58.20.41.20 - IPInfo

基本信息:

城市(city): Changsha

省份(region): Hunan

国家(country): China

运营商(isp): Changsha Xing Sha Dia 3552 DDN Net

主机名(hostname): unknown

机构(organization): CHINA UNICOM China169 Backbone

使用类型(Usage Type): Commercial

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Jul 1 05:55:31 bouncer sshd\[14658\]: Invalid user redmine from 58.20.41.20 port 51380 Jul 1 05:55:31 bouncer sshd\[14658\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.20.41.20 Jul 1 05:55:33 bouncer sshd\[14658\]: Failed password for invalid user redmine from 58.20.41.20 port 51380 ssh2 ...	2019-07-01 14:43:42
attack	Unauthorized SSH login attempts	2019-06-30 16:56:24

类型

评论内容

时间

attack

Jul  1 05:55:31 bouncer sshd\[14658\]: Invalid user redmine from 58.20.41.20 port 51380
Jul  1 05:55:31 bouncer sshd\[14658\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.20.41.20 
Jul  1 05:55:33 bouncer sshd\[14658\]: Failed password for invalid user redmine from 58.20.41.20 port 51380 ssh2
...

2019-07-01 14:43:42

attack

Unauthorized SSH login attempts

2019-06-30 16:56:24

相同子网IP讨论:

IP	类型	评论内容	时间
58.20.41.53	attackspam	TCP (SYN) 58.20.41.53:53237 -> port 1433, len 44	2020-08-13 03:46:50
58.20.41.53	attackbotsspam	TCP (SYN) 58.20.41.53:46573 -> port 1433, len 44	2020-07-31 13:55:43
58.20.41.53	attack	Unauthorized connection attempt detected from IP address 58.20.41.53 to port 1433 [T]	2020-04-15 04:42:10
58.20.41.53	attackspam	suspicious action Mon, 24 Feb 2020 01:58:48 -0300	2020-02-24 13:24:45
58.20.41.53	attackspambots	Unauthorized connection attempt detected from IP address 58.20.41.53 to port 1433 [J]	2020-01-17 08:06:55

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 58.20.41.20
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 20215
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;58.20.41.20.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019050600 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Tue May 07 00:16:51 +08 2019
;; MSG SIZE  rcvd: 115

HOST信息:

