211.64.67.48 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Shandong Physical Education Institute

Hostname: unknown

Organization: CERNET2 IX at Shandong University

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Aug 26 02:12:18 ms-srv sshd[45113]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.64.67.48 Aug 26 02:12:20 ms-srv sshd[45113]: Failed password for invalid user xrdp from 211.64.67.48 port 37724 ssh2	2020-02-16 00:44:59
attack	F2B jail: sshd. Time: 2019-11-15 06:19:14, Reported by: VKReport	2019-11-15 13:22:43
attackspambots	ssh failed login	2019-11-04 20:19:32
attackspam	Oct 30 10:20:08 firewall sshd[19732]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.64.67.48 user=root Oct 30 10:20:11 firewall sshd[19732]: Failed password for root from 211.64.67.48 port 45984 ssh2 Oct 30 10:24:48 firewall sshd[19833]: Invalid user yt from 211.64.67.48 ...	2019-10-30 21:26:28
attackspam	Oct 26 21:09:22 kapalua sshd\[31317\]: Invalid user yuqetl4655 from 211.64.67.48 Oct 26 21:09:22 kapalua sshd\[31317\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.64.67.48 Oct 26 21:09:24 kapalua sshd\[31317\]: Failed password for invalid user yuqetl4655 from 211.64.67.48 port 56278 ssh2 Oct 26 21:14:12 kapalua sshd\[31686\]: Invalid user Abcd1234% from 211.64.67.48 Oct 26 21:14:12 kapalua sshd\[31686\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.64.67.48	2019-10-27 15:15:55
attackspambots	Automatic report - Banned IP Access	2019-10-23 07:48:08
attackbots	Oct 10 19:02:44 sachi sshd\[23925\]: Invalid user Auto_123 from 211.64.67.48 Oct 10 19:02:44 sachi sshd\[23925\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.64.67.48 Oct 10 19:02:46 sachi sshd\[23925\]: Failed password for invalid user Auto_123 from 211.64.67.48 port 47790 ssh2 Oct 10 19:06:17 sachi sshd\[24214\]: Invalid user 123Studio from 211.64.67.48 Oct 10 19:06:17 sachi sshd\[24214\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.64.67.48	2019-10-11 17:59:36
attackspambots	Oct 11 00:19:57 vps691689 sshd[5081]: Failed password for root from 211.64.67.48 port 42200 ssh2 Oct 11 00:23:55 vps691689 sshd[5173]: Failed password for root from 211.64.67.48 port 45400 ssh2 ...	2019-10-11 06:40:51
attackbots	Oct 8 20:03:36 meumeu sshd[11480]: Failed password for root from 211.64.67.48 port 40254 ssh2 Oct 8 20:07:40 meumeu sshd[12012]: Failed password for root from 211.64.67.48 port 47234 ssh2 ...	2019-10-09 02:15:37
attack	Sep 29 23:46:37 xtremcommunity sshd\[16480\]: Invalid user ovh from 211.64.67.48 port 56046 Sep 29 23:46:37 xtremcommunity sshd\[16480\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.64.67.48 Sep 29 23:46:39 xtremcommunity sshd\[16480\]: Failed password for invalid user ovh from 211.64.67.48 port 56046 ssh2 Sep 29 23:51:15 xtremcommunity sshd\[16549\]: Invalid user awsjava from 211.64.67.48 port 37038 Sep 29 23:51:15 xtremcommunity sshd\[16549\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.64.67.48 ...	2019-09-30 18:49:06
attackbotsspam	2019-09-22T10:09:27.6827901495-001 sshd\[26409\]: Invalid user sandra from 211.64.67.48 port 49232 2019-09-22T10:09:27.6864711495-001 sshd\[26409\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.64.67.48 2019-09-22T10:09:29.8094261495-001 sshd\[26409\]: Failed password for invalid user sandra from 211.64.67.48 port 49232 ssh2 2019-09-22T10:14:36.7467171495-001 sshd\[26752\]: Invalid user nat from 211.64.67.48 port 58830 2019-09-22T10:14:36.7498061495-001 sshd\[26752\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.64.67.48 2019-09-22T10:14:38.6254641495-001 sshd\[26752\]: Failed password for invalid user nat from 211.64.67.48 port 58830 ssh2 ...	2019-09-23 03:08:49
