213.142.12.200

Basic Info

City: unknown

Region: unknown

Country: Sweden

Internet Service Provider: A3 Foretag AB

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Honeypot attack, port: 5555, PTR: h213-142-12-200.cust.a3fiber.se.	2020-03-22 21:09:19

Comments on same subnet:

IP	Type	Details	Datetime
213.142.129.165	attackbotsspam	WordPress login Brute force / Web App Attack on client site.	2019-07-12 22:03:14
213.142.129.165	attackspam	michaelklotzbier.de 213.142.129.165 \[10/Jul/2019:11:05:10 +0200\] "POST /wp-login.php HTTP/1.1" 200 5838 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" michaelklotzbier.de 213.142.129.165 \[10/Jul/2019:11:05:11 +0200\] "POST /wp-login.php HTTP/1.1" 200 5795 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" michaelklotzbier.de 213.142.129.165 \[10/Jul/2019:11:05:12 +0200\] "POST /wp-login.php HTTP/1.1" 200 5792 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-07-10 19:22:28
213.142.129.165	attackbots	LGS,WP GET /wp-login.php	2019-06-26 00:50:24

Type

Details

Datetime

213.142.129.165

attackbotsspam

WordPress login Brute force / Web App Attack on client site.

2019-07-12 22:03:14

213.142.129.165

attackspam

michaelklotzbier.de 213.142.129.165 \[10/Jul/2019:11:05:10 +0200\] "POST /wp-login.php HTTP/1.1" 200 5838 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
michaelklotzbier.de 213.142.129.165 \[10/Jul/2019:11:05:11 +0200\] "POST /wp-login.php HTTP/1.1" 200 5795 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
michaelklotzbier.de 213.142.129.165 \[10/Jul/2019:11:05:12 +0200\] "POST /wp-login.php HTTP/1.1" 200 5792 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"

2019-07-10 19:22:28

213.142.129.165

attackbots

LGS,WP GET /wp-login.php

2019-06-26 00:50:24

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 213.142.12.200
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10755
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;213.142.12.200.			IN	A

;; AUTHORITY SECTION:
.			506	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020032200 1800 900 604800 86400

;; Query time: 46 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Mar 22 21:09:15 CST 2020
;; MSG SIZE  rcvd: 118

Host info

200.12.142.213.in-addr.arpa domain name pointer h213-142-12-200.cust.a3fiber.se.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
200.12.142.213.in-addr.arpa	name = h213-142-12-200.cust.a3fiber.se.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
178.210.39.78	attackbots	Fail2Ban - SSH Bruteforce Attempt	2020-04-22 12:54:40
83.12.171.68	attackbots	2020-04-21T22:46:48.604977linuxbox-skyline sshd[309217]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=83.12.171.68 user=root 2020-04-21T22:46:51.041728linuxbox-skyline sshd[309217]: Failed password for root from 83.12.171.68 port 59598 ssh2 ...	2020-04-22 13:02:14
111.229.211.78	attack	Apr 22 05:56:27 vpn01 sshd[31388]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.211.78 Apr 22 05:56:29 vpn01 sshd[31388]: Failed password for invalid user gold from 111.229.211.78 port 58120 ssh2 ...	2020-04-22 13:14:36
103.108.87.133	attackbotsspam	Apr 22 06:10:27 eventyay sshd[30069]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.108.87.133 Apr 22 06:10:29 eventyay sshd[30069]: Failed password for invalid user hadoop from 103.108.87.133 port 35708 ssh2 Apr 22 06:17:21 eventyay sshd[30243]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.108.87.133 ...	2020-04-22 12:41:53
121.241.244.92	attack	Apr 22 04:00:23 *** sshd[10487]: Invalid user eu from 121.241.244.92	2020-04-22 12:50:15
167.172.186.162	attack	Apr 22 03:57:04 *** sshd[21244]: Invalid user postgres from 167.172.186.162	2020-04-22 12:41:31
180.248.47.233	attackspam	Port scan detected on ports: 8291[TCP], 8291[TCP], 8728[TCP]	2020-04-22 13:08:10
138.197.162.28	attackspambots	Invalid user zy from 138.197.162.28 port 48682	2020-04-22 13:12:03
101.37.205.238	attackbotsspam	IDS admin	2020-04-22 13:15:11
5.135.179.178	attack	Apr 21 22:08:49 server1 sshd\[24418\]: Invalid user admin from 5.135.179.178 Apr 21 22:08:49 server1 sshd\[24418\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.135.179.178 Apr 21 22:08:52 server1 sshd\[24418\]: Failed password for invalid user admin from 5.135.179.178 port 10222 ssh2 Apr 21 22:14:44 server1 sshd\[26010\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.135.179.178 user=root Apr 21 22:14:46 server1 sshd\[26010\]: Failed password for root from 5.135.179.178 port 40483 ssh2 ...	2020-04-22 12:58:08
52.172.207.121	attack	Apr 22 06:16:53 vps647732 sshd[1065]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.172.207.121 Apr 22 06:16:55 vps647732 sshd[1065]: Failed password for invalid user test from 52.172.207.121 port 51628 ssh2 ...	2020-04-22 13:02:40
128.199.204.164	attackspambots	Apr 22 00:30:50 ny01 sshd[3493]: Failed password for root from 128.199.204.164 port 54880 ssh2 Apr 22 00:37:49 ny01 sshd[4231]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.204.164 Apr 22 00:37:51 ny01 sshd[4231]: Failed password for invalid user xn from 128.199.204.164 port 58836 ssh2	2020-04-22 13:04:37
121.100.28.199	attackspambots	Apr 22 01:55:14 firewall sshd[10683]: Invalid user zp from 121.100.28.199 Apr 22 01:55:16 firewall sshd[10683]: Failed password for invalid user zp from 121.100.28.199 port 40232 ssh2 Apr 22 02:00:37 firewall sshd[10798]: Invalid user admin from 121.100.28.199 ...	2020-04-22 13:08:24
106.13.21.24	attack	2020-04-22T03:38:55.305255randservbullet-proofcloud-66.localdomain sshd[27993]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.21.24 user=root 2020-04-22T03:38:56.923732randservbullet-proofcloud-66.localdomain sshd[27993]: Failed password for root from 106.13.21.24 port 43728 ssh2 2020-04-22T03:56:36.824411randservbullet-proofcloud-66.localdomain sshd[28073]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.21.24 user=root 2020-04-22T03:56:39.100156randservbullet-proofcloud-66.localdomain sshd[28073]: Failed password for root from 106.13.21.24 port 41682 ssh2 ...	2020-04-22 13:02:55
110.185.164.133	attack	2020-04-21 23:11:00 Possible DoS HGOD SynKiller Flooding 110.185.164.133	2020-04-22 13:00:28

Recently Reported IPs

211.85.248.45	29.179.215.241	59.173.64.50	128.8.103.114
8.187.123.201	72.244.218.199	193.110.77.36	2.143.109.8
115.164.94.118	105.87.26.113	89.210.29.227	177.157.57.87
248.253.181.49	203.150.149.177	200.194.15.39	109.254.254.88
94.254.48.193	52.163.51.156	112.3.30.98	94.66.229.168