Host 20.41.20.58.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 20.41.20.58.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
119.27.165.134	attackspambots	Dec 7 07:14:31 localhost sshd\[20957\]: Invalid user wwwadmin from 119.27.165.134 port 37158 Dec 7 07:14:31 localhost sshd\[20957\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.27.165.134 Dec 7 07:14:33 localhost sshd\[20957\]: Failed password for invalid user wwwadmin from 119.27.165.134 port 37158 ssh2	2019-12-07 14:19:42
201.93.87.189	attackspam	2019-12-07T05:30:25.516394shield sshd\[9016\]: Invalid user qk from 201.93.87.189 port 37186 2019-12-07T05:30:25.520612shield sshd\[9016\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201-93-87-189.dial-up.telesp.net.br 2019-12-07T05:30:27.416488shield sshd\[9016\]: Failed password for invalid user qk from 201.93.87.189 port 37186 ssh2 2019-12-07T05:37:40.990906shield sshd\[11391\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201-93-87-189.dial-up.telesp.net.br user=sync 2019-12-07T05:37:43.268406shield sshd\[11391\]: Failed password for sync from 201.93.87.189 port 45966 ssh2	2019-12-07 13:56:19
222.186.175.182	attack	Dec 6 19:52:54 web1 sshd\[22921\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.182 user=root Dec 6 19:52:56 web1 sshd\[22921\]: Failed password for root from 222.186.175.182 port 15742 ssh2 Dec 6 19:53:00 web1 sshd\[22921\]: Failed password for root from 222.186.175.182 port 15742 ssh2 Dec 6 19:53:03 web1 sshd\[22921\]: Failed password for root from 222.186.175.182 port 15742 ssh2 Dec 6 19:53:07 web1 sshd\[22921\]: Failed password for root from 222.186.175.182 port 15742 ssh2	2019-12-07 13:59:39
212.129.145.64	attack	Dec 7 11:54:11 vibhu-HP-Z238-Microtower-Workstation sshd\[10128\]: Invalid user yoshiko from 212.129.145.64 Dec 7 11:54:11 vibhu-HP-Z238-Microtower-Workstation sshd\[10128\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.129.145.64 Dec 7 11:54:13 vibhu-HP-Z238-Microtower-Workstation sshd\[10128\]: Failed password for invalid user yoshiko from 212.129.145.64 port 42104 ssh2 Dec 7 12:00:41 vibhu-HP-Z238-Microtower-Workstation sshd\[10497\]: Invalid user wonkyo from 212.129.145.64 Dec 7 12:00:41 vibhu-HP-Z238-Microtower-Workstation sshd\[10497\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.129.145.64 ...	2019-12-07 14:42:05
51.15.207.74	attackbots	Dec 7 07:08:03 meumeu sshd[29458]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.15.207.74 Dec 7 07:08:06 meumeu sshd[29458]: Failed password for invalid user kapuscinski from 51.15.207.74 port 59930 ssh2 Dec 7 07:13:46 meumeu sshd[30192]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.15.207.74 ...	2019-12-07 14:28:21
222.186.175.212	attackbotsspam	2019-12-07T07:29:06.767673struts4.enskede.local sshd\[22998\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.212 user=root 2019-12-07T07:29:08.659756struts4.enskede.local sshd\[22998\]: Failed password for root from 222.186.175.212 port 4480 ssh2 2019-12-07T07:29:13.401384struts4.enskede.local sshd\[22998\]: Failed password for root from 222.186.175.212 port 4480 ssh2 2019-12-07T07:29:17.172609struts4.enskede.local sshd\[22998\]: Failed password for root from 222.186.175.212 port 4480 ssh2 2019-12-07T07:29:20.266010struts4.enskede.local sshd\[22998\]: Failed password for root from 222.186.175.212 port 4480 ssh2 ...	2019-12-07 14:40:43
218.92.0.154	attackspam	Dec 7 07:30:22 legacy sshd[27327]: Failed password for root from 218.92.0.154 port 64049 ssh2 Dec 7 07:30:35 legacy sshd[27327]: error: maximum authentication attempts exceeded for root from 218.92.0.154 port 64049 ssh2 [preauth] Dec 7 07:30:41 legacy sshd[27336]: Failed password for root from 218.92.0.154 port 30353 ssh2 ...	2019-12-07 14:41:51
112.85.42.232	attack	Dec 7 06:00:58 localhost sshd\[101361\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.232 user=root Dec 7 06:01:00 localhost sshd\[101361\]: Failed password for root from 112.85.42.232 port 31687 ssh2 Dec 7 06:01:03 localhost sshd\[101361\]: Failed password for root from 112.85.42.232 port 31687 ssh2 Dec 7 06:01:05 localhost sshd\[101361\]: Failed password for root from 112.85.42.232 port 31687 ssh2 Dec 7 06:01:47 localhost sshd\[101382\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.232 user=root ...	2019-12-07 14:14:19
106.12.132.3	attack	2019-12-07T05:46:19.538652shield sshd\[14337\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.132.3 user=root 2019-12-07T05:46:21.060588shield sshd\[14337\]: Failed password for root from 106.12.132.3 port 36460 ssh2 2019-12-07T05:52:56.074672shield sshd\[17079\]: Invalid user gitlog from 106.12.132.3 port 41486 2019-12-07T05:52:56.079144shield sshd\[17079\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.132.3 2019-12-07T05:52:58.103633shield sshd\[17079\]: Failed password for invalid user gitlog from 106.12.132.3 port 41486 ssh2	2019-12-07 13:58:36
49.88.112.55	attack	2019-12-06T16:50:28.540868homeassistant sshd[4732]: Failed password for root from 49.88.112.55 port 30034 ssh2 2019-12-07T06:04:01.279916homeassistant sshd[18828]: Failed none for root from 49.88.112.55 port 14524 ssh2 2019-12-07T06:04:01.549566homeassistant sshd[18828]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.55 user=root ...	2019-12-07 14:06:13
146.88.240.4	attackbots	UTC: 2019-12-06 pkts: 10(1, 9) port (tcp): 443 ports(udp): 17, 19, 69, 111, 123, 161, 389, 623	2019-12-07 14:26:00
12.217.40.175	attackbotsspam	DATE:2019-12-07 05:54:24, IP:12.217.40.175, PORT:telnet - Telnet brute force auth on a honeypot server (epe-dc)	2019-12-07 13:51:12
218.92.0.207	attack	Dec 7 06:49:44 MK-Soft-Root1 sshd[18787]: Failed password for root from 218.92.0.207 port 34816 ssh2 Dec 7 06:49:47 MK-Soft-Root1 sshd[18787]: Failed password for root from 218.92.0.207 port 34816 ssh2 ...	2019-12-07 14:24:03
110.164.76.61	attackspambots	Dec 7 07:00:34 amit sshd\[770\]: Invalid user test from 110.164.76.61 Dec 7 07:00:34 amit sshd\[770\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.164.76.61 Dec 7 07:00:36 amit sshd\[770\]: Failed password for invalid user test from 110.164.76.61 port 51396 ssh2 ...	2019-12-07 14:15:07
128.199.167.233	attackspam	$f2bV_matches	2019-12-07 14:22:26

最近上报的IP列表

174.151.242.12	71.203.174.119	166.36.164.116	168.167.79.105
62.4.15.163	52.79.156.20	130.200.53.41	123.23.54.108
157.186.146.255	14.32.124.239	166.82.156.83	66.228.45.154
54.36.148.8	117.154.7.68	64.233.167.121	104.27.130.225
32.16.7.135	66.251.181.124	81.201.125.163	101.207.245.23