attackbotsspam	Sep 22 05:08:06 tuotantolaitos sshd[3024]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.64.67.48 Sep 22 05:08:08 tuotantolaitos sshd[3024]: Failed password for invalid user M from 211.64.67.48 port 44922 ssh2 ...	2019-09-22 10:09:37
attackbots	Sep 21 14:59:37 plex sshd[7282]: Invalid user mqm from 211.64.67.48 port 37456	2019-09-21 21:07:19
attack	Sep 8 12:57:46 lnxded63 sshd[28623]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.64.67.48	2019-09-09 01:29:41
attack	Sep 7 19:07:16 hiderm sshd\[12021\]: Invalid user csgoserver from 211.64.67.48 Sep 7 19:07:16 hiderm sshd\[12021\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.64.67.48 Sep 7 19:07:18 hiderm sshd\[12021\]: Failed password for invalid user csgoserver from 211.64.67.48 port 37838 ssh2 Sep 7 19:12:19 hiderm sshd\[12511\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.64.67.48 user=mysql Sep 7 19:12:21 hiderm sshd\[12511\]: Failed password for mysql from 211.64.67.48 port 49430 ssh2	2019-09-08 13:29:09
attackbots	Sep 5 09:25:00 server sshd\[16282\]: Invalid user kuaisuweb from 211.64.67.48 port 48302 Sep 5 09:25:00 server sshd\[16282\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.64.67.48 Sep 5 09:25:02 server sshd\[16282\]: Failed password for invalid user kuaisuweb from 211.64.67.48 port 48302 ssh2 Sep 5 09:30:05 server sshd\[12373\]: Invalid user git from 211.64.67.48 port 59850 Sep 5 09:30:05 server sshd\[12373\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.64.67.48	2019-09-05 14:46:16
attackbots	Sep 4 09:04:14 lcdev sshd\[32345\]: Invalid user sys_admin from 211.64.67.48 Sep 4 09:04:14 lcdev sshd\[32345\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.64.67.48 Sep 4 09:04:16 lcdev sshd\[32345\]: Failed password for invalid user sys_admin from 211.64.67.48 port 53064 ssh2 Sep 4 09:08:56 lcdev sshd\[32713\]: Invalid user legacy from 211.64.67.48 Sep 4 09:08:56 lcdev sshd\[32713\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.64.67.48	2019-09-05 03:32:37
attack	SSH Brute Force, server-1 sshd[14097]: Failed password for invalid user gaurav from 211.64.67.48 port 46768 ssh2	2019-09-04 01:39:04
attack	web-1 [ssh] SSH Attack	2019-08-30 09:16:49
attack	Aug 18 01:27:58 tdfoods sshd\[14269\]: Invalid user ka from 211.64.67.48 Aug 18 01:27:58 tdfoods sshd\[14269\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.64.67.48 Aug 18 01:28:00 tdfoods sshd\[14269\]: Failed password for invalid user ka from 211.64.67.48 port 46482 ssh2 Aug 18 01:32:54 tdfoods sshd\[14733\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.64.67.48 user=root Aug 18 01:32:56 tdfoods sshd\[14733\]: Failed password for root from 211.64.67.48 port 60516 ssh2	2019-08-18 19:33:31
attackspambots	Aug 16 06:10:43 web9 sshd\[20718\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.64.67.48 user=root Aug 16 06:10:45 web9 sshd\[20718\]: Failed password for root from 211.64.67.48 port 48624 ssh2 Aug 16 06:17:50 web9 sshd\[22279\]: Invalid user protocol from 211.64.67.48 Aug 16 06:17:50 web9 sshd\[22279\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.64.67.48 Aug 16 06:17:52 web9 sshd\[22279\]: Failed password for invalid user protocol from 211.64.67.48 port 37762 ssh2	2019-08-17 00:30:39

