58.236.139.20 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Korea (Republic of)

运营商(isp): SK Broadband Co Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	frenzy	2020-01-11 03:35:08
attackbotsspam	$f2bV_matches	2020-01-10 18:09:46
attackspambots	Jan 9 08:47:51 php1 sshd\[23244\]: Invalid user user from 58.236.139.20 Jan 9 08:47:51 php1 sshd\[23244\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.236.139.20 Jan 9 08:47:53 php1 sshd\[23244\]: Failed password for invalid user user from 58.236.139.20 port 61557 ssh2 Jan 9 08:50:13 php1 sshd\[23441\]: Invalid user postgres from 58.236.139.20 Jan 9 08:50:13 php1 sshd\[23441\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.236.139.20	2020-01-10 03:28:25
attackspam	Jan 7 15:49:52 raspberrypi sshd\[865\]: Invalid user user from 58.236.139.20Jan 7 15:49:54 raspberrypi sshd\[865\]: Failed password for invalid user user from 58.236.139.20 port 62272 ssh2Jan 7 15:52:17 raspberrypi sshd\[914\]: Invalid user postgres from 58.236.139.20 ...	2020-01-08 00:01:48
attack	Jan 5 18:06:52 server sshd\[14847\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.236.139.20 Jan 5 18:06:54 server sshd\[14847\]: Failed password for invalid user postgres from 58.236.139.20 port 62829 ssh2 Jan 6 04:48:04 server sshd\[3120\]: Invalid user user from 58.236.139.20 Jan 6 04:48:04 server sshd\[3120\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.236.139.20 Jan 6 04:48:06 server sshd\[3120\]: Failed password for invalid user user from 58.236.139.20 port 62028 ssh2 ...	2020-01-06 09:54:44
attack	Jan 3 14:24:14 toyboy sshd[15422]: Invalid user user from 58.236.139.20 Jan 3 14:24:14 toyboy sshd[15422]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.236.139.20 Jan 3 14:24:16 toyboy sshd[15422]: Failed password for invalid user user from 58.236.139.20 port 62998 ssh2 Jan 3 14:24:16 toyboy sshd[15422]: Received disconnect from 58.236.139.20: 11: Normal Shutdown, Thank you for playing [preauth] Jan 3 14:26:24 toyboy sshd[15520]: Invalid user postgres from 58.236.139.20 Jan 3 14:26:24 toyboy sshd[15520]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.236.139.20 Jan 3 14:26:25 toyboy sshd[15520]: Failed password for invalid user postgres from 58.236.139.20 port 63147 ssh2 Jan 3 14:26:25 toyboy sshd[15520]: Received disconnect from 58.236.139.20: 11: Normal Shutdown, Thank you for playing [preauth] Jan 3 14:28:56 toyboy sshd[15602]: Invalid user proba from 58.236.139.20 Jan ........ -------------------------------	2020-01-04 05:28:19

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 58.236.139.20
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 62963
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;58.236.139.20.			IN	A

;; AUTHORITY SECTION:
.			556	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020010301 1800 900 604800 86400

