城市(city): unknown
省份(region): unknown
国家(country): Hong Kong
运营商(isp): PCCW IMS Ltd
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
| 类型 | 评论内容 | 时间 |
|---|---|---|
| attack | Oct 12 13:02:43 staging sshd[338320]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.200.66.164 user=root Oct 12 13:02:46 staging sshd[338320]: Failed password for root from 42.200.66.164 port 60126 ssh2 Oct 12 13:04:08 staging sshd[338349]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.200.66.164 user=root Oct 12 13:04:10 staging sshd[338349]: Failed password for root from 42.200.66.164 port 52244 ssh2 ... |
2020-10-12 21:04:52 |
| attack | Scanned 3 times in the last 24 hours on port 22 |
2020-10-12 12:34:31 |
| attack | Aug 20 23:58:37 master sshd[6266]: Failed password for root from 42.200.66.164 port 39022 ssh2 |
2020-08-21 06:12:39 |
| attack | Aug 17 07:55:44 eventyay sshd[15635]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.200.66.164 Aug 17 07:55:47 eventyay sshd[15635]: Failed password for invalid user marin from 42.200.66.164 port 56628 ssh2 Aug 17 08:00:12 eventyay sshd[15731]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.200.66.164 ... |
2020-08-17 16:11:52 |
| attackspam | Aug 10 20:31:31 IngegnereFirenze sshd[1146]: User root from 42.200.66.164 not allowed because not listed in AllowUsers ... |
2020-08-11 05:15:07 |
| attackbotsspam | 2020-08-07T05:47:51.848154amanda2.illicoweb.com sshd\[2013\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42-200-66-164.static.imsbiz.com user=root 2020-08-07T05:47:54.411118amanda2.illicoweb.com sshd\[2013\]: Failed password for root from 42.200.66.164 port 51570 ssh2 2020-08-07T05:55:44.955167amanda2.illicoweb.com sshd\[3605\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42-200-66-164.static.imsbiz.com user=root 2020-08-07T05:55:46.785674amanda2.illicoweb.com sshd\[3605\]: Failed password for root from 42.200.66.164 port 42438 ssh2 2020-08-07T05:57:42.338706amanda2.illicoweb.com sshd\[3970\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42-200-66-164.static.imsbiz.com user=root ... |
2020-08-07 13:14:10 |
| attackbots | ssh brute force |
2020-08-04 15:33:41 |
| attackspambots | Jul 31 16:45:51 NPSTNNYC01T sshd[22459]: Failed password for root from 42.200.66.164 port 39296 ssh2 Jul 31 16:50:13 NPSTNNYC01T sshd[22761]: Failed password for root from 42.200.66.164 port 51144 ssh2 ... |
2020-08-01 05:44:28 |
| attackbotsspam | 2020-07-29T16:13:53.478956vps751288.ovh.net sshd\[17042\]: Invalid user syy from 42.200.66.164 port 39642 2020-07-29T16:13:53.486329vps751288.ovh.net sshd\[17042\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42-200-66-164.static.imsbiz.com 2020-07-29T16:13:55.056555vps751288.ovh.net sshd\[17042\]: Failed password for invalid user syy from 42.200.66.164 port 39642 ssh2 2020-07-29T16:15:36.396436vps751288.ovh.net sshd\[17087\]: Invalid user dove from 42.200.66.164 port 36008 2020-07-29T16:15:36.404308vps751288.ovh.net sshd\[17087\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42-200-66-164.static.imsbiz.com |
2020-07-29 22:58:30 |
| attackspambots | B: Abusive ssh attack |
2020-07-29 16:44:40 |
| attackspambots | Invalid user xr from 42.200.66.164 port 34576 |
2020-07-16 13:24:15 |
| attackspam | k+ssh-bruteforce |
2020-07-01 20:18:46 |
| attackbots | Jun 24 09:21:49 l03 sshd[29406]: Invalid user python from 42.200.66.164 port 47552 ... |
2020-06-24 16:52:09 |
| attack | Jun 19 00:08:00 OPSO sshd\[27968\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.200.66.164 user=root Jun 19 00:08:02 OPSO sshd\[27968\]: Failed password for root from 42.200.66.164 port 56652 ssh2 Jun 19 00:11:49 OPSO sshd\[28896\]: Invalid user elsearch from 42.200.66.164 port 57966 Jun 19 00:11:49 OPSO sshd\[28896\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.200.66.164 Jun 19 00:11:52 OPSO sshd\[28896\]: Failed password for invalid user elsearch from 42.200.66.164 port 57966 ssh2 |
