城市(city): unknown
省份(region): unknown
国家(country): Hong Kong
运营商(isp): PCCW IMS Ltd
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
| 类型 | 评论内容 | 时间 |
|---|---|---|
| attackspam | Aug 17 14:05:17 ns382633 sshd\[27311\]: Invalid user client1 from 42.200.142.45 port 45067 Aug 17 14:05:17 ns382633 sshd\[27311\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.200.142.45 Aug 17 14:05:20 ns382633 sshd\[27311\]: Failed password for invalid user client1 from 42.200.142.45 port 45067 ssh2 Aug 17 14:20:42 ns382633 sshd\[30110\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.200.142.45 user=root Aug 17 14:20:45 ns382633 sshd\[30110\]: Failed password for root from 42.200.142.45 port 56052 ssh2 |
2020-08-17 23:41:15 |
| attackspambots | "fail2ban match" |
2020-07-14 08:01:03 |
| attackspambots | Jun 25 22:41:09 web9 sshd\[17797\]: Invalid user tushar from 42.200.142.45 Jun 25 22:41:09 web9 sshd\[17797\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.200.142.45 Jun 25 22:41:11 web9 sshd\[17797\]: Failed password for invalid user tushar from 42.200.142.45 port 36266 ssh2 Jun 25 22:42:57 web9 sshd\[18073\]: Invalid user tec from 42.200.142.45 Jun 25 22:42:57 web9 sshd\[18073\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.200.142.45 |
2020-06-26 16:48:11 |
| attack | k+ssh-bruteforce |
2020-06-12 12:43:35 |
| attackspam | 2020-06-09T12:44:01.609852abusebot-4.cloudsearch.cf sshd[10549]: Invalid user webdata from 42.200.142.45 port 54285 2020-06-09T12:44:01.620637abusebot-4.cloudsearch.cf sshd[10549]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42-200-142-45.static.imsbiz.com 2020-06-09T12:44:01.609852abusebot-4.cloudsearch.cf sshd[10549]: Invalid user webdata from 42.200.142.45 port 54285 2020-06-09T12:44:03.538857abusebot-4.cloudsearch.cf sshd[10549]: Failed password for invalid user webdata from 42.200.142.45 port 54285 ssh2 2020-06-09T12:48:05.319774abusebot-4.cloudsearch.cf sshd[10751]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42-200-142-45.static.imsbiz.com user=root 2020-06-09T12:48:07.076413abusebot-4.cloudsearch.cf sshd[10751]: Failed password for root from 42.200.142.45 port 56524 ssh2 2020-06-09T12:51:56.466813abusebot-4.cloudsearch.cf sshd[10989]: pam_unix(sshd:auth): authentication failure; logname= ui ... |
2020-06-10 02:26:03 |
| attackspam | Repeated brute force against a port |
2020-06-08 12:54:45 |
| attackbotsspam | May 31 11:02:00 ns381471 sshd[19696]: Failed password for root from 42.200.142.45 port 45164 ssh2 |
2020-05-31 17:21:56 |
| attack | Invalid user jessey from 42.200.142.45 port 51125 |
2020-05-27 06:10:35 |
| attackspambots | Brute force attempt |
2020-05-25 17:51:40 |
| attack | Invalid user prashant from 42.200.142.45 port 54213 |
2020-05-17 02:31:50 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.200.142.45
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 19740
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.200.142.45. IN A
;; AUTHORITY SECTION:
. 460 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2020051601 1800 900 604800 86400
;; Query time: 96 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun May 17 02:31:46 CST 2020
;; MSG SIZE rcvd: 11745.142.200.42.in-addr.arpa domain name pointer 42-200-142-45.static.imsbiz.com.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
45.142.200.42.in-addr.arpa name = 42-200-142-45.static.imsbiz.com.
