140.206.157.242

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: China Unicom Shanghai City Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	...	2020-09-06 22:01:59
attackbotsspam	Sep 6 05:14:35 h2829583 sshd[32413]: Failed password for root from 140.206.157.242 port 36812 ssh2	2020-09-06 13:37:25
attackbotsspam	SSH Invalid Login	2020-09-06 05:52:11
attack	Aug 7 08:03:52 lanister sshd[6659]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.206.157.242 user=root Aug 7 08:03:54 lanister sshd[6659]: Failed password for root from 140.206.157.242 port 55508 ssh2 Aug 7 08:05:34 lanister sshd[6664]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.206.157.242 user=root Aug 7 08:05:36 lanister sshd[6664]: Failed password for root from 140.206.157.242 port 44698 ssh2	2020-08-07 23:22:33
attackbotsspam	$f2bV_matches	2020-07-20 06:36:49
attackspam	Coordinated SSH brute-force attack from different IPs. pam_unix(sshd:auth):	2020-07-19 22:31:10
attackspambots	DATE:2020-07-17 22:34:13,IP:140.206.157.242,MATCHES:10,PORT:ssh	2020-07-18 04:39:05
attack	Jul 3 22:30:09 gestao sshd[11840]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.206.157.242 Jul 3 22:30:11 gestao sshd[11840]: Failed password for invalid user kun from 140.206.157.242 port 34436 ssh2 Jul 3 22:34:07 gestao sshd[11981]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.206.157.242 ...	2020-07-04 05:41:51
attack	Jun 27 10:22:38 firewall sshd[30149]: Invalid user kf from 140.206.157.242 Jun 27 10:22:40 firewall sshd[30149]: Failed password for invalid user kf from 140.206.157.242 port 26532 ssh2 Jun 27 10:26:23 firewall sshd[30273]: Invalid user git from 140.206.157.242 ...	2020-06-27 21:32:48
attackbots	Jun 26 16:07:28 ip-172-31-61-156 sshd[25323]: Invalid user deploy from 140.206.157.242 ...	2020-06-27 00:59:21
attackbots	SSH brute force	2020-06-25 08:13:35
attackbotsspam	$f2bV_matches	2020-05-26 03:10:37
attackbots	May 12 13:40:08 XXX sshd[19742]: Invalid user admin from 140.206.157.242 port 49882	2020-05-13 08:41:31
attackbots	May 9 07:47:39 gw1 sshd[16085]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.206.157.242 May 9 07:47:41 gw1 sshd[16085]: Failed password for invalid user tess from 140.206.157.242 port 35190 ssh2 ...	2020-05-09 19:10:12
attackbotsspam	Apr 25 03:56:32 ip-172-31-61-156 sshd[8040]: Invalid user nmwangi from 140.206.157.242 Apr 25 03:56:34 ip-172-31-61-156 sshd[8040]: Failed password for invalid user nmwangi from 140.206.157.242 port 53756 ssh2 Apr 25 03:56:32 ip-172-31-61-156 sshd[8040]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.206.157.242 Apr 25 03:56:32 ip-172-31-61-156 sshd[8040]: Invalid user nmwangi from 140.206.157.242 Apr 25 03:56:34 ip-172-31-61-156 sshd[8040]: Failed password for invalid user nmwangi from 140.206.157.242 port 53756 ssh2 ...	2020-04-25 14:22:00
attack	5x Failed Password	2020-04-25 02:45:15
attackspam	SSH brute-force attempt	2020-04-18 17:57:21
attack	Apr 17 12:51:50 ovpn sshd\[8387\]: Invalid user sftpuser from 140.206.157.242 Apr 17 12:51:50 ovpn sshd\[8387\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.206.157.242 Apr 17 12:51:53 ovpn sshd\[8387\]: Failed password for invalid user sftpuser from 140.206.157.242 port 51404 ssh2 Apr 17 13:05:35 ovpn sshd\[11479\]: Invalid user ea from 140.206.157.242 Apr 17 13:05:35 ovpn sshd\[11479\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.206.157.242	2020-04-17 20:20:09
attackbots	" "	2020-04-06 15:58:45
attackspam	Mar 25 19:05:07 vps647732 sshd[3564]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.206.157.242 Mar 25 19:05:08 vps647732 sshd[3564]: Failed password for invalid user sooya118 from 140.206.157.242 port 53094 ssh2 ...	2020-03-26 02:15:48

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 140.206.157.242
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21196
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;140.206.157.242.		IN	A

;; AUTHORITY SECTION:
.			599	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020032501 1800 900 604800 86400

;; Query time: 98 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Mar 26 02:15:39 CST 2020
;; MSG SIZE  rcvd: 119