2020-06-19 09:03:55 |
| attackspambots | Jun 1 22:03:01 sip sshd[488]: Failed password for root from 42.200.66.164 port 58496 ssh2 Jun 1 22:13:57 sip sshd[4581]: Failed password for root from 42.200.66.164 port 54836 ssh2 |
2020-06-02 06:53:17 |
| attack | bruteforce detected |
2020-05-27 17:27:07 |
| attack | May 26 18:53:06 eventyay sshd[12822]: Failed password for root from 42.200.66.164 port 49538 ssh2 May 26 18:55:25 eventyay sshd[12881]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.200.66.164 May 26 18:55:27 eventyay sshd[12881]: Failed password for invalid user riki from 42.200.66.164 port 52830 ssh2 ... |
2020-05-27 01:16:52 |
| attackspam | May 20 20:20:17 onepixel sshd[546768]: Invalid user efa from 42.200.66.164 port 35482 May 20 20:20:17 onepixel sshd[546768]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.200.66.164 May 20 20:20:17 onepixel sshd[546768]: Invalid user efa from 42.200.66.164 port 35482 May 20 20:20:19 onepixel sshd[546768]: Failed password for invalid user efa from 42.200.66.164 port 35482 ssh2 May 20 20:22:46 onepixel sshd[547088]: Invalid user lant from 42.200.66.164 port 49078 |
2020-05-21 04:34:21 |
| attack | May 9 23:13:58 home sshd[25234]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.200.66.164 May 9 23:14:00 home sshd[25234]: Failed password for invalid user group3 from 42.200.66.164 port 57234 ssh2 May 9 23:17:13 home sshd[25710]: Failed password for root from 42.200.66.164 port 52558 ssh2 ... |
2020-05-10 05:21:58 |
| attackbots | 2020-05-08T21:50:33.295123shield sshd\[6717\]: Invalid user xjt from 42.200.66.164 port 45918 2020-05-08T21:50:33.299271shield sshd\[6717\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42-200-66-164.static.imsbiz.com 2020-05-08T21:50:35.771876shield sshd\[6717\]: Failed password for invalid user xjt from 42.200.66.164 port 45918 ssh2 2020-05-08T21:52:41.481607shield sshd\[7093\]: Invalid user marlon from 42.200.66.164 port 51840 2020-05-08T21:52:41.485391shield sshd\[7093\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42-200-66-164.static.imsbiz.com |
2020-05-09 06:26:56 |
| attackspam | SSH bruteforce |
2020-04-30 07:52:12 |
| attackspambots | Apr 25 20:00:28 prox sshd[11364]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.200.66.164 Apr 25 20:00:29 prox sshd[11364]: Failed password for invalid user git from 42.200.66.164 port 44652 ssh2 |
2020-04-26 02:37:06 |
| attackspambots | Invalid user erp from 42.200.66.164 port 33880 |
2020-04-24 17:44:32 |
| attackbotsspam | k+ssh-bruteforce |
2020-04-23 02:54:02 |
| attackbots | Apr 20 16:24:43 localhost sshd\[8628\]: Invalid user developer from 42.200.66.164 port 57342 Apr 20 16:24:43 localhost sshd\[8628\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.200.66.164 Apr 20 16:24:45 localhost sshd\[8628\]: Failed password for invalid user developer from 42.200.66.164 port 57342 ssh2 ... |
2020-04-21 01:02:06 |
| attackspam | Apr 13 20:57:47 vlre-nyc-1 sshd\[21902\]: Invalid user ternero from 42.200.66.164 Apr 13 20:57:47 vlre-nyc-1 sshd\[21902\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.200.66.164 Apr 13 20:57:49 vlre-nyc-1 sshd\[21902\]: Failed password for invalid user ternero from 42.200.66.164 port 48084 ssh2 Apr 13 21:01:34 vlre-nyc-1 sshd\[22003\]: Invalid user carter from 42.200.66.164 Apr 13 21:01:34 vlre-nyc-1 sshd\[22003\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.200.66.164 ... |
2020-04-14 05:27:56 |
| attackspam | SSH Brute-Force attacks |
2020-04-10 06:28:43 |
| attackbotsspam | (sshd) Failed SSH login from 42.200.66.164 (HK/Hong Kong/42-200-66-164.static.imsbiz.com): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 7 14:46:03 amsweb01 sshd[10224]: Invalid user ubuntu from 42.200.66.164 port 47564 Apr 7 14:46:06 amsweb01 sshd[10224]: Failed password for invalid user ubuntu from 42.200.66.164 port 47564 ssh2 Apr 7 14:50:33 amsweb01 sshd[10770]: Invalid user user from 42.200.66.164 port 59286 Apr 7 14:50:35 amsweb01 sshd[10770]: Failed password for invalid user user from 42.200.66.164 port 59286 ssh2 Apr 7 14:54:38 amsweb01 sshd[11173]: Invalid user user from 42.200.66.164 port 39014 |