Authoritative answers can be found from:| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 51.83.42.108 | attack | 2020-07-24 12:34:35,415 fail2ban.actions [18606]: NOTICE [sshd] Ban 51.83.42.108 2020-07-24 12:49:10,808 fail2ban.actions [18606]: NOTICE [sshd] Ban 51.83.42.108 2020-07-24 13:01:49,879 fail2ban.actions [18606]: NOTICE [sshd] Ban 51.83.42.108 2020-07-24 13:14:33,098 fail2ban.actions [18606]: NOTICE [sshd] Ban 51.83.42.108 2020-07-24 13:27:34,378 fail2ban.actions [18606]: NOTICE [sshd] Ban 51.83.42.108 ... |
2020-09-04 22:01:38 |
| 203.99.62.158 | attackspambots | Time: Fri Sep 4 12:27:44 2020 +0200 IP: 203.99.62.158 (PK/Pakistan/mbl-99-62-158.dsl.net.pk) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 4 12:20:29 ca-3-ams1 sshd[24665]: Invalid user luser from 203.99.62.158 port 41466 Sep 4 12:20:31 ca-3-ams1 sshd[24665]: Failed password for invalid user luser from 203.99.62.158 port 41466 ssh2 Sep 4 12:24:48 ca-3-ams1 sshd[24849]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.99.62.158 user=root Sep 4 12:24:50 ca-3-ams1 sshd[24849]: Failed password for root from 203.99.62.158 port 11295 ssh2 Sep 4 12:27:43 ca-3-ams1 sshd[24980]: Invalid user g from 203.99.62.158 port 31787 |
2020-09-04 21:57:15 |
| 62.176.115.154 | attack | firewall-block, port(s): 445/tcp |
2020-09-04 21:22:10 |
| 218.92.0.247 | attack | Sep 4 16:40:04 ift sshd\[44943\]: Failed password for root from 218.92.0.247 port 10771 ssh2Sep 4 16:40:07 ift sshd\[44943\]: Failed password for root from 218.92.0.247 port 10771 ssh2Sep 4 16:40:10 ift sshd\[44943\]: Failed password for root from 218.92.0.247 port 10771 ssh2Sep 4 16:40:13 ift sshd\[44943\]: Failed password for root from 218.92.0.247 port 10771 ssh2Sep 4 16:40:18 ift sshd\[44943\]: Failed password for root from 218.92.0.247 port 10771 ssh2 ... |
2020-09-04 21:52:51 |
| 117.241.201.123 | attackspam | Lines containing failures of 117.241.201.123 Sep 2 10:09:27 omfg postfix/smtpd[20612]: connect from unknown[117.241.201.123] Sep x@x Sep 2 10:09:28 omfg postfix/smtpd[20612]: lost connection after DATA from unknown[117.241.201.123] Sep 2 10:09:28 omfg postfix/smtpd[20612]: disconnect from unknown[117.241.201.123] ehlo=1 mail=1 rcpt=0/1 data=0/1 commands=2/4 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=117.241.201.123 |
2020-09-04 22:04:16 |
| 45.142.120.137 | attackspam | 2020-09-04 15:34:51 dovecot_login authenticator failed for \(User\) \[45.142.120.137\]: 535 Incorrect authentication data \(set_id=league@no-server.de\) 2020-09-04 15:35:28 dovecot_login authenticator failed for \(User\) \[45.142.120.137\]: 535 Incorrect authentication data \(set_id=origin2@no-server.de\) 2020-09-04 15:36:06 dovecot_login authenticator failed for \(User\) \[45.142.120.137\]: 535 Incorrect authentication data \(set_id=plugins@no-server.de\) 2020-09-04 15:36:18 dovecot_login authenticator failed for \(User\) \[45.142.120.137\]: 535 Incorrect authentication data \(set_id=plugins@no-server.de\) 2020-09-04 15:36:19 dovecot_login authenticator failed for \(User\) \[45.142.120.137\]: 535 Incorrect authentication data \(set_id=plugins@no-server.de\) 2020-09-04 15:36:43 dovecot_login authenticator failed for \(User\) \[45.142.120.137\]: 535 Incorrect authentication data \(set_id=spca@no-server.de\) ... |
2020-09-04 21:43:49 |
| 24.137.147.95 | attackbotsspam | Automatic report - Banned IP Access |
2020-09-04 21:44:14 |
| 112.85.42.174 | attack | Sep 4 09:06:23 ny01 sshd[8051]: Failed password for root from 112.85.42.174 port 32520 ssh2 Sep 4 09:06:38 ny01 sshd[8051]: error: maximum authentication attempts exceeded for root from 112.85.42.174 port 32520 ssh2 [preauth] Sep 4 09:06:44 ny01 sshd[8101]: Failed password for root from 112.85.42.174 port 63790 ssh2 |
2020-09-04 21:41:52 |
| 147.91.31.52 | attackbots | As always with Serbia /Wp-login.php /wp-admin.php |
2020-09-04 21:40:29 |
| 218.92.0.191 | attack | Sep 4 15:29:52 dcd-gentoo sshd[18953]: User root from 218.92.0.191 not allowed because none of user's groups are listed in AllowGroups Sep 4 15:29:54 dcd-gentoo sshd[18953]: error: PAM: Authentication failure for illegal user root from 218.92.0.191 Sep 4 15:29:54 dcd-gentoo sshd[18953]: Failed keyboard-interactive/pam for invalid user root from 218.92.0.191 port 53409 ssh2 ... |
2020-09-04 21:38:48 |
| 140.143.3.130 | attackspambots | Invalid user ghost from 140.143.3.130 port 26144 |
2020-09-04 21:42:26 |
| 139.59.92.19 | attackbots | Invalid user riana from 139.59.92.19 port 60256 |
2020-09-04 21:39:40 |
| 161.52.178.130 | attackspambots | 20/9/3@13:16:20: FAIL: Alarm-Network address from=161.52.178.130 ... |
2020-09-04 21:37:07 |
| 49.255.93.10 | attack | Invalid user guoman from 49.255.93.10 port 40532 |
2020-09-04 21:29:11 |
| 170.130.187.34 | attackbotsspam |
|
2020-09-04 21:35:02 |