211.64.67.48 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Shandong Physical Education Institute

Hostname: unknown

Organization: CERNET2 IX at Shandong University

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Aug 26 02:12:18 ms-srv sshd[45113]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.64.67.48 Aug 26 02:12:20 ms-srv sshd[45113]: Failed password for invalid user xrdp from 211.64.67.48 port 37724 ssh2	2020-02-16 00:44:59
attack	F2B jail: sshd. Time: 2019-11-15 06:19:14, Reported by: VKReport	2019-11-15 13:22:43
attackspambots	ssh failed login	2019-11-04 20:19:32
attackspam	Oct 30 10:20:08 firewall sshd[19732]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.64.67.48 user=root Oct 30 10:20:11 firewall sshd[19732]: Failed password for root from 211.64.67.48 port 45984 ssh2 Oct 30 10:24:48 firewall sshd[19833]: Invalid user yt from 211.64.67.48 ...	2019-10-30 21:26:28
attackspam	Oct 26 21:09:22 kapalua sshd\[31317\]: Invalid user yuqetl4655 from 211.64.67.48 Oct 26 21:09:22 kapalua sshd\[31317\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.64.67.48 Oct 26 21:09:24 kapalua sshd\[31317\]: Failed password for invalid user yuqetl4655 from 211.64.67.48 port 56278 ssh2 Oct 26 21:14:12 kapalua sshd\[31686\]: Invalid user Abcd1234% from 211.64.67.48 Oct 26 21:14:12 kapalua sshd\[31686\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.64.67.48	2019-10-27 15:15:55
attackspambots	Automatic report - Banned IP Access	2019-10-23 07:48:08
attackbots	Oct 10 19:02:44 sachi sshd\[23925\]: Invalid user Auto_123 from 211.64.67.48 Oct 10 19:02:44 sachi sshd\[23925\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.64.67.48 Oct 10 19:02:46 sachi sshd\[23925\]: Failed password for invalid user Auto_123 from 211.64.67.48 port 47790 ssh2 Oct 10 19:06:17 sachi sshd\[24214\]: Invalid user 123Studio from 211.64.67.48 Oct 10 19:06:17 sachi sshd\[24214\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.64.67.48	2019-10-11 17:59:36
attackspambots	Oct 11 00:19:57 vps691689 sshd[5081]: Failed password for root from 211.64.67.48 port 42200 ssh2 Oct 11 00:23:55 vps691689 sshd[5173]: Failed password for root from 211.64.67.48 port 45400 ssh2 ...	2019-10-11 06:40:51
attackbots	Oct 8 20:03:36 meumeu sshd[11480]: Failed password for root from 211.64.67.48 port 40254 ssh2 Oct 8 20:07:40 meumeu sshd[12012]: Failed password for root from 211.64.67.48 port 47234 ssh2 ...	2019-10-09 02:15:37
attack	Sep 29 23:46:37 xtremcommunity sshd\[16480\]: Invalid user ovh from 211.64.67.48 port 56046 Sep 29 23:46:37 xtremcommunity sshd\[16480\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.64.67.48 Sep 29 23:46:39 xtremcommunity sshd\[16480\]: Failed password for invalid user ovh from 211.64.67.48 port 56046 ssh2 Sep 29 23:51:15 xtremcommunity sshd\[16549\]: Invalid user awsjava from 211.64.67.48 port 37038 Sep 29 23:51:15 xtremcommunity sshd\[16549\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.64.67.48 ...	2019-09-30 18:49:06
attackbotsspam	2019-09-22T10:09:27.6827901495-001 sshd\[26409\]: Invalid user sandra from 211.64.67.48 port 49232 2019-09-22T10:09:27.6864711495-001 sshd\[26409\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.64.67.48 2019-09-22T10:09:29.8094261495-001 sshd\[26409\]: Failed password for invalid user sandra from 211.64.67.48 port 49232 ssh2 2019-09-22T10:14:36.7467171495-001 sshd\[26752\]: Invalid user nat from 211.64.67.48 port 58830 2019-09-22T10:14:36.7498061495-001 sshd\[26752\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.64.67.48 2019-09-22T10:14:38.6254641495-001 sshd\[26752\]: Failed password for invalid user nat from 211.64.67.48 port 58830 ssh2 ...	2019-09-23 03:08:49