;; Query time: 44 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jan 04 05:28:17 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 20.139.236.58.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 20.139.236.58.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
45.125.65.99	attackbots	\[2019-11-10 11:07:27\] SECURITY\[2634\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-11-10T11:07:27.755-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="6660801148556213011",SessionID="0x7fdf2cd1cd48",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.125.65.99/55439",ACLName="no_extension_match" \[2019-11-10 11:08:09\] SECURITY\[2634\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-11-10T11:08:09.722-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="6660901148556213011",SessionID="0x7fdf2c3e9938",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.125.65.99/50816",ACLName="no_extension_match" \[2019-11-10 11:08:40\] SECURITY\[2634\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-11-10T11:08:40.727-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="6661001148556213011",SessionID="0x7fdf2cd1cd48",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.125.65.99/51745",ACLNam	2019-11-11 01:38:46
92.118.37.70	attackspam	TCP 3389 (RDP)	2019-11-11 02:02:10
199.74.248.13	attack	ET SCAN Suspicious inbound to MSSQL port 1433 - port: 1433 proto: TCP cat: Potentially Bad Traffic	2019-11-11 02:11:52
49.88.112.70	attackspambots	Nov 10 18:42:51 MK-Soft-VM5 sshd[18748]: Failed password for root from 49.88.112.70 port 12969 ssh2 Nov 10 18:42:55 MK-Soft-VM5 sshd[18748]: Failed password for root from 49.88.112.70 port 12969 ssh2 ...	2019-11-11 01:52:45
218.30.102.34	attack	ET SCAN Suspicious inbound to MSSQL port 1433 - port: 1433 proto: TCP cat: Potentially Bad Traffic	2019-11-11 02:11:05
60.30.77.19	attackspam	Nov 10 18:27:14 pkdns2 sshd\[11615\]: Invalid user am from 60.30.77.19Nov 10 18:27:16 pkdns2 sshd\[11615\]: Failed password for invalid user am from 60.30.77.19 port 52595 ssh2Nov 10 18:31:50 pkdns2 sshd\[11789\]: Invalid user QAZWSX!QAZ@WSX from 60.30.77.19Nov 10 18:31:52 pkdns2 sshd\[11789\]: Failed password for invalid user QAZWSX!QAZ@WSX from 60.30.77.19 port 41550 ssh2Nov 10 18:36:23 pkdns2 sshd\[11980\]: Invalid user titsandass from 60.30.77.19Nov 10 18:36:25 pkdns2 sshd\[11980\]: Failed password for invalid user titsandass from 60.30.77.19 port 58737 ssh2 ...	2019-11-11 01:34:11
185.53.88.92	attackspambots	Portscan or hack attempt detected by psad/fwsnort	2019-11-11 01:35:04
185.209.0.90	attack	11/10/2019-12:37:04.404366 185.209.0.90 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-11-11 01:39:59
185.153.196.240	attackspambots	11/10/2019-11:42:56.309973 185.153.196.240 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-11-11 01:46:07
112.213.119.1	attackspam	Unauthorised access (Nov 10) SRC=112.213.119.1 LEN=40 PREC=0x80 TTL=242 ID=2424 TCP DPT=445 WINDOW=1024 SYN	2019-11-11 01:49:20
128.199.207.45	attackbots	Nov 10 17:22:41 sticky sshd\[28734\]: Invalid user mlh from 128.199.207.45 port 34230 Nov 10 17:22:41 sticky sshd\[28734\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.207.45 Nov 10 17:22:44 sticky sshd\[28734\]: Failed password for invalid user mlh from 128.199.207.45 port 34230 ssh2 Nov 10 17:27:23 sticky sshd\[28907\]: Invalid user nomis from 128.199.207.45 port 45720 Nov 10 17:27:23 sticky sshd\[28907\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.207.45 ...	2019-11-11 01:39:19
110.185.106.47	attackbotsspam	SSH bruteforce (Triggered fail2ban)	2019-11-11 01:44:00
134.209.90.220	attackspambots	Nov 10 17:08:42 lnxweb61 sshd[3217]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.90.220 Nov 10 17:08:42 lnxweb61 sshd[3217]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.90.220	2019-11-11 01:37:55
119.40.55.14	attackspambots	11/10/2019-12:06:25.533164 119.40.55.14 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-11-11 01:58:40
66.240.205.34	attackbotsspam	66.240.205.34 was recorded 9 times by 7 hosts attempting to connect to the following ports: 12345,54984,7415,80,443,82. Incident counter (4h, 24h, all-time): 9, 79, 414	2019-11-11 02:04:32

最近上报的IP列表

116.181.238.139	215.36.197.59	8.168.105.100	51.27.110.210
157.96.192.253	60.32.242.186	183.26.207.96	192.6.49.121
142.234.255.143	154.45.90.97	37.246.143.187	17.87.15.78
130.45.162.164	200.136.0.211	17.132.92.186	23.8.40.98
11.35.40.212	136.4.211.239	125.155.163.211	125.21.163.79