58.254.132.49 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): China Unicom Guangdong Province Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Feb 22 09:11:10 srv-ubuntu-dev3 sshd[46657]: Invalid user admin from 58.254.132.49 Feb 22 09:11:10 srv-ubuntu-dev3 sshd[46657]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.49 Feb 22 09:11:10 srv-ubuntu-dev3 sshd[46657]: Invalid user admin from 58.254.132.49 Feb 22 09:11:12 srv-ubuntu-dev3 sshd[46657]: Failed password for invalid user admin from 58.254.132.49 port 31915 ssh2 Feb 22 09:14:49 srv-ubuntu-dev3 sshd[46903]: Invalid user hadoop from 58.254.132.49 Feb 22 09:14:49 srv-ubuntu-dev3 sshd[46903]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.49 Feb 22 09:14:49 srv-ubuntu-dev3 sshd[46903]: Invalid user hadoop from 58.254.132.49 Feb 22 09:14:50 srv-ubuntu-dev3 sshd[46903]: Failed password for invalid user hadoop from 58.254.132.49 port 31918 ssh2 Feb 22 09:18:37 srv-ubuntu-dev3 sshd[47184]: Invalid user ll from 58.254.132.49 ...	2020-02-22 16:34:26
attack	Feb 12 03:17:18 sd-53420 sshd\[26574\]: Invalid user historis from 58.254.132.49 Feb 12 03:17:18 sd-53420 sshd\[26574\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.49 Feb 12 03:17:20 sd-53420 sshd\[26574\]: Failed password for invalid user historis from 58.254.132.49 port 27603 ssh2 Feb 12 03:20:20 sd-53420 sshd\[26872\]: Invalid user eoffice from 58.254.132.49 Feb 12 03:20:20 sd-53420 sshd\[26872\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.49 ...	2020-02-12 11:06:06
attackspam	Oct 1 06:54:41 www sshd\[165355\]: Invalid user hj from 58.254.132.49 Oct 1 06:54:41 www sshd\[165355\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.49 Oct 1 06:54:43 www sshd\[165355\]: Failed password for invalid user hj from 58.254.132.49 port 38935 ssh2 ...	2019-10-01 12:00:53
attack	Sep 29 19:53:16 dedicated sshd[20717]: Invalid user lis from 58.254.132.49 port 39418	2019-09-30 02:47:09
attack	2019-09-20 06:11:20,629 fail2ban.actions \[946\]: NOTICE \[sshd\] Ban 58.254.132.49 2019-09-20 06:43:48,003 fail2ban.actions \[946\]: NOTICE \[sshd\] Ban 58.254.132.49 2019-09-20 07:16:31,925 fail2ban.actions \[946\]: NOTICE \[sshd\] Ban 58.254.132.49 2019-09-20 07:48:09,711 fail2ban.actions \[946\]: NOTICE \[sshd\] Ban 58.254.132.49 2019-09-20 08:19:10,001 fail2ban.actions \[946\]: NOTICE \[sshd\] Ban 58.254.132.49 ...	2019-09-23 00:55:02
attack	Sep 16 11:22:32 hanapaa sshd\[14518\]: Invalid user hgfdsa from 58.254.132.49 Sep 16 11:22:32 hanapaa sshd\[14518\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.49 Sep 16 11:22:34 hanapaa sshd\[14518\]: Failed password for invalid user hgfdsa from 58.254.132.49 port 31307 ssh2 Sep 16 11:27:18 hanapaa sshd\[14894\]: Invalid user spamers123 from 58.254.132.49 Sep 16 11:27:18 hanapaa sshd\[14894\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.49	2019-09-17 05:28:37
attackbotsspam	Sep 15 00:48:47 ny01 sshd[10994]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.49 Sep 15 00:48:49 ny01 sshd[10994]: Failed password for invalid user lu from 58.254.132.49 port 24803 ssh2 Sep 15 00:54:09 ny01 sshd[12107]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.49	2019-09-15 12:57:57
attackbotsspam	Sep 2 07:53:03 Ubuntu-1404-trusty-64-minimal sshd\[6309\]: Invalid user mehdi from 58.254.132.49 Sep 2 07:53:03 Ubuntu-1404-trusty-64-minimal sshd\[6309\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.49 Sep 2 07:53:06 Ubuntu-1404-trusty-64-minimal sshd\[6309\]: Failed password for invalid user mehdi from 58.254.132.49 port 15600 ssh2 Sep 2 08:06:39 Ubuntu-1404-trusty-64-minimal sshd\[15884\]: Invalid user servis from 58.254.132.49 Sep 2 08:06:39 Ubuntu-1404-trusty-64-minimal sshd\[15884\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.49	2019-09-02 16:20:28

相同子网IP讨论:

