58.254.132.140

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): China Unicom Guangdong Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Oct 30 12:58:09 web1 sshd\[4131\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.140 user=root Oct 30 12:58:12 web1 sshd\[4131\]: Failed password for root from 58.254.132.140 port 60160 ssh2 Oct 30 13:02:38 web1 sshd\[4582\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.140 user=root Oct 30 13:02:40 web1 sshd\[4582\]: Failed password for root from 58.254.132.140 port 60162 ssh2 Oct 30 13:07:15 web1 sshd\[5010\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.140 user=root	2019-10-31 07:12:39
attack	2019-10-29T13:44:40.748077abusebot-8.cloudsearch.cf sshd\[19258\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.140 user=root	2019-10-30 02:58:44
attack	Oct 25 16:46:21 plusreed sshd[3819]: Invalid user madhulekha from 58.254.132.140 ...	2019-10-26 04:50:45
attackbots	Invalid user postgres from 58.254.132.140 port 64587	2019-10-22 19:21:40
attackspambots	Oct 20 21:49:42 sauna sshd[94943]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.140 Oct 20 21:49:44 sauna sshd[94943]: Failed password for invalid user lie from 58.254.132.140 port 60974 ssh2 ...	2019-10-21 02:51:55
attackbotsspam	Fail2Ban Ban Triggered	2019-10-20 19:36:47
attackbots	Oct 16 21:29:15 vps01 sshd[4420]: Failed password for root from 58.254.132.140 port 56678 ssh2	2019-10-17 03:40:53
attackspam	Oct 16 07:02:11 markkoudstaal sshd[32394]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.140 Oct 16 07:02:13 markkoudstaal sshd[32394]: Failed password for invalid user kirkwood from 58.254.132.140 port 48562 ssh2 Oct 16 07:07:31 markkoudstaal sshd[401]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.140	2019-10-16 13:11:58
attack	Oct 10 23:01:46 vps01 sshd[1835]: Failed password for root from 58.254.132.140 port 50673 ssh2	2019-10-11 05:28:57
attackbotsspam	Oct 10 15:49:22 mail sshd[11650]: Failed password for root from 58.254.132.140 port 47396 ssh2 Oct 10 15:54:17 mail sshd[13069]: Failed password for root from 58.254.132.140 port 47397 ssh2	2019-10-10 22:23:25
attackbotsspam	Oct 9 22:46:07 MK-Soft-VM6 sshd[22232]: Failed password for root from 58.254.132.140 port 50271 ssh2 ...	2019-10-10 05:27:40
attackbotsspam	2019-10-09T13:35:22.161526abusebot-5.cloudsearch.cf sshd\[17892\]: Invalid user 1234@4321 from 58.254.132.140 port 61424	2019-10-09 22:58:10
attackspam	Oct 6 20:25:28 ws12vmsma01 sshd[11612]: Failed password for root from 58.254.132.140 port 46010 ssh2 Oct 6 20:29:19 ws12vmsma01 sshd[12284]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.140 user=root Oct 6 20:29:21 ws12vmsma01 sshd[12284]: Failed password for root from 58.254.132.140 port 46013 ssh2 ...	2019-10-07 07:59:43
attackbotsspam	Sep 22 07:50:35 auw2 sshd\[16238\]: Invalid user tina from 58.254.132.140 Sep 22 07:50:35 auw2 sshd\[16238\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.140 Sep 22 07:50:37 auw2 sshd\[16238\]: Failed password for invalid user tina from 58.254.132.140 port 29919 ssh2 Sep 22 07:55:39 auw2 sshd\[16717\]: Invalid user gta5 from 58.254.132.140 Sep 22 07:55:39 auw2 sshd\[16717\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.140	2019-09-23 02:34:28
