212.64.94.157 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Tencent Cloud Computing (Beijing) Co. Ltd

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	$f2bV_matches	2020-03-09 01:40:39
attackspambots	Feb 22 13:57:07 gw1 sshd[25369]: Failed password for root from 212.64.94.157 port 40006 ssh2 ...	2020-02-22 19:10:21
attackbots	Jan 23 11:50:32 DAAP sshd[2613]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.94.157 user=root Jan 23 11:50:34 DAAP sshd[2613]: Failed password for root from 212.64.94.157 port 37054 ssh2 Jan 23 11:53:37 DAAP sshd[2649]: Invalid user ys from 212.64.94.157 port 33858 ...	2020-01-23 22:54:10
attackbots	W 5701,/var/log/auth.log,-,-	2020-01-09 08:58:08
attackspambots	Dec 18 06:58:57 firewall sshd[29686]: Invalid user http from 212.64.94.157 Dec 18 06:58:59 firewall sshd[29686]: Failed password for invalid user http from 212.64.94.157 port 36784 ssh2 Dec 18 07:06:35 firewall sshd[29878]: Invalid user git from 212.64.94.157 ...	2019-12-18 18:13:26
attackspam	IP blocked	2019-12-01 13:05:58
attackspam	Nov 20 18:44:39 cp sshd[4377]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.94.157 Nov 20 18:44:39 cp sshd[4377]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.94.157	2019-11-21 02:08:44
attackspam	Nov 19 00:40:43 sso sshd[5489]: Failed password for root from 212.64.94.157 port 42812 ssh2 ...	2019-11-19 07:49:15
attackbots	Nov 14 17:18:23 srv206 sshd[29518]: Invalid user admin from 212.64.94.157 ...	2019-11-15 01:25:34

相同子网IP讨论:

IP	类型	评论内容	时间
212.64.94.179	attackspam	Jan 14 15:42:07 ms-srv sshd[22174]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.94.179 Jan 14 15:42:09 ms-srv sshd[22174]: Failed password for invalid user roland from 212.64.94.179 port 49870 ssh2	2020-03-09 01:40:08
212.64.94.179	attack	$f2bV_matches	2019-12-21 08:34:17
212.64.94.179	attack	Dec 10 01:06:18 sso sshd[4499]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.94.179 Dec 10 01:06:20 sso sshd[4499]: Failed password for invalid user pulliam from 212.64.94.179 port 32640 ssh2 ...	2019-12-10 08:27:11
212.64.94.179	attackbots	Nov 27 20:50:36 zulu412 sshd\[26651\]: Invalid user wuethrich from 212.64.94.179 port 21016 Nov 27 20:50:36 zulu412 sshd\[26651\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.94.179 Nov 27 20:50:39 zulu412 sshd\[26651\]: Failed password for invalid user wuethrich from 212.64.94.179 port 21016 ssh2 ...	2019-11-28 06:48:32
212.64.94.179	attack	SSH bruteforce (Triggered fail2ban)	2019-11-22 06:08:32
212.64.94.179	attack	Oct 13 07:09:02 www sshd\[122910\]: Invalid user Visitateur from 212.64.94.179 Oct 13 07:09:02 www sshd\[122910\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.94.179 Oct 13 07:09:04 www sshd\[122910\]: Failed password for invalid user Visitateur from 212.64.94.179 port 17187 ssh2 ...	2019-10-13 16:40:59
212.64.94.179	attack	Sep 20 18:12:07 hosting sshd[19256]: Invalid user appl from 212.64.94.179 port 38796 ...	2019-09-21 00:02:59
212.64.94.179	attackbots	$f2bV_matches	2019-08-14 15:48:52
212.64.94.179	attackbots	Jul 28 07:16:37 vibhu-HP-Z238-Microtower-Workstation sshd\[6018\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.94.179 user=root Jul 28 07:16:39 vibhu-HP-Z238-Microtower-Workstation sshd\[6018\]: Failed password for root from 212.64.94.179 port 58490 ssh2 Jul 28 07:19:37 vibhu-HP-Z238-Microtower-Workstation sshd\[6122\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.94.179 user=root Jul 28 07:19:40 vibhu-HP-Z238-Microtower-Workstation sshd\[6122\]: Failed password for root from 212.64.94.179 port 32635 ssh2 Jul 28 07:22:44 vibhu-HP-Z238-Microtower-Workstation sshd\[6203\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.94.179 user=root ...	2019-07-28 10:10:56
212.64.94.179	attackspambots	Jul 20 05:35:36 dev0-dcde-rnet sshd[2103]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.94.179 Jul 20 05:35:38 dev0-dcde-rnet sshd[2103]: Failed password for invalid user lcap_oracle from 212.64.94.179 port 46520 ssh2 Jul 20 05:38:35 dev0-dcde-rnet sshd[2117]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.94.179	2019-07-20 11:42:30
212.64.94.179	attack	$f2bV_matches	2019-07-09 01:32:58
212.64.94.179	attack	Jun 27 06:09:40 icinga sshd[6440]: Failed password for mysql from 212.64.94.179 port 29747 ssh2 ...	2019-06-27 14:12:44