Host info

Host 242.157.206.140.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 242.157.206.140.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
193.87.1.1	attackbotsspam	Nov 20 14:30:12 server sshd\[27938\]: Invalid user holm from 193.87.1.1 Nov 20 14:30:12 server sshd\[27938\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=auriga.ta3.sk Nov 20 14:30:15 server sshd\[27938\]: Failed password for invalid user holm from 193.87.1.1 port 59586 ssh2 Nov 20 14:45:17 server sshd\[31656\]: Invalid user toshiter from 193.87.1.1 Nov 20 14:45:17 server sshd\[31656\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=auriga.ta3.sk ...	2019-11-20 20:09:47
5.135.101.228	attackbotsspam	Nov 20 09:08:59 localhost sshd\[20259\]: Invalid user oracle from 5.135.101.228 port 45662 Nov 20 09:08:59 localhost sshd\[20259\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.135.101.228 Nov 20 09:09:01 localhost sshd\[20259\]: Failed password for invalid user oracle from 5.135.101.228 port 45662 ssh2 ...	2019-11-20 20:15:15
203.207.57.116	attackspambots	2019-11-20 06:02:06 H=([203.207.57.116]) [203.207.57.116]:14723 I=[10.100.18.22]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=203.207.57.116) 2019-11-20 06:02:06 unexpected disconnection while reading SMTP command from ([203.207.57.116]) [203.207.57.116]:14723 I=[10.100.18.22]:25 (error: Connection reset by peer) 2019-11-20 07:20:32 H=([203.207.57.116]) [203.207.57.116]:24380 I=[10.100.18.22]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=203.207.57.116) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=203.207.57.116	2019-11-20 20:27:22
173.162.229.10	attackbotsspam	2019-11-20T07:26:38.505942abusebot-5.cloudsearch.cf sshd\[6493\]: Invalid user alm from 173.162.229.10 port 44528	2019-11-20 19:51:27
219.91.254.52	attackspambots	Unauthorised access (Nov 20) SRC=219.91.254.52 LEN=48 PREC=0x20 TTL=50 ID=3675 DF TCP DPT=445 WINDOW=8192 SYN	2019-11-20 20:06:36
211.230.126.210	attack	Port Scan 1433	2019-11-20 20:06:17
81.22.198.111	attackbotsspam	Nov 19 23:35:08 sachi sshd\[31573\]: Invalid user dimas from 81.22.198.111 Nov 19 23:35:08 sachi sshd\[31573\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.22.198.111 Nov 19 23:35:10 sachi sshd\[31573\]: Failed password for invalid user dimas from 81.22.198.111 port 42114 ssh2 Nov 19 23:40:09 sachi sshd\[32042\]: Invalid user france from 81.22.198.111 Nov 19 23:40:09 sachi sshd\[32042\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.22.198.111	2019-11-20 20:23:12
104.131.89.163	attack	Nov 20 11:46:56 markkoudstaal sshd[15682]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.89.163 Nov 20 11:46:58 markkoudstaal sshd[15682]: Failed password for invalid user admimm from 104.131.89.163 port 49742 ssh2 Nov 20 11:50:44 markkoudstaal sshd[16016]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.89.163	2019-11-20 20:11:40
116.15.147.72	attack	2019-11-20 05:53:19 H=bb116-15-147-72.singnet.com.sg [116.15.147.72]:14463 I=[10.100.18.22]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=116.15.147.72) 2019-11-20 05:53:20 unexpected disconnection while reading SMTP command from bb116-15-147-72.singnet.com.sg [116.15.147.72]:14463 I=[10.100.18.22]:25 (error: Connection reset by peer) 2019-11-20 07:17:25 H=bb116-15-147-72.singnet.com.sg [116.15.147.72]:30237 I=[10.100.18.22]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=116.15.147.72) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=116.15.147.72	2019-11-20 20:02:45
89.16.106.99	attackbots	[portscan] Port scan	2019-11-20 20:22:47
66.249.75.51	attackbots	66.249.75.51 - - [20/Nov/2019:07:22:21 +0100] "GET /blog/wp-login.php HTTP/1.1" 404 4095 "-" "Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.96 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"	2019-11-20 20:27:55
47.211.92.148	spambotsattackproxy	Bolo for IP address 47.211.92.148	2019-11-20 20:12:33
112.36.16.159	attackbots	DATE:2019-11-20 07:23:17, IP:112.36.16.159, PORT:telnet - Telnet brute force auth on a honeypot server (epe-dc)	2019-11-20 20:00:07
202.5.53.113	attackbotsspam	Autoban 202.5.53.113 AUTH/CONNECT	2019-11-20 20:19:55
122.14.216.49	attackbotsspam	Nov 20 07:49:44 microserver sshd[47647]: Invalid user erdal from 122.14.216.49 port 61943 Nov 20 07:49:44 microserver sshd[47647]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.14.216.49 Nov 20 07:49:46 microserver sshd[47647]: Failed password for invalid user erdal from 122.14.216.49 port 61943 ssh2 Nov 20 07:55:56 microserver sshd[48782]: Invalid user camp4 from 122.14.216.49 port 14459 Nov 20 07:55:56 microserver sshd[48782]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.14.216.49 Nov 20 08:08:08 microserver sshd[50291]: Invalid user gomber from 122.14.216.49 port 47449 Nov 20 08:08:08 microserver sshd[50291]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.14.216.49 Nov 20 08:08:11 microserver sshd[50291]: Failed password for invalid user gomber from 122.14.216.49 port 47449 ssh2 Nov 20 08:14:23 microserver sshd[51017]: Invalid user suthurst from 122.14.216.49 port 63944	2019-11-20 19:58:37

Recently Reported IPs

94.82.129.255	31.216.161.173	85.227.170.174	58.56.96.27
49.151.254.105	209.141.58.29	192.241.239.62	179.107.1.217
91.126.239.57	83.122.90.111	123.52.40.182	46.47.52.140
45.134.144.117	177.46.136.7	62.152.31.192	54.186.157.184
45.60.188.46	123.21.28.168	92.97.49.53	46.242.61.132