212.144.102.107

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Germany

运营商(isp): Lansol GmbH

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	2020-03-11 12:28:34,671 fail2ban.actions: WARNING [ssh] Ban 212.144.102.107	2020-03-11 22:40:29
attackbots	Feb 27 11:24:21 MK-Soft-VM3 sshd[11816]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.144.102.107 Feb 27 11:24:23 MK-Soft-VM3 sshd[11816]: Failed password for invalid user alice from 212.144.102.107 port 35504 ssh2 ...	2020-02-27 18:24:56
attackbots	$f2bV_matches	2020-02-27 00:07:12
attack	Feb 19 05:30:11 php1 sshd\[11557\]: Invalid user cpanellogin from 212.144.102.107 Feb 19 05:30:11 php1 sshd\[11557\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.144.102.107 Feb 19 05:30:13 php1 sshd\[11557\]: Failed password for invalid user cpanellogin from 212.144.102.107 port 49508 ssh2 Feb 19 05:33:20 php1 sshd\[11980\]: Invalid user lby from 212.144.102.107 Feb 19 05:33:20 php1 sshd\[11980\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.144.102.107	2020-02-20 04:48:03
attack	Jan 27 05:57:31 lock-38 sshd[22603]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.144.102.107 Jan 27 05:57:33 lock-38 sshd[22603]: Failed password for invalid user zx from 212.144.102.107 port 34624 ssh2 ...	2020-01-27 13:20:01
attack	Unauthorized connection attempt detected from IP address 212.144.102.107 to port 2220 [J]	2020-01-25 01:07:55
attackspambots	Unauthorized connection attempt detected from IP address 212.144.102.107 to port 2220 [J]	2020-01-14 16:28:44
attackbots	Dec 15 19:08:14 hcbbdb sshd\[25426\]: Invalid user PASSWORD12 from 212.144.102.107 Dec 15 19:08:14 hcbbdb sshd\[25426\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.144.102.107 Dec 15 19:08:16 hcbbdb sshd\[25426\]: Failed password for invalid user PASSWORD12 from 212.144.102.107 port 58934 ssh2 Dec 15 19:13:43 hcbbdb sshd\[26067\]: Invalid user Password0147 from 212.144.102.107 Dec 15 19:13:43 hcbbdb sshd\[26067\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.144.102.107	2019-12-16 03:26:32
attackspam	Dec 13 07:50:40 server sshd\[13528\]: Invalid user backup from 212.144.102.107 Dec 13 07:50:40 server sshd\[13528\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.144.102.107 Dec 13 07:50:41 server sshd\[13528\]: Failed password for invalid user backup from 212.144.102.107 port 60850 ssh2 Dec 13 07:56:22 server sshd\[15211\]: Invalid user joomla from 212.144.102.107 Dec 13 07:56:22 server sshd\[15211\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.144.102.107 ...	2019-12-13 13:03:57

相同子网IP讨论:

IP	类型	评论内容	时间
212.144.102.183	attack	May 24 01:08:11 taivassalofi sshd[78019]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.144.102.183 May 24 01:08:13 taivassalofi sshd[78019]: Failed password for invalid user crccfc from 212.144.102.183 port 36706 ssh2 ...	2020-05-24 06:32:56
212.144.102.217	attackbots	Dec 9 19:09:55 tdfoods sshd\[24546\]: Invalid user braunreuther from 212.144.102.217 Dec 9 19:09:55 tdfoods sshd\[24546\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.144.102.217 Dec 9 19:09:57 tdfoods sshd\[24546\]: Failed password for invalid user braunreuther from 212.144.102.217 port 60344 ssh2 Dec 9 19:15:19 tdfoods sshd\[25105\]: Invalid user dovecot from 212.144.102.217 Dec 9 19:15:19 tdfoods sshd\[25105\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.144.102.217	2019-12-10 13:18:45
212.144.102.217	attack	Dec 9 05:27:26 hpm sshd\[11884\]: Invalid user cletus from 212.144.102.217 Dec 9 05:27:26 hpm sshd\[11884\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.144.102.217 Dec 9 05:27:27 hpm sshd\[11884\]: Failed password for invalid user cletus from 212.144.102.217 port 49750 ssh2 Dec 9 05:33:12 hpm sshd\[12424\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.144.102.217 user=root Dec 9 05:33:14 hpm sshd\[12424\]: Failed password for root from 212.144.102.217 port 59084 ssh2	2019-12-09 23:41:12
212.144.102.217	attackbotsspam	Dec 9 08:34:49 localhost sshd\[11451\]: Invalid user sugahara from 212.144.102.217 port 34132 Dec 9 08:34:49 localhost sshd\[11451\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.144.102.217 Dec 9 08:34:51 localhost sshd\[11451\]: Failed password for invalid user sugahara from 212.144.102.217 port 34132 ssh2	2019-12-09 15:50:02
212.144.102.217	attack	Dec 6 18:16:56 TORMINT sshd\[8180\]: Invalid user helgestad from 212.144.102.217 Dec 6 18:16:56 TORMINT sshd\[8180\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.144.102.217 Dec 6 18:16:58 TORMINT sshd\[8180\]: Failed password for invalid user helgestad from 212.144.102.217 port 57276 ssh2 ...	2019-12-07 07:34:07
212.144.102.217	attackspam	Dec 2 13:50:01 auw2 sshd\[2030\]: Invalid user telnet from 212.144.102.217 Dec 2 13:50:01 auw2 sshd\[2030\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.144.102.217 Dec 2 13:50:02 auw2 sshd\[2030\]: Failed password for invalid user telnet from 212.144.102.217 port 40728 ssh2 Dec 2 13:55:46 auw2 sshd\[2766\]: Invalid user a from 212.144.102.217 Dec 2 13:55:46 auw2 sshd\[2766\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.144.102.217	2019-12-03 08:01:43
212.144.102.217	attack	Nov 28 09:05:04 nextcloud sshd\[6069\]: Invalid user antonin from 212.144.102.217 Nov 28 09:05:04 nextcloud sshd\[6069\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.144.102.217 Nov 28 09:05:05 nextcloud sshd\[6069\]: Failed password for invalid user antonin from 212.144.102.217 port 36896 ssh2 ...	2019-11-28 16:47:48
212.144.102.217	attackspam	Nov 28 06:09:56 eventyay sshd[5254]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.144.102.217 Nov 28 06:09:58 eventyay sshd[5254]: Failed password for invalid user perera from 212.144.102.217 port 47100 ssh2 Nov 28 06:15:58 eventyay sshd[5338]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.144.102.217 ...	2019-11-28 13:27:51
212.144.102.217	attackspambots	Nov 17 13:25:54 server sshd\[2892\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.144.102.217 user=root Nov 17 13:25:56 server sshd\[2892\]: Failed password for root from 212.144.102.217 port 45420 ssh2 Nov 17 13:33:23 server sshd\[4517\]: Invalid user goodier from 212.144.102.217 Nov 17 13:33:23 server sshd\[4517\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.144.102.217 Nov 17 13:33:25 server sshd\[4517\]: Failed password for invalid user goodier from 212.144.102.217 port 46256 ssh2 ...	2019-11-17 22:15:15

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 212.144.102.107
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24570
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;212.144.102.107.		IN	A

;; AUTHORITY SECTION:
.			559	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019111201 1800 900 604800 86400

;; Query time: 63 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Nov 13 13:39:04 CST 2019
;; MSG SIZE  rcvd: 119

HOST信息:

Host 107.102.144.212.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 107.102.144.212.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
210.17.195.138	attackbotsspam	Oct 31 14:07:34 bouncer sshd\[2126\]: Invalid user 59 from 210.17.195.138 port 53690 Oct 31 14:07:34 bouncer sshd\[2126\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.17.195.138 Oct 31 14:07:36 bouncer sshd\[2126\]: Failed password for invalid user 59 from 210.17.195.138 port 53690 ssh2 ...	2019-10-31 21:15:37
177.8.244.38	attackspam	Oct 31 14:45:39 server sshd\[17416\]: User root from 177.8.244.38 not allowed because listed in DenyUsers Oct 31 14:45:39 server sshd\[17416\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.8.244.38 user=root Oct 31 14:45:41 server sshd\[17416\]: Failed password for invalid user root from 177.8.244.38 port 48129 ssh2 Oct 31 14:50:42 server sshd\[13178\]: User root from 177.8.244.38 not allowed because listed in DenyUsers Oct 31 14:50:42 server sshd\[13178\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.8.244.38 user=root	2019-10-31 21:08:30
60.26.202.222	attack	[Aegis] @ 2019-10-31 12:20:27 0000 -> Multiple authentication failures.	2019-10-31 21:12:04
47.90.78.139	attack	WordPress login Brute force / Web App Attack on client site.	2019-10-31 21:20:20
94.191.76.23	attackspam	Sep 18 10:37:46 microserver sshd[42019]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.191.76.23 Sep 18 10:37:48 microserver sshd[42019]: Failed password for invalid user zabbix from 94.191.76.23 port 52674 ssh2 Sep 18 10:42:35 microserver sshd[42659]: Invalid user m from 94.191.76.23 port 56618 Sep 18 10:42:35 microserver sshd[42659]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.191.76.23 Sep 18 10:57:41 microserver sshd[44615]: Invalid user ushare from 94.191.76.23 port 40212 Sep 18 10:57:41 microserver sshd[44615]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.191.76.23 Sep 18 10:57:43 microserver sshd[44615]: Failed password for invalid user ushare from 94.191.76.23 port 40212 ssh2 Sep 18 11:02:32 microserver sshd[45269]: Invalid user customer1 from 94.191.76.23 port 44156 Sep 18 11:02:32 microserver sshd[45269]: pam_unix(sshd:auth): authentication failure; logname= uid=0	2019-10-31 21:23:18
45.227.253.140	attackbots	2019-10-31 14:16:43 dovecot_login authenticator failed for $hosting-by.directwebhost.org.$ \[45.227.253.140\]: 535 Incorrect authentication data $set_id=postmaster@nophost.com$ 2019-10-31 14:16:50 dovecot_login authenticator failed for $hosting-by.directwebhost.org.$ \[45.227.253.140\]: 535 Incorrect authentication data $set_id=postmaster$ 2019-10-31 14:18:04 dovecot_login authenticator failed for $hosting-by.directwebhost.org.$ \[45.227.253.140\]: 535 Incorrect authentication data $set_id=support@nophost.com$ 2019-10-31 14:18:11 dovecot_login authenticator failed for $hosting-by.directwebhost.org.$ \[45.227.253.140\]: 535 Incorrect authentication data $set_id=support$ 2019-10-31 14:23:49 dovecot_login authenticator failed for $hosting-by.directwebhost.org.$ \[45.227.253.140\]: 535 Incorrect authentication data $set_id=info@orogest.it$	2019-10-31 21:25:31
190.221.81.6	attackspambots	Oct 31 14:25:01 localhost sshd\[27335\]: Invalid user geidy from 190.221.81.6 port 52236 Oct 31 14:25:01 localhost sshd\[27335\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.221.81.6 Oct 31 14:25:02 localhost sshd\[27335\]: Failed password for invalid user geidy from 190.221.81.6 port 52236 ssh2	2019-10-31 21:37:16
86.109.216.230	attackbots	Chat Spam	2019-10-31 21:28:18
175.47.237.44	attackspam	Oct 31 06:46:15 hostnameproxy sshd[14388]: Invalid user support from 175.47.237.44 port 37414 Oct 31 06:46:15 hostnameproxy sshd[14388]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.47.237.44 Oct 31 06:46:17 hostnameproxy sshd[14388]: Failed password for invalid user support from 175.47.237.44 port 37414 ssh2 Oct 31 06:46:40 hostnameproxy sshd[14404]: Invalid user vincent from 175.47.237.44 port 38938 Oct 31 06:46:40 hostnameproxy sshd[14404]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.47.237.44 Oct 31 06:46:42 hostnameproxy sshd[14404]: Failed password for invalid user vincent from 175.47.237.44 port 38938 ssh2 Oct 31 06:46:56 hostnameproxy sshd[14412]: Invalid user david from 175.47.237.44 port 40110 Oct 31 06:46:56 hostnameproxy sshd[14412]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.47.237.44 Oct 31 06:46:58 hostnameproxy ss........ ------------------------------	2019-10-31 21:04:56
103.130.218.125	attack	Oct 31 14:14:01 ns381471 sshd[1392]: Failed password for root from 103.130.218.125 port 51080 ssh2	2019-10-31 21:39:21
111.223.73.20	attackbotsspam	Oct 31 13:26:31 vps666546 sshd\[1658\]: Invalid user coeval from 111.223.73.20 port 48191 Oct 31 13:26:31 vps666546 sshd\[1658\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.223.73.20 Oct 31 13:26:33 vps666546 sshd\[1658\]: Failed password for invalid user coeval from 111.223.73.20 port 48191 ssh2 Oct 31 13:31:24 vps666546 sshd\[1745\]: Invalid user 12 from 111.223.73.20 port 39642 Oct 31 13:31:24 vps666546 sshd\[1745\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.223.73.20 ...	2019-10-31 21:24:09
66.207.68.117	attack	WordPress login Brute force / Web App Attack on client site.	2019-10-31 21:19:48
103.240.96.29	attackbotsspam	LGS,WP GET /wp-login.php	2019-10-31 21:10:39
118.25.27.67	attack	Oct 31 14:17:31 bouncer sshd\[2187\]: Invalid user dario from 118.25.27.67 port 39870 Oct 31 14:17:31 bouncer sshd\[2187\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.27.67 Oct 31 14:17:33 bouncer sshd\[2187\]: Failed password for invalid user dario from 118.25.27.67 port 39870 ssh2 ...	2019-10-31 21:34:24
111.231.219.142	attack	$f2bV_matches	2019-10-31 21:27:29

最近上报的IP列表

47.64.162.95	136.97.1.69	86.31.101.1	4.185.37.168
237.183.170.56	171.22.27.6	6.162.168.160	172.69.34.153
45.93.247.148	14.252.46.210	66.79.178.202	189.234.144.85
223.149.239.52	81.39.10.122	253.240.36.86	221.182.126.67
177.17.234.169	23.29.99.104	220.179.241.163	124.116.95.227