IP	类型	评论内容	时间
58.254.132.239	attack	Dec 25 07:26:21 zulu412 sshd\[792\]: Invalid user marlon from 58.254.132.239 port 22118 Dec 25 07:26:21 zulu412 sshd\[792\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.239 Dec 25 07:26:23 zulu412 sshd\[792\]: Failed password for invalid user marlon from 58.254.132.239 port 22118 ssh2 ...	2019-12-25 17:10:29
58.254.132.156	attackspambots	2019-12-22T22:33:25.718442Z f101cdbeadf2 New connection: 58.254.132.156:25772 (172.17.0.5:2222) [session: f101cdbeadf2] 2019-12-22T22:53:10.074190Z b12a0253e4d9 New connection: 58.254.132.156:25775 (172.17.0.5:2222) [session: b12a0253e4d9]	2019-12-23 06:56:04
58.254.132.239	attackbots	$f2bV_matches	2019-12-21 22:56:24
58.254.132.239	attackbots	Dec 20 09:18:36 php1 sshd\[14736\]: Invalid user iiiiiii from 58.254.132.239 Dec 20 09:18:36 php1 sshd\[14736\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.239 Dec 20 09:18:38 php1 sshd\[14736\]: Failed password for invalid user iiiiiii from 58.254.132.239 port 24575 ssh2 Dec 20 09:22:10 php1 sshd\[15103\]: Invalid user lovelace from 58.254.132.239 Dec 20 09:22:10 php1 sshd\[15103\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.239	2019-12-21 05:39:27
58.254.132.156	attackspam	Dec 19 01:56:13 TORMINT sshd\[4019\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.156 user=root Dec 19 01:56:15 TORMINT sshd\[4019\]: Failed password for root from 58.254.132.156 port 28376 ssh2 Dec 19 02:00:37 TORMINT sshd\[4213\]: Invalid user admin from 58.254.132.156 Dec 19 02:00:37 TORMINT sshd\[4213\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.156 ...	2019-12-19 15:03:01
58.254.132.239	attack	Dec 16 10:47:12 server sshd\[12615\]: Invalid user test from 58.254.132.239 Dec 16 10:47:12 server sshd\[12615\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.239 Dec 16 10:47:14 server sshd\[12615\]: Failed password for invalid user test from 58.254.132.239 port 13070 ssh2 Dec 16 10:53:28 server sshd\[14274\]: Invalid user tit0nich from 58.254.132.239 Dec 16 10:53:28 server sshd\[14274\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.239 ...	2019-12-16 17:07:14
58.254.132.239	attack	Dec 12 12:38:40 firewall sshd[8789]: Invalid user barisch from 58.254.132.239 Dec 12 12:38:42 firewall sshd[8789]: Failed password for invalid user barisch from 58.254.132.239 port 25597 ssh2 Dec 12 12:44:05 firewall sshd[8939]: Invalid user caspar from 58.254.132.239 ...	2019-12-13 04:45:59
58.254.132.239	attack	Dec 10 21:56:22 localhost sshd\[17711\]: Invalid user 1q2w3e4r5t6789 from 58.254.132.239 port 33248 Dec 10 21:56:22 localhost sshd\[17711\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.239 Dec 10 21:56:24 localhost sshd\[17711\]: Failed password for invalid user 1q2w3e4r5t6789 from 58.254.132.239 port 33248 ssh2	2019-12-11 05:07:20
58.254.132.156	attack	2019-12-05T06:30:38.557153abusebot-5.cloudsearch.cf sshd\[6486\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.156 user=root	2019-12-05 15:40:09
58.254.132.156	attackspam	fail2ban	2019-12-03 07:38:37
58.254.132.2	attack	SSH login attempts with user root.	2019-11-30 04:52:55
58.254.132.156	attack	Nov 28 12:36:59 TORMINT sshd\[24238\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.156 user=root Nov 28 12:37:01 TORMINT sshd\[24238\]: Failed password for root from 58.254.132.156 port 21769 ssh2 Nov 28 12:40:49 TORMINT sshd\[24410\]: Invalid user khatri from 58.254.132.156 Nov 28 12:40:49 TORMINT sshd\[24410\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.156 ...	2019-11-29 02:16:33
58.254.132.41	attackspam	Invalid user admin from 58.254.132.41 port 59742	2019-11-27 20:46:28
58.254.132.156	attackspambots	Nov 26 13:08:46 server sshd\[13896\]: Failed password for invalid user salfeld from 58.254.132.156 port 12582 ssh2 Nov 27 09:22:42 server sshd\[32355\]: Invalid user barney from 58.254.132.156 Nov 27 09:22:42 server sshd\[32355\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.156 Nov 27 09:22:44 server sshd\[32355\]: Failed password for invalid user barney from 58.254.132.156 port 18480 ssh2 Nov 27 09:30:18 server sshd\[2007\]: Invalid user capoferc from 58.254.132.156 Nov 27 09:30:18 server sshd\[2007\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.156 ...	2019-11-27 16:16:24
58.254.132.156	attackspam	$f2bV_matches_ltvn	2019-11-24 05:40:34

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 58.254.132.49
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 59215
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;58.254.132.49.			IN	A

