205.164.56.164

基本信息:

城市(city): San Jose

省份(region): California

国家(country): United States

运营商(isp): EGIHosting

主机名(hostname): unknown

机构(organization): EGIHosting

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Scanning random ports - tries to find possible vulnerable services	2020-02-27 09:47:24
attackspam	firewall-block, port(s): 1433/tcp	2020-01-20 01:45:50
attackspambots	1579150546 - 01/16/2020 05:55:46 Host: 205.164.56.164/205.164.56.164 Port: 445 TCP Blocked	2020-01-16 13:12:37

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 205.164.56.164
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 54308
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;205.164.56.164.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040400 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Thu Apr 04 21:27:02 +08 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 164.56.164.205.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 164.56.164.205.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
120.50.8.218	attackspam	445/tcp 445/tcp 445/tcp... [2019-06-23/08-20]4pkt,1pt.(tcp)	2019-08-21 18:48:00
111.231.215.244	attackbots	Aug 20 23:50:10 lcdev sshd\[4447\]: Invalid user ggg from 111.231.215.244 Aug 20 23:50:10 lcdev sshd\[4447\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.215.244 Aug 20 23:50:12 lcdev sshd\[4447\]: Failed password for invalid user ggg from 111.231.215.244 port 23831 ssh2 Aug 20 23:55:16 lcdev sshd\[4884\]: Invalid user tasha from 111.231.215.244 Aug 20 23:55:16 lcdev sshd\[4884\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.215.244	2019-08-21 18:40:59
211.22.154.223	attackbots	Aug 21 04:04:31 mail sshd\[2924\]: Invalid user pvm from 211.22.154.223 port 33508 Aug 21 04:04:31 mail sshd\[2924\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.22.154.223 Aug 21 04:04:33 mail sshd\[2924\]: Failed password for invalid user pvm from 211.22.154.223 port 33508 ssh2 Aug 21 04:09:06 mail sshd\[3496\]: Invalid user dong from 211.22.154.223 port 50690 Aug 21 04:09:06 mail sshd\[3496\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.22.154.223	2019-08-21 18:25:37
206.189.38.81	attackbotsspam	Aug 4 06:48:46 server sshd\[17663\]: Invalid user mediax from 206.189.38.81 Aug 4 06:48:46 server sshd\[17663\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.38.81 Aug 4 06:48:48 server sshd\[17663\]: Failed password for invalid user mediax from 206.189.38.81 port 52944 ssh2 ...	2019-08-21 17:59:22
165.227.198.61	attackbotsspam	Aug 21 04:59:46 tuotantolaitos sshd[19139]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.198.61 Aug 21 04:59:48 tuotantolaitos sshd[19139]: Failed password for invalid user xbususer from 165.227.198.61 port 42604 ssh2 ...	2019-08-21 19:00:50
31.133.49.129	attackspambots	23/tcp 23/tcp [2019-08-10/20]2pkt	2019-08-21 19:01:42
218.75.132.59	attackbots	Aug 20 16:28:38 php1 sshd\[26343\]: Invalid user 12345 from 218.75.132.59 Aug 20 16:28:38 php1 sshd\[26343\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.75.132.59 Aug 20 16:28:39 php1 sshd\[26343\]: Failed password for invalid user 12345 from 218.75.132.59 port 54227 ssh2 Aug 20 16:32:46 php1 sshd\[26818\]: Invalid user monkey from 218.75.132.59 Aug 20 16:32:46 php1 sshd\[26818\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.75.132.59	2019-08-21 18:00:26
177.95.48.182	attackbots	Splunk® : port scan detected: Aug 20 21:27:07 testbed kernel: Firewall: TCP_IN Blocked IN=eth0 OUT= MAC=82:c6:52:d1:6e:53:64:c3:d6:0b:ef:f0:08:00 SRC=177.95.48.182 DST=104.248.11.191 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=48045 DF PROTO=TCP SPT=7678 DPT=8080 WINDOW=14600 RES=0x00 SYN URGP=0	2019-08-21 18:26:16
