58.56.145.94 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Shandong Telecom Corporation

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	SMTP/25/465/587-993/995 Probe, Reject, BadAuth, Hack, SPAM -	2019-10-08 02:18:39
attackspambots	[munged]::443 58.56.145.94 - - [03/Oct/2019:22:51:14 +0200] "POST /[munged]: HTTP/1.1" 200 9358 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 58.56.145.94 - - [03/Oct/2019:22:51:15 +0200] "POST /[munged]: HTTP/1.1" 200 4698 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 58.56.145.94 - - [03/Oct/2019:22:51:16 +0200] "POST /[munged]: HTTP/1.1" 200 4698 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 58.56.145.94 - - [03/Oct/2019:22:51:17 +0200] "POST /[munged]: HTTP/1.1" 200 4698 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 58.56.145.94 - - [03/Oct/2019:22:51:19 +0200] "POST /[munged]: HTTP/1.1" 200 4698 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 58.56.145.94 - - [03/Oct/2019:22:51:20 +0200]	2019-10-04 06:50:38

类型

评论内容

时间

attackspam

SMTP/25/465/587-993/995 Probe, Reject, BadAuth, Hack, SPAM -

2019-10-08 02:18:39

attackspambots

[munged]::443 58.56.145.94 - - [03/Oct/2019:22:51:14 +0200] "POST /[munged]: HTTP/1.1" 200 9358 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0"
[munged]::443 58.56.145.94 - - [03/Oct/2019:22:51:15 +0200] "POST /[munged]: HTTP/1.1" 200 4698 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0"
[munged]::443 58.56.145.94 - - [03/Oct/2019:22:51:16 +0200] "POST /[munged]: HTTP/1.1" 200 4698 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0"
[munged]::443 58.56.145.94 - - [03/Oct/2019:22:51:17 +0200] "POST /[munged]: HTTP/1.1" 200 4698 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0"
[munged]::443 58.56.145.94 - - [03/Oct/2019:22:51:19 +0200] "POST /[munged]: HTTP/1.1" 200 4698 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0"
[munged]::443 58.56.145.94 - - [03/Oct/2019:22:51:20 +0200]

2019-10-04 06:50:38

相同子网IP讨论:

IP	类型	评论内容	时间
58.56.145.134	attack	Jan 4 13:12:25 www_kotimaassa_fi sshd[15056]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.56.145.134 Jan 4 13:12:27 www_kotimaassa_fi sshd[15056]: Failed password for invalid user admin from 58.56.145.134 port 53626 ssh2 ...	2020-01-05 00:18:54

类型

评论内容

时间

58.56.145.134

attack

Jan  4 13:12:25 www_kotimaassa_fi sshd[15056]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.56.145.134
Jan  4 13:12:27 www_kotimaassa_fi sshd[15056]: Failed password for invalid user admin from 58.56.145.134 port 53626 ssh2
...

