145.239.42.107

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): France

运营商(isp): OVH SAS

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	$f2bV_matches	2020-01-11 22:35:01
attackspam	Dec 22 15:26:53 ws12vmsma01 sshd[17115]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.42.107 Dec 22 15:26:53 ws12vmsma01 sshd[17115]: Invalid user user from 145.239.42.107 Dec 22 15:26:55 ws12vmsma01 sshd[17115]: Failed password for invalid user user from 145.239.42.107 port 42148 ssh2 ...	2019-12-23 06:38:57
attackspambots	Dec 19 06:54:36 sso sshd[8108]: Failed password for root from 145.239.42.107 port 38590 ssh2 ...	2019-12-19 14:15:08
attackbotsspam	SSH Bruteforce attempt	2019-12-14 07:23:39
attackspambots	Dec 12 23:42:33 loxhost sshd\[21460\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.42.107 user=root Dec 12 23:42:35 loxhost sshd\[21460\]: Failed password for root from 145.239.42.107 port 36628 ssh2 Dec 12 23:48:14 loxhost sshd\[21639\]: Invalid user rashiem from 145.239.42.107 port 45678 Dec 12 23:48:14 loxhost sshd\[21639\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.42.107 Dec 12 23:48:16 loxhost sshd\[21639\]: Failed password for invalid user rashiem from 145.239.42.107 port 45678 ssh2 ...	2019-12-13 06:54:09
attackspambots	Too many connections or unauthorized access detected from Arctic banned ip	2019-12-11 07:36:59
attackbots	Dec 10 15:12:14 hcbbdb sshd\[6439\]: Invalid user ashleykath from 145.239.42.107 Dec 10 15:12:14 hcbbdb sshd\[6439\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.42.107 Dec 10 15:12:16 hcbbdb sshd\[6439\]: Failed password for invalid user ashleykath from 145.239.42.107 port 43196 ssh2 Dec 10 15:18:04 hcbbdb sshd\[7163\]: Invalid user rafols from 145.239.42.107 Dec 10 15:18:04 hcbbdb sshd\[7163\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.42.107	2019-12-10 23:22:44
attackspambots	Dec 9 06:47:08 wbs sshd\[30658\]: Invalid user kate from 145.239.42.107 Dec 9 06:47:08 wbs sshd\[30658\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.42.107 Dec 9 06:47:09 wbs sshd\[30658\]: Failed password for invalid user kate from 145.239.42.107 port 39150 ssh2 Dec 9 06:53:06 wbs sshd\[31319\]: Invalid user oyakuma from 145.239.42.107 Dec 9 06:53:06 wbs sshd\[31319\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.42.107	2019-12-10 00:59:44
attackspam	SSH invalid-user multiple login attempts	2019-12-08 17:11:08
attackspam	SSH brute-force: detected 33 distinct usernames within a 24-hour window.	2019-12-05 19:57:58
attack	ssh intrusion attempt	2019-11-22 17:22:23
attackspam	Nov 17 06:17:17 web8 sshd\[13050\]: Invalid user sig@tjlt from 145.239.42.107 Nov 17 06:17:17 web8 sshd\[13050\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.42.107 Nov 17 06:17:19 web8 sshd\[13050\]: Failed password for invalid user sig@tjlt from 145.239.42.107 port 35220 ssh2 Nov 17 06:21:07 web8 sshd\[15028\]: Invalid user !@\#ewq!@\# from 145.239.42.107 Nov 17 06:21:07 web8 sshd\[15028\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.42.107	2019-11-17 21:27:05
attack	2019-11-13T01:26:48.361927ns547587 sshd\[1369\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.42.107.kr-k.de user=root 2019-11-13T01:26:50.847019ns547587 sshd\[1369\]: Failed password for root from 145.239.42.107 port 54708 ssh2 2019-11-13T01:30:13.300899ns547587 sshd\[5820\]: Invalid user biliamee from 145.239.42.107 port 35256 2019-11-13T01:30:13.304768ns547587 sshd\[5820\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.42.107.kr-k.de ...	2019-11-13 14:46:26
attackspambots	SSH Brute Force, server-1 sshd[4737]: Failed password for invalid user webmaster from 145.239.42.107 port 41128 ssh2	2019-11-12 00:00:12
attackspam	SSH brutforce	2019-11-07 18:12:35
attack	Invalid user stefan from 145.239.42.107 port 52496	2019-10-25 17:10:57
attack	Invalid user stefan from 145.239.42.107 port 52496	2019-10-24 16:47:34
attack	Oct 20 07:05:01 localhost sshd\[30811\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.42.107 user=root Oct 20 07:05:03 localhost sshd\[30811\]: Failed password for root from 145.239.42.107 port 43072 ssh2 Oct 20 07:09:06 localhost sshd\[31175\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.42.107 user=root	2019-10-20 13:19:14

