212.42.103.46 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Kyrgyzstan

运营商(isp): ElCat Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Unauthorized connection attempt from IP address 212.42.103.46 on Port 445(SMB)	2020-03-18 19:54:56

相同子网IP讨论:

IP	类型	评论内容	时间
212.42.103.126	attackspam	Unauthorized connection attempt from IP address 212.42.103.126 on Port 445(SMB)	2020-03-07 00:05:22
212.42.103.112	attackbotsspam	Aug 13 02:25:06 MK-Soft-VM5 sshd\[4025\]: Invalid user xapolicymgr from 212.42.103.112 port 11300 Aug 13 02:25:06 MK-Soft-VM5 sshd\[4025\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.42.103.112 Aug 13 02:25:08 MK-Soft-VM5 sshd\[4025\]: Failed password for invalid user xapolicymgr from 212.42.103.112 port 11300 ssh2 ...	2019-08-13 11:42:13

类型

评论内容

时间

212.42.103.126

attackspam

Unauthorized connection attempt from IP address 212.42.103.126 on Port 445(SMB)

2020-03-07 00:05:22

212.42.103.112

attackbotsspam

Aug 13 02:25:06 MK-Soft-VM5 sshd\[4025\]: Invalid user xapolicymgr from 212.42.103.112 port 11300
Aug 13 02:25:06 MK-Soft-VM5 sshd\[4025\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.42.103.112
Aug 13 02:25:08 MK-Soft-VM5 sshd\[4025\]: Failed password for invalid user xapolicymgr from 212.42.103.112 port 11300 ssh2
...

2019-08-13 11:42:13

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 212.42.103.46
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24250
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;212.42.103.46.			IN	A

;; AUTHORITY SECTION:
.			366	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020031800 1800 900 604800 86400

;; Query time: 105 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Mar 18 19:54:51 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

