142.44.243.161

Basic Info

City: unknown

Region: unknown

Country: Canada

Internet Service Provider: OVH Hosting Inc.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2019-11-11 09:03:45
attackspambots	Nov 8 19:09:16 h2177944 kernel: \[6112155.288070\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=142.44.243.161 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=240 ID=64571 PROTO=TCP SPT=23990 DPT=23 WINDOW=0 RES=0x00 SYN URGP=0 Nov 8 19:09:34 h2177944 kernel: \[6112173.258398\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=142.44.243.161 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=240 ID=60261 PROTO=TCP SPT=57166 DPT=23 WINDOW=0 RES=0x00 SYN URGP=0 Nov 8 19:12:10 h2177944 kernel: \[6112329.221696\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=142.44.243.161 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=240 ID=19014 PROTO=TCP SPT=40139 DPT=23 WINDOW=0 RES=0x00 SYN URGP=0 Nov 8 19:13:54 h2177944 kernel: \[6112433.916701\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=142.44.243.161 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=240 ID=55872 PROTO=TCP SPT=6946 DPT=23 WINDOW=0 RES=0x00 SYN URGP=0 Nov 8 19:15:10 h2177944 kernel: \[6112509.834276\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=142.44.243.161 DST=85.214.117.9 LEN=40 TOS=0x00	2019-11-09 04:30:24
attackspambots	Unauthorised access (Nov 8) SRC=142.44.243.161 LEN=40 TTL=237 ID=59526 TCP DPT=23 WINDOW=0 SYN Unauthorised access (Nov 6) SRC=142.44.243.161 LEN=40 TTL=239 ID=1248 TCP DPT=23 WINDOW=0 SYN Unauthorised access (Nov 5) SRC=142.44.243.161 LEN=40 TTL=237 ID=34274 TCP DPT=23 WINDOW=0 SYN Unauthorised access (Nov 5) SRC=142.44.243.161 LEN=40 TTL=237 ID=61835 TCP DPT=23 WINDOW=0 SYN Unauthorised access (Nov 4) SRC=142.44.243.161 LEN=40 TTL=237 ID=52567 TCP DPT=23 WINDOW=0 SYN Unauthorised access (Nov 4) SRC=142.44.243.161 LEN=40 TTL=237 ID=18317 TCP DPT=23 WINDOW=0 SYN Unauthorised access (Nov 3) SRC=142.44.243.161 LEN=40 TTL=237 ID=16544 TCP DPT=23 WINDOW=0 SYN	2019-11-08 18:59:07
attackspam	Nov 2 22:54:24 h2177944 kernel: \[5607354.351930\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=142.44.243.161 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=47309 PROTO=TCP SPT=50898 DPT=23 WINDOW=0 RES=0x00 SYN URGP=0 Nov 2 22:54:36 h2177944 kernel: \[5607366.493998\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=142.44.243.161 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=62777 PROTO=TCP SPT=35399 DPT=23 WINDOW=0 RES=0x00 SYN URGP=0 Nov 2 22:55:10 h2177944 kernel: \[5607400.863459\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=142.44.243.161 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=240 ID=35029 PROTO=TCP SPT=11008 DPT=23 WINDOW=0 RES=0x00 SYN URGP=0 Nov 2 22:55:19 h2177944 kernel: \[5607410.179296\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=142.44.243.161 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=46821 PROTO=TCP SPT=56382 DPT=23 WINDOW=0 RES=0x00 SYN URGP=0 Nov 2 22:56:12 h2177944 kernel: \[5607462.536175\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=142.44.243.161 DST=85.214.117.9 LEN=40 TOS=0x0	2019-11-03 07:54:58
attackbotsspam	Excessive Port-Scanning	2019-10-25 20:48:25
attackspam	23/tcp 23/tcp [2019-09-29]2pkt	2019-09-29 14:08:41

Comments on same subnet:

IP	Type	Details	Datetime
142.44.243.190	attack	Exploited Host.	2020-07-25 23:23:07
142.44.243.160	attackspambots	<6 unauthorized SSH connections	2020-05-08 15:34:15
142.44.243.160	attackbotsspam	May 4 00:49:21 meumeu sshd[26299]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.44.243.160 May 4 00:49:22 meumeu sshd[26299]: Failed password for invalid user marcio from 142.44.243.160 port 43208 ssh2 May 4 00:53:52 meumeu sshd[30460]: Failed password for root from 142.44.243.160 port 48750 ssh2 ...	2020-05-04 07:10:26
142.44.243.160	attack	20 attempts against mh-ssh on cloud	2020-04-23 17:22:14
142.44.243.160	attack	Fail2Ban - SSH Bruteforce Attempt	2020-04-23 12:26:57
142.44.243.190	attack	2020-04-06T02:38:13.238478struts4.enskede.local sshd\[25312\]: Invalid user user3 from 142.44.243.190 port 37770 2020-04-06T02:38:13.246079struts4.enskede.local sshd\[25312\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.ip-142-44-243.net 2020-04-06T02:38:17.011930struts4.enskede.local sshd\[25312\]: Failed password for invalid user user3 from 142.44.243.190 port 37770 ssh2 2020-04-06T02:40:02.642733struts4.enskede.local sshd\[25367\]: Invalid user ubuntu from 142.44.243.190 port 57770 2020-04-06T02:40:02.650424struts4.enskede.local sshd\[25367\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.ip-142-44-243.net ...	2020-04-06 09:00:29
142.44.243.190	attackspambots	Tried sshing with brute force.	2020-04-02 06:29:04
142.44.243.190	attackbots	Mar 28 10:08:54 server sshd\[27528\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.ip-142-44-243.net user=root Mar 28 10:08:56 server sshd\[27528\]: Failed password for root from 142.44.243.190 port 34966 ssh2 Mar 28 10:10:39 server sshd\[28317\]: Invalid user test from 142.44.243.190 Mar 28 10:10:39 server sshd\[28317\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.ip-142-44-243.net Mar 28 10:10:41 server sshd\[28317\]: Failed password for invalid user test from 142.44.243.190 port 48964 ssh2 ...	2020-03-28 16:11:53
142.44.243.190	attackbotsspam	Mar 27 21:00:53 jane sshd[3937]: Failed password for root from 142.44.243.190 port 43702 ssh2 Mar 27 21:02:35 jane sshd[6190]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.44.243.190 ...	2020-03-28 05:07:23
142.44.243.190	attackbotsspam	Mar 24 21:46:17 sshd\[17456\]: User root from 190.ip-142-44-243.net not allowed because not listed in AllowUsersMar 24 21:46:19 sshd\[17456\]: Failed password for invalid user root from 142.44.243.190 port 55782 ssh2 ...	2020-03-25 06:49:38
142.44.243.190	attackbots	$f2bV_matches_ltvn	2020-03-18 09:36:56
142.44.243.126	attack	fail2ban	2020-03-07 17:26:00
142.44.243.160	attackbots	Unauthorized connection attempt detected from IP address 142.44.243.160 to port 2220 [J]	2020-02-02 04:15:09
142.44.243.160	attackspambots	Unauthorized connection attempt detected from IP address 142.44.243.160 to port 2220 [J]	2020-01-11 23:07:14
142.44.243.160	attackbots	2019-12-31T16:47:52.524173vps751288.ovh.net sshd\[7650\]: Invalid user kiltz from 142.44.243.160 port 45144 2019-12-31T16:47:52.532969vps751288.ovh.net sshd\[7650\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=160.ip-142-44-243.net 2019-12-31T16:47:54.834720vps751288.ovh.net sshd\[7650\]: Failed password for invalid user kiltