212.64.102.106

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Apr 21 12:50:54 vlre-nyc-1 sshd\[22453\]: Invalid user test from 212.64.102.106 Apr 21 12:50:54 vlre-nyc-1 sshd\[22453\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.102.106 Apr 21 12:50:56 vlre-nyc-1 sshd\[22453\]: Failed password for invalid user test from 212.64.102.106 port 46568 ssh2 Apr 21 12:55:59 vlre-nyc-1 sshd\[22535\]: Invalid user gh from 212.64.102.106 Apr 21 12:55:59 vlre-nyc-1 sshd\[22535\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.102.106 ...	2020-04-21 22:57:33

类型

评论内容

时间

attack

Apr 21 12:50:54 vlre-nyc-1 sshd\[22453\]: Invalid user test from 212.64.102.106
Apr 21 12:50:54 vlre-nyc-1 sshd\[22453\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.102.106
Apr 21 12:50:56 vlre-nyc-1 sshd\[22453\]: Failed password for invalid user test from 212.64.102.106 port 46568 ssh2
Apr 21 12:55:59 vlre-nyc-1 sshd\[22535\]: Invalid user gh from 212.64.102.106
Apr 21 12:55:59 vlre-nyc-1 sshd\[22535\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.102.106
...

2020-04-21 22:57:33

相同子网IP讨论:

IP	类型	评论内容	时间
212.64.102.48	attackspam	Jan 29 22:09:56 hcbbdb sshd\[15112\]: Invalid user aaron from 212.64.102.48 Jan 29 22:09:56 hcbbdb sshd\[15112\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.102.48 Jan 29 22:09:58 hcbbdb sshd\[15112\]: Failed password for invalid user aaron from 212.64.102.48 port 53106 ssh2 Jan 29 22:11:14 hcbbdb sshd\[15302\]: Invalid user chunmay from 212.64.102.48 Jan 29 22:11:14 hcbbdb sshd\[15302\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.102.48	2020-01-30 06:16:31
212.64.102.110	attack	2019-11-23T05:47:47.363751tmaserv sshd\[9872\]: Failed password for invalid user jaeson from 212.64.102.110 port 48368 ssh2 2019-11-23T06:50:10.534655tmaserv sshd\[12584\]: Invalid user reinecker from 212.64.102.110 port 43702 2019-11-23T06:50:10.538535tmaserv sshd\[12584\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.102.110 2019-11-23T06:50:12.210755tmaserv sshd\[12584\]: Failed password for invalid user reinecker from 212.64.102.110 port 43702 ssh2 2019-11-23T06:54:34.681167tmaserv sshd\[12769\]: Invalid user skruber from 212.64.102.110 port 50932 2019-11-23T06:54:34.685826tmaserv sshd\[12769\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.102.110 ...	2019-11-23 13:41:25
212.64.102.29	attackspam	Nov 22 13:55:27 wbs sshd\[31387\]: Invalid user schulung from 212.64.102.29 Nov 22 13:55:27 wbs sshd\[31387\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.102.29 Nov 22 13:55:29 wbs sshd\[31387\]: Failed password for invalid user schulung from 212.64.102.29 port 60382 ssh2 Nov 22 13:59:47 wbs sshd\[31695\]: Invalid user sip from 212.64.102.29 Nov 22 13:59:47 wbs sshd\[31695\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.102.29	2019-11-23 08:17:56
212.64.102.29	attackbots	50 failed attempt(s) in the last 24h	2019-11-15 08:07:23
212.64.102.29	attack	Nov 12 06:12:32 eventyay sshd[19245]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.102.29 Nov 12 06:12:35 eventyay sshd[19245]: Failed password for invalid user apache from 212.64.102.29 port 53170 ssh2 Nov 12 06:16:41 eventyay sshd[19328]: Failed password for games from 212.64.102.29 port 42890 ssh2 ...	2019-11-12 13:26:06

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 212.64.102.106
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 54469
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;212.64.102.106.			IN	A

;; AUTHORITY SECTION:
.			599	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020042100 1800 900 604800 86400