;; AUTHORITY SECTION:
.			3362	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019090200 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Sep 02 16:20:21 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 49.132.254.58.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 49.132.254.58.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
41.141.250.244	attackbotsspam	Unauthorized connection attempt detected from IP address 41.141.250.244 to port 2220 [J]	2020-01-08 07:37:15
200.60.78.169	attackspambots	Unauthorized connection attempt from IP address 200.60.78.169 on Port 445(SMB)	2020-01-08 07:28:48
222.186.173.183	attackbots	01/07/2020-18:48:36.977638 222.186.173.183 Protocol: 6 ET SCAN Potential SSH Scan	2020-01-08 07:56:24
106.12.61.64	attackbots	Unauthorized connection attempt detected from IP address 106.12.61.64 to port 2220 [J]	2020-01-08 07:57:15
128.199.199.217	attack	Unauthorized connection attempt detected from IP address 128.199.199.217 to port 2220 [J]	2020-01-08 07:40:40
222.186.15.10	attackspambots	Jan 7 20:25:05 firewall sshd[17456]: Failed password for root from 222.186.15.10 port 47689 ssh2 Jan 7 20:25:08 firewall sshd[17456]: Failed password for root from 222.186.15.10 port 47689 ssh2 Jan 7 20:25:10 firewall sshd[17456]: Failed password for root from 222.186.15.10 port 47689 ssh2 ...	2020-01-08 07:26:14
124.227.7.16	attackbots	Unauthorized connection attempt detected from IP address 124.227.7.16 to port 1433 [J]	2020-01-08 07:59:15
69.94.158.106	attackbotsspam	Jan 7 23:11:28 grey postfix/smtpd\[9955\]: NOQUEUE: reject: RCPT from brass.swingthelamp.com\[69.94.158.106\]: 554 5.7.1 Service unavailable\; Client host \[69.94.158.106\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[69.94.158.106\]\; from=\ to=\ proto=ESMTP helo=\Jan 7 23:11:28 grey postfix/smtpd\[9956\]: NOQUEUE: reject: RCPT from brass.swingthelamp.com\[69.94.158.106\]: 554 5.7.1 Service unavailable\; Client host \[69.94.158.106\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[69.94.158.106\]\; from=\ to=\ proto=ESMTP helo=\Jan 7 23:11:28 grey postfix/smtpd\[9959\]: NOQUEUE: reject: RCPT from brass.swingthelamp.com\[69.94.158.106\]: 554 5.7.1 Service unavailable\; Client host \[69.94.158.106\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[69.94.1 ...	2020-01-08 07:58:08
5.196.65.135	attack	Jan 7 22:17:32 mail sshd\[29132\]: Invalid user sb from 5.196.65.135 Jan 7 22:17:32 mail sshd\[29132\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.196.65.135 Jan 7 22:17:34 mail sshd\[29132\]: Failed password for invalid user sb from 5.196.65.135 port 47524 ssh2 ...	2020-01-08 07:53:03
51.75.206.42	attack	Jan 7 23:52:20 SilenceServices sshd[12894]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.206.42 Jan 7 23:52:21 SilenceServices sshd[12894]: Failed password for invalid user test from 51.75.206.42 port 58794 ssh2 Jan 7 23:54:45 SilenceServices sshd[14753]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.206.42	2020-01-08 07:33:22
121.171.166.170	attackbots	Unauthorized connection attempt detected from IP address 121.171.166.170 to port 2220 [J]	2020-01-08 07:57:38
121.162.60.159	attack	Jan 7 23:04:34 ns4 sshd[3484]: Invalid user service from 121.162.60.159 Jan 7 23:04:35 ns4 sshd[3484]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.162.60.159 Jan 7 23:04:37 ns4 sshd[3484]: Failed password for invalid user service from 121.162.60.159 port 51692 ssh2 Jan 7 23:17:28 ns4 sshd[5545]: Invalid user rev. from 121.162.60.159 Jan 7 23:17:28 ns4 sshd[5545]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.162.60.159 Jan 7 23:17:30 ns4 sshd[5545]: Failed password for invalid user rev. from 121.162.60.159 port 44282 ssh2 Jan 7 23:20:36 ns4 sshd[6122]: Invalid user fik from 121.162.60.159 Jan 7 23:20:36 ns4 sshd[6122]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.162.60.159 Jan 7 23:20:38 ns4 sshd[6122]: Failed password for invalid user fik from 121.162.60.159 port 45766 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/	2020-01-08 08:01:04
103.9.159.66	attackbotsspam	Unauthorized connection attempt detected from IP address 103.9.159.66 to port 2220 [J]	2020-01-08 07:29:31
49.235.55.29	attack	Unauthorized connection attempt detected from IP address 49.235.55.29 to port 2220 [J]	2020-01-08 07:28:26
222.186.52.78	attackbots	Jan 8 00:19:37 * sshd[20392]: Failed password for root from 222.186.52.78 port 57321 ssh2	2020-01-08 07:37:45

最近上报的IP列表

86.102.84.126	36.224.110.227	115.48.31.22	1.165.109.118
137.63.246.39	61.190.124.195	49.235.198.166	14.253.0.174
117.0.213.33	114.220.10.149	185.129.219.171	27.71.253.233
201.206.66.135	13.74.87.163	46.92.73.244	1.125.106.130
45.149.192.66	200.98.141.54	219.73.63.198	220.135.221.183