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 212.64.94.157
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58141
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;212.64.94.157.			IN	A

;; AUTHORITY SECTION:
.			504	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019111400 1800 900 604800 86400

;; Query time: 57 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Nov 15 01:25:30 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 157.94.64.212.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 157.94.64.212.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
117.107.213.244	attackbots	Jun 21 16:26:30 ns381471 sshd[21569]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.107.213.244 Jun 21 16:26:32 ns381471 sshd[21569]: Failed password for invalid user user4 from 117.107.213.244 port 46732 ssh2	2020-06-21 22:35:09
192.35.168.250	attackbots	Unauthorized connection attempt detected from IP address 192.35.168.250 to port 3389	2020-06-21 22:11:03
183.82.139.165	attackspam	Unauthorized connection attempt from IP address 183.82.139.165 on Port 445(SMB)	2020-06-21 22:26:15
35.164.49.208	attackbots	Jun 19 04:14:41 liveconfig01 sshd[10986]: Invalid user kg from 35.164.49.208 Jun 19 04:14:41 liveconfig01 sshd[10986]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.164.49.208 Jun 19 04:14:42 liveconfig01 sshd[10986]: Failed password for invalid user kg from 35.164.49.208 port 46172 ssh2 Jun 19 04:14:42 liveconfig01 sshd[10986]: Received disconnect from 35.164.49.208 port 46172:11: Bye Bye [preauth] Jun 19 04:14:42 liveconfig01 sshd[10986]: Disconnected from 35.164.49.208 port 46172 [preauth] Jun 19 04:21:09 liveconfig01 sshd[11223]: Invalid user jens from 35.164.49.208 Jun 19 04:21:09 liveconfig01 sshd[11223]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.164.49.208 Jun 19 04:21:10 liveconfig01 sshd[11223]: Failed password for invalid user jens from 35.164.49.208 port 46174 ssh2 Jun 19 04:21:11 liveconfig01 sshd[11223]: Received disconnect from 35.164.49.208 port 46174:11: Bye Bye........ -------------------------------	2020-06-21 21:57:49
202.90.198.210	attackspambots	Unauthorized connection attempt from IP address 202.90.198.210 on Port 445(SMB)	2020-06-21 22:08:48
222.110.147.61	attackspam	Jun 21 14:15:24 idefix sshd[26585]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.110.147.61	2020-06-21 22:28:03
203.99.62.158	attack	Jun 21 14:11:43 eventyay sshd[14024]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.99.62.158 Jun 21 14:11:45 eventyay sshd[14024]: Failed password for invalid user anj from 203.99.62.158 port 34350 ssh2 Jun 21 14:15:37 eventyay sshd[14211]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.99.62.158 ...	2020-06-21 22:13:35
113.175.200.32	attackspam	Unauthorized connection attempt from IP address 113.175.200.32 on Port 445(SMB)	2020-06-21 22:35:30
192.241.143.105	attackbots	Failed password for invalid user fraga from 192.241.143.105 port 40800 ssh2	2020-06-21 22:20:39
49.149.103.157	attackbots	Honeypot attack, port: 445, PTR: dsl.49.149.103.157.pldt.net.	2020-06-21 22:27:36
116.236.109.92	attackbots	Jun 21 14:14:17 * sshd[2139]: Failed password for root from 116.236.109.92 port 60358 ssh2 Jun 21 14:15:44 * sshd[2298]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.236.109.92	2020-06-21 22:00:15
113.176.17.109	attackspambots	1592742329 - 06/21/2020 14:25:29 Host: 113.176.17.109/113.176.17.109 Port: 445 TCP Blocked	2020-06-21 22:29:34
164.132.98.75	attackspam	Jun 21 08:15:41 mail sshd\[43797\]: Invalid user carla from 164.132.98.75 Jun 21 08:15:41 mail sshd\[43797\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.132.98.75 ...	2020-06-21 22:03:18
105.36.20.140	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-06-21 22:30:39
222.186.15.158	attackspambots	Unauthorized connection attempt detected from IP address 222.186.15.158 to port 22	2020-06-21 22:13:12

最近上报的IP列表

77.42.78.114	27.15.154.96	41.32.13.158	62.210.77.54
38.142.21.58	16.197.202.229	92.107.101.65	3.210.185.188
91.194.94.19	5.54.211.173	106.54.185.171	113.25.238.165
64.56.119.45	103.24.175.218	63.88.23.183	14.186.223.198
81.242.55.175	31.214.157.196	41.39.214.238	45.7.144.2