attack	Sep 19 18:29:50 microserver sshd[43058]: Invalid user judy from 58.254.132.140 port 30388 Sep 19 18:29:50 microserver sshd[43058]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.140 Sep 19 18:29:52 microserver sshd[43058]: Failed password for invalid user judy from 58.254.132.140 port 30388 ssh2 Sep 19 18:33:51 microserver sshd[43665]: Invalid user scanner from 58.254.132.140 port 30394 Sep 19 18:33:51 microserver sshd[43665]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.140 Sep 19 18:45:47 microserver sshd[45473]: Invalid user ftpuser from 58.254.132.140 port 30413 Sep 19 18:45:47 microserver sshd[45473]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.140 Sep 19 18:45:49 microserver sshd[45473]: Failed password for invalid user ftpuser from 58.254.132.140 port 30413 ssh2 Sep 19 18:49:51 microserver sshd[45688]: Invalid user rony from 58.254.132.140 port	2019-09-20 01:33:58
attackspambots	Sep 13 08:39:59 ns3110291 sshd\[5972\]: Invalid user oracle from 58.254.132.140 Sep 13 08:39:59 ns3110291 sshd\[5972\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.140 Sep 13 08:40:01 ns3110291 sshd\[5972\]: Failed password for invalid user oracle from 58.254.132.140 port 26408 ssh2 Sep 13 08:43:33 ns3110291 sshd\[7325\]: Invalid user accounts from 58.254.132.140 Sep 13 08:43:33 ns3110291 sshd\[7325\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.140 ...	2019-09-13 15:18:23
attackbots	[Aegis] @ 2019-09-01 11:22:49 0100 -> Attempted Administrator Privilege Gain: ET SCAN LibSSH Based Frequent SSH Connections Likely BruteForce Attack	2019-09-01 22:30:04

相同子网IP讨论:

IP	类型	评论内容	时间
58.254.132.49	attackspam	Feb 22 09:11:10 srv-ubuntu-dev3 sshd[46657]: Invalid user admin from 58.254.132.49 Feb 22 09:11:10 srv-ubuntu-dev3 sshd[46657]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.49 Feb 22 09:11:10 srv-ubuntu-dev3 sshd[46657]: Invalid user admin from 58.254.132.49 Feb 22 09:11:12 srv-ubuntu-dev3 sshd[46657]: Failed password for invalid user admin from 58.254.132.49 port 31915 ssh2 Feb 22 09:14:49 srv-ubuntu-dev3 sshd[46903]: Invalid user hadoop from 58.254.132.49 Feb 22 09:14:49 srv-ubuntu-dev3 sshd[46903]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.49 Feb 22 09:14:49 srv-ubuntu-dev3 sshd[46903]: Invalid user hadoop from 58.254.132.49 Feb 22 09:14:50 srv-ubuntu-dev3 sshd[46903]: Failed password for invalid user hadoop from 58.254.132.49 port 31918 ssh2 Feb 22 09:18:37 srv-ubuntu-dev3 sshd[47184]: Invalid user ll from 58.254.132.49 ...	2020-02-22 16:34:26
58.254.132.49	attack	Feb 12 03:17:18 sd-53420 sshd\[26574\]: Invalid user historis from 58.254.132.49 Feb 12 03:17:18 sd-53420 sshd\[26574\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.49 Feb 12 03:17:20 sd-53420 sshd\[26574\]: Failed password for invalid user historis from 58.254.132.49 port 27603 ssh2 Feb 12 03:20:20 sd-53420 sshd\[26872\]: Invalid user eoffice from 58.254.132.49 Feb 12 03:20:20 sd-53420 sshd\[26872\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.49 ...	2020-02-12 11:06:06
58.254.132.239	attack	Dec 25 07:26:21 zulu412 sshd\[792\]: Invalid user marlon from 58.254.132.239 port 22118 Dec 25 07:26:21 zulu412 sshd\[792\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.239 Dec 25 07:26:23 zulu412 sshd\[792\]: Failed password for invalid user marlon from 58.254.132.239 port 22118 ssh2 ...	2019-12-25 17:10:29
58.254.132.156	attackspambots	2019-12-22T22:33:25.718442Z f101cdbeadf2 New connection: 58.254.132.156:25772 (172.17.0.5:2222) [session: f101cdbeadf2] 2019-12-22T22:53:10.074190Z b12a0253e4d9 New connection: 58.254.132.156:25775 (172.17.0.5:2222) [session: b12a0253e4d9]	2019-12-23 06:56:04
58.254.132.239	attackbots	$f2bV_matches	2019-12-21 22:56:24
