200.29.108.214

基本信息:

城市(city): Santiago de Cali

省份(region): Departamento del Valle del Cauca

国家(country): Colombia

运营商(isp): Emcali - Rangos Fijos PPPoE

主机名(hostname): unknown

机构(organization): EMPRESAS MUNICIPALES DE CALI E.I.C.E. E.S.P.

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Unauthorized connection attempt detected from IP address 200.29.108.214 to port 2220 [J]	2020-01-26 06:49:29
attackspam	Unauthorized connection attempt detected from IP address 200.29.108.214 to port 2220 [J]	2020-01-14 20:34:52
attackspam	Jan 2 01:39:12 server sshd\[11921\]: Invalid user zbigniew from 200.29.108.214 Jan 2 01:39:12 server sshd\[11921\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=selvamotor.emcali.net.co Jan 2 01:39:14 server sshd\[11921\]: Failed password for invalid user zbigniew from 200.29.108.214 port 46753 ssh2 Jan 2 01:51:41 server sshd\[14597\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=selvamotor.emcali.net.co user=operator Jan 2 01:51:43 server sshd\[14597\]: Failed password for operator from 200.29.108.214 port 25633 ssh2 ...	2020-01-02 08:52:07
attackbotsspam	Dec 9 03:48:32 ny01 sshd[25863]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.29.108.214 Dec 9 03:48:34 ny01 sshd[25863]: Failed password for invalid user gaile from 200.29.108.214 port 36513 ssh2 Dec 9 03:55:18 ny01 sshd[26996]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.29.108.214	2019-12-09 17:15:16
attackspambots	2019-12-05T09:32:15.301687abusebot-5.cloudsearch.cf sshd\[8354\]: Invalid user www from 200.29.108.214 port 23873	2019-12-05 17:57:40
attack	Nov 15 17:02:17 legacy sshd[3044]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.29.108.214 Nov 15 17:02:20 legacy sshd[3044]: Failed password for invalid user kongxx from 200.29.108.214 port 50497 ssh2 Nov 15 17:06:44 legacy sshd[3143]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.29.108.214 ...	2019-11-16 05:23:46
attack	Nov 12 09:03:33 meumeu sshd[5153]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.29.108.214 Nov 12 09:03:35 meumeu sshd[5153]: Failed password for invalid user leavelle from 200.29.108.214 port 22497 ssh2 Nov 12 09:07:42 meumeu sshd[5599]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.29.108.214 ...	2019-11-12 18:27:45
attackbots	ssh failed login	2019-11-12 02:38:23
attack	Nov 6 02:52:18 php1 sshd\[12952\]: Invalid user 123 from 200.29.108.214 Nov 6 02:52:18 php1 sshd\[12952\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=selvamotor.emcali.net.co Nov 6 02:52:21 php1 sshd\[12952\]: Failed password for invalid user 123 from 200.29.108.214 port 40065 ssh2 Nov 6 02:56:46 php1 sshd\[13452\]: Invalid user adM1N123 from 200.29.108.214 Nov 6 02:56:46 php1 sshd\[13452\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=selvamotor.emcali.net.co	2019-11-06 21:30:35
attackbots	2019-10-31T06:32:38.903368abusebot.cloudsearch.cf sshd\[29009\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=selvamotor.emcali.net.co user=root	2019-10-31 18:47:27
attackbotsspam	2019-10-30T20:29:45.121666abusebot-8.cloudsearch.cf sshd\[25671\]: Invalid user ahmed2010 from 200.29.108.214 port 22305	2019-10-31 04:41:59
attackspambots	2019-10-02T19:16:53.306157abusebot-8.cloudsearch.cf sshd\[16265\]: Invalid user user from 200.29.108.214 port 12641	2019-10-03 03:29:19
attackspambots	Sep 10 01:36:46 hcbbdb sshd\[22366\]: Invalid user zabbix from 200.29.108.214 Sep 10 01:36:46 hcbbdb sshd\[22366\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=selvamotor.emcali.net.co Sep 10 01:36:48 hcbbdb sshd\[22366\]: Failed password for invalid user zabbix from 200.29.108.214 port 46690 ssh2 Sep 10 01:43:32 hcbbdb sshd\[23116\]: Invalid user admin from 200.29.108.214 Sep 10 01:43:32 hcbbdb sshd\[23116\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=selvamotor.emcali.net.co	2019-09-10 10:00:45
attackspam	Sep 1 22:07:16 web1 sshd\[23087\]: Invalid user filippid_admin from 200.29.108.214 Sep 1 22:07:16 web1 sshd\[23087\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.29.108.214 Sep 1 22:07:18 web1 sshd\[23087\]: Failed password for invalid user filippid_admin from 200.29.108.214 port 24065 ssh2 Sep 1 22:12:01 web1 sshd\[23553\]: Invalid user raissa from 200.29.108.214 Sep 1 22:12:01 web1 sshd\[23553\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.29.108.214	2019-09-02 16:25:24
attackbotsspam	Aug 30 01:07:37 ns41 sshd[23918]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.29.108.214 Aug 30 01:07:39 ns41 sshd[23918]: Failed password for invalid user noi from 200.29.108.214 port 4449 ssh2	2019-08-30 07:49:47
attackspambots	Automatic report - Banned IP Access	2019-08-26 02:41:18
attackspambots	Aug 21 16:59:48 ny01 sshd[24398]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.29.108.214 Aug 21 16:59:50 ny01 sshd[24398]: Failed password for invalid user ubuntu from 200.29.108.214 port 52737 ssh2 Aug 21 17:04:28 ny01 sshd[24854]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.29.108.214	2019-08-22 05:21:05
attackspambots	Aug 18 21:28:15 plusreed sshd[6288]: Invalid user damares from 200.29.108.214 ...	2019-08-19 15:06:14
attackspambots	Aug 7 11:10:21 MK-Soft-VM7 sshd\[5133\]: Invalid user baker from 200.29.108.214 port 46241 Aug 7 11:10:21 MK-Soft-VM7 sshd\[5133\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.29.108.214 Aug 7 11:10:23 MK-Soft-VM7 sshd\[5133\]: Failed password for invalid user baker from 200.29.108.214 port 46241 ssh2 ...	2019-08-07 19:46:16
attack	Jul 26 20:31:20 rpi sshd[15001]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.29.108.214 Jul 26 20:31:22 rpi sshd[15001]: Failed password for invalid user info from 200.29.108.214 port 16673 ssh2	2019-07-27 02:40:07

