Go
58.254.132.239
is a
Hacker
100 %
China
Report Abuse
699attacks reported
630Brute-ForceSSH
34Brute-Force
11SSH
10Web App Attack
5uncategorized
3FTP Brute-ForceHacking
1HackingBrute-ForceSSH
1SSHBrute-Force
1Port ScanBrute-ForceSSH
1Port Scan
...
from 71 distinct reporters
and 6 distinct sources : Blocklist.de, BadIPs.com, FireHOL, NormShield.com, darklist.de, AbuseIPDB
58.254.132.239 was first signaled at 2019-08-30 17:25 and last record was at 2019-09-26 17:58.
IP

58.254.132.239

Organization
China Unicom Guangdong IP network
Localisation
China
Guangdong, Guangzhou
NetRange : First & Last IP
58.248.0.0 - 58.255.255.255
Network CIDR
58.248.0.0/13

Cybercrime IP Feeds

Date UTC Category Sub Categories Source List Source Logs
2019-09-26 17:58 attacks Brute-ForceSSH AbuseIPDB  
2019-09-26 16:37 attacks Brute-ForceSSH AbuseIPDB Sep 27 03:19:36 icinga sshd[8987]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.239 Sep 27 03:1
2019-09-26 15:50 attacks Brute-ForceSSH AbuseIPDB SSH-BruteForce
2019-09-26 14:13 attacks Brute-ForceSSH AbuseIPDB $f2bV_matches
2019-09-26 00:46 attacks Brute-ForceSSH AbuseIPDB Sep 26 11:46:56 dedicated sshd[28850]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.239 user=roo
2019-09-26 00:21 attacks Brute-ForceSSH AbuseIPDB Sep 26 11:21:40 dedicated sshd[25767]: Invalid user xing from 58.254.132.239 port 35557
2019-09-26 00:00 attacks Brute-ForceSSH AbuseIPDB Sep 26 10:59:59 dedicated sshd[23338]: Invalid user userftp from 58.254.132.239 port 35553
2019-09-25 23:39 attacks Brute-ForceSSH AbuseIPDB Sep 26 10:39:03 dedicated sshd[21044]: Invalid user helpdesk from 58.254.132.239 port 35549
2019-09-25 23:08 attacks Brute-ForceSSH AbuseIPDB Sep 26 10:08:42 dedicated sshd[17776]: Invalid user elaine from 58.254.132.239 port 35543
2019-09-25 22:51 attacks Brute-ForceSSH AbuseIPDB Sep 26 09:51:05 dedicated sshd[15900]: Invalid user admin from 58.254.132.239 port 35541
2019-09-25 22:30 attacks Brute-ForceSSH AbuseIPDB Sep 26 09:30:41 dedicated sshd[13704]: Invalid user 14 from 58.254.132.239 port 35537
2019-09-25 22:10 attacks Brute-ForceSSH AbuseIPDB Sep 26 09:10:21 dedicated sshd[11564]: Invalid user user from 58.254.132.239 port 35533
2019-09-25 21:49 attacks Brute-ForceSSH AbuseIPDB Sep 26 08:48:35 dedicated sshd[9226]: Invalid user obrasturias from 58.254.132.239 port 35527
2019-09-25 21:26 attacks Brute-ForceSSH AbuseIPDB Sep 26 08:26:27 dedicated sshd[6782]: Invalid user shaker from 58.254.132.239 port 35519
2019-09-25 21:05 attacks Brute-ForceSSH AbuseIPDB Sep 26 08:05:47 dedicated sshd[4521]: Invalid user apitest from 58.254.132.239 port 35509
2019-09-25 20:45 attacks Brute-ForceSSH AbuseIPDB Sep 26 07:45:03 dedicated sshd[2195]: Invalid user rpcuser from 58.254.132.239 port 35502
2019-09-25 20:13 attacks Brute-ForceSSH AbuseIPDB Sep 26 07:13:32 dedicated sshd[31181]: Invalid user admin from 58.254.132.239 port 35486
2019-09-25 19:52 attacks Brute-ForceSSH AbuseIPDB Sep 26 06:52:32 dedicated sshd[28818]: Invalid user certificat from 58.254.132.239 port 35472
2019-09-25 19:31 attacks Brute-ForceSSH AbuseIPDB Sep 26 06:31:34 dedicated sshd[26458]: Invalid user admin from 58.254.132.239 port 35463
2019-09-25 19:11 attacks Brute-ForceSSH AbuseIPDB Sep 26 06:11:22 dedicated sshd[23933]: Invalid user ax400 from 58.254.132.239 port 35455
2019-09-25 18:41 attacks Brute-ForceSSH AbuseIPDB Sep 26 05:41:23 dedicated sshd[20607]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.239 user=roo
