212.42.104.18 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Kyrgyzstan

Internet Service Provider: ElCat Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Unauthorized connection attempt detected from IP address 212.42.104.18 to port 1433 [T]	2020-06-14 03:41:06

Comments on same subnet:

IP	Type	Details	Datetime
212.42.104.101	attackbotsspam	Unauthorized connection attempt detected from IP address 212.42.104.101 to port 445 [T]	2020-08-14 04:32:27
212.42.104.101	attackspambots	Port scan: Attack repeated for 24 hours	2020-08-02 19:33:01
212.42.104.101	attack	Honeypot attack, port: 445, PTR: kabul.static.elcat.kg.	2020-02-28 06:37:42
212.42.104.101	attack	Unauthorized connection attempt detected from IP address 212.42.104.101 to port 1433 [J]	2020-01-21 13:42:06
212.42.104.101	attackbotsspam	Unauthorized connection attempt detected from IP address 212.42.104.101 to port 445 [T]	2020-01-15 22:32:55
212.42.104.101	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/212.42.104.101/ KG - 1H : (2) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : KG NAME ASN : ASN8449 IP : 212.42.104.101 CIDR : 212.42.104.0/24 PREFIX COUNT : 65 UNIQUE IP COUNT : 17408 WYKRYTE ATAKI Z ASN8449 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 DateTime : 2019-10-18 14:17:38 INFO : Port MAX SCAN Scan Detected and Blocked by ADMIN - data recovery	2019-10-18 20:56:36

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 212.42.104.18
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4963
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;212.42.104.18.			IN	A

;; AUTHORITY SECTION:
.			422	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020061301 1800 900 604800 86400

;; Query time: 81 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jun 14 03:41:01 CST 2020
;; MSG SIZE  rcvd: 117