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 211.64.67.48
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 12502
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;211.64.67.48.			IN	A

;; AUTHORITY SECTION:
.			1705	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072700 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Jul 28 03:04:33 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 48.67.64.211.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 67.207.67.2, trying next server
Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 48.67.64.211.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
218.92.0.224	attack	Jun 26 09:03:03 santamaria sshd\[4542\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.224 user=root Jun 26 09:03:05 santamaria sshd\[4542\]: Failed password for root from 218.92.0.224 port 55472 ssh2 Jun 26 09:03:22 santamaria sshd\[4549\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.224 user=root ...	2020-06-26 15:24:50
150.129.8.34	attackspambots	SSH brute-force attempt	2020-06-26 15:09:25
185.220.101.135	attack	Automatic report - Banned IP Access	2020-06-26 15:41:18
210.74.11.97	attackspam	Jun 26 07:33:44 mout sshd[5149]: Invalid user ts3pass from 210.74.11.97 port 45486	2020-06-26 15:17:22
218.78.48.37	attackspam	Jun 26 09:02:51 mail sshd\[29885\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.78.48.37 user=root Jun 26 09:02:53 mail sshd\[29885\]: Failed password for root from 218.78.48.37 port 44724 ssh2 Jun 26 09:12:38 mail sshd\[30216\]: Invalid user webmaster from 218.78.48.37 Jun 26 09:12:38 mail sshd\[30216\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.78.48.37 Jun 26 09:12:40 mail sshd\[30216\]: Failed password for invalid user webmaster from 218.78.48.37 port 39272 ssh2 ...	2020-06-26 15:28:06
125.64.94.130	attackspam	Port scanning [10 denied]	2020-06-26 15:35:22
104.248.134.212	attackbots	Invalid user lqq from 104.248.134.212 port 34070	2020-06-26 15:21:59
124.61.214.44	attack	IP blocked	2020-06-26 15:25:21
36.75.15.26	attackbotsspam	1593143607 - 06/26/2020 05:53:27 Host: 36.75.15.26/36.75.15.26 Port: 445 TCP Blocked	2020-06-26 15:35:00
51.254.148.45	attack	Jun 26 05:53:13 debian-2gb-nbg1-2 kernel: \[15402252.317982\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=51.254.148.45 DST=195.201.40.59 LEN=442 TOS=0x00 PREC=0x00 TTL=50 ID=3349 DF PROTO=UDP SPT=5156 DPT=5060 LEN=422	2020-06-26 15:48:20
60.248.199.194	attack	$f2bV_matches	2020-06-26 15:46:58
114.67.110.48	attack	2020-06-26T04:00:02.440653abusebot-8.cloudsearch.cf sshd[28063]: Invalid user vyos from 114.67.110.48 port 59716 2020-06-26T04:00:02.447115abusebot-8.cloudsearch.cf sshd[28063]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.110.48 2020-06-26T04:00:02.440653abusebot-8.cloudsearch.cf sshd[28063]: Invalid user vyos from 114.67.110.48 port 59716 2020-06-26T04:00:04.325401abusebot-8.cloudsearch.cf sshd[28063]: Failed password for invalid user vyos from 114.67.110.48 port 59716 ssh2 2020-06-26T04:01:51.843235abusebot-8.cloudsearch.cf sshd[28079]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.110.48 user=root 2020-06-26T04:01:53.350396abusebot-8.cloudsearch.cf sshd[28079]: Failed password for root from 114.67.110.48 port 53688 ssh2 2020-06-26T04:03:29.479324abusebot-8.cloudsearch.cf sshd[28142]: Invalid user steam from 114.67.110.48 port 46700 ...	2020-06-26 15:16:18
139.199.32.57	attackspam	2020-06-26T06:53:46.401294ionos.janbro.de sshd[37700]: Failed password for invalid user patch from 139.199.32.57 port 53198 ssh2 2020-06-26T06:58:25.444479ionos.janbro.de sshd[37731]: Invalid user sakamoto from 139.199.32.57 port 42470 2020-06-26T06:58:25.625184ionos.janbro.de sshd[37731]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.32.57 2020-06-26T06:58:25.444479ionos.janbro.de sshd[37731]: Invalid user sakamoto from 139.199.32.57 port 42470 2020-06-26T06:58:27.863192ionos.janbro.de sshd[37731]: Failed password for invalid user sakamoto from 139.199.32.57 port 42470 ssh2 2020-06-26T07:00:41.621258ionos.janbro.de sshd[37761]: Invalid user om from 139.199.32.57 port 37092 2020-06-26T07:00:41.673415ionos.janbro.de sshd[37761]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.32.57 2020-06-26T07:00:41.621258ionos.janbro.de sshd[37761]: Invalid user om from 139.199.32.57 port 37092 2020-06-2 ...	2020-06-26 15:33:44
168.63.245.27	attackspambots	$f2bV_matches \| Triggered by Fail2Ban at Vostok web server	2020-06-26 15:29:10
218.92.0.158	attackspam	[ssh] SSH attack	2020-06-26 15:19:04

Recently Reported IPs

12.224.14.173	23.248.79.100	105.22.166.234	65.26.128.70
91.206.211.35	2001:df0:220:0:250:56ff:feb6:4706	216.224.72.90	38.228.24.39
205.154.135.50	219.224.152.78	45.160.149.47	85.161.17.83
180.126.133.128	211.223.73.38	223.204.251.44	191.226.52.22
217.194.170.171	217.160.15.228	85.93.79.93	175.210.50.23