2019-09-25 18:16 attacks Brute-ForceSSH AbuseIPDB Sep 26 05:16:07 dedicated sshd[16843]: Invalid user xl from 58.254.132.239 port 35433
2019-09-25 17:46 attacks Brute-ForceSSH AbuseIPDB Sep 26 04:46:28 dedicated sshd[13539]: Invalid user scott from 58.254.132.239 port 35421
2019-09-25 17:16 attacks Brute-ForceSSH AbuseIPDB Sep 26 04:16:55 dedicated sshd[10134]: Invalid user webmaster from 58.254.132.239 port 35410
2019-09-25 16:47 attacks Brute-ForceSSH AbuseIPDB Sep 26 03:42:28 dedicated sshd[6225]: Failed password for invalid user fs from 58.254.132.239 port 35393 ssh2 Sep 26 03:42:26 dedicated sshd[6225]: pa
2019-09-25 16:27 attacks Brute-ForceSSH AbuseIPDB Sep 26 03:23:05 dedicated sshd[4099]: Invalid user spike from 58.254.132.239 port 35386 Sep 26 03:23:05 dedicated sshd[4099]: pam_unix(sshd:auth): aut
2019-09-25 08:01 attacks Brute-ForceSSH AbuseIPDB [ssh] SSH attack
2019-09-25 03:58 attacks Brute-ForceSSH AbuseIPDB Sep 25 08:55:45 ny01 sshd[19198]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.239 Sep 25 08:55:
2019-09-25 03:39 attacks Brute-ForceSSH AbuseIPDB Sep 25 14:39:10 MK-Soft-VM4 sshd[15989]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.239 Sep 2
2019-09-25 03:37 attacks Brute-ForceSSH AbuseIPDB Sep 25 08:31:50 ny01 sshd[14512]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.239 Sep 25 08:31:
2019-09-25 03:20 attacks Brute-ForceSSH AbuseIPDB Sep 25 08:18:03 ny01 sshd[11613]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.239 Sep 25 08:18:
2019-09-25 02:52 attacks Brute-ForceSSH AbuseIPDB Sep 25 07:46:55 ny01 sshd[5710]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.239 Sep 25 07:46:5
2019-09-25 02:37 attacks Brute-ForceSSH AbuseIPDB Sep 25 13:37:01 MK-Soft-VM4 sshd[8363]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.239 Sep 25
2019-09-25 02:34 attacks Brute-ForceSSH AbuseIPDB Sep 25 07:27:30 ny01 sshd[2160]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.239 Sep 25 07:27:3
2019-09-25 02:03 attacks Brute-ForceSSH AbuseIPDB Sep 25 06:57:55 ny01 sshd[28868]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.239 Sep 25 06:57:
2019-09-25 01:35 attacks Brute-ForceSSH AbuseIPDB Sep 25 12:35:38 MK-Soft-VM4 sshd[821]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.239 Sep 25
2019-09-25 01:34 attacks Brute-ForceSSH AbuseIPDB Sep 25 06:29:02 ny01 sshd[23366]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.239 Sep 25 06:29:
2019-09-25 01:18 attacks Brute-ForceSSH AbuseIPDB Sep 25 06:13:14 ny01 sshd[19811]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.239 Sep 25 06:13:
2019-09-25 00:49 attacks Brute-ForceSSH AbuseIPDB Sep 25 05:43:31 ny01 sshd[13754]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.239 Sep 25 05:43:
2019-09-25 00:34 attacks Brute-ForceSSH AbuseIPDB Sep 25 11:34:09 MK-Soft-VM4 sshd[25644]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.239 Sep 2
2019-09-25 00:30 attacks Brute-ForceSSH AbuseIPDB Sep 25 05:27:28 ny01 sshd[10782]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.239 Sep 25 05:27:
2019-09-25 00:03 attacks Brute-ForceSSH AbuseIPDB Sep 25 04:55:29 ny01 sshd[4589]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.239 Sep 25 04:55:3
2019-09-24 23:44 attacks Brute-ForceSSH AbuseIPDB Sep 25 04:38:52 ny01 sshd[1175]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.239 Sep 25 04:38:5
2019-09-24 23:34 attacks Brute-ForceSSH AbuseIPDB Sep 25 10:34:03 MK-Soft-VM4 sshd[18075]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.254.132.239 Sep 2