Host info

18.104.42.212.in-addr.arpa domain name pointer sti.gov.kg.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
18.104.42.212.in-addr.arpa	name = sti.gov.kg.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
118.24.193.176	attackbotsspam	Nov 20 07:56:24 dedicated sshd[6929]: Invalid user derrington from 118.24.193.176 port 54520	2019-11-20 15:08:56
221.239.62.137	attackbots	$f2bV_matches	2019-11-20 15:18:34
222.186.180.9	attackbots	Nov 20 08:06:56 nextcloud sshd\[14306\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.9 user=root Nov 20 08:06:58 nextcloud sshd\[14306\]: Failed password for root from 222.186.180.9 port 35082 ssh2 Nov 20 08:07:01 nextcloud sshd\[14306\]: Failed password for root from 222.186.180.9 port 35082 ssh2 ...	2019-11-20 15:15:39
106.75.173.67	attack	Nov 20 07:26:26 dedicated sshd[2257]: Failed password for root from 106.75.173.67 port 56780 ssh2 Nov 20 07:30:42 dedicated sshd[2911]: Invalid user monitor from 106.75.173.67 port 34964 Nov 20 07:30:42 dedicated sshd[2911]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.173.67 Nov 20 07:30:42 dedicated sshd[2911]: Invalid user monitor from 106.75.173.67 port 34964 Nov 20 07:30:44 dedicated sshd[2911]: Failed password for invalid user monitor from 106.75.173.67 port 34964 ssh2	2019-11-20 14:47:35
222.186.175.220	attackspam	pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.220 user=root Failed password for root from 222.186.175.220 port 52022 ssh2 Failed password for root from 222.186.175.220 port 52022 ssh2 Failed password for root from 222.186.175.220 port 52022 ssh2 Failed password for root from 222.186.175.220 port 52022 ssh2	2019-11-20 14:46:26
219.150.116.52	attackbotsspam	Nov 20 01:40:39 web1 postfix/smtpd[6871]: warning: unknown[219.150.116.52]: SASL LOGIN authentication failed: authentication failure ...	2019-11-20 14:52:43
67.205.178.14	attackbots	20.11.2019 07:41:16 - Wordpress fail Detected by ELinOX-ALM	2019-11-20 14:41:40
82.159.138.57	attackspam	Nov 19 20:39:05 php1 sshd\[30120\]: Invalid user test from 82.159.138.57 Nov 19 20:39:05 php1 sshd\[30120\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.159.138.57 Nov 19 20:39:07 php1 sshd\[30120\]: Failed password for invalid user test from 82.159.138.57 port 44554 ssh2 Nov 19 20:42:37 php1 sshd\[30401\]: Invalid user travel_phpb1 from 82.159.138.57 Nov 19 20:42:37 php1 sshd\[30401\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.159.138.57	2019-11-20 15:05:14
90.188.10.225	attackspambots	Automatic report - Port Scan Attack	2019-11-20 15:12:15
206.189.35.254	attackbots	Nov 20 08:31:09 sauna sshd[111061]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.35.254 Nov 20 08:31:11 sauna sshd[111061]: Failed password for invalid user wwwadmin from 206.189.35.254 port 52536 ssh2 ...	2019-11-20 15:07:47
129.204.67.235	attack	2019-11-20T06:31:26.629915abusebot-6.cloudsearch.cf sshd\[26527\]: Invalid user minecraft from 129.204.67.235 port 47196	2019-11-20 15:03:23
185.53.88.76	attackbotsspam	\[2019-11-20 02:21:14\] SECURITY\[2765\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-11-20T02:21:14.653-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="9011442843032012",SessionID="0x7f26c48d7758",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.53.88.76/52715",ACLName="no_extension_match" \[2019-11-20 02:21:16\] SECURITY\[2765\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-11-20T02:21:16.135-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="011442843032012",SessionID="0x7f26c4af39e8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.53.88.76/59931",ACLName="no_extension_match" \[2019-11-20 02:21:18\] SECURITY\[2765\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-11-20T02:21:18.364-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="011441519470402",SessionID="0x7f26c40f7fa8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.53.88.76/54549",ACLName="no_exten	2019-11-20 15:22:21
177.75.137.91	attackbots	Automatic report - Port Scan Attack	2019-11-20 14:48:24
202.169.62.187	attackbotsspam	Nov 19 20:24:29 web9 sshd\[31642\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.169.62.187 user=root Nov 19 20:24:31 web9 sshd\[31642\]: Failed password for root from 202.169.62.187 port 43020 ssh2 Nov 19 20:28:31 web9 sshd\[32151\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.169.62.187 user=root Nov 19 20:28:32 web9 sshd\[32151\]: Failed password for root from 202.169.62.187 port 33002 ssh2 Nov 19 20:32:30 web9 sshd\[32627\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.169.62.187 user=backup	2019-11-20 14:47:20
190.102.140.7	attack	2019-11-20T01:16:47.9712191495-001 sshd\[36808\]: Invalid user murgo from 190.102.140.7 port 46746 2019-11-20T01:16:47.9811331495-001 sshd\[36808\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.102.140.7 2019-11-20T01:16:49.4680071495-001 sshd\[36808\]: Failed password for invalid user murgo from 190.102.140.7 port 46746 ssh2 2019-11-20T01:21:04.7107351495-001 sshd\[36939\]: Invalid user bsnl123456 from 190.102.140.7 port 54848 2019-11-20T01:21:04.7199101495-001 sshd\[36939\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.102.140.7 2019-11-20T01:21:06.8193911495-001 sshd\[36939\]: Failed password for invalid user bsnl123456 from 190.102.140.7 port 54848 ssh2 ...	2019-11-20 14:52:01

Recently Reported IPs

129.204.42.144	78.142.18.52	218.166.18.54	181.97.151.122
178.70.99.71	151.45.23.237	95.181.2.183	37.110.47.82
139.193.56.16	13.75.140.64	31.155.224.82	114.44.82.169
152.0.88.65	46.187.16.180	186.32.2.9	49.7.60.76
165.227.111.39	136.153.88.170	227.169.198.150	148.72.212.212