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 200.29.108.214
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10199
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;200.29.108.214.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072601 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Jul 27 02:40:01 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

214.108.29.200.in-addr.arpa domain name pointer selvamotor.emcali.net.co.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
214.108.29.200.in-addr.arpa	name = selvamotor.emcali.net.co.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
159.203.201.250	attack	ET DROP Dshield Block Listed Source group 1 - port: 40373 proto: TCP cat: Misc Attack	2019-10-17 18:16:48
106.12.189.2	attackbotsspam	Oct 17 10:35:55 h2177944 sshd\[2513\]: Failed password for root from 106.12.189.2 port 54830 ssh2 Oct 17 11:36:31 h2177944 sshd\[5246\]: Invalid user hibernal from 106.12.189.2 port 47006 Oct 17 11:36:31 h2177944 sshd\[5246\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.189.2 Oct 17 11:36:33 h2177944 sshd\[5246\]: Failed password for invalid user hibernal from 106.12.189.2 port 47006 ssh2 ...	2019-10-17 18:41:11
122.225.100.82	attackbots	Oct 17 06:58:26 localhost sshd\[1132\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.225.100.82 user=root Oct 17 06:58:27 localhost sshd\[1132\]: Failed password for root from 122.225.100.82 port 42460 ssh2 Oct 17 07:03:09 localhost sshd\[1799\]: Invalid user user1 from 122.225.100.82 port 51710	2019-10-17 18:40:37
182.61.58.166	attackbots	Oct 16 18:00:39 hanapaa sshd\[1085\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.58.166 user=root Oct 16 18:00:41 hanapaa sshd\[1085\]: Failed password for root from 182.61.58.166 port 57642 ssh2 Oct 16 18:05:26 hanapaa sshd\[1485\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.58.166 user=root Oct 16 18:05:28 hanapaa sshd\[1485\]: Failed password for root from 182.61.58.166 port 38250 ssh2 Oct 16 18:10:17 hanapaa sshd\[1992\]: Invalid user ts7 from 182.61.58.166	2019-10-17 18:45:57
190.196.60.203	attackbotsspam	Oct 17 07:18:22 hosting sshd[10740]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.196.60.203 user=root Oct 17 07:18:24 hosting sshd[10740]: Failed password for root from 190.196.60.203 port 49125 ssh2 ...	2019-10-17 18:38:29
183.182.101.33	attackbots	Brute forcing RDP port 3389	2019-10-17 18:24:06
58.162.140.172	attackspambots	Oct 17 00:51:08 ny01 sshd[11858]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.162.140.172 Oct 17 00:51:10 ny01 sshd[11858]: Failed password for invalid user ws from 58.162.140.172 port 60967 ssh2 Oct 17 00:56:44 ny01 sshd[12725]: Failed password for root from 58.162.140.172 port 52343 ssh2	2019-10-17 18:14:42
212.92.234.14	attackspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/212.92.234.14/ UA - 1H : (73) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : UA NAME ASN : ASN31272 IP : 212.92.234.14 CIDR : 212.92.224.0/19 PREFIX COUNT : 14 UNIQUE IP COUNT : 62464 WYKRYTE ATAKI Z ASN31272 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 3 DateTime : 2019-10-17 05:47:45 INFO : Port MAX SCAN Scan Detected and Blocked by ADMIN - data recovery	2019-10-17 18:17:51