58.254.132.239	attackbots	Dec 20 09:18:36 php1 sshd\[14736\]: Invalid user iiiiiii from 58.254.132.239 Dec 20 09:18:36 php1 sshd\[14736\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.239 Dec 20 09:18:38 php1 sshd\[14736\]: Failed password for invalid user iiiiiii from 58.254.132.239 port 24575 ssh2 Dec 20 09:22:10 php1 sshd\[15103\]: Invalid user lovelace from 58.254.132.239 Dec 20 09:22:10 php1 sshd\[15103\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.239	2019-12-21 05:39:27
58.254.132.156	attackspam	Dec 19 01:56:13 TORMINT sshd\[4019\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.156 user=root Dec 19 01:56:15 TORMINT sshd\[4019\]: Failed password for root from 58.254.132.156 port 28376 ssh2 Dec 19 02:00:37 TORMINT sshd\[4213\]: Invalid user admin from 58.254.132.156 Dec 19 02:00:37 TORMINT sshd\[4213\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.156 ...	2019-12-19 15:03:01
58.254.132.239	attack	Dec 16 10:47:12 server sshd\[12615\]: Invalid user test from 58.254.132.239 Dec 16 10:47:12 server sshd\[12615\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.239 Dec 16 10:47:14 server sshd\[12615\]: Failed password for invalid user test from 58.254.132.239 port 13070 ssh2 Dec 16 10:53:28 server sshd\[14274\]: Invalid user tit0nich from 58.254.132.239 Dec 16 10:53:28 server sshd\[14274\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.239 ...	2019-12-16 17:07:14
58.254.132.239	attack	Dec 12 12:38:40 firewall sshd[8789]: Invalid user barisch from 58.254.132.239 Dec 12 12:38:42 firewall sshd[8789]: Failed password for invalid user barisch from 58.254.132.239 port 25597 ssh2 Dec 12 12:44:05 firewall sshd[8939]: Invalid user caspar from 58.254.132.239 ...	2019-12-13 04:45:59
58.254.132.239	attack	Dec 10 21:56:22 localhost sshd\[17711\]: Invalid user 1q2w3e4r5t6789 from 58.254.132.239 port 33248 Dec 10 21:56:22 localhost sshd\[17711\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.239 Dec 10 21:56:24 localhost sshd\[17711\]: Failed password for invalid user 1q2w3e4r5t6789 from 58.254.132.239 port 33248 ssh2	2019-12-11 05:07:20
58.254.132.156	attack	2019-12-05T06:30:38.557153abusebot-5.cloudsearch.cf sshd\[6486\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.156 user=root	2019-12-05 15:40:09
58.254.132.156	attackspam	fail2ban	2019-12-03 07:38:37
58.254.132.2	attack	SSH login attempts with user root.	2019-11-30 04:52:55
58.254.132.156	attack	Nov 28 12:36:59 TORMINT sshd\[24238\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.156 user=root Nov 28 12:37:01 TORMINT sshd\[24238\]: Failed password for root from 58.254.132.156 port 21769 ssh2 Nov 28 12:40:49 TORMINT sshd\[24410\]: Invalid user khatri from 58.254.132.156 Nov 28 12:40:49 TORMINT sshd\[24410\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.156 ...	2019-11-29 02:16:33
58.254.132.41	attackspam	Invalid user admin from 58.254.132.41 port 59742	2019-11-27 20:46:28

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 58.254.132.140
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 27561
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;58.254.132.140.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019090100 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Sep 01 22:29:56 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 140.132.254.58.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 140.132.254.58.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
36.4.85.234	attackbots	badbot	2019-11-20 14:51:13
52.35.136.194	attackspambots	11/20/2019-07:32:23.227853 52.35.136.194 Protocol: 6 SURICATA TLS invalid record/traffic	2019-11-20 14:45:49
69.55.49.194	attack	2019-11-20T06:32:09.549663abusebot-7.cloudsearch.cf sshd\[24580\]: Invalid user guillette from 69.55.49.194 port 56966	2019-11-20 14:50:44
