212.144.102.107

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Germany

运营商(isp): Lansol GmbH

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	2020-03-11 12:28:34,671 fail2ban.actions: WARNING [ssh] Ban 212.144.102.107	2020-03-11 22:40:29
attackbots	Feb 27 11:24:21 MK-Soft-VM3 sshd[11816]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.144.102.107 Feb 27 11:24:23 MK-Soft-VM3 sshd[11816]: Failed password for invalid user alice from 212.144.102.107 port 35504 ssh2 ...	2020-02-27 18:24:56
attackbots	$f2bV_matches	2020-02-27 00:07:12
attack	Feb 19 05:30:11 php1 sshd\[11557\]: Invalid user cpanellogin from 212.144.102.107 Feb 19 05:30:11 php1 sshd\[11557\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.144.102.107 Feb 19 05:30:13 php1 sshd\[11557\]: Failed password for invalid user cpanellogin from 212.144.102.107 port 49508 ssh2 Feb 19 05:33:20 php1 sshd\[11980\]: Invalid user lby from 212.144.102.107 Feb 19 05:33:20 php1 sshd\[11980\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.144.102.107	2020-02-20 04:48:03
attack	Jan 27 05:57:31 lock-38 sshd[22603]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.144.102.107 Jan 27 05:57:33 lock-38 sshd[22603]: Failed password for invalid user zx from 212.144.102.107 port 34624 ssh2 ...	2020-01-27 13:20:01
attack	Unauthorized connection attempt detected from IP address 212.144.102.107 to port 2220 [J]	2020-01-25 01:07:55
attackspambots	Unauthorized connection attempt detected from IP address 212.144.102.107 to port 2220 [J]	2020-01-14 16:28:44
attackbots	Dec 15 19:08:14 hcbbdb sshd\[25426\]: Invalid user PASSWORD12 from 212.144.102.107 Dec 15 19:08:14 hcbbdb sshd\[25426\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.144.102.107 Dec 15 19:08:16 hcbbdb sshd\[25426\]: Failed password for invalid user PASSWORD12 from 212.144.102.107 port 58934 ssh2 Dec 15 19:13:43 hcbbdb sshd\[26067\]: Invalid user Password0147 from 212.144.102.107 Dec 15 19:13:43 hcbbdb sshd\[26067\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.144.102.107	2019-12-16 03:26:32
attackspam	Dec 13 07:50:40 server sshd\[13528\]: Invalid user backup from 212.144.102.107 Dec 13 07:50:40 server sshd\[13528\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.144.102.107 Dec 13 07:50:41 server sshd\[13528\]: Failed password for invalid user backup from 212.144.102.107 port 60850 ssh2 Dec 13 07:56:22 server sshd\[15211\]: Invalid user joomla from 212.144.102.107 Dec 13 07:56:22 server sshd\[15211\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.144.102.107 ...	2019-12-13 13:03:57

相同子网IP讨论:

IP	类型	评论内容	时间
212.144.102.183	attack	May 24 01:08:11 taivassalofi sshd[78019]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.144.102.183 May 24 01:08:13 taivassalofi sshd[78019]: Failed password for invalid user crccfc from 212.144.102.183 port 36706 ssh2 ...	2020-05-24 06:32:56
212.144.102.217	attackbots	Dec 9 19:09:55 tdfoods sshd\[24546\]: Invalid user braunreuther from 212.144.102.217 Dec 9 19:09:55 tdfoods sshd\[24546\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.144.102.217 Dec 9 19:09:57 tdfoods sshd\[24546\]: Failed password for invalid user braunreuther from 212.144.102.217 port 60344 ssh2 Dec 9 19:15:19 tdfoods sshd\[25105\]: Invalid user dovecot from 212.144.102.217 Dec 9 19:15:19 tdfoods sshd\[25105\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.144.102.217	2019-12-10 13:18:45
212.144.102.217	attack	Dec 9 05:27:26 hpm sshd\[11884\]: Invalid user cletus from 212.144.102.217 Dec 9 05:27:26 hpm sshd\[11884\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.144.102.217 Dec 9 05:27:27 hpm sshd\[11884\]: Failed password for invalid user cletus from 212.144.102.217 port 49750 ssh2 Dec 9 05:33:12 hpm sshd\[12424\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.144.102.217 user=root Dec 9 05:33:14 hpm sshd\[12424\]: Failed password for root from 212.144.102.217 port 59084 ssh2	2019-12-09 23:41:12
212.144.102.217	attackbotsspam	Dec 9 08:34:49 localhost sshd\[11451\]: Invalid user sugahara from 212.144.102.217 port 34132 Dec 9 08:34:49 localhost sshd\[11451\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.144.102.217 Dec 9 08:34:51 localhost sshd\[11451\]: Failed password for invalid user sugahara from 212.144.102.217 port 34132 ssh2	2019-12-09 15:50:02
212.144.102.217	attack	Dec 6 18:16:56 TORMINT sshd\[8180\]: Invalid user helgestad from 212.144.102.217 Dec 6 18:16:56 TORMINT sshd\[8180\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.144.102.217 Dec 6 18:16:58 TORMINT sshd\[8180\]: Failed password for invalid user helgestad from 212.144.102.217 port 57276 ssh2 ...	2019-12-07 07:34:07
212.144.102.217	attackspam	Dec 2 13:50:01 auw2 sshd\[2030\]: Invalid user telnet from 212.144.102.217 Dec 2 13:50:01 auw2 sshd\[2030\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.144.102.217 Dec 2 13:50:02 auw2 sshd\[2030\]: Failed password for invalid user telnet from 212.144.102.217 port 40728 ssh2 Dec 2 13:55:46 auw2 sshd\[2766\]: Invalid user a from 212.144.102.217 Dec 2 13:55:46 auw2 sshd\[2766\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.144.102.217	2019-12-03 08:01:43
212.144.102.217	attack	Nov 28 09:05:04 nextcloud sshd\[6069\]: Invalid user antonin from 212.144.102.217 Nov 28 09:05:04 nextcloud sshd\[6069\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.144.102.217 Nov 28 09:05:05 nextcloud sshd\[6069\]: Failed password for invalid user antonin from 212.144.102.217 port 36896 ssh2 ...	2019-11-28 16:47:48
212.144.102.217	attackspam	Nov 28 06:09:56 eventyay sshd[5254]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.144.102.217 Nov 28 06:09:58 eventyay sshd[5254]: Failed password for invalid user perera from 212.144.102.217 port 47100 ssh2 Nov 28 06:15:58 eventyay sshd[5338]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.144.102.217 ...	2019-11-28 13:27:51
212.144.102.217	attackspambots	Nov 17 13:25:54 server sshd\[2892\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.144.102.217 user=root Nov 17 13:25:56 server sshd\[2892\]: Failed password for root from 212.144.102.217 port 45420 ssh2 Nov 17 13:33:23 server sshd\[4517\]: Invalid user goodier from 212.144.102.217 Nov 17 13:33:23 server sshd\[4517\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.144.102.217 Nov 17 13:33:25 server sshd\[4517\]: Failed password for invalid user goodier from 212.144.102.217 port 46256 ssh2 ...	2019-11-17 22:15:15

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 212.144.102.107
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24570
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;212.144.102.107.		IN	A

;; AUTHORITY SECTION:
.			559	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019111201 1800 900 604800 86400

;; Query time: 63 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Nov 13 13:39:04 CST 2019
;; MSG SIZE  rcvd: 119

HOST信息:

Host 107.102.144.212.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 107.102.144.212.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
197.47.220.88	attack	Steals passwords	2019-08-29 08:54:21
129.226.56.24	attack	129.226.56.24 - - [29/Aug/2019:01:54:05 +0200] "GET /webdav/ HTTP/1.1" 301 178 "-" "Mozilla/5.0" 129.226.56.24 - - [29/Aug/2019:01:54:06 +0200] "GET /help.php HTTP/1.1" 301 178 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0)" ...	2019-08-29 08:42:48
167.99.89.67	attack	Aug 29 00:57:16 MK-Soft-VM7 sshd\[9909\]: Invalid user pi from 167.99.89.67 port 45322 Aug 29 00:57:16 MK-Soft-VM7 sshd\[9909\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.89.67 Aug 29 00:57:18 MK-Soft-VM7 sshd\[9909\]: Failed password for invalid user pi from 167.99.89.67 port 45322 ssh2 ...	2019-08-29 09:11:14
156.96.157.153	attackbotsspam	\[2019-08-28 20:35:16\] SECURITY\[1837\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-08-28T20:35:16.786-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="815048422069005",SessionID="0x7f7b301f31b8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/156.96.157.153/54878",ACLName="no_extension_match" \[2019-08-28 20:37:25\] SECURITY\[1837\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-08-28T20:37:25.458-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="847348422069005",SessionID="0x7f7b3087b658",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/156.96.157.153/54548",ACLName="no_extension_match" \[2019-08-28 20:41:41\] SECURITY\[1837\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-08-28T20:41:41.943-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="877548422069005",SessionID="0x7f7b301c17c8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/156.96.157.153/64674",ACLName="no_	2019-08-29 09:03:03
139.59.10.115	attackbots	Automatic report - Banned IP Access	2019-08-29 09:06:28
193.70.0.93	attackbotsspam	Aug 28 15:06:37 hcbb sshd\[31468\]: Invalid user qhsupport from 193.70.0.93 Aug 28 15:06:37 hcbb sshd\[31468\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.ip-193-70-0.eu Aug 28 15:06:39 hcbb sshd\[31468\]: Failed password for invalid user qhsupport from 193.70.0.93 port 53898 ssh2 Aug 28 15:10:34 hcbb sshd\[31842\]: Invalid user usuario1 from 193.70.0.93 Aug 28 15:10:34 hcbb sshd\[31842\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.ip-193-70-0.eu	2019-08-29 09:15:26
115.162.36.106	attackspam	Aug 28 13:47:17 auw2 sshd\[5721\]: Invalid user test from 115.162.36.106 Aug 28 13:47:17 auw2 sshd\[5721\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=pa2246a.sitmnt01.ap.so-net.ne.jp Aug 28 13:47:18 auw2 sshd\[5721\]: Failed password for invalid user test from 115.162.36.106 port 10545 ssh2 Aug 28 13:53:54 auw2 sshd\[6339\]: Invalid user phpmy from 115.162.36.106 Aug 28 13:53:54 auw2 sshd\[6339\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=pa2246a.sitmnt01.ap.so-net.ne.jp	2019-08-29 08:55:15
77.247.108.179	attack	08/28/2019-20:27:46.147891 77.247.108.179 Protocol: 17 ET CINS Active Threat Intelligence Poor Reputation IP group 75	2019-08-29 08:43:13
51.91.56.133	attack	Aug 29 03:05:59 vps647732 sshd[12263]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.91.56.133 Aug 29 03:06:01 vps647732 sshd[12263]: Failed password for invalid user zj from 51.91.56.133 port 54600 ssh2 ...	2019-08-29 09:16:49
95.58.194.148	attackspam	Aug 28 15:01:02 hcbb sshd\[30958\]: Invalid user gituser from 95.58.194.148 Aug 28 15:01:02 hcbb sshd\[30958\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.58.194.148 Aug 28 15:01:04 hcbb sshd\[30958\]: Failed password for invalid user gituser from 95.58.194.148 port 55684 ssh2 Aug 28 15:05:38 hcbb sshd\[31374\]: Invalid user ubuntu from 95.58.194.148 Aug 28 15:05:38 hcbb sshd\[31374\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.58.194.148	2019-08-29 09:10:46
35.186.145.141	attack	Aug 29 03:01:55 OPSO sshd\[23842\]: Invalid user abcs from 35.186.145.141 port 51380 Aug 29 03:01:55 OPSO sshd\[23842\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.186.145.141 Aug 29 03:01:57 OPSO sshd\[23842\]: Failed password for invalid user abcs from 35.186.145.141 port 51380 ssh2 Aug 29 03:06:36 OPSO sshd\[24843\]: Invalid user yoko from 35.186.145.141 port 40138 Aug 29 03:06:36 OPSO sshd\[24843\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.186.145.141	2019-08-29 09:09:59
197.47.220.88	attack	Steals passwords	2019-08-29 08:54:34
182.61.53.171	attackbots	Aug 29 00:35:27 localhost sshd\[89187\]: Invalid user openerp from 182.61.53.171 port 39492 Aug 29 00:35:27 localhost sshd\[89187\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.53.171 Aug 29 00:35:28 localhost sshd\[89187\]: Failed password for invalid user openerp from 182.61.53.171 port 39492 ssh2 Aug 29 00:40:14 localhost sshd\[89369\]: Invalid user hero from 182.61.53.171 port 56040 Aug 29 00:40:14 localhost sshd\[89369\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.53.171 ...	2019-08-29 08:57:29
218.219.246.124	attackbots	Aug 28 20:44:21 plusreed sshd[19948]: Invalid user dwdev from 218.219.246.124 ...	2019-08-29 08:45:49
46.101.63.40	attackspam	Aug 29 01:54:04 MK-Soft-Root2 sshd\[7763\]: Invalid user temp from 46.101.63.40 port 47582 Aug 29 01:54:04 MK-Soft-Root2 sshd\[7763\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.63.40 Aug 29 01:54:06 MK-Soft-Root2 sshd\[7763\]: Failed password for invalid user temp from 46.101.63.40 port 47582 ssh2 ...	2019-08-29 08:42:18

最近上报的IP列表

47.64.162.95	136.97.1.69	86.31.101.1	4.185.37.168
237.183.170.56	171.22.27.6	6.162.168.160	172.69.34.153
45.93.247.148	14.252.46.210	66.79.178.202	189.234.144.85
223.149.239.52	81.39.10.122	253.240.36.86	221.182.126.67
177.17.234.169	23.29.99.104	220.179.241.163	124.116.95.227