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 145.239.42.107
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 43683
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;145.239.42.107.			IN	A

;; AUTHORITY SECTION:
.			572	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019101901 1800 900 604800 86400

;; Query time: 63 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Oct 20 13:19:10 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

107.42.239.145.in-addr.arpa domain name pointer 145.239.42.107.kr-k.de.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
107.42.239.145.in-addr.arpa	name = 145.239.42.107.kr-k.de.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
1.202.76.226	attackbots	k+ssh-bruteforce	2020-05-21 22:32:01
182.61.132.15	attackspambots	DATE:2020-05-21 16:00:18, IP:182.61.132.15, PORT:ssh SSH brute force auth (docker-dc)	2020-05-21 22:44:13
159.89.167.22	attack	Automatic report - XMLRPC Attack	2020-05-21 22:44:35
109.195.198.27	attackbots	3x Failed Password	2020-05-21 22:21:44
184.105.247.240	attackbotsspam	Unauthorized connection attempt from IP address 184.105.247.240 on Port 445(SMB)	2020-05-21 22:31:39
36.90.45.46	attackspambots	failed root login	2020-05-21 22:18:01
170.84.224.240	attack	(sshd) Failed SSH login from 170.84.224.240 (BR/Brazil/170-084-224-240.henet.com.br): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: May 21 14:34:07 amsweb01 sshd[12141]: Invalid user qzm from 170.84.224.240 port 57332 May 21 14:34:09 amsweb01 sshd[12141]: Failed password for invalid user qzm from 170.84.224.240 port 57332 ssh2 May 21 14:50:01 amsweb01 sshd[13559]: Invalid user tat from 170.84.224.240 port 56149 May 21 14:50:02 amsweb01 sshd[13559]: Failed password for invalid user tat from 170.84.224.240 port 56149 ssh2 May 21 14:54:17 amsweb01 sshd[13862]: Invalid user hvi from 170.84.224.240 port 58579	2020-05-21 22:36:04
103.41.110.38	attackspambots	103.41.110.38	2020-05-21 22:23:20
37.99.117.3	attackbots	Brute forcing RDP port 3389	2020-05-21 22:52:25
46.101.149.23	attackspam	srv02 Mass scanning activity detected Target: 26517 ..	2020-05-21 22:30:11
83.151.14.181	attackbotsspam	May 21 01:57:50 web9 sshd\[24091\]: Invalid user jky from 83.151.14.181 May 21 01:57:50 web9 sshd\[24091\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=83.151.14.181 May 21 01:57:52 web9 sshd\[24091\]: Failed password for invalid user jky from 83.151.14.181 port 48446 ssh2 May 21 02:02:18 web9 sshd\[24688\]: Invalid user miy from 83.151.14.181 May 21 02:02:18 web9 sshd\[24688\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=83.151.14.181	2020-05-21 22:17:38
120.71.147.93	attackbots	(sshd) Failed SSH login from 120.71.147.93 (CN/China/-): 5 in the last 3600 secs	2020-05-21 22:45:09
185.98.1.141	attackspam	(smtpauth) Failed SMTP AUTH login from 185.98.1.141 (BA/Bosnia and Herzegovina/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-05-21 16:32:02 plain authenticator failed for ([185.98.1.141]) [185.98.1.141]: 535 Incorrect authentication data (set_id=ravabet_omomi@behzisty-esfahan.ir)	2020-05-21 22:25:43
2.37.134.39	attack	Unauthorized connection attempt detected from IP address 2.37.134.39 to port 23	2020-05-21 22:25:13
103.78.39.106	attack	Auto Fail2Ban report, multiple SSH login attempts.	2020-05-21 22:22:57

最近上报的IP列表

211.179.76.9	34.87.24.125	185.40.15.247	142.93.218.34
202.52.52.94	200.194.28.159	184.186.75.132	103.61.39.106
174.142.90.14	52.14.33.15	83.149.128.234	23.244.43.2
213.215.82.36	195.138.72.83	167.71.4.130	160.106.238.48
185.40.12.193	83.22.197.253	207.180.196.57	174.139.98.234