2019-09-24 17:03 attacks Brute-ForceSSH AbuseIPDB 2019-09-24T21:51:11.5262201495-001 sshd\[10158\]: Invalid user 1415926 from 58.254.132.239 port 34131 2019-09-24T21:51:11.5332061495-001 sshd\[10158\]
2019-09-24 16:36 attacks Brute-ForceSSH AbuseIPDB 2019-09-24T21:24:11.9593641495-001 sshd\[8005\]: Invalid user chary from 58.254.132.239 port 34100 2019-09-24T21:24:11.9673181495-001 sshd\[8005\]: pa
2019-09-24 16:19 attacks Brute-ForceSSH AbuseIPDB 2019-09-24T21:07:24.0856101495-001 sshd\[6677\]: Invalid user dom from 58.254.132.239 port 34081 2019-09-24T21:07:24.0887851495-001 sshd\[6677\]: pam_
2019-09-24 16:02 attacks Brute-ForceSSH AbuseIPDB 2019-09-24T20:50:34.2208701495-001 sshd\[5289\]: Invalid user lava2 from 58.254.132.239 port 34063 2019-09-24T20:50:34.2283191495-001 sshd\[5289\]: pa
2019-09-24 15:32 attacks Brute-ForceSSH AbuseIPDB 2019-09-24T20:20:03.5140221495-001 sshd\[2802\]: Invalid user guest from 58.254.132.239 port 34027 2019-09-24T20:20:03.5228131495-001 sshd\[2802\]: pa
2019-09-24 15:20 attacks Brute-Force AbuseIPDB DATE:2019-09-25 02:20:41, IP:58.254.132.239, PORT:ssh SSH brute force auth (thor)
2019-08-30 17:25 attacks Brute-ForceSSH AbuseIPDB  
2019-08-30 22:06 attacks Brute-ForceSSH AbuseIPDB $f2bV_matches_ltvn
2019-08-31 06:16 attacks Brute-ForceSSH AbuseIPDB Aug 31 17:16:17 nextcloud sshd\[980\]: Invalid user sharp from 58.254.132.239 Aug 31 17:16:17 nextcloud sshd\[980\]: pam_unix\(sshd:auth\): authentica
2019-08-31 11:46 attacks Brute-ForceSSH AbuseIPDB Aug 31 22:26:54 mail1 sshd\[6120\]: Invalid user db2inst3 from 58.254.132.239 port 13363 Aug 31 22:26:54 mail1 sshd\[6120\]: pam_unix\(sshd:auth\): au
2019-08-31 15:52 attacks Brute-ForceSSH AbuseIPDB Sep 1 00:48:21 ip-172-31-1-72 sshd\[20775\]: Invalid user labor from 58.254.132.239 Sep 1 00:48:21 ip-172-31-1-72 sshd\[20775\]: pam_unix\(sshd:auth\)
2019-08-31 16:58 attacks Brute-ForceSSH AbuseIPDB Sep 1 01:54:34 ip-172-31-1-72 sshd\[22381\]: Invalid user guest from 58.254.132.239 Sep 1 01:54:34 ip-172-31-1-72 sshd\[22381\]: pam_unix\(sshd:auth\)
2019-08-31 18:04 attacks Brute-ForceSSH AbuseIPDB Sep 1 02:59:15 ip-172-31-1-72 sshd\[23659\]: Invalid user juliana from 58.254.132.239 Sep 1 02:59:15 ip-172-31-1-72 sshd\[23659\]: pam_unix\(sshd:auth
2019-08-31 19:08 attacks Brute-ForceSSH AbuseIPDB Sep 1 04:04:40 ip-172-31-1-72 sshd\[25482\]: Invalid user rwp from 58.254.132.239 Sep 1 04:04:40 ip-172-31-1-72 sshd\[25482\]: pam_unix\(sshd:auth\):
2019-08-31 19:34 attacks FTP Brute-ForceHacking AbuseIPDB Aug 31 00:11:19 eola sshd[18750]: Invalid user doctor from 58.254.132.239 port 12623 Aug 31 00:11:19 eola sshd[18750]: pam_unix(sshd:auth): authentica
2019-08-31 20:14 attacks Brute-ForceSSH AbuseIPDB Sep 1 05:10:31 ip-172-31-1-72 sshd\[27235\]: Invalid user lol from 58.254.132.239 Sep 1 05:10:31 ip-172-31-1-72 sshd\[27235\]: pam_unix\(sshd:auth\):
2019-08-31 06:56 attacks blocklist_de Blocklist.de  
2019-08-31 06:57 attacks SSH blocklist_de_ssh Blocklist.de  
2019-09-01 05:48 attacks bi_any_0_1d BadIPs.com  
2019-09-01 05:51 attacks Bad Web Bot bi_badbots_0_1d BadIPs.com  
2019-09-01 05:52 attacks Brute-Force bi_bruteforce_0_1d BadIPs.com  
2019-09-01 05:54 attacks SSH bi_sshd_0_1d BadIPs.com  
2019-09-01 05:55 attacks SSH bi_ssh_0_1d BadIPs.com  
2019-09-14 15:42 attacks firehol_level2 FireHOL  
2019-09-17 12:57 attacks Brute-Force normshield_all_bruteforce NormShield.com  
2019-09-17 12:58 attacks Brute-Force normshield_high_bruteforce NormShield.com  
2019-09-05 00:24 attacks darklist_de darklist.de  
2019-08-31 07:06 attacks firehol_level2 FireHOL  
only last 50 and first 10 AbuseIPDB logs are shown

