212.1.67.138 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Ukraine

运营商(isp): Joint Ukrainan-German Enterprise Infocom LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Honeypot attack, port: 445, PTR: null-address.ukrpack.net.	2020-05-10 00:54:15
attackbots	Honeypot attack, port: 445, PTR: null-address.ukrpack.net.	2020-04-13 18:47:03
attackspam	Unauthorized connection attempt from IP address 212.1.67.138 on Port 445(SMB)	2020-01-23 13:08:51
attack	Trying to (more than 3 packets) bruteforce (not open) Samba/Microsoft-DS port 445	2019-11-09 04:45:35
attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-09-06 02:30:37,864 INFO [amun_request_handler] PortScan Detected on Port: 445 (212.1.67.138)	2019-09-06 18:22:14
attack	445/tcp 445/tcp 445/tcp... [2019-07-11/29]4pkt,1pt.(tcp)	2019-07-30 19:14:36

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 212.1.67.138
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33467
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;212.1.67.138.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019041200 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Fri Apr 12 16:39:31 +08 2019
;; MSG SIZE  rcvd: 116

HOST信息:

138.67.1.212.in-addr.arpa domain name pointer null-address.ukrpack.net.

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
138.67.1.212.in-addr.arpa	name = null-address.ukrpack.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
51.4.195.188	attackspam	Nov 13 04:37:11 firewall sshd[8783]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.4.195.188 Nov 13 04:37:11 firewall sshd[8783]: Invalid user test from 51.4.195.188 Nov 13 04:37:13 firewall sshd[8783]: Failed password for invalid user test from 51.4.195.188 port 44672 ssh2 ...	2019-11-13 16:30:31
157.34.65.5	attackspambots	Unauthorised access (Nov 13) SRC=157.34.65.5 LEN=52 TOS=0x08 PREC=0x20 TTL=111 ID=4527 DF TCP DPT=445 WINDOW=8192 SYN	2019-11-13 16:46:16
111.231.132.94	attackspam	ssh failed login	2019-11-13 16:44:36
111.231.89.162	attackbots	2019-11-13T03:27:58.5134791495-001 sshd\[34936\]: Invalid user govier from 111.231.89.162 port 49270 2019-11-13T03:27:58.5237501495-001 sshd\[34936\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.89.162 2019-11-13T03:28:00.3852801495-001 sshd\[34936\]: Failed password for invalid user govier from 111.231.89.162 port 49270 ssh2 2019-11-13T03:32:28.8566731495-001 sshd\[35113\]: Invalid user node from 111.231.89.162 port 57094 2019-11-13T03:32:28.8651911495-001 sshd\[35113\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.89.162 2019-11-13T03:32:30.4605381495-001 sshd\[35113\]: Failed password for invalid user node from 111.231.89.162 port 57094 ssh2 ...	2019-11-13 16:51:34
51.68.192.106	attackbots	2019-11-13T01:20:24.195897ns547587 sshd\[25855\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip106.ip-51-68-192.eu user=root 2019-11-13T01:20:26.299393ns547587 sshd\[25855\]: Failed password for root from 51.68.192.106 port 41942 ssh2 2019-11-13T01:27:32.498962ns547587 sshd\[2340\]: Invalid user test from 51.68.192.106 port 39006 2019-11-13T01:27:32.505205ns547587 sshd\[2340\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip106.ip-51-68-192.eu ...	2019-11-13 16:37:28
58.211.8.194	attackspam	Nov 12 22:06:18 sachi sshd\[7324\]: Invalid user server from 58.211.8.194 Nov 12 22:06:18 sachi sshd\[7324\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.211.8.194 Nov 12 22:06:20 sachi sshd\[7324\]: Failed password for invalid user server from 58.211.8.194 port 42878 ssh2 Nov 12 22:11:18 sachi sshd\[7824\]: Invalid user hackett from 58.211.8.194 Nov 12 22:11:18 sachi sshd\[7824\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.211.8.194	2019-11-13 16:51:54
79.124.7.241	attackspam	Nov 12 22:48:19 eddieflores sshd\[2350\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.124.7.241 user=root Nov 12 22:48:21 eddieflores sshd\[2350\]: Failed password for root from 79.124.7.241 port 36542 ssh2 Nov 12 22:53:21 eddieflores sshd\[2754\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.124.7.241 user=root Nov 12 22:53:22 eddieflores sshd\[2754\]: Failed password for root from 79.124.7.241 port 33200 ssh2 Nov 12 22:58:16 eddieflores sshd\[3183\]: Invalid user mendorf from 79.124.7.241 Nov 12 22:58:16 eddieflores sshd\[3183\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.124.7.241	2019-11-13 17:06:43
60.54.114.211	attackbots	Unauthorised access (Nov 13) SRC=60.54.114.211 LEN=44 TTL=53 ID=11548 TCP DPT=23 WINDOW=13748 SYN	2019-11-13 16:42:50
46.38.144.17	attack	2019-11-13T09:36:47.364759mail01 postfix/smtpd[6651]: warning: unknown[46.38.144.17]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-11-13T09:36:48.364752mail01 postfix/smtpd[934]: warning: unknown[46.38.144.17]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-11-13T09:36:58.298855mail01 postfix/smtpd[11466]: warning: unknown[46.38.144.17]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-11-13 16:39:29
222.186.180.9	attackbots	v+ssh-bruteforce	2019-11-13 16:59:55
14.231.216.73	attack	Lines containing failures of 14.231.216.73 Oct 17 17:27:42 server-name sshd[4856]: User r.r from 14.231.216.73 not allowed because not listed in AllowUsers Oct 17 17:27:43 server-name sshd[4856]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.231.216.73 user=r.r Oct 17 17:27:45 server-name sshd[4856]: Failed password for invalid user r.r from 14.231.216.73 port 63350 ssh2 Oct 17 17:27:47 server-name sshd[4856]: Connection closed by invalid user r.r 14.231.216.73 port 63350 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=14.231.216.73	2019-11-13 16:26:59
36.155.102.111	attackbots	Nov 12 22:48:45 sachi sshd\[10996\]: Invalid user charmine from 36.155.102.111 Nov 12 22:48:45 sachi sshd\[10996\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.155.102.111 Nov 12 22:48:47 sachi sshd\[10996\]: Failed password for invalid user charmine from 36.155.102.111 port 51880 ssh2 Nov 12 22:52:40 sachi sshd\[11277\]: Invalid user rognvik from 36.155.102.111 Nov 12 22:52:40 sachi sshd\[11277\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.155.102.111	2019-11-13 17:02:15
79.137.84.144	attack	Nov 13 10:13:40 sauna sshd[174035]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.137.84.144 Nov 13 10:13:42 sauna sshd[174035]: Failed password for invalid user capucine from 79.137.84.144 port 54276 ssh2 ...	2019-11-13 16:26:38
5.135.223.35	attackbots	Nov 13 09:07:30 srv206 sshd[20615]: Invalid user nobody123467 from 5.135.223.35 ...	2019-11-13 16:47:43
182.93.28.186	attackspam	SMB Server BruteForce Attack	2019-11-13 16:42:05

最近上报的IP列表

45.125.164.152	13.234.121.150	114.108.177.34	49.212.246.60
167.99.203.82	170.130.143.108	142.93.200.146	54.88.146.76
118.237.18.139	174.138.63.237	122.201.93.240	201.144.84.92
177.73.248.13	85.59.58.55	45.125.164.25	112.244.99.215
204.14.105.2	185.156.177.156	200.146.236.217	212.64.91.146