203.157.164.194

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Thailand

运营商(isp): Ministry of Public Health Thailand

主机名(hostname): unknown

机构(organization): Information Technology Office

使用类型(Usage Type): Government

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	2019-08-21 23:37:00,216 fail2ban.actions [648]: NOTICE [sshd] Ban 203.157.164.194 2019-08-21 23:49:28,015 fail2ban.actions [648]: NOTICE [sshd] Ban 203.157.164.194 2019-08-22 00:00:07,154 fail2ban.actions [648]: NOTICE [sshd] Ban 203.157.164.194 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=203.157.164.194	2019-08-22 00:40:08

类型

评论内容

时间

attack

2019-08-21 23:37:00,216 fail2ban.actions        [648]: NOTICE  [sshd] Ban 203.157.164.194
2019-08-21 23:49:28,015 fail2ban.actions        [648]: NOTICE  [sshd] Ban 203.157.164.194
2019-08-22 00:00:07,154 fail2ban.actions        [648]: NOTICE  [sshd] Ban 203.157.164.194


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=203.157.164.194

2019-08-22 00:40:08

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 203.157.164.194
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 37161
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;203.157.164.194.		IN	A

;; AUTHORITY SECTION:
.			1206	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019082100 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Aug 22 00:39:43 CST 2019
;; MSG SIZE  rcvd: 119

HOST信息:

Host 194.164.157.203.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 194.164.157.203.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
66.96.252.179	attack	Unauthorized connection attempt from IP address 66.96.252.179 on Port 445(SMB)	2019-08-15 07:30:27
122.117.165.85	attack	Aug 15 01:36:10 h2177944 kernel: \[4149496.947769\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=122.117.165.85 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=48 ID=39087 PROTO=TCP SPT=40672 DPT=23 WINDOW=31000 RES=0x00 SYN URGP=0 Aug 15 01:37:02 h2177944 kernel: \[4149548.588997\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=122.117.165.85 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=48 ID=39087 PROTO=TCP SPT=40672 DPT=23 WINDOW=31000 RES=0x00 SYN URGP=0 Aug 15 01:37:08 h2177944 kernel: \[4149554.953853\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=122.117.165.85 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=48 ID=39087 PROTO=TCP SPT=40672 DPT=23 WINDOW=31000 RES=0x00 SYN URGP=0 Aug 15 01:37:09 h2177944 kernel: \[4149556.092931\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=122.117.165.85 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=48 ID=39087 PROTO=TCP SPT=40672 DPT=23 WINDOW=31000 RES=0x00 SYN URGP=0 Aug 15 01:37:11 h2177944 kernel: \[4149558.101987\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=122.117.165.85 DST=85.214.117.9 LE	2019-08-15 08:00:49
141.98.9.130	attack	Aug 15 01:59:02 relay postfix/smtpd\[10690\]: warning: unknown\[141.98.9.130\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 15 01:59:31 relay postfix/smtpd\[20313\]: warning: unknown\[141.98.9.130\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 15 01:59:49 relay postfix/smtpd\[14671\]: warning: unknown\[141.98.9.130\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 15 02:00:18 relay postfix/smtpd\[22444\]: warning: unknown\[141.98.9.130\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 15 02:00:36 relay postfix/smtpd\[11318\]: warning: unknown\[141.98.9.130\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-08-15 08:02:28
121.254.173.11	attackbots	Aug 14 18:01:16 Tower sshd[1559]: Connection from 121.254.173.11 port 38304 on 192.168.10.220 port 22 Aug 14 18:01:18 Tower sshd[1559]: Invalid user michael from 121.254.173.11 port 38304 Aug 14 18:01:18 Tower sshd[1559]: error: Could not get shadow information for NOUSER Aug 14 18:01:18 Tower sshd[1559]: Failed password for invalid user michael from 121.254.173.11 port 38304 ssh2 Aug 14 18:01:18 Tower sshd[1559]: Received disconnect from 121.254.173.11 port 38304:11: Bye Bye [preauth] Aug 14 18:01:18 Tower sshd[1559]: Disconnected from invalid user michael 121.254.173.11 port 38304 [preauth]	2019-08-15 07:25:25
198.199.103.92	attackspambots	Aug 14 14:16:46 XXX sshd[5706]: Invalid user pao from 198.199.103.92 port 52297	2019-08-15 07:26:09
191.5.130.69	attackbots	2019-08-14T14:31:50.360407abusebot-3.cloudsearch.cf sshd\[3770\]: Invalid user huawei from 191.5.130.69 port 57121	2019-08-15 07:29:05
23.129.64.213	attackspam	2019-08-15T01:36:50.0185211240 sshd\[18504\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.129.64.213 user=root 2019-08-15T01:36:51.9235341240 sshd\[18504\]: Failed password for root from 23.129.64.213 port 19600 ssh2 2019-08-15T01:36:54.5583001240 sshd\[18504\]: Failed password for root from 23.129.64.213 port 19600 ssh2 ...	2019-08-15 08:09:28
88.119.186.96	attackbotsspam	Aug 14 23:57:34 vayu sshd[689073]: reveeclipse mapping checking getaddrinfo for 88-119-186-96.static.zebra.lt [88.119.186.96] failed - POSSIBLE BREAK-IN ATTEMPT! Aug 14 23:57:35 vayu sshd[689073]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=88.119.186.96 user=r.r Aug 14 23:57:37 vayu sshd[689073]: Failed password for r.r from 88.119.186.96 port 41427 ssh2 Aug 14 23:57:37 vayu sshd[689073]: Received disconnect from 88.119.186.96: 11: Bye Bye [preauth] Aug 15 00:03:02 vayu sshd[697965]: reveeclipse mapping checking getaddrinfo for 88-119-186-96.static.zebra.lt [88.119.186.96] failed - POSSIBLE BREAK-IN ATTEMPT! Aug 15 00:03:02 vayu sshd[697965]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=88.119.186.96 user=r.r Aug 15 00:03:04 vayu sshd[697965]: Failed password for r.r from 88.119.186.96 port 43843 ssh2 Aug 15 00:03:04 vayu sshd[697965]: Received disconnect from 88.119.186.96: 11: By........ -------------------------------	2019-08-15 07:51:37
68.183.115.83	attackbotsspam	Aug 15 05:03:17 vibhu-HP-Z238-Microtower-Workstation sshd\[11964\]: Invalid user g from 68.183.115.83 Aug 15 05:03:17 vibhu-HP-Z238-Microtower-Workstation sshd\[11964\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.115.83 Aug 15 05:03:19 vibhu-HP-Z238-Microtower-Workstation sshd\[11964\]: Failed password for invalid user g from 68.183.115.83 port 41000 ssh2 Aug 15 05:07:40 vibhu-HP-Z238-Microtower-Workstation sshd\[12062\]: Invalid user laurelei from 68.183.115.83 Aug 15 05:07:40 vibhu-HP-Z238-Microtower-Workstation sshd\[12062\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.115.83 ...	2019-08-15 07:42:31
130.61.108.56	attackspam	Aug 15 01:33:15 eventyay sshd[9243]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=130.61.108.56 Aug 15 01:33:16 eventyay sshd[9243]: Failed password for invalid user mzd from 130.61.108.56 port 35824 ssh2 Aug 15 01:37:30 eventyay sshd[10475]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=130.61.108.56 ...	2019-08-15 07:50:27
159.65.236.58	attack	Aug 15 01:37:25 [munged] sshd[31589]: Invalid user mythtv from 159.65.236.58 port 47286 Aug 15 01:37:25 [munged] sshd[31589]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.236.58	2019-08-15 07:53:45
151.80.36.188	attackspambots	Aug 14 21:30:23 work-partkepr sshd\[11441\]: Invalid user lsfadmin from 151.80.36.188 port 38538 Aug 14 21:30:23 work-partkepr sshd\[11441\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=151.80.36.188 ...	2019-08-15 07:35:48
150.95.153.82	attack	Aug 14 19:51:11 xtremcommunity sshd\[4621\]: Invalid user mongodb from 150.95.153.82 port 58578 Aug 14 19:51:11 xtremcommunity sshd\[4621\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.95.153.82 Aug 14 19:51:13 xtremcommunity sshd\[4621\]: Failed password for invalid user mongodb from 150.95.153.82 port 58578 ssh2 Aug 14 19:55:55 xtremcommunity sshd\[4809\]: Invalid user imobilis from 150.95.153.82 port 49626 Aug 14 19:55:55 xtremcommunity sshd\[4809\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.95.153.82 ...	2019-08-15 07:58:33
128.199.142.138	attack	Aug 15 02:35:46 server sshd\[7368\]: User root from 128.199.142.138 not allowed because listed in DenyUsers Aug 15 02:35:46 server sshd\[7368\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.142.138 user=root Aug 15 02:35:49 server sshd\[7368\]: Failed password for invalid user root from 128.199.142.138 port 42616 ssh2 Aug 15 02:41:36 server sshd\[31298\]: Invalid user sabayon-admin from 128.199.142.138 port 33448 Aug 15 02:41:36 server sshd\[31298\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.142.138	2019-08-15 07:44:18
182.61.160.236	attack	Aug 14 20:04:42 XXX sshd[23748]: Invalid user office from 182.61.160.236 port 40470	2019-08-15 07:37:34

最近上报的IP列表

110.139.151.221	1.163.51.63	36.225.23.203	83.107.160.16
115.254.175.232	112.239.116.169	34.120.6.66	131.254.187.14
210.103.216.208	101.254.68.185	45.222.205.52	121.167.163.25
187.121.39.81	59.12.188.248	2.150.211.11	147.26.13.164
141.142.166.104	46.9.225.23	106.79.93.203	218.22.11.106