58.56.145.94 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Shandong Telecom Corporation

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	SMTP/25/465/587-993/995 Probe, Reject, BadAuth, Hack, SPAM -	2019-10-08 02:18:39
attackspambots	[munged]::443 58.56.145.94 - - [03/Oct/2019:22:51:14 +0200] "POST /[munged]: HTTP/1.1" 200 9358 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 58.56.145.94 - - [03/Oct/2019:22:51:15 +0200] "POST /[munged]: HTTP/1.1" 200 4698 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 58.56.145.94 - - [03/Oct/2019:22:51:16 +0200] "POST /[munged]: HTTP/1.1" 200 4698 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 58.56.145.94 - - [03/Oct/2019:22:51:17 +0200] "POST /[munged]: HTTP/1.1" 200 4698 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 58.56.145.94 - - [03/Oct/2019:22:51:19 +0200] "POST /[munged]: HTTP/1.1" 200 4698 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 58.56.145.94 - - [03/Oct/2019:22:51:20 +0200]	2019-10-04 06:50:38

类型

评论内容

时间

attackspam

SMTP/25/465/587-993/995 Probe, Reject, BadAuth, Hack, SPAM -

2019-10-08 02:18:39

attackspambots

[munged]::443 58.56.145.94 - - [03/Oct/2019:22:51:14 +0200] "POST /[munged]: HTTP/1.1" 200 9358 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0"
[munged]::443 58.56.145.94 - - [03/Oct/2019:22:51:15 +0200] "POST /[munged]: HTTP/1.1" 200 4698 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0"
[munged]::443 58.56.145.94 - - [03/Oct/2019:22:51:16 +0200] "POST /[munged]: HTTP/1.1" 200 4698 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0"
[munged]::443 58.56.145.94 - - [03/Oct/2019:22:51:17 +0200] "POST /[munged]: HTTP/1.1" 200 4698 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0"
[munged]::443 58.56.145.94 - - [03/Oct/2019:22:51:19 +0200] "POST /[munged]: HTTP/1.1" 200 4698 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0"
[munged]::443 58.56.145.94 - - [03/Oct/2019:22:51:20 +0200]

2019-10-04 06:50:38

相同子网IP讨论:

IP	类型	评论内容	时间
58.56.145.134	attack	Jan 4 13:12:25 www_kotimaassa_fi sshd[15056]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.56.145.134 Jan 4 13:12:27 www_kotimaassa_fi sshd[15056]: Failed password for invalid user admin from 58.56.145.134 port 53626 ssh2 ...	2020-01-05 00:18:54

类型

评论内容

时间

58.56.145.134

attack

Jan  4 13:12:25 www_kotimaassa_fi sshd[15056]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.56.145.134
Jan  4 13:12:27 www_kotimaassa_fi sshd[15056]: Failed password for invalid user admin from 58.56.145.134 port 53626 ssh2
...

2020-01-05 00:18:54

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 58.56.145.94
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 64317
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;58.56.145.94.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019052202 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu May 23 15:41:25 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 94.145.56.58.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 94.145.56.58.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
65.155.30.1	attack	web Attack on Website at 2020-01-02.	2020-01-03 00:20:32
149.56.100.237	attackbots	Jan 2 21:53:48 itv-usvr-02 sshd[24085]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.100.237 user=root Jan 2 21:53:51 itv-usvr-02 sshd[24085]: Failed password for root from 149.56.100.237 port 40216 ssh2 Jan 2 21:56:51 itv-usvr-02 sshd[24332]: Invalid user ahidee from 149.56.100.237 port 43636 Jan 2 21:56:51 itv-usvr-02 sshd[24332]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.100.237 Jan 2 21:56:51 itv-usvr-02 sshd[24332]: Invalid user ahidee from 149.56.100.237 port 43636 Jan 2 21:56:53 itv-usvr-02 sshd[24332]: Failed password for invalid user ahidee from 149.56.100.237 port 43636 ssh2	2020-01-03 00:10:55
5.88.221.7	attackbotsspam	web Attack on Website at 2020-01-02.	2020-01-03 00:43:03
49.235.79.1	attackspambots	SSH login attempts with user root at 2020-01-02.	2020-01-03 00:45:28
140.143.17.199	attackbots	Jan 2 11:41:26 ws22vmsma01 sshd[202085]: Failed password for root from 140.143.17.199 port 42544 ssh2 ...	2020-01-03 00:23:46
66.249.155.245	attackbotsspam	Jan 2 14:54:28 zeus sshd[11930]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.249.155.245 Jan 2 14:54:31 zeus sshd[11930]: Failed password for invalid user dbus from 66.249.155.245 port 47654 ssh2 Jan 2 14:56:37 zeus sshd[11985]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.249.155.245 Jan 2 14:56:40 zeus sshd[11985]: Failed password for invalid user ub from 66.249.155.245 port 34000 ssh2	2020-01-03 00:38:13
185.147.212.13	attackbots	\[2020-01-02 11:21:37\] NOTICE\[2839\] chan_sip.c: Registration from '\' failed for '185.147.212.13:59689' - Wrong password \[2020-01-02 11:21:37\] SECURITY\[2857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-01-02T11:21:37.233-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="2156",SessionID="0x7f0fb4894648",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.147.212.13/59689",Challenge="4c86c386",ReceivedChallenge="4c86c386",ReceivedHash="695dccfebfe77bec2ee93714c4c3f829" \[2020-01-02 11:21:59\] NOTICE\[2839\] chan_sip.c: Registration from '\' failed for '185.147.212.13:51931' - Wrong password \[2020-01-02 11:21:59\] SECURITY\[2857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-01-02T11:21:59.880-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="9032",SessionID="0x7f0fb47f77b8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.14	2020-01-03 00:31:30
201.20.88.10	attackspambots	Jan 2 12:57:03 vps46666688 sshd[6350]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.20.88.10 Jan 2 12:57:05 vps46666688 sshd[6350]: Failed password for invalid user user1 from 201.20.88.10 port 48288 ssh2 ...	2020-01-03 00:31:13
5.2.140.9	attackbots	web Attack on Website at 2020-01-02.	2020-01-03 00:43:35
61.220.206.1	attack	web Attack on Website at 2020-01-02.	2020-01-03 00:24:48
49.88.112.6	attack	SSH login attempts with user root at 2020-01-02.	2020-01-03 00:46:03
54.37.230.1	attackbotsspam	SSH login attempts with user root at 2020-01-02.	2020-01-03 00:32:15
104.196.7.246	attackspam	WordPress wp-login brute force :: 104.196.7.246 0.176 - [02/Jan/2020:14:56:40 0000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 1806 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "HTTP/1.1"	2020-01-03 00:37:47
49.233.162.2	attack	SSH login attempts with user root at 2020-01-02.	2020-01-03 00:47:34
51.91.10.1	attack	SSH login attempts with user root at 2020-01-02.	2020-01-03 00:36:46

最近上报的IP列表

164.147.81.252	38.121.68.16	170.41.187.59	119.230.23.246
184.217.63.23	194.51.245.27	9.250.246.77	37.227.46.65
146.153.195.57	46.94.251.176	2001:bc8:47a8:a06::1	218.60.202.203
188.115.146.196	185.96.215.149	193.123.120.43	222.140.6.8
106.13.4.76	142.44.243.172	212.92.121.147	185.232.21.29