JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 58.216.132.5

58.216.132.5 was found in our database!

This IP was reported 169 times. Confidence of Abuse is 76%: ?

76%

ISP	CHINANET jiangsu province network
Usage Type	Fixed Line ISP
ASN	AS4134
Domain Name	chinatelecom.cn
Country	🇨🇳 China
City	Nanjing, Jiangsu

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 58.216.132.5

Whois 58.216.132.5

IP Abuse Reports for 58.216.132.5:

This IP address has been reported a total of 169 times from 92 distinct sources. 58.216.132.5 was first reported on June 25th 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇸🇮 administrator	2026-06-18 22:20:05 (1 day ago)	2026-06-18 20:23:28,709 fail2ban.actions [203556]: NOTICE [named-refused] Ban 58.216.132.5 2 ... show more 2026-06-18 20:23:28,709 fail2ban.actions [203556]: NOTICE [named-refused] Ban 58.216.132.5 2026-06-18 20:23:28,710 fail2ban.actions [203556]: NOTICE [named-refused-udp] Ban 58.216.132.5 2026-06-18 20:23:28,709 fail2ban.actions [203556]: NOTICE [named-refused] Ban 58.216.132.5 ... show less	Bad Web Bot Web Spam Email Spam Blog Spam Port Scan Brute-Force Web App Attack
🇳🇱 Roderic	2026-06-18 17:25:04 (1 day ago)	Port Scan detected from 58.216.132.5 (CN/China/-/-/-/[redacted]).	Port Scan
Anonymous	2026-06-18 11:33:23 (1 day ago)	58.216.132.5 - - [18/Jun/2026:20:32:53 +0900] "GET /nmaplowercheck1781782366 HTTP/1.1" 403 458 "-" " ... show more 58.216.132.5 - - [18/Jun/2026:20:32:53 +0900] "GET /nmaplowercheck1781782366 HTTP/1.1" 403 458 "-" "Mozilla/5.0(WindowsNT10.0;Win64;x64)AppleWebKit/537.36(KHTML,likeGecko)Chrome/86.0.4240.111Safari/537.36" 58.216.132.5 - - [18/Jun/2026:20:32:54 +0900] "GET /HNAP1 HTTP/1.1" 403 458 "-" "Mozilla/5.0(WindowsNT10.0;Win64;x64)AppleWebKit/537.36(KHTML,likeGecko)Chrome/86.0.4240.111Safari/537.36" 58.216.132.5 - - [18/Jun/2026:20:33:22 +0900] "GET / HTTP/1.1" 403 439 "-" "-" ... show less	Brute-Force
🇭🇰 www.winos.me	2026-06-12 20:36:01 (1 week ago)	Shield: Layer4 Port 9 Trap	Port Scan Hacking
🇷🇴 padrian2ss	2026-06-12 00:45:01 (1 week ago)	Suricata IDS: 3 alerts in 15min. [3] GPL DNS named version attempt;	Port Scan Hacking
🇩🇪 burlacu.org	2026-06-11 07:45:03 (1 week ago)	Nginx multi-log analysis detected: scanner_tool. Evidence: Malicious scanner with scanner detected. ... show more Nginx multi-log analysis detected: scanner_tool. Evidence: Malicious scanner with scanner detected. Blocked automatically. show less	Port Scan Hacking
🇬🇧 PeravixGroup	2026-06-10 08:43:22 (1 week ago)	Honeypot detection: VNC remote desktop brute-force authentication attempt on port 5900. Severity: ME ... show more Honeypot detection: VNC remote desktop brute-force authentication attempt on port 5900. Severity: MEDIUM. Aaran.cloud show less	Brute-Force Hacking