195.154.200.150	attackspam	Aug 20 18:06:19 kapalua sshd\[25147\]: Invalid user password from 195.154.200.150 Aug 20 18:06:19 kapalua sshd\[25147\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=195-154-200-150.rev.poneytelecom.eu Aug 20 18:06:21 kapalua sshd\[25147\]: Failed password for invalid user password from 195.154.200.150 port 41448 ssh2 Aug 20 18:10:32 kapalua sshd\[25769\]: Invalid user pyej from 195.154.200.150 Aug 20 18:10:32 kapalua sshd\[25769\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=195-154-200-150.rev.poneytelecom.eu	2019-08-21 18:09:43
82.127.207.128	attackbotsspam	445/tcp 445/tcp 445/tcp... [2019-06-23/08-20]11pkt,1pt.(tcp)	2019-08-21 18:50:49
220.134.209.126	attackspam	Aug 21 12:10:33 h2177944 sshd\[22156\]: Invalid user klind from 220.134.209.126 port 17644 Aug 21 12:10:33 h2177944 sshd\[22156\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.134.209.126 Aug 21 12:10:34 h2177944 sshd\[22156\]: Failed password for invalid user klind from 220.134.209.126 port 17644 ssh2 Aug 21 12:15:09 h2177944 sshd\[22239\]: Invalid user usuario from 220.134.209.126 port 62796 Aug 21 12:15:09 h2177944 sshd\[22239\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.134.209.126 ...	2019-08-21 19:01:12
188.166.152.106	attackbots	Aug 21 12:10:01 tuxlinux sshd[56475]: Invalid user hilo from 188.166.152.106 port 44316 Aug 21 12:10:01 tuxlinux sshd[56475]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.152.106 Aug 21 12:10:01 tuxlinux sshd[56475]: Invalid user hilo from 188.166.152.106 port 44316 Aug 21 12:10:01 tuxlinux sshd[56475]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.152.106 Aug 21 12:10:01 tuxlinux sshd[56475]: Invalid user hilo from 188.166.152.106 port 44316 Aug 21 12:10:01 tuxlinux sshd[56475]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.152.106 Aug 21 12:10:03 tuxlinux sshd[56475]: Failed password for invalid user hilo from 188.166.152.106 port 44316 ssh2 ...	2019-08-21 18:31:22
112.186.77.98	attackbots	Aug 21 04:26:36 debian sshd\[427\]: Invalid user michelle from 112.186.77.98 port 60236 Aug 21 04:26:36 debian sshd\[427\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.186.77.98 Aug 21 04:26:39 debian sshd\[427\]: Failed password for invalid user michelle from 112.186.77.98 port 60236 ssh2 ...	2019-08-21 18:17:48
196.218.23.212	attackspambots	[munged]::443 196.218.23.212 - - [21/Aug/2019:03:26:44 +0200] "POST /[munged]: HTTP/1.1" 200 8195 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 196.218.23.212 - - [21/Aug/2019:03:26:45 +0200] "POST /[munged]: HTTP/1.1" 200 4420 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 196.218.23.212 - - [21/Aug/2019:03:26:46 +0200] "POST /[munged]: HTTP/1.1" 200 4420 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 196.218.23.212 - - [21/Aug/2019:03:26:48 +0200] "POST /[munged]: HTTP/1.1" 200 4420 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 196.218.23.212 - - [21/Aug/2019:03:26:49 +0200] "POST /[munged]: HTTP/1.1" 200 4420 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 196.218.23.212 - - [21/Aug/2019:03:	2019-08-21 18:42:26
185.220.101.7	attackbotsspam	Jul 29 15:46:53 server sshd\[161737\]: Invalid user Administrator from 185.220.101.7 Jul 29 15:46:53 server sshd\[161737\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.220.101.7 Jul 29 15:46:54 server sshd\[161737\]: Failed password for invalid user Administrator from 185.220.101.7 port 45004 ssh2 ...	2019-08-21 18:32:03

最近上报的IP列表

187.167.237.78	14.169.154.83	203.124.42.219	1.58.115.152
184.191.154.147	91.245.26.4	77.38.222.87	177.18.191.222
202.169.47.174	217.182.76.159	103.58.16.236	202.101.193.94
201.217.231.73	123.243.25.76	177.103.183.116	81.22.45.226
58.242.82.9	2607:fb90:448a:4558:756d:dc95:7dcc:4a83	220.137.55.250	186.149.243.50