2020-04-08 00:59:53 |
| attackbots | Apr 1 18:24:22 prox sshd[7030]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.200.66.164 Apr 1 18:24:24 prox sshd[7030]: Failed password for invalid user ws from 42.200.66.164 port 51884 ssh2 |
2020-04-04 09:29:28 |
| attack | Apr 1 12:45:06 web8 sshd\[23351\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.200.66.164 user=root Apr 1 12:45:07 web8 sshd\[23351\]: Failed password for root from 42.200.66.164 port 53130 ssh2 Apr 1 12:49:25 web8 sshd\[25513\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.200.66.164 user=root Apr 1 12:49:27 web8 sshd\[25513\]: Failed password for root from 42.200.66.164 port 60734 ssh2 Apr 1 12:54:13 web8 sshd\[28112\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.200.66.164 user=root |
2020-04-02 00:07:04 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 42.200.66.164
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 16733
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;42.200.66.164. IN A
;; AUTHORITY SECTION:
. 3600 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019080600 1800 900 604800 86400
;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Aug 06 20:48:43 CST 2019
;; MSG SIZE rcvd: 117164.66.200.42.in-addr.arpa domain name pointer 42-200-66-164.static.imsbiz.com.Server: 67.207.67.2
Address: 67.207.67.2#53
Non-authoritative answer:
164.66.200.42.in-addr.arpa name = 42-200-66-164.static.imsbiz.com.
Authoritative answers can be found from:| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 142.93.117.249 | attack | 2019-08-15T04:40:37.179265abusebot-8.cloudsearch.cf sshd\[13252\]: Invalid user applmgr from 142.93.117.249 port 48400 |
2019-08-15 13:07:56 |
| 78.0.4.185 | attackspambots | Brute force attempt |
2019-08-15 14:00:42 |
| 103.97.125.49 | attackbots | Aug 15 06:35:10 mail sshd\[22082\]: Invalid user admin4 from 103.97.125.49 port 43538 Aug 15 06:35:10 mail sshd\[22082\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.97.125.49 ... |
2019-08-15 13:46:38 |
| 101.95.29.150 | attack | Aug 15 04:07:17 www sshd\[224687\]: Invalid user shader from 101.95.29.150 Aug 15 04:07:17 www sshd\[224687\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.95.29.150 Aug 15 04:07:19 www sshd\[224687\]: Failed password for invalid user shader from 101.95.29.150 port 54086 ssh2 ... |
2019-08-15 13:49:01 |
| 62.65.78.55 | attackbots | Aug 15 03:25:59 unicornsoft sshd\[9783\]: Invalid user pi from 62.65.78.55 Aug 15 03:25:59 unicornsoft sshd\[9784\]: Invalid user pi from 62.65.78.55 Aug 15 03:25:59 unicornsoft sshd\[9783\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.65.78.55 Aug 15 03:25:59 unicornsoft sshd\[9784\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.65.78.55 |
2019-08-15 13:50:46 |
| 81.106.220.20 | attack | Aug 15 06:05:14 SilenceServices sshd[15745]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.106.220.20 Aug 15 06:05:16 SilenceServices sshd[15745]: Failed password for invalid user stackato from 81.106.220.20 port 40177 ssh2 Aug 15 06:09:16 SilenceServices sshd[18919]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.106.220.20 |
2019-08-15 13:39:02 |
| 178.159.249.66 | attack | Aug 15 06:49:35 vps647732 sshd[8285]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.159.249.66 Aug 15 06:49:38 vps647732 sshd[8285]: Failed password for invalid user ftpuser from 178.159.249.66 port 33378 ssh2 ... |
2019-08-15 12:54:37 |
| 81.22.45.225 | attack | Aug 15 06:54:10 lumpi kernel: INPUT:DROP:SPAMHAUS_EDROP:IN=eth0 OUT= MAC=52:54:a2:01:a5:04:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.225 DST=172.31.1.100 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=7850 PROTO=TCP SPT=41518 DPT=7070 WINDOW=1024 RES=0x00 SYN URGP=0 ... |
