211.64.67.48 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Shandong Physical Education Institute

Hostname: unknown

Organization: CERNET2 IX at Shandong University

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Aug 26 02:12:18 ms-srv sshd[45113]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.64.67.48 Aug 26 02:12:20 ms-srv sshd[45113]: Failed password for invalid user xrdp from 211.64.67.48 port 37724 ssh2	2020-02-16 00:44:59
attack	F2B jail: sshd. Time: 2019-11-15 06:19:14, Reported by: VKReport	2019-11-15 13:22:43
attackspambots	ssh failed login	2019-11-04 20:19:32
attackspam	Oct 30 10:20:08 firewall sshd[19732]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.64.67.48 user=root Oct 30 10:20:11 firewall sshd[19732]: Failed password for root from 211.64.67.48 port 45984 ssh2 Oct 30 10:24:48 firewall sshd[19833]: Invalid user yt from 211.64.67.48 ...	2019-10-30 21:26:28
attackspam	Oct 26 21:09:22 kapalua sshd\[31317\]: Invalid user yuqetl4655 from 211.64.67.48 Oct 26 21:09:22 kapalua sshd\[31317\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.64.67.48 Oct 26 21:09:24 kapalua sshd\[31317\]: Failed password for invalid user yuqetl4655 from 211.64.67.48 port 56278 ssh2 Oct 26 21:14:12 kapalua sshd\[31686\]: Invalid user Abcd1234% from 211.64.67.48 Oct 26 21:14:12 kapalua sshd\[31686\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.64.67.48	2019-10-27 15:15:55
attackspambots	Automatic report - Banned IP Access	2019-10-23 07:48:08
attackbots	Oct 10 19:02:44 sachi sshd\[23925\]: Invalid user Auto_123 from 211.64.67.48 Oct 10 19:02:44 sachi sshd\[23925\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.64.67.48 Oct 10 19:02:46 sachi sshd\[23925\]: Failed password for invalid user Auto_123 from 211.64.67.48 port 47790 ssh2 Oct 10 19:06:17 sachi sshd\[24214\]: Invalid user 123Studio from 211.64.67.48 Oct 10 19:06:17 sachi sshd\[24214\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.64.67.48	2019-10-11 17:59:36
attackspambots	Oct 11 00:19:57 vps691689 sshd[5081]: Failed password for root from 211.64.67.48 port 42200 ssh2 Oct 11 00:23:55 vps691689 sshd[5173]: Failed password for root from 211.64.67.48 port 45400 ssh2 ...	2019-10-11 06:40:51
attackbots	Oct 8 20:03:36 meumeu sshd[11480]: Failed password for root from 211.64.67.48 port 40254 ssh2 Oct 8 20:07:40 meumeu sshd[12012]: Failed password for root from 211.64.67.48 port 47234 ssh2 ...	2019-10-09 02:15:37
attack	Sep 29 23:46:37 xtremcommunity sshd\[16480\]: Invalid user ovh from 211.64.67.48 port 56046 Sep 29 23:46:37 xtremcommunity sshd\[16480\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.64.67.48 Sep 29 23:46:39 xtremcommunity sshd\[16480\]: Failed password for invalid user ovh from 211.64.67.48 port 56046 ssh2 Sep 29 23:51:15 xtremcommunity sshd\[16549\]: Invalid user awsjava from 211.64.67.48 port 37038 Sep 29 23:51:15 xtremcommunity sshd\[16549\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.64.67.48 ...	2019-09-30 18:49:06
attackbotsspam	2019-09-22T10:09:27.6827901495-001 sshd\[26409\]: Invalid user sandra from 211.64.67.48 port 49232 2019-09-22T10:09:27.6864711495-001 sshd\[26409\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.64.67.48 2019-09-22T10:09:29.8094261495-001 sshd\[26409\]: Failed password for invalid user sandra from 211.64.67.48 port 49232 ssh2 2019-09-22T10:14:36.7467171495-001 sshd\[26752\]: Invalid user nat from 211.64.67.48 port 58830 2019-09-22T10:14:36.7498061495-001 sshd\[26752\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.64.67.48 2019-09-22T10:14:38.6254641495-001 sshd\[26752\]: Failed password for invalid user nat from 211.64.67.48 port 58830 ssh2 ...	2019-09-23 03:08:49