attackbotsspam	Sep 22 05:08:06 tuotantolaitos sshd[3024]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.64.67.48 Sep 22 05:08:08 tuotantolaitos sshd[3024]: Failed password for invalid user M from 211.64.67.48 port 44922 ssh2 ...	2019-09-22 10:09:37
attackbots	Sep 21 14:59:37 plex sshd[7282]: Invalid user mqm from 211.64.67.48 port 37456	2019-09-21 21:07:19
attack	Sep 8 12:57:46 lnxded63 sshd[28623]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.64.67.48	2019-09-09 01:29:41
attack	Sep 7 19:07:16 hiderm sshd\[12021\]: Invalid user csgoserver from 211.64.67.48 Sep 7 19:07:16 hiderm sshd\[12021\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.64.67.48 Sep 7 19:07:18 hiderm sshd\[12021\]: Failed password for invalid user csgoserver from 211.64.67.48 port 37838 ssh2 Sep 7 19:12:19 hiderm sshd\[12511\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.64.67.48 user=mysql Sep 7 19:12:21 hiderm sshd\[12511\]: Failed password for mysql from 211.64.67.48 port 49430 ssh2	2019-09-08 13:29:09
attackbots	Sep 5 09:25:00 server sshd\[16282\]: Invalid user kuaisuweb from 211.64.67.48 port 48302 Sep 5 09:25:00 server sshd\[16282\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.64.67.48 Sep 5 09:25:02 server sshd\[16282\]: Failed password for invalid user kuaisuweb from 211.64.67.48 port 48302 ssh2 Sep 5 09:30:05 server sshd\[12373\]: Invalid user git from 211.64.67.48 port 59850 Sep 5 09:30:05 server sshd\[12373\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.64.67.48	2019-09-05 14:46:16
attackbots	Sep 4 09:04:14 lcdev sshd\[32345\]: Invalid user sys_admin from 211.64.67.48 Sep 4 09:04:14 lcdev sshd\[32345\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.64.67.48 Sep 4 09:04:16 lcdev sshd\[32345\]: Failed password for invalid user sys_admin from 211.64.67.48 port 53064 ssh2 Sep 4 09:08:56 lcdev sshd\[32713\]: Invalid user legacy from 211.64.67.48 Sep 4 09:08:56 lcdev sshd\[32713\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.64.67.48	2019-09-05 03:32:37
attack	SSH Brute Force, server-1 sshd[14097]: Failed password for invalid user gaurav from 211.64.67.48 port 46768 ssh2	2019-09-04 01:39:04
attack	web-1 [ssh] SSH Attack	2019-08-30 09:16:49
attack	Aug 18 01:27:58 tdfoods sshd\[14269\]: Invalid user ka from 211.64.67.48 Aug 18 01:27:58 tdfoods sshd\[14269\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.64.67.48 Aug 18 01:28:00 tdfoods sshd\[14269\]: Failed password for invalid user ka from 211.64.67.48 port 46482 ssh2 Aug 18 01:32:54 tdfoods sshd\[14733\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.64.67.48 user=root Aug 18 01:32:56 tdfoods sshd\[14733\]: Failed password for root from 211.64.67.48 port 60516 ssh2	2019-08-18 19:33:31
attackspambots	Aug 16 06:10:43 web9 sshd\[20718\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.64.67.48 user=root Aug 16 06:10:45 web9 sshd\[20718\]: Failed password for root from 211.64.67.48 port 48624 ssh2 Aug 16 06:17:50 web9 sshd\[22279\]: Invalid user protocol from 211.64.67.48 Aug 16 06:17:50 web9 sshd\[22279\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.64.67.48 Aug 16 06:17:52 web9 sshd\[22279\]: Failed password for invalid user protocol from 211.64.67.48 port 37762 ssh2	2019-08-17 00:30:39