2019-08-15 13:00:19 |
| 122.160.138.253 | attackspam | Aug 15 00:50:34 xtremcommunity sshd\[20380\]: Invalid user i from 122.160.138.253 port 47410 Aug 15 00:50:34 xtremcommunity sshd\[20380\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.160.138.253 Aug 15 00:50:36 xtremcommunity sshd\[20380\]: Failed password for invalid user i from 122.160.138.253 port 47410 ssh2 Aug 15 00:56:06 xtremcommunity sshd\[20698\]: Invalid user procure from 122.160.138.253 port 38758 Aug 15 00:56:06 xtremcommunity sshd\[20698\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.160.138.253 ... |
2019-08-15 13:01:26 |
| 40.86.231.125 | attackspam | Aug 15 07:11:10 microserver sshd[31498]: Invalid user publico from 40.86.231.125 port 1152 Aug 15 07:11:10 microserver sshd[31498]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.86.231.125 Aug 15 07:11:12 microserver sshd[31498]: Failed password for invalid user publico from 40.86.231.125 port 1152 ssh2 Aug 15 07:16:24 microserver sshd[32279]: Invalid user amdsa from 40.86.231.125 port 1152 Aug 15 07:16:24 microserver sshd[32279]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.86.231.125 Aug 15 07:27:10 microserver sshd[33848]: Invalid user mj from 40.86.231.125 port 1152 Aug 15 07:27:10 microserver sshd[33848]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.86.231.125 Aug 15 07:27:12 microserver sshd[33848]: Failed password for invalid user mj from 40.86.231.125 port 1152 ssh2 Aug 15 07:32:30 microserver sshd[34640]: Invalid user stephen from 40.86.231.125 port 1152 Aug 15 07:3 |
2019-08-15 13:41:57 |
| 37.187.100.54 | attackspam | Aug 15 05:54:57 debian sshd\[10079\]: Invalid user git from 37.187.100.54 port 36764 Aug 15 05:54:57 debian sshd\[10079\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.187.100.54 ... |
2019-08-15 12:56:04 |
| 60.11.113.212 | attack | Aug 15 05:34:30 hb sshd\[11254\]: Invalid user walter from 60.11.113.212 Aug 15 05:34:30 hb sshd\[11254\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.11.113.212 Aug 15 05:34:32 hb sshd\[11254\]: Failed password for invalid user walter from 60.11.113.212 port 42913 ssh2 Aug 15 05:38:40 hb sshd\[12296\]: Invalid user slackware from 60.11.113.212 Aug 15 05:38:40 hb sshd\[12296\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.11.113.212 |
2019-08-15 13:47:29 |
| 194.63.249.113 | attack | eintrachtkultkellerfulda.de 194.63.249.113 \[15/Aug/2019:06:23:58 +0200\] "POST /wp-login.php HTTP/1.1" 200 2062 "-" "Mozilla/5.0 \(Windows NT 6.1\; WOW64\; rv:61.0.1\) Gecko/20120101 Firefox/61.0.1" eintrachtkultkellerfulda.de 194.63.249.113 \[15/Aug/2019:06:23:59 +0200\] "POST /wp-login.php HTTP/1.1" 200 2027 "-" "Mozilla/5.0 \(Windows NT 6.1\; WOW64\; rv:61.0.1\) Gecko/20120101 Firefox/61.0.1" |
2019-08-15 13:13:48 |
| 202.63.219.59 | attack | Aug 14 23:44:57 xb0 sshd[21321]: Failed password for invalid user rider from 202.63.219.59 port 55062 ssh2 Aug 14 23:44:57 xb0 sshd[21321]: Received disconnect from 202.63.219.59: 11: Bye Bye [preauth] Aug 14 23:51:23 xb0 sshd[10462]: Failed password for invalid user rider from 202.63.219.59 port 39170 ssh2 Aug 14 23:51:24 xb0 sshd[10462]: Received disconnect from 202.63.219.59: 11: Bye Bye [preauth] Aug 14 23:59:32 xb0 sshd[16583]: Failed password for invalid user euser from 202.63.219.59 port 38124 ssh2 Aug 14 23:59:32 xb0 sshd[16583]: Received disconnect from 202.63.219.59: 11: Bye Bye [preauth] Aug 15 00:01:31 xb0 sshd[9221]: Failed password for invalid user euser from 202.63.219.59 port 43306 ssh2 Aug 15 00:01:32 xb0 sshd[9221]: Received disconnect from 202.63.219.59: 11: Bye Bye [preauth] Aug 15 00:04:46 xb0 sshd[17705]: Failed password for invalid user vnc from 202.63.219.59 port 58746 ssh2 Aug 15 00:04:46 xb0 sshd[17705]: Received disconnect from 202.63.219.59: ........ ------------------------------- |
2019-08-15 13:38:01 |
| 198.211.120.142 | attack | SSH/22 MH Probe, BF, Hack - |
2019-08-15 13:21:01 |