63.83.78.171	attackspam	Postfix RBL failed	2019-11-20 14:22:49
222.186.169.192	attack	2019-11-20T06:27:38.105013abusebot-8.cloudsearch.cf sshd\[1493\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.169.192 user=root	2019-11-20 14:30:02
91.121.2.33	attack	Nov 20 07:28:39 srv01 sshd[30455]: Invalid user afra from 91.121.2.33 port 38752 Nov 20 07:28:39 srv01 sshd[30455]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.121.2.33 Nov 20 07:28:39 srv01 sshd[30455]: Invalid user afra from 91.121.2.33 port 38752 Nov 20 07:28:41 srv01 sshd[30455]: Failed password for invalid user afra from 91.121.2.33 port 38752 ssh2 Nov 20 07:31:53 srv01 sshd[30665]: Invalid user www from 91.121.2.33 port 56941 ...	2019-11-20 14:53:01
14.56.180.103	attackspambots	Nov 20 07:40:38 sso sshd[3256]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.56.180.103 Nov 20 07:40:39 sso sshd[3256]: Failed password for invalid user passwd9999 from 14.56.180.103 port 43636 ssh2 ...	2019-11-20 14:54:50
194.199.210.212	attack	Wordpress login attempts	2019-11-20 14:27:15
62.234.146.45	attackbotsspam	Nov 19 22:54:22 dallas01 sshd[12623]: Failed password for bin from 62.234.146.45 port 36424 ssh2 Nov 19 22:59:16 dallas01 sshd[13500]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.146.45 Nov 19 22:59:18 dallas01 sshd[13500]: Failed password for invalid user e from 62.234.146.45 port 38258 ssh2	2019-11-20 14:22:23
222.186.175.215	attackbots	Nov 20 07:42:49 MK-Soft-VM7 sshd[16098]: Failed password for root from 222.186.175.215 port 15232 ssh2 Nov 20 07:42:53 MK-Soft-VM7 sshd[16098]: Failed password for root from 222.186.175.215 port 15232 ssh2 ...	2019-11-20 14:43:01
190.102.140.7	attack	2019-11-20T01:16:47.9712191495-001 sshd\[36808\]: Invalid user murgo from 190.102.140.7 port 46746 2019-11-20T01:16:47.9811331495-001 sshd\[36808\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.102.140.7 2019-11-20T01:16:49.4680071495-001 sshd\[36808\]: Failed password for invalid user murgo from 190.102.140.7 port 46746 ssh2 2019-11-20T01:21:04.7107351495-001 sshd\[36939\]: Invalid user bsnl123456 from 190.102.140.7 port 54848 2019-11-20T01:21:04.7199101495-001 sshd\[36939\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.102.140.7 2019-11-20T01:21:06.8193911495-001 sshd\[36939\]: Failed password for invalid user bsnl123456 from 190.102.140.7 port 54848 ssh2 ...	2019-11-20 14:52:01
129.211.10.228	attack	Nov 20 08:32:15 sauna sshd[111074]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.10.228 Nov 20 08:32:17 sauna sshd[111074]: Failed password for invalid user custer from 129.211.10.228 port 57352 ssh2 ...	2019-11-20 14:46:50
67.205.178.14	attackbots	20.11.2019 07:41:16 - Wordpress fail Detected by ELinOX-ALM	2019-11-20 14:41:40
92.12.154.145	attackspam	Nov 20 06:31:44 game-panel sshd[16089]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.12.154.145 Nov 20 06:31:45 game-panel sshd[16091]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.12.154.145 Nov 20 06:31:47 game-panel sshd[16089]: Failed password for invalid user pi from 92.12.154.145 port 38854 ssh2	2019-11-20 14:55:49
171.228.73.111	attack	port scan and connect, tcp 1433 (ms-sql-s)	2019-11-20 14:23:38

最近上报的IP列表

61.126.121.207	106.71.79.103	124.68.172.190	46.29.160.121
59.41.95.203	166.82.208.210	23.49.110.2	160.187.87.255
125.94.180.204	55.99.39.114	43.230.196.58	81.180.224.78
27.252.244.83	1.170.86.67	36.236.21.243	191.188.36.203
23.248.66.124	98.82.82.114	196.223.55.158	81.171.21.145