107.155.12.140

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America

运营商(isp): Zenlayer Inc

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Jul 12 22:52:05 abendstille sshd\[6311\]: Invalid user ubuntu from 107.155.12.140 Jul 12 22:52:05 abendstille sshd\[6311\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.155.12.140 Jul 12 22:52:07 abendstille sshd\[6311\]: Failed password for invalid user ubuntu from 107.155.12.140 port 42104 ssh2 Jul 12 22:55:28 abendstille sshd\[9877\]: Invalid user matrix from 107.155.12.140 Jul 12 22:55:28 abendstille sshd\[9877\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.155.12.140 ...	2020-07-13 04:56:13
attackbots	leo_www	2020-06-22 16:16:56
attackbotsspam	Unauthorized access or intrusion attempt detected from Thor banned IP	2020-06-19 04:11:56
attackspam	Jun 18 06:58:30 DAAP sshd[21093]: Invalid user webnet from 107.155.12.140 port 43114 Jun 18 06:58:30 DAAP sshd[21093]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.155.12.140 Jun 18 06:58:30 DAAP sshd[21093]: Invalid user webnet from 107.155.12.140 port 43114 Jun 18 06:58:32 DAAP sshd[21093]: Failed password for invalid user webnet from 107.155.12.140 port 43114 ssh2 Jun 18 07:02:12 DAAP sshd[21151]: Invalid user friends from 107.155.12.140 port 43262 ...	2020-06-18 15:45:03
attack	SSH brute-force: detected 6 distinct username(s) / 14 distinct password(s) within a 24-hour window.	2020-06-13 15:16:45

相同子网IP讨论:

IP	类型	评论内容	时间
107.155.12.138	attack	2020-06-19T14:06:06.032546vt2.awoom.xyz sshd[6653]: Invalid user ftpuser from 107.155.12.138 port 51338 2020-06-19T14:06:06.036741vt2.awoom.xyz sshd[6653]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.155.12.138 2020-06-19T14:06:06.032546vt2.awoom.xyz sshd[6653]: Invalid user ftpuser from 107.155.12.138 port 51338 2020-06-19T14:06:08.115395vt2.awoom.xyz sshd[6653]: Failed password for invalid user ftpuser from 107.155.12.138 port 51338 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=107.155.12.138	2020-06-20 03:40:15

类型

评论内容

时间

107.155.12.138

attack

2020-06-19T14:06:06.032546vt2.awoom.xyz sshd[6653]: Invalid user ftpuser from 107.155.12.138 port 51338
2020-06-19T14:06:06.036741vt2.awoom.xyz sshd[6653]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.155.12.138
2020-06-19T14:06:06.032546vt2.awoom.xyz sshd[6653]: Invalid user ftpuser from 107.155.12.138 port 51338
2020-06-19T14:06:08.115395vt2.awoom.xyz sshd[6653]: Failed password for invalid user ftpuser from 107.155.12.138 port 51338 ssh2


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=107.155.12.138

2020-06-20 03:40:15

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 107.155.12.140
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2796
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;107.155.12.140.			IN	A

;; AUTHORITY SECTION:
.			123	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020061300 1800 900 604800 86400

;; Query time: 42 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jun 13 15:16:39 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 140.12.155.107.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 140.12.155.107.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
118.170.23.207	attackspam	Automatic report - Port Scan Attack	2020-02-09 20:12:01
218.250.16.98	attackbotsspam	[portscan] tcp/23 [TELNET] *(RWIN=14696)(02091251)	2020-02-09 20:20:00
185.175.93.14	attackbotsspam	ET DROP Dshield Block Listed Source group 1 - port: 6054 proto: TCP cat: Misc Attack	2020-02-09 20:12:54
121.69.99.193	attack	Automatic report - SSH Brute-Force Attack	2020-02-09 20:25:27
195.154.163.192	attackbots	389/udp [2020-02-09]1pkt	2020-02-09 20:30:00
77.247.110.39	attackbotsspam	[2020-02-09 07:26:23] NOTICE[1148] chan_sip.c: Registration from '"1111" ' failed for '77.247.110.39:5367' - Wrong password [2020-02-09 07:26:23] SECURITY[1163] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-02-09T07:26:23.239-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="1111",SessionID="0x7fd82c3c1c38",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.247.110.39/5367",Challenge="627468c2",ReceivedChallenge="627468c2",ReceivedHash="9c6a8d1bfc750efcc7c26e7e6b2d8fd9" [2020-02-09 07:26:23] NOTICE[1148] chan_sip.c: Registration from '"1111" ' failed for '77.247.110.39:5367' - Wrong password [2020-02-09 07:26:23] SECURITY[1163] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-02-09T07:26:23.414-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="1111",SessionID="0x7fd82c3faf98",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77 ...	2020-02-09 20:29:32
203.63.75.248	attack	Automatic report - SSH Brute-Force Attack	2020-02-09 20:44:30
164.132.54.215	attackbots	Feb 9 12:06:34 MK-Soft-VM8 sshd[31886]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.132.54.215 Feb 9 12:06:36 MK-Soft-VM8 sshd[31886]: Failed password for invalid user vyy from 164.132.54.215 port 38190 ssh2 ...	2020-02-09 20:54:40
198.199.127.36	attackbotsspam	Port scan: Attack repeated for 24 hours	2020-02-09 20:54:25
129.213.36.226	attackspambots	Feb 9 04:54:32 vps46666688 sshd[11129]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.36.226 Feb 9 04:54:35 vps46666688 sshd[11129]: Failed password for invalid user vpm from 129.213.36.226 port 41782 ssh2 ...	2020-02-09 20:53:09
88.202.190.151	attackspam	02/09/2020-05:48:06.176907 88.202.190.151 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-02-09 20:59:21
123.204.47.37	attackbots	Fail2Ban Ban Triggered	2020-02-09 20:59:01
103.23.22.244	attack	[09/Feb/2020:05:48:51 +0100] Web-Request: "GET /wp-login.php", User-Agent: "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-02-09 20:19:40
218.92.0.207	attackspam	2020-02-09T05:16:47.002627vostok sshd\[16610\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.207 user=root \| Triggered by Fail2Ban at Vostok web server	2020-02-09 20:48:43
218.4.163.146	attackbots	Feb 9 06:21:13 game-panel sshd[27495]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.4.163.146 Feb 9 06:21:15 game-panel sshd[27495]: Failed password for invalid user zyq from 218.4.163.146 port 60039 ssh2 Feb 9 06:25:02 game-panel sshd[27640]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.4.163.146	2020-02-09 20:39:15

最近上报的IP列表

14.247.62.149	103.252.201.126	124.225.113.131	176.118.51.144
115.165.212.185	47.241.63.196	106.12.26.181	220.135.128.133
168.239.42.119	120.228.191.55	110.78.178.6	91.67.72.20
142.112.146.213	79.67.143.148	180.76.117.60	114.24.132.50
170.233.231.235	2.176.247.115	165.22.55.69	179.99.28.184