attackbotsspam	Sep 22 05:08:06 tuotantolaitos sshd[3024]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.64.67.48 Sep 22 05:08:08 tuotantolaitos sshd[3024]: Failed password for invalid user M from 211.64.67.48 port 44922 ssh2 ...	2019-09-22 10:09:37
attackbots	Sep 21 14:59:37 plex sshd[7282]: Invalid user mqm from 211.64.67.48 port 37456	2019-09-21 21:07:19
attack	Sep 8 12:57:46 lnxded63 sshd[28623]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.64.67.48	2019-09-09 01:29:41
attack	Sep 7 19:07:16 hiderm sshd\[12021\]: Invalid user csgoserver from 211.64.67.48 Sep 7 19:07:16 hiderm sshd\[12021\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.64.67.48 Sep 7 19:07:18 hiderm sshd\[12021\]: Failed password for invalid user csgoserver from 211.64.67.48 port 37838 ssh2 Sep 7 19:12:19 hiderm sshd\[12511\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.64.67.48 user=mysql Sep 7 19:12:21 hiderm sshd\[12511\]: Failed password for mysql from 211.64.67.48 port 49430 ssh2	2019-09-08 13:29:09
attackbots	Sep 5 09:25:00 server sshd\[16282\]: Invalid user kuaisuweb from 211.64.67.48 port 48302 Sep 5 09:25:00 server sshd\[16282\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.64.67.48 Sep 5 09:25:02 server sshd\[16282\]: Failed password for invalid user kuaisuweb from 211.64.67.48 port 48302 ssh2 Sep 5 09:30:05 server sshd\[12373\]: Invalid user git from 211.64.67.48 port 59850 Sep 5 09:30:05 server sshd\[12373\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.64.67.48	2019-09-05 14:46:16
attackbots	Sep 4 09:04:14 lcdev sshd\[32345\]: Invalid user sys_admin from 211.64.67.48 Sep 4 09:04:14 lcdev sshd\[32345\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.64.67.48 Sep 4 09:04:16 lcdev sshd\[32345\]: Failed password for invalid user sys_admin from 211.64.67.48 port 53064 ssh2 Sep 4 09:08:56 lcdev sshd\[32713\]: Invalid user legacy from 211.64.67.48 Sep 4 09:08:56 lcdev sshd\[32713\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.64.67.48	2019-09-05 03:32:37
attack	SSH Brute Force, server-1 sshd[14097]: Failed password for invalid user gaurav from 211.64.67.48 port 46768 ssh2	2019-09-04 01:39:04
attack	web-1 [ssh] SSH Attack	2019-08-30 09:16:49
attack	Aug 18 01:27:58 tdfoods sshd\[14269\]: Invalid user ka from 211.64.67.48 Aug 18 01:27:58 tdfoods sshd\[14269\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.64.67.48 Aug 18 01:28:00 tdfoods sshd\[14269\]: Failed password for invalid user ka from 211.64.67.48 port 46482 ssh2 Aug 18 01:32:54 tdfoods sshd\[14733\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.64.67.48 user=root Aug 18 01:32:56 tdfoods sshd\[14733\]: Failed password for root from 211.64.67.48 port 60516 ssh2	2019-08-18 19:33:31
attackspambots	Aug 16 06:10:43 web9 sshd\[20718\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.64.67.48 user=root Aug 16 06:10:45 web9 sshd\[20718\]: Failed password for root from 211.64.67.48 port 48624 ssh2 Aug 16 06:17:50 web9 sshd\[22279\]: Invalid user protocol from 211.64.67.48 Aug 16 06:17:50 web9 sshd\[22279\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.64.67.48 Aug 16 06:17:52 web9 sshd\[22279\]: Failed password for invalid user protocol from 211.64.67.48 port 37762 ssh2	2019-08-17 00:30:39