🇬🇧 PeravixGroup	2026-06-06 11:02:45 (1 week ago)	Honeypot detection: VNC remote desktop brute-force authentication attempt on port 5900. Severity: ME ... show more Honeypot detection: VNC remote desktop brute-force authentication attempt on port 5900. Severity: MEDIUM. Aaran.cloud show less	Brute-Force Hacking
🇳🇱 JCB	2026-06-04 17:21:00 (2 weeks ago)	nmap scan	Port Scan Brute-Force Bad Web Bot Web App Attack
🇬🇧 gaztronics	2026-06-04 11:05:50 (2 weeks ago)	2026-06-04T11:05:44.185969 liberator sendmail[1376459]: 654B5heq1376459: [58.216.132.5] did not issu ... show more 2026-06-04T11:05:44.185969 liberator sendmail[1376459]: 654B5heq1376459: [58.216.132.5] did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA ... show less	Brute-Force
🇳🇱 JCB	2026-06-04 08:24:00 (2 weeks ago)	58.216.132.5 - - [04/Jun/2026:06:14:37 +0300] "\x16\x03\x01\x02" 400 266 58.216.132.5 - - [04/Jun/2 ... show more 58.216.132.5 - - [04/Jun/2026:06:14:37 +0300] "\x16\x03\x01\x02" 400 266 58.216.132.5 - - [04/Jun/2026:06:14:38 +0300] "GET /HNAP1 HTTP/1.1" 404 236 ... show less	Web App Attack Hacking
🇯🇵 pixelboost.kr	2026-06-04 07:02:39 (2 weeks ago)	58.216.132.5 - - [04/Jun/2026:16:02:38 +0900] "GET /nmaplowercheck1780556558 HTTP/1.1" 444 0 "-" "Mo ... show more 58.216.132.5 - - [04/Jun/2026:16:02:38 +0900] "GET /nmaplowercheck1780556558 HTTP/1.1" 444 0 "-" "Mozilla/5.0(WindowsNT10.0;Win64;x64)AppleWebKit/537.36(KHTML,likeGecko)Chrome/86.0.4240.111Safari/537.36" ... show less	Bad Web Bot Web App Attack
🇦🇹 Erpelstolz	2026-06-04 02:43:54 (2 weeks ago)	VM 131: 58.216.132.5 - - [04/Jun/2026:04:43:53 +0200] "GET /nmaplowercheck1780541032 HTTP/1.1" 404 8 ... show more VM 131: 58.216.132.5 - - [04/Jun/2026:04:43:53 +0200] "GET /nmaplowercheck1780541032 HTTP/1.1" 404 8463 show less	Web App Attack
🇬🇧 PeravixGroup	2026-06-02 07:38:36 (2 weeks ago)	Honeypot detection: Docker daemon unauthorized access / container escape attempt on port 2375. Sever ... show more Honeypot detection: Docker daemon unauthorized access / container escape attempt on port 2375. Severity: MEDIUM. Aaran.cloud show less	Hacking Exploited Host
🇫🇮 gnom4ik	2026-06-01 06:33:48 (2 weeks ago)	ban-reviewer auto report; ip=58.216.132.5; scenario=ssh:bruteforce; verdict=valid_ban; confidence=0. ... show more ban-reviewer auto report; ip=58.216.132.5; scenario=ssh:bruteforce; verdict=valid_ban; confidence=0.92; categories=14,15,18,22; active_decisions=2; lookback_decisions=2; nginx_requests=0; appsec_matches=0; auth_events=0; kernel_events=0; signals=ip_decision_count_high show less	Port Scan Hacking Brute-Force SSH

Showing 1 to 15 of 169 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇪 196.250.215.220

🇺🇸 130.131.162.82

🇱🇹 81.30.98.75

🇺🇸 216.73.160.11

🇪🇸 200.234.231.60

🇲🇽 187.207.172.208

🇳🇴 185.12.59.118

🇳🇱 176.65.149.178

🇺🇸 162.216.149.31

🇮🇳 122.166.49.42

🇮🇷 85.133.162.164

🇰🇷 211.105.129.57

🇧🇷 205.210.31.169

🇪🇨 186.3.186.131

🇧🇷 177.99.193.135

🇨🇳 120.48.144.5

🇸🇬 103.250.11.80

🇿🇦 102.64.45.128

🇨🇦 85.217.149.10

🇱🇹 84.15.235.37