2020-01-05 00:18:54

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 58.56.145.94
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 64317
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;58.56.145.94.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019052202 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu May 23 15:41:25 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 94.145.56.58.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 94.145.56.58.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
110.225.79.117	attackspambots	Unauthorized connection attempt from IP address 110.225.79.117 on Port 445(SMB)	2020-07-21 21:39:01
138.68.21.125	attackspam	Jul 21 14:14:29 server sshd[29859]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.21.125 Jul 21 14:14:31 server sshd[29859]: Failed password for invalid user apl from 138.68.21.125 port 38880 ssh2 Jul 21 14:19:43 server sshd[30290]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.21.125 ...	2020-07-21 20:51:27
194.26.25.80	attackspambots	Jul 21 15:20:57 debian-2gb-nbg1-2 kernel: \[17596192.639872\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=194.26.25.80 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=239 ID=34260 PROTO=TCP SPT=59939 DPT=7594 WINDOW=1024 RES=0x00 SYN URGP=0	2020-07-21 21:25:45
37.187.54.45	attackspam	Jul 21 15:16:35 eventyay sshd[25405]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.187.54.45 Jul 21 15:16:37 eventyay sshd[25405]: Failed password for invalid user valentin from 37.187.54.45 port 44084 ssh2 Jul 21 15:20:50 eventyay sshd[25631]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.187.54.45 ...	2020-07-21 21:33:51
71.6.167.142	attackspambots	Unauthorized connection attempt detected from IP address 71.6.167.142 to port 11300	2020-07-21 20:56:57
157.230.216.233	attackbots	Jul 21 15:12:30 minden010 sshd[4462]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.216.233 Jul 21 15:12:33 minden010 sshd[4462]: Failed password for invalid user csgoserver from 157.230.216.233 port 46748 ssh2 Jul 21 15:21:00 minden010 sshd[6975]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.216.233 ...	2020-07-21 21:23:01
222.186.180.8	attackbots	Jul 21 13:32:17 game-panel sshd[3469]: Failed password for root from 222.186.180.8 port 34712 ssh2 Jul 21 13:32:20 game-panel sshd[3469]: Failed password for root from 222.186.180.8 port 34712 ssh2 Jul 21 13:32:32 game-panel sshd[3469]: error: maximum authentication attempts exceeded for root from 222.186.180.8 port 34712 ssh2 [preauth]	2020-07-21 21:38:38
61.177.172.177	attackspambots	2020-07-21T13:20:37.940796shield sshd\[26660\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.177 user=root 2020-07-21T13:20:40.699511shield sshd\[26660\]: Failed password for root from 61.177.172.177 port 39872 ssh2 2020-07-21T13:20:43.583841shield sshd\[26660\]: Failed password for root from 61.177.172.177 port 39872 ssh2 2020-07-21T13:20:46.213582shield sshd\[26660\]: Failed password for root from 61.177.172.177 port 39872 ssh2 2020-07-21T13:20:49.922828shield sshd\[26660\]: Failed password for root from 61.177.172.177 port 39872 ssh2	2020-07-21 21:34:14
192.226.250.178	attackbots	Jul 21 14:37:42 meumeu sshd[1208576]: Invalid user deploy from 192.226.250.178 port 59806 Jul 21 14:37:42 meumeu sshd[1208576]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.226.250.178 Jul 21 14:37:42 meumeu sshd[1208576]: Invalid user deploy from 192.226.250.178 port 59806 Jul 21 14:37:44 meumeu sshd[1208576]: Failed password for invalid user deploy from 192.226.250.178 port 59806 ssh2 Jul 21 14:42:17 meumeu sshd[1208790]: Invalid user term from 192.226.250.178 port 47998 Jul 21 14:42:17 meumeu sshd[1208790]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.226.250.178 Jul 21 14:42:17 meumeu sshd[1208790]: Invalid user term from 192.226.250.178 port 47998 Jul 21 14:42:18 meumeu sshd[1208790]: Failed password for invalid user term from 192.226.250.178 port 47998 ssh2 Jul 21 14:46:54 meumeu sshd[1208950]: Invalid user top from 192.226.250.178 port 36188 ...	2020-07-21 20:47:48
106.53.249.204	attackbots	$f2bV_matches	2020-07-21 21:21:07
86.69.2.215	attack	Jul 21 15:16:45 OPSO sshd\[2460\]: Invalid user deploy from 86.69.2.215 port 57190 Jul 21 15:16:45 OPSO sshd\[2460\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=86.69.2.215 Jul 21 15:16:47 OPSO sshd\[2460\]: Failed password for invalid user deploy from 86.69.2.215 port 57190 ssh2 Jul 21 15:20:59 OPSO sshd\[3553\]: Invalid user maneesh from 86.69.2.215 port 42334 Jul 21 15:20:59 OPSO sshd\[3553\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=86.69.2.215	2020-07-21 21:21:28
222.186.169.192	attack	Jul 21 06:23:14 dignus sshd[15688]: Failed password for root from 222.186.169.192 port 22822 ssh2 Jul 21 06:23:18 dignus sshd[15688]: Failed password for root from 222.186.169.192 port 22822 ssh2 Jul 21 06:23:22 dignus sshd[15688]: Failed password for root from 222.186.169.192 port 22822 ssh2 Jul 21 06:23:25 dignus sshd[15688]: Failed password for root from 222.186.169.192 port 22822 ssh2 Jul 21 06:23:29 dignus sshd[15688]: Failed password for root from 222.186.169.192 port 22822 ssh2 ...	2020-07-21 21:26:56
51.195.53.6	attack	SSH brute-force attempt	2020-07-21 20:58:40
192.35.168.101	attackbots	TCP (SYN) 192.35.168.101:37441 -> port 5672, len 44	2020-07-21 21:00:36
190.146.13.180	attack	Jul 21 14:17:56 rocket sshd[32670]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.146.13.180 Jul 21 14:17:57 rocket sshd[32670]: Failed password for invalid user jqliu from 190.146.13.180 port 34741 ssh2 Jul 21 14:21:00 rocket sshd[714]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.146.13.180 ...	2020-07-21 21:23:27

最近上报的IP列表

164.147.81.252	38.121.68.16	170.41.187.59	119.230.23.246
184.217.63.23	194.51.245.27	9.250.246.77	37.227.46.65
146.153.195.57	46.94.251.176	2001:bc8:47a8:a06::1	218.60.202.203
188.115.146.196	185.96.215.149	193.123.120.43	222.140.6.8
106.13.4.76	142.44.243.172	212.92.121.147	185.232.21.29