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 211.64.67.48
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 12502
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;211.64.67.48.			IN	A

;; AUTHORITY SECTION:
.			1705	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072700 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Jul 28 03:04:33 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 48.67.64.211.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 67.207.67.2, trying next server
Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 48.67.64.211.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
110.232.71.30	attackbotsspam	Jul 23 11:12:09 [munged] sshd[5294]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.232.71.30	2019-07-24 00:58:57
85.93.133.178	attackbots	Jul 23 20:22:34 yabzik sshd[13395]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.93.133.178 Jul 23 20:22:36 yabzik sshd[13395]: Failed password for invalid user magnifik@123 from 85.93.133.178 port 32435 ssh2 Jul 23 20:27:47 yabzik sshd[14981]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.93.133.178	2019-07-24 01:32:39
186.206.134.122	attackbotsspam	Invalid user temp1 from 186.206.134.122 port 55676	2019-07-24 00:54:45
41.72.105.171	attack	2019-07-23T17:15:53.653512abusebot-4.cloudsearch.cf sshd\[324\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.72.105.171 user=root	2019-07-24 01:28:52
94.132.37.12	attackbotsspam	Jul 23 12:56:25 TORMINT sshd\[19322\]: Invalid user matias from 94.132.37.12 Jul 23 12:56:25 TORMINT sshd\[19322\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.132.37.12 Jul 23 12:56:27 TORMINT sshd\[19322\]: Failed password for invalid user matias from 94.132.37.12 port 42446 ssh2 ...	2019-07-24 01:04:42
114.237.109.147	attackbotsspam	2019-07-23 10:20:12 H=(vps9567.com) [114.237.109.147]:53176 I=[10.100.18.20]:25 sender verify fail for : Unrouteable address 2019-07-23 x@x 2019-07-23 10:55:11 H=(kcic.com) [114.237.109.147]:17366 I=[10.100.18.20]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=114.237.109.147) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=114.237.109.147	2019-07-24 01:12:02
190.116.49.2	attack	Jul 23 14:25:26 rpi sshd[22877]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.116.49.2 Jul 23 14:25:27 rpi sshd[22877]: Failed password for invalid user tms from 190.116.49.2 port 56070 ssh2	2019-07-24 00:46:45
185.122.200.114	attack	19/7/23@10:32:33: FAIL: Alarm-Intrusion address from=185.122.200.114 ...	2019-07-24 01:01:30
110.253.76.167	attack	port scan and connect, tcp 23 (telnet)	2019-07-24 01:35:57
37.59.52.207	attack	Automatic report - Banned IP Access	2019-07-24 01:47:59
118.107.233.29	attackspambots	no	2019-07-24 00:53:24
116.94.22.110	attackspam	Jul 23 16:27:54 rpi sshd[25471]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.94.22.110 Jul 23 16:27:56 rpi sshd[25471]: Failed password for invalid user cisco from 116.94.22.110 port 18850 ssh2	2019-07-24 00:44:28
51.254.34.87	attackbots	2019-07-23T14:12:02.837751abusebot-2.cloudsearch.cf sshd\[28927\]: Invalid user wv from 51.254.34.87 port 48006	2019-07-24 00:45:10
77.247.110.58	attack	Splunk® : port scan detected: Jul 23 12:34:01 testbed kernel: Firewall: UDP_IN Blocked IN=eth0 OUT= MAC=82:c6:52:d1:6e:53:64:c3:d6:0b:ef:f0:08:00 SRC=77.247.110.58 DST=104.248.11.191 LEN=443 TOS=0x00 PREC=0x00 TTL=57 ID=34570 DF PROTO=UDP SPT=5338 DPT=5060 LEN=423	2019-07-24 01:47:34
69.94.140.116	attackspam	Lines containing failures of 69.94.140.116 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=69.94.140.116	2019-07-24 01:29:56

Recently Reported IPs

12.224.14.173	23.248.79.100	105.22.166.234	65.26.128.70
91.206.211.35	2001:df0:220:0:250:56ff:feb6:4706	216.224.72.90	38.228.24.39
205.154.135.50	219.224.152.78	45.160.149.47	85.161.17.83
180.126.133.128	211.223.73.38	223.204.251.44	191.226.52.22
217.194.170.171	217.160.15.228	85.93.79.93	175.210.50.23