;; Query time: 107 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Apr 21 22:57:29 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 106.102.64.212.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 106.102.64.212.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
51.91.56.133	attack	Nov 22 01:47:58 vps691689 sshd[4166]: Failed password for sshd from 51.91.56.133 port 37938 ssh2 Nov 22 01:51:05 vps691689 sshd[4196]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.91.56.133 ...	2019-11-22 08:53:06
60.28.29.9	attack	Nov 21 23:56:52 localhost sshd\[8178\]: Invalid user heisz from 60.28.29.9 port 36766 Nov 21 23:56:52 localhost sshd\[8178\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.28.29.9 Nov 21 23:56:55 localhost sshd\[8178\]: Failed password for invalid user heisz from 60.28.29.9 port 36766 ssh2	2019-11-22 08:41:00
91.121.7.155	attack	Invalid user urista from 91.121.7.155 port 21622	2019-11-22 08:38:57
150.109.106.224	attackbots	2019-11-21T17:58:19.558445ns547587 sshd\[5030\]: Invalid user bridge from 150.109.106.224 port 36240 2019-11-21T17:58:19.563830ns547587 sshd\[5030\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.109.106.224 2019-11-21T17:58:21.514555ns547587 sshd\[5030\]: Failed password for invalid user bridge from 150.109.106.224 port 36240 ssh2 2019-11-21T18:04:58.202795ns547587 sshd\[7546\]: Invalid user acker from 150.109.106.224 port 45446 ...	2019-11-22 08:25:52
108.170.141.75	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/108.170.141.75/ CA - 1H : (8) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : CA NAME ASN : ASN40788 IP : 108.170.141.75 CIDR : 108.170.128.0/18 PREFIX COUNT : 37 UNIQUE IP COUNT : 194560 ATTACKS DETECTED ASN40788 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 DateTime : 2019-11-21 23:56:56 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-11-22 08:40:00
5.36.76.61	attackspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/5.36.76.61/ OM - 1H : (4) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : OM NAME ASN : ASN28885 IP : 5.36.76.61 CIDR : 5.36.0.0/17 PREFIX COUNT : 198 UNIQUE IP COUNT : 514048 ATTACKS DETECTED ASN28885 : 1H - 1 3H - 1 6H - 1 12H - 4 24H - 4 DateTime : 2019-11-21 23:56:48 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-11-22 08:44:35
119.29.234.236	attack	2019-11-21T23:55:40.071668ns386461 sshd\[3998\]: Invalid user gmodserver from 119.29.234.236 port 39118 2019-11-21T23:55:40.076345ns386461 sshd\[3998\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.234.236 2019-11-21T23:55:42.532316ns386461 sshd\[3998\]: Failed password for invalid user gmodserver from 119.29.234.236 port 39118 ssh2 2019-11-21T23:57:16.248753ns386461 sshd\[5535\]: Invalid user gmodserver from 119.29.234.236 port 50216 2019-11-21T23:57:16.254398ns386461 sshd\[5535\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.234.236 ...	2019-11-22 08:27:44
89.248.171.173	attackspam	Repeated bruteforce after ip ban	2019-11-22 08:52:06
61.19.22.162	attackspam	2019-11-22T00:37:16.841933abusebot-6.cloudsearch.cf sshd\[3647\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.19.22.162 user=root	2019-11-22 08:48:09
179.179.10.245	attack	Automatic report - Port Scan Attack	2019-11-22 08:28:47
103.52.16.35	attack	Nov 21 23:42:20 web8 sshd\[582\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.52.16.35 user=mysql Nov 21 23:42:22 web8 sshd\[582\]: Failed password for mysql from 103.52.16.35 port 46210 ssh2 Nov 21 23:46:08 web8 sshd\[2982\]: Invalid user test from 103.52.16.35 Nov 21 23:46:08 web8 sshd\[2982\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.52.16.35 Nov 21 23:46:10 web8 sshd\[2982\]: Failed password for invalid user test from 103.52.16.35 port 54314 ssh2	2019-11-22 08:54:13
134.209.64.10	attackbotsspam	Nov 21 23:50:46 MainVPS sshd[20001]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.64.10 user=root Nov 21 23:50:48 MainVPS sshd[20001]: Failed password for root from 134.209.64.10 port 50872 ssh2 Nov 21 23:53:55 MainVPS sshd[25655]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.64.10 user=root Nov 21 23:53:57 MainVPS sshd[25655]: Failed password for root from 134.209.64.10 port 58530 ssh2 Nov 21 23:57:07 MainVPS sshd[31978]: Invalid user cn from 134.209.64.10 port 37960 ...	2019-11-22 08:32:30
93.174.93.5	attackspam	Nov 22 00:21:08 host3 dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=93.174.93.5, lip=207.180.241.50, session= Nov 22 00:21:23 host3 dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 6 secs): user=, method=PLAIN, rip=93.174.93.5, lip=207.180.241.50, session= Nov 22 00:23:23 host3 dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=93.174.93.5, lip=207.180.241.50, session=<7TRHleOXsF9drl0F> Nov 22 00:24:05 host3 dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=93.174.93.5, lip=207.180.241.50, session= Nov 22 00:24:10 host3 dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 6 secs): user=, method=PLAIN, rip=93.174.93.5, lip=207.180.241.50, session=<3cfcl+OXeupdrl0F ...	2019-11-22 08:49:28
193.56.28.177	attackbots	firewall-block, port(s): 25/tcp	2019-11-22 08:36:44
92.50.52.30	attackspam	Brute force attempt	2019-11-22 08:41:44

最近上报的IP列表

160.16.211.127	157.230.245.91	154.127.89.100	150.136.163.76
140.143.64.141	132.145.111.59	129.213.104.151	128.199.36.177
128.199.33.157	122.224.217.43	31.115.132.170	120.53.0.166
45.159.198.89	154.103.222.204	116.255.172.200	115.167.123.192
113.183.102.84	113.174.173.207	113.125.117.57	110.77.159.90