157.55.39.36	attack	Automatic report - Banned IP Access	2019-10-17 18:39:12
136.228.161.66	attack	Oct 17 01:38:32 askasleikir sshd[716098]: Failed password for root from 136.228.161.66 port 34310 ssh2 Oct 17 01:43:34 askasleikir sshd[716222]: Failed password for root from 136.228.161.66 port 44616 ssh2 Oct 17 01:26:08 askasleikir sshd[715777]: Failed password for root from 136.228.161.66 port 45366 ssh2	2019-10-17 18:48:45
37.139.16.227	attack	Oct 17 07:04:33 www sshd\[178844\]: Invalid user abc123456!@\#$%\^ from 37.139.16.227 Oct 17 07:04:33 www sshd\[178844\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.16.227 Oct 17 07:04:35 www sshd\[178844\]: Failed password for invalid user abc123456!@\#$%\^ from 37.139.16.227 port 50266 ssh2 ...	2019-10-17 18:48:06
51.254.137.156	attackbotsspam	51.254.137.156 - - [17/Oct/2019:05:47:27 +0200] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 51.254.137.156 - - [17/Oct/2019:05:47:27 +0200] "POST /wp-login.php HTTP/1.1" 200 1632 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 51.254.137.156 - - [17/Oct/2019:05:47:27 +0200] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 51.254.137.156 - - [17/Oct/2019:05:47:27 +0200] "POST /wp-login.php HTTP/1.1" 200 1607 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 51.254.137.156 - - [17/Oct/2019:05:47:27 +0200] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 51.254.137.156 - - [17/Oct/2019:05:47:27 +0200] "POST /wp-login.php HTTP/1.1" 200 1608 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-10-17 18:27:38
161.0.153.34	attackspam	Oct 17 09:37:16 imap-login: Info: Disconnected $auth failed, 1 attempts in 9 secs$: user=\, method=PLAIN, rip=161.0.153.34, lip=192.168.100.101, session=\<1uvaSBaVgwChAJki\>\ Oct 17 09:37:17 imap-login: Info: Disconnected $auth failed, 1 attempts in 10 secs$: user=\, method=PLAIN, rip=161.0.153.34, lip=192.168.100.101, session=\<13HbSBaVhgChAJki\>\ Oct 17 09:40:03 imap-login: Info: Disconnected: Inactivity $auth failed, 1 attempts in 176 secs$: user=\, method=PLAIN, rip=161.0.153.34, lip=192.168.100.101, session=\\ Oct 17 09:40:05 imap-login: Info: Disconnected: Inactivity $auth failed, 1 attempts in 176 secs$: user=\, method=PLAIN, rip=161.0.153.34, lip=192.168.100.101, session=\\ Oct 17 09:40:17 imap-login: Info: Disconnected: Inactivity $no auth attempts in 180 secs$: user=\<\>, rip=161.0.153.34, lip=192.168.100.101, session=\\ Oct 17 09:40:18 imap-login:	2019-10-17 18:22:12
27.111.36.138	attackspam	2019-10-17T10:03:19.850406abusebot.cloudsearch.cf sshd\[18698\]: Invalid user zhn from 27.111.36.138 port 20627	2019-10-17 18:35:26
88.214.26.17	attackbotsspam	191017 12:41:57 \[Warning\] Access denied for user 'root'@'88.214.26.17' $using password: YES$ 191017 12:58:15 \[Warning\] Access denied for user 'root'@'88.214.26.17' $using password: YES$ 191017 13:02:38 \[Warning\] Access denied for user 'root'@'88.214.26.17' $using password: YES$ ...	2019-10-17 18:44:44

最近上报的IP列表

27.190.83.99	53.55.134.196	103.123.151.118	11.254.183.182
27.200.225.76	135.137.155.37	106.12.99.239	97.13.104.19
75.99.150.10	13.127.252.253	254.103.143.94	67.88.85.125
142.26.50.238	42.228.10.252	182.232.23.131	227.227.249.132
85.202.10.42	14.162.2.159	252.135.15.13	182.232.22.89