212.64.102.106

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Apr 21 12:50:54 vlre-nyc-1 sshd\[22453\]: Invalid user test from 212.64.102.106 Apr 21 12:50:54 vlre-nyc-1 sshd\[22453\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.102.106 Apr 21 12:50:56 vlre-nyc-1 sshd\[22453\]: Failed password for invalid user test from 212.64.102.106 port 46568 ssh2 Apr 21 12:55:59 vlre-nyc-1 sshd\[22535\]: Invalid user gh from 212.64.102.106 Apr 21 12:55:59 vlre-nyc-1 sshd\[22535\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.102.106 ...	2020-04-21 22:57:33

类型

评论内容

时间

attack

Apr 21 12:50:54 vlre-nyc-1 sshd\[22453\]: Invalid user test from 212.64.102.106
Apr 21 12:50:54 vlre-nyc-1 sshd\[22453\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.102.106
Apr 21 12:50:56 vlre-nyc-1 sshd\[22453\]: Failed password for invalid user test from 212.64.102.106 port 46568 ssh2
Apr 21 12:55:59 vlre-nyc-1 sshd\[22535\]: Invalid user gh from 212.64.102.106
Apr 21 12:55:59 vlre-nyc-1 sshd\[22535\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.102.106
...

2020-04-21 22:57:33

相同子网IP讨论:

IP	类型	评论内容	时间
212.64.102.48	attackspam	Jan 29 22:09:56 hcbbdb sshd\[15112\]: Invalid user aaron from 212.64.102.48 Jan 29 22:09:56 hcbbdb sshd\[15112\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.102.48 Jan 29 22:09:58 hcbbdb sshd\[15112\]: Failed password for invalid user aaron from 212.64.102.48 port 53106 ssh2 Jan 29 22:11:14 hcbbdb sshd\[15302\]: Invalid user chunmay from 212.64.102.48 Jan 29 22:11:14 hcbbdb sshd\[15302\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.102.48	2020-01-30 06:16:31
212.64.102.110	attack	2019-11-23T05:47:47.363751tmaserv sshd\[9872\]: Failed password for invalid user jaeson from 212.64.102.110 port 48368 ssh2 2019-11-23T06:50:10.534655tmaserv sshd\[12584\]: Invalid user reinecker from 212.64.102.110 port 43702 2019-11-23T06:50:10.538535tmaserv sshd\[12584\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.102.110 2019-11-23T06:50:12.210755tmaserv sshd\[12584\]: Failed password for invalid user reinecker from 212.64.102.110 port 43702 ssh2 2019-11-23T06:54:34.681167tmaserv sshd\[12769\]: Invalid user skruber from 212.64.102.110 port 50932 2019-11-23T06:54:34.685826tmaserv sshd\[12769\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.102.110 ...	2019-11-23 13:41:25
212.64.102.29	attackspam	Nov 22 13:55:27 wbs sshd\[31387\]: Invalid user schulung from 212.64.102.29 Nov 22 13:55:27 wbs sshd\[31387\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.102.29 Nov 22 13:55:29 wbs sshd\[31387\]: Failed password for invalid user schulung from 212.64.102.29 port 60382 ssh2 Nov 22 13:59:47 wbs sshd\[31695\]: Invalid user sip from 212.64.102.29 Nov 22 13:59:47 wbs sshd\[31695\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.102.29	2019-11-23 08:17:56
212.64.102.29	attackbots	50 failed attempt(s) in the last 24h	2019-11-15 08:07:23
212.64.102.29	attack	Nov 12 06:12:32 eventyay sshd[19245]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.102.29 Nov 12 06:12:35 eventyay sshd[19245]: Failed password for invalid user apache from 212.64.102.29 port 53170 ssh2 Nov 12 06:16:41 eventyay sshd[19328]: Failed password for games from 212.64.102.29 port 42890 ssh2 ...	2019-11-12 13:26:06

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 212.64.102.106
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 54469
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;212.64.102.106.			IN	A

;; AUTHORITY SECTION:
.			599	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020042100 1800 900 604800 86400

;; Query time: 107 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Apr 21 22:57:29 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 106.102.64.212.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 106.102.64.212.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
175.24.96.82	attackbotsspam	May 28 09:38:59 plex sshd[7420]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.24.96.82 user=root May 28 09:39:00 plex sshd[7420]: Failed password for root from 175.24.96.82 port 58792 ssh2	2020-05-28 16:57:00
185.24.233.37	attackspambots	May 28 07:39:11 mail postfix/smtpd\[27805\]: warning: unknown\[185.24.233.37\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ May 28 08:11:09 mail postfix/smtpd\[28371\]: warning: unknown\[185.24.233.37\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ May 28 08:16:28 mail postfix/smtpd\[28371\]: warning: unknown\[185.24.233.37\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ May 28 08:21:50 mail postfix/smtpd\[29373\]: warning: unknown\[185.24.233.37\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\	2020-05-28 17:14:55
167.114.252.133	attackspambots	Invalid user admin123 from 167.114.252.133 port 41788	2020-05-28 17:01:33
103.242.200.38	attackspam	SSH login attempts.	2020-05-28 16:47:42
195.231.3.208	attackbotsspam	May 28 10:20:38 relay postfix/smtpd\[12308\]: warning: unknown\[195.231.3.208\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 28 10:21:07 relay postfix/smtpd\[26231\]: warning: unknown\[195.231.3.208\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 28 10:22:22 relay postfix/smtpd\[2101\]: warning: unknown\[195.231.3.208\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 28 10:32:45 relay postfix/smtpd\[18970\]: warning: unknown\[195.231.3.208\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 28 10:33:24 relay postfix/smtpd\[12308\]: warning: unknown\[195.231.3.208\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-05-28 16:43:58
222.186.171.108	attackbots	$f2bV_matches	2020-05-28 16:42:47
198.108.66.226	attackspambots	firewall-block, port(s): 9337/tcp	2020-05-28 16:46:23
185.33.145.171	attack	May 28 03:20:27 UTC__SANYALnet-Labs__lste sshd[3941]: Connection from 185.33.145.171 port 46296 on 192.168.1.10 port 22 May 28 03:20:28 UTC__SANYALnet-Labs__lste sshd[3941]: User r.r from 185.33.145.171 not allowed because not listed in AllowUsers May 28 03:20:28 UTC__SANYALnet-Labs__lste sshd[3941]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.33.145.171 user=r.r May 28 03:20:30 UTC__SANYALnet-Labs__lste sshd[3941]: Failed password for invalid user r.r from 185.33.145.171 port 46296 ssh2 May 28 03:20:30 UTC__SANYALnet-Labs__lste sshd[3941]: Received disconnect from 185.33.145.171 port 46296:11: Bye Bye [preauth] May 28 03:20:30 UTC__SANYALnet-Labs__lste sshd[3941]: Disconnected from 185.33.145.171 port 46296 [preauth] May 28 03:32:04 UTC__SANYALnet-Labs__lste sshd[4157]: Connection from 185.33.145.171 port 58646 on 192.168.1.10 port 22 May 28 03:32:05 UTC__SANYALnet-Labs__lste sshd[4157]: User r.r from 185.33.145.171 not ........ -------------------------------	2020-05-28 16:40:49
198.211.126.138	attackbotsspam	2020-05-28T08:08:17.739017randservbullet-proofcloud-66.localdomain sshd[21033]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.211.126.138 user=root 2020-05-28T08:08:20.198808randservbullet-proofcloud-66.localdomain sshd[21033]: Failed password for root from 198.211.126.138 port 33760 ssh2 2020-05-28T08:21:24.738107randservbullet-proofcloud-66.localdomain sshd[21086]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.211.126.138 user=ftp 2020-05-28T08:21:26.906691randservbullet-proofcloud-66.localdomain sshd[21086]: Failed password for ftp from 198.211.126.138 port 33872 ssh2 ...	2020-05-28 17:23:41
175.6.76.71	attackspam	2020-05-28T11:11:00.958354afi-git.jinr.ru sshd[20303]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.6.76.71 user=root 2020-05-28T11:11:02.128370afi-git.jinr.ru sshd[20303]: Failed password for root from 175.6.76.71 port 38426 ssh2 2020-05-28T11:13:25.251074afi-git.jinr.ru sshd[20909]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.6.76.71 user=root 2020-05-28T11:13:26.993221afi-git.jinr.ru sshd[20909]: Failed password for root from 175.6.76.71 port 38344 ssh2 2020-05-28T11:15:35.125023afi-git.jinr.ru sshd[21515]: Invalid user dave from 175.6.76.71 port 38264 ...	2020-05-28 17:18:12
222.186.175.183	attack	sshd jail - ssh hack attempt	2020-05-28 17:02:08
52.15.124.196	attackbotsspam	Invalid user smb from 52.15.124.196 port 51114	2020-05-28 17:22:58
58.210.190.30	attackspambots	Invalid user m1 from 58.210.190.30 port 58676	2020-05-28 17:07:12
119.31.126.100	attackspam	Failed password for invalid user mysql from 119.31.126.100 port 37882 ssh2	2020-05-28 16:59:03
103.40.242.197	attackbots	2020-05-28T04:53:43.941428beta postfix/smtpd[14602]: NOQUEUE: reject: RCPT from unknown[103.40.242.197]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo= 2020-05-28T04:53:51.455139beta postfix/smtpd[14602]: NOQUEUE: reject: RCPT from unknown[103.40.242.197]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo= 2020-05-28T04:53:56.228465beta postfix/smtpd[14602]: NOQUEUE: reject: RCPT from unknown[103.40.242.197]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo= ...	2020-05-28 17:14:29

最近上报的IP列表

160.16.211.127	157.230.245.91	154.127.89.100	150.136.163.76
140.143.64.141	132.145.111.59	129.213.104.151	128.199.36.177
128.199.33.157	122.224.217.43	31.115.132.170	120.53.0.166
45.159.198.89	154.103.222.204	116.255.172.200	115.167.123.192
113.183.102.84	113.174.173.207	113.125.117.57	110.77.159.90