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 211.64.67.48
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 12502
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;211.64.67.48.			IN	A

;; AUTHORITY SECTION:
.			1705	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072700 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Jul 28 03:04:33 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 48.67.64.211.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 67.207.67.2, trying next server
Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 48.67.64.211.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
125.162.21.191	attackbotsspam	May 2 19:17:11 santamaria sshd\[32006\]: Invalid user test from 125.162.21.191 May 2 19:17:11 santamaria sshd\[32006\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.162.21.191 May 2 19:17:13 santamaria sshd\[32006\]: Failed password for invalid user test from 125.162.21.191 port 49880 ssh2 ...	2020-05-03 03:49:27
85.99.223.152	attack	Unauthorized connection attempt detected from IP address 85.99.223.152 to port 23	2020-05-03 03:52:36
163.172.62.124	attack	May 2 20:21:09 inter-technics sshd[29550]: Invalid user heng from 163.172.62.124 port 32878 May 2 20:21:09 inter-technics sshd[29550]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.172.62.124 May 2 20:21:09 inter-technics sshd[29550]: Invalid user heng from 163.172.62.124 port 32878 May 2 20:21:12 inter-technics sshd[29550]: Failed password for invalid user heng from 163.172.62.124 port 32878 ssh2 May 2 20:26:53 inter-technics sshd[30695]: Invalid user docker from 163.172.62.124 port 43158 ...	2020-05-03 03:54:19
67.207.88.180	attack	20 attempts against mh-ssh on echoip	2020-05-03 04:01:03
197.45.175.226	attackbotsspam	Honeypot attack, port: 445, PTR: host-197.45.175.226.tedata.net.	2020-05-03 03:33:57
176.59.47.116	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-05-03 03:57:38
78.203.125.150	attackbotsspam	Port scan	2020-05-03 03:53:31
118.173.103.159	attack	1588421214 - 05/02/2020 14:06:54 Host: 118.173.103.159/118.173.103.159 Port: 445 TCP Blocked	2020-05-03 03:55:39
94.102.52.44	attack	May 2 21:10:44 ns3042688 courier-pop3d: LOGIN FAILED, user=contact@tienda-cmt.org, ip=\[::ffff:94.102.52.44\] ...	2020-05-03 03:28:18
115.97.101.170	attackspambots	Honeypot attack, port: 445, PTR: PTR record not found	2020-05-03 03:36:30
128.199.143.58	attackspam	Invalid user web from 128.199.143.58 port 48226	2020-05-03 03:27:34
115.207.90.235	attack	Unauthorised access (May 2) SRC=115.207.90.235 LEN=44 TTL=52 ID=2558 TCP DPT=8080 WINDOW=8909 SYN Unauthorised access (May 2) SRC=115.207.90.235 LEN=44 TTL=52 ID=20310 TCP DPT=8080 WINDOW=42451 SYN Unauthorised access (May 1) SRC=115.207.90.235 LEN=44 TTL=52 ID=51235 TCP DPT=8080 WINDOW=4541 SYN Unauthorised access (May 1) SRC=115.207.90.235 LEN=44 TTL=52 ID=29961 TCP DPT=8080 WINDOW=8909 SYN Unauthorised access (May 1) SRC=115.207.90.235 LEN=44 TTL=52 ID=47481 TCP DPT=8080 WINDOW=42451 SYN Unauthorised access (Apr 30) SRC=115.207.90.235 LEN=44 TTL=52 ID=42230 TCP DPT=8080 WINDOW=1335 SYN Unauthorised access (Apr 29) SRC=115.207.90.235 LEN=44 TTL=52 ID=27068 TCP DPT=8080 WINDOW=42451 SYN	2020-05-03 03:36:10
27.78.43.134	attackbotsspam	[01/May/2020:21:17:37 -0400] "GET / HTTP/1.1" Blank UA	2020-05-03 03:27:19
106.187.246.68	attackspambots	Unauthorized connection attempt detected from IP address 106.187.246.68 to port 445 [T]	2020-05-03 03:49:39
36.152.23.123	attackbotsspam	Lines containing failures of 36.152.23.123 May 1 14:40:01 ghostnameioc sshd[15965]: Invalid user admin from 36.152.23.123 port 6916 May 1 14:40:01 ghostnameioc sshd[15965]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.152.23.123 May 1 14:40:03 ghostnameioc sshd[15965]: Failed password for invalid user admin from 36.152.23.123 port 6916 ssh2 May 1 14:40:04 ghostnameioc sshd[15965]: Received disconnect from 36.152.23.123 port 6916:11: Bye Bye [preauth] May 1 14:40:04 ghostnameioc sshd[15965]: Disconnected from invalid user admin 36.152.23.123 port 6916 [preauth] May 1 14:51:00 ghostnameioc sshd[16196]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.152.23.123 user=r.r May 1 14:51:02 ghostnameioc sshd[16196]: Failed password for r.r from 36.152.23.123 port 42101 ssh2 May 1 14:51:04 ghostnameioc sshd[16196]: Received disconnect from 36.152.23.123 port 42101:11: Bye Bye [preaut........ ------------------------------	2020-05-03 04:00:06

Recently Reported IPs

12.224.14.173	23.248.79.100	105.22.166.234	65.26.128.70
91.206.211.35	2001:df0:220:0:250:56ff:feb6:4706	216.224.72.90	38.228.24.39
205.154.135.50	219.224.152.78	45.160.149.47	85.161.17.83
180.126.133.128	211.223.73.38	223.204.251.44	191.226.52.22
217.194.170.171	217.160.15.228	85.93.79.93	175.210.50.23