212.112.42.205

基本信息:

城市(city): Enkoeping

省份(region): Uppsala

国家(country): Sweden

运营商(isp): Liden Data Internetwork AB

主机名(hostname): unknown

机构(organization): Liden Data Internetwork AB

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	unauthorized connection attempt	2020-01-28 18:55:07

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 212.112.42.205
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4926
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;212.112.42.205.			IN	A

;; AUTHORITY SECTION:
.			2388	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019060601 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Jun 07 02:41:13 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

205.42.112.212.in-addr.arpa domain name pointer kloker.ukd.se.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
205.42.112.212.in-addr.arpa	name = kloker.ukd.se.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
103.28.36.44	attackspam	Oct 6 14:15:08 lnxweb61 sshd[28445]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.28.36.44	2019-10-06 20:18:12
221.199.41.218	attack	Oct 5 REMOVED dovecot: imap-login: Disconnected $auth failed, 1 attempts in 7 secs$: user=\, method=PLAIN, rip=221.199.41.218, lip=REMOVED, TLS: Disconnected, session=\ Oct 6 REMOVED dovecot: imap-login: Disconnected $auth failed, 1 attempts in 6 secs$: user=\, method=PLAIN, rip=221.199.41.218, lip=REMOVED, TLS, session=\ Oct 6 REMOVED dovecot: imap-login: Disconnected $auth failed, 1 attempts in 8 secs$: user=\, method=PLAIN, rip=221.199.41.218, lip=REMOVED, TLS, session=\	2019-10-06 20:02:44
5.196.225.45	attack	Oct 6 13:42:03 SilenceServices sshd[18789]: Failed password for root from 5.196.225.45 port 46568 ssh2 Oct 6 13:45:55 SilenceServices sshd[19889]: Failed password for root from 5.196.225.45 port 58084 ssh2	2019-10-06 20:09:43
178.62.234.122	attackspambots	Oct 6 13:49:46 MK-Soft-VM5 sshd[12319]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.234.122 Oct 6 13:49:48 MK-Soft-VM5 sshd[12319]: Failed password for invalid user 12345@QWERT from 178.62.234.122 port 57972 ssh2 ...	2019-10-06 20:02:08
49.88.112.117	attackspam	Oct 6 07:53:47 ny01 sshd[12195]: Failed password for root from 49.88.112.117 port 16620 ssh2 Oct 6 07:54:29 ny01 sshd[12324]: Failed password for root from 49.88.112.117 port 40070 ssh2	2019-10-06 20:04:18
212.235.90.71	attackbotsspam	Automatic report - Port Scan Attack	2019-10-06 20:28:04
151.80.75.125	attackspam	Oct 6 11:49:47 postfix/smtpd: warning: unknown[151.80.75.125]: SASL LOGIN authentication failed	2019-10-06 20:02:31
77.247.108.185	attack	\[2019-10-06 08:14:03\] NOTICE\[1887\] chan_sip.c: Registration from '"55" \' failed for '77.247.108.185:5096' - Wrong password \[2019-10-06 08:14:03\] SECURITY\[1898\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-10-06T08:14:03.106-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="55",SessionID="0x7fc3ac095d68",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.247.108.185/5096",Challenge="0ec6fc73",ReceivedChallenge="0ec6fc73",ReceivedHash="d5cbe3c2e09655ab8fa084b8603037dc" \[2019-10-06 08:14:03\] NOTICE\[1887\] chan_sip.c: Registration from '"55" \' failed for '77.247.108.185:5096' - Wrong password \[2019-10-06 08:14:03\] SECURITY\[1898\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-10-06T08:14:03.236-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="55",SessionID="0x7fc3ac509ad8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.247.	2019-10-06 20:15:09