Threats Categories :

abuse
IPs used to spam forum, boards, blogs or smtp servers, automated web scripts or scrappers (bad bots)
anonymizer
Onion Router IP addresses. TOR network IPs, TOR exit points, socks or ssl proxy.
attacks
bruteforce ssh/ftp/system account, IPs that have been detected by fail2ban, ports scan, vulnerabilities scan, DDoS.
malware
Addresses that have been identified distributing malware, form-grabber and stealer, Viruses, Worms, Trojans, Ransomware, Adware, Spyware

Whois

inetnum: 58.248.0.0 - 58.255.255.255
netname: UNICOM-GD
descr: China Unicom Guangdong province network
descr: China Unicom
country: CN
admin-c: CH1302-AP
tech-c: RP181-AP
remarks: service provider
mnt-by: APNIC-HM
mnt-lower: MAINT-CNCGROUP-GD
mnt-routes: MAINT-CNCGROUP-RR
status: ALLOCATED PORTABLE
mnt-irt: IRT-CU-CN
last-modified: 2013-08-08T23:06:06Z
source: APNIC

irt: IRT-CU-CN
address: No.21,Financial Street
address: Beijing,100033
address: P.R.China
e-mail: hqs-ipabuse@chinaunicom.cn
abuse-mailbox: hqs-ipabuse@chinaunicom.cn
admin-c: CH1302-AP
tech-c: CH1302-AP
auth: # Filtered
mnt-by: MAINT-CNCGROUP
last-modified: 2017-10-23T05:59:13Z
source: APNIC

person: ChinaUnicom Hostmaster
nic-hdl: CH1302-AP
e-mail: hqs-ipabuse@chinaunicom.cn
address: No.21,Jin-Rong Street
address: Beijing,100033
address: P.R.China
phone: +86-10-66259764
fax-no: +86-10-66259764
country: CN
mnt-by: MAINT-CNCGROUP
last-modified: 2017-08-17T06:13:16Z
source: APNIC

person: runkeng pan
nic-hdl: RP181-AP
e-mail: gdipnoc@chinaunicom.cn
address: XinShiKong Plaza,No 666 Huangpu Rd. Guangzhou 510627,China
phone: +86-20-22214174
fax-no: +86-20-22212266-4174
country: CN
mnt-by: MAINT-CNCGROUP-GD
last-modified: 2015-12-16T03:32:02Z
source: APNIC

route: 58.250.0.0/15
descr: CNC Group CHINA169 Guangdong Province Network
country: CN
origin: AS17623
mnt-by: MAINT-CNCGROUP-RR
last-modified: 2008-09-04T07:54:55Z
source: APNIC
most specific ip range is highlighted
Updated : 2019-09-27