reason: /de/jobs/ @ 2019-09-01T02:36:39+02:00.	2019-09-09 07:52:41
46.160.111.240	attackspambots	SpamReport	2019-09-09 08:08:56
203.232.210.195	attack	Sep 9 03:31:45 tuotantolaitos sshd[1932]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.232.210.195 Sep 9 03:31:47 tuotantolaitos sshd[1932]: Failed password for invalid user user from 203.232.210.195 port 48428 ssh2 ...	2019-09-09 08:34:59
118.24.173.104	attackbots	Sep 9 01:48:53 h2177944 sshd\[20164\]: Invalid user support from 118.24.173.104 port 38124 Sep 9 01:48:53 h2177944 sshd\[20164\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.173.104 Sep 9 01:48:55 h2177944 sshd\[20164\]: Failed password for invalid user support from 118.24.173.104 port 38124 ssh2 Sep 9 01:53:39 h2177944 sshd\[20308\]: Invalid user factorio from 118.24.173.104 port 57303 ...	2019-09-09 08:26:58
139.199.209.89	attack	Sep 8 12:39:01 hanapaa sshd\[13451\]: Invalid user 12345 from 139.199.209.89 Sep 8 12:39:01 hanapaa sshd\[13451\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.209.89 Sep 8 12:39:02 hanapaa sshd\[13451\]: Failed password for invalid user 12345 from 139.199.209.89 port 41542 ssh2 Sep 8 12:41:04 hanapaa sshd\[13731\]: Invalid user www1234 from 139.199.209.89 Sep 8 12:41:04 hanapaa sshd\[13731\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.209.89	2019-09-09 08:18:45
192.99.57.32	attackspam	Sep 9 05:18:16 areeb-Workstation sshd[16102]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.99.57.32 Sep 9 05:18:18 areeb-Workstation sshd[16102]: Failed password for invalid user test123 from 192.99.57.32 port 35448 ssh2 ...	2019-09-09 08:01:35
177.103.187.233	attack	Sep 8 23:42:54 hb sshd\[26806\]: Invalid user csgoserver from 177.103.187.233 Sep 8 23:42:54 hb sshd\[26806\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.103.187.233 Sep 8 23:42:56 hb sshd\[26806\]: Failed password for invalid user csgoserver from 177.103.187.233 port 41974 ssh2 Sep 8 23:49:47 hb sshd\[27373\]: Invalid user sinusbot from 177.103.187.233 Sep 8 23:49:47 hb sshd\[27373\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.103.187.233	2019-09-09 07:53:07
159.203.199.77	attack	scan z	2019-09-09 08:01:57
159.203.199.70	attackbots	port scan and connect, tcp 465 (smtps)	2019-09-09 08:04:55
81.133.171.53	attackspambots	Unauthorized connection attempt from IP address 81.133.171.53 on Port 445(SMB)	2019-09-09 07:50:52
183.161.35.38	attackbots	Wordpress Admin Login attack	2019-09-09 08:11:24
14.231.12.208	attack	Unauthorized connection attempt from IP address 14.231.12.208 on Port 445(SMB)	2019-09-09 07:53:30
218.104.231.2	attack	Sep 8 22:32:02 MK-Soft-VM4 sshd\[18463\]: Invalid user developer from 218.104.231.2 port 63423 Sep 8 22:32:02 MK-Soft-VM4 sshd\[18463\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.104.231.2 Sep 8 22:32:04 MK-Soft-VM4 sshd\[18463\]: Failed password for invalid user developer from 218.104.231.2 port 63423 ssh2 ...	2019-09-09 08:34:37
112.114.105.22	attackbotsspam	[MonSep0902:04:01.4062442019][:error][pid16791:tid47825456035584][client112.114.105.22:2656][client112.114.105.22]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"\^Mozilla/4\\\\\\\\.0\\\\\\\\$compatible\;MSIE9.0\;WindowsNT6.1\\\\\\\\$\$"atREQUEST_HEADERS:User-Agent.[file"/usr/local/apache.ea3/conf/modsec_rules/20_asl_useragents.conf"][line"430"][id"336656"][rev"2"][msg"Atomicorp.comWAFRules:FakeMSIE9./0browserMozilla/4.0$compatible\;MSIE9.0\;WindowsNT6.1$."][severity"CRITICAL"][hostname"www.forum-wbp.com"][uri"/type.php"][unique_id"XXWW8Y8KSA3HByFEDl4vYAAAAQI"]\,referer:http://www.forum-wbp.com//type.php\?template=tag_{}\;@unlink$FILE$\;print_r$xbshell$\;assert$\$_POST[1]$\;{//../rss[MonSep0902:04:03.1327262019][:error][pid16791:tid47825456035584][client112.114.105.22:2656][client112.114.105.22]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"\^Mozilla/4\\\\\\\\.0\\\\\\\\$compatible\;MSIE9.0\;WindowsNT6.1\\\\\\\\$\$"atREQUEST_HEADERS:User-Agent.[file\	2019-09-09 08:10:11

最近上报的IP列表

35.138.105.171	180.139.154.81	87.138.79.211	98.20.200.53
111.67.205.91	103.91.33.99	187.75.189.233	80.108.53.143
179.120.24.200	108.74.217.164	42.200.222.28	81.24.86.181
194.154.159.51	51.83.136.100	139.194.242.204	187.255.55.11
213.29.97.209	201.178.122.154	106.34.49.163	79.133.252.220