46.103.42.212.in-addr.arpa domain name pointer 212-42-103-46.elcat.kg.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
46.103.42.212.in-addr.arpa	name = 212-42-103-46.elcat.kg.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
1.9.78.242	attack	Mar 18 18:50:51 localhost sshd\[9162\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.9.78.242 user=root Mar 18 18:50:54 localhost sshd\[9162\]: Failed password for root from 1.9.78.242 port 44093 ssh2 Mar 18 18:58:58 localhost sshd\[9297\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.9.78.242 user=root ...	2020-03-19 04:11:23
45.117.176.23	attackspambots	Mar 18 22:41:27 hosting sshd[13498]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.117.176.23 user=root Mar 18 22:41:28 hosting sshd[13498]: Failed password for root from 45.117.176.23 port 48808 ssh2 Mar 18 22:46:06 hosting sshd[13952]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.117.176.23 user=root Mar 18 22:46:08 hosting sshd[13952]: Failed password for root from 45.117.176.23 port 54946 ssh2 ...	2020-03-19 04:03:14
151.80.61.70	attackspambots	Mar 18 18:45:05 sd-53420 sshd\[13683\]: Invalid user deployer from 151.80.61.70 Mar 18 18:45:05 sd-53420 sshd\[13683\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=151.80.61.70 Mar 18 18:45:07 sd-53420 sshd\[13683\]: Failed password for invalid user deployer from 151.80.61.70 port 46592 ssh2 Mar 18 18:49:08 sd-53420 sshd\[15052\]: Invalid user nsroot from 151.80.61.70 Mar 18 18:49:08 sd-53420 sshd\[15052\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=151.80.61.70 ...	2020-03-19 03:51:45
117.34.74.252	attackspam	Unauthorised access (Mar 18) SRC=117.34.74.252 LEN=40 TTL=243 ID=56788 TCP DPT=445 WINDOW=1024 SYN	2020-03-19 04:02:47
194.186.75.230	attackbotsspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-03-19 03:58:54
182.252.133.70	attack	Mar 18 20:42:54 sd-53420 sshd\[20995\]: Invalid user yang from 182.252.133.70 Mar 18 20:42:54 sd-53420 sshd\[20995\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.252.133.70 Mar 18 20:42:57 sd-53420 sshd\[20995\]: Failed password for invalid user yang from 182.252.133.70 port 39382 ssh2 Mar 18 20:48:30 sd-53420 sshd\[24888\]: User root from 182.252.133.70 not allowed because none of user's groups are listed in AllowGroups Mar 18 20:48:30 sd-53420 sshd\[24888\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.252.133.70 user=root ...	2020-03-19 04:03:52
182.155.229.211	attackbotsspam	20/3/18@09:06:48: FAIL: Alarm-Network address from=182.155.229.211 ...	2020-03-19 03:55:14
159.89.177.46	attack	Mar 18 16:09:03 main sshd[29568]: Failed password for invalid user teste from 159.89.177.46 port 33252 ssh2 Mar 18 16:12:08 main sshd[29663]: Failed password for invalid user user from 159.89.177.46 port 34826 ssh2 Mar 18 16:16:08 main sshd[29738]: Failed password for invalid user jiangqianhu from 159.89.177.46 port 36410 ssh2 Mar 18 16:37:29 main sshd[30147]: Failed password for invalid user informix from 159.89.177.46 port 47390 ssh2 Mar 18 16:40:30 main sshd[30262]: Failed password for invalid user dolphin from 159.89.177.46 port 48964 ssh2 Mar 18 16:55:42 main sshd[30541]: Failed password for invalid user ali from 159.89.177.46 port 56800 ssh2 Mar 18 17:08:04 main sshd[30799]: Failed password for invalid user monitor from 159.89.177.46 port 34856 ssh2 Mar 18 17:17:26 main sshd[31041]: Failed password for invalid user plex from 159.89.177.46 port 39580 ssh2 Mar 18 17:33:16 main sshd[31463]: Failed password for invalid user ts from 159.89.177.46 port 47432 ssh2	2020-03-19 04:11:47
104.131.41.185	attackspam	SSH login attempts with user root.	2020-03-19 03:46:41
192.99.31.122	attack	192.99.31.122 - - [18/Mar/2020:20:19:39 +0100] "GET /wp-login.php HTTP/1.1" 200 6582 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 192.99.31.122 - - [18/Mar/2020:20:19:40 +0100] "POST /wp-login.php HTTP/1.1" 200 7362 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 192.99.31.122 - - [18/Mar/2020:20:19:41 +0100] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-03-19 03:54:51
203.159.249.215	attackspam	Mar 18 19:49:25 ns382633 sshd\[20982\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.159.249.215 user=root Mar 18 19:49:26 ns382633 sshd\[20982\]: Failed password for root from 203.159.249.215 port 35478 ssh2 Mar 18 19:53:20 ns382633 sshd\[21949\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.159.249.215 user=root Mar 18 19:53:22 ns382633 sshd\[21949\]: Failed password for root from 203.159.249.215 port 59436 ssh2 Mar 18 19:56:27 ns382633 sshd\[22713\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.159.249.215 user=root	2020-03-19 03:52:24
186.206.219.212	attackspambots	Honeypot attack, port: 445, PTR: bacedbd4.virtua.com.br.	2020-03-19 03:50:13
111.231.32.127	attack	bruteforce detected	2020-03-19 03:56:44
202.175.121.202	attackbots	SSH login attempts with user root.	2020-03-19 04:03:30
51.38.48.242	attackbotsspam	$f2bV_matches	2020-03-19 04:08:33

最近上报的IP列表

116.106.217.75	203.192.210.70	77.40.100.66	188.121.0.52
86.57.182.147	45.139.186.58	42.116.182.139	5.137.84.116
27.75.222.216	162.243.133.49	36.89.148.61	190.201.227.85
66.96.240.213	116.104.243.236	222.211.205.44	190.85.86.153
116.112.64.98	122.54.141.234	243.66.175.159	189.40.233.193