202.104.122.149	attack	Oct 6 08:02:47 xtremcommunity sshd\[239758\]: Invalid user Asdf!@\# from 202.104.122.149 port 50662 Oct 6 08:02:47 xtremcommunity sshd\[239758\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.104.122.149 Oct 6 08:02:49 xtremcommunity sshd\[239758\]: Failed password for invalid user Asdf!@\# from 202.104.122.149 port 50662 ssh2 Oct 6 08:07:21 xtremcommunity sshd\[240035\]: Invalid user p0o9i8u7y6t5r4e3w2q1 from 202.104.122.149 port 47576 Oct 6 08:07:21 xtremcommunity sshd\[240035\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.104.122.149 ...	2019-10-06 20:20:10
114.7.120.10	attackspambots	SSH authentication failure x 6 reported by Fail2Ban ...	2019-10-06 20:29:11
157.230.42.76	attackspam	2019-10-06T11:40:57.766612shield sshd\[4911\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.42.76 user=root 2019-10-06T11:40:59.712651shield sshd\[4911\]: Failed password for root from 157.230.42.76 port 44474 ssh2 2019-10-06T11:45:21.657149shield sshd\[5338\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.42.76 user=root 2019-10-06T11:45:23.512699shield sshd\[5338\]: Failed password for root from 157.230.42.76 port 36231 ssh2 2019-10-06T11:49:31.428908shield sshd\[5755\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.42.76 user=root	2019-10-06 20:10:39
103.253.42.48	attack	$f2bV_matches	2019-10-06 20:27:21
2.57.77.13	attack	B: Magento admin pass test (wrong country)	2019-10-06 20:17:53
94.236.182.92	attackbotsspam	2019-10-06T13:49:33.352370MailD postfix/smtpd[18253]: NOQUEUE: reject: RCPT from 94-236-182-92.ip.btc-net.bg[94.236.182.92]: 554 5.7.1 Service unavailable; Client host [94.236.182.92] blocked using bl.spamcop.net; Blocked - see https://www.spamcop.net/bl.shtml?94.236.182.92; from= to= proto=ESMTP helo=<94-236-182-92.ip.btc-net.bg> 2019-10-06T13:49:33.518563MailD postfix/smtpd[18253]: NOQUEUE: reject: RCPT from 94-236-182-92.ip.btc-net.bg[94.236.182.92]: 554 5.7.1 Service unavailable; Client host [94.236.182.92] blocked using bl.spamcop.net; Blocked - see https://www.spamcop.net/bl.shtml?94.236.182.92; from= to= proto=ESMTP helo=<94-236-182-92.ip.btc-net.bg> 2019-10-06T13:49:33.693604MailD postfix/smtpd[18253]: NOQUEUE: reject: RCPT from 94-236-182-92.ip.btc-net.bg[94.236.182.92]: 554 5.7.1 Service unavailable; Client host [94.236.182.92] blocked using bl.spamcop.net; Blocked - see https://www.spamcop.net/b	2019-10-06 20:09:13
49.88.112.85	attack	Oct 6 14:55:10 server2 sshd\[30516\]: User root from 49.88.112.85 not allowed because not listed in AllowUsers Oct 6 14:55:10 server2 sshd\[30518\]: User root from 49.88.112.85 not allowed because not listed in AllowUsers Oct 6 14:55:10 server2 sshd\[30522\]: User root from 49.88.112.85 not allowed because not listed in AllowUsers Oct 6 14:55:11 server2 sshd\[30524\]: User root from 49.88.112.85 not allowed because not listed in AllowUsers Oct 6 14:55:12 server2 sshd\[30520\]: User root from 49.88.112.85 not allowed because not listed in AllowUsers Oct 6 14:56:22 server2 sshd\[30571\]: User root from 49.88.112.85 not allowed because not listed in AllowUsers	2019-10-06 19:56:34

最近上报的IP列表

191.187.149.251	199.203.149.167	167.58.40.67	113.187.117.164
113.208.232.6	42.114.30.24	207.162.95.1	186.23.102.241
208.239.150.67	78.19.128.187	199.34.70.131	104.158.160.128
180.189.78.128	122.159.238.105	90.246.139.72	196.77.60.78
78.188.155.220	221.34.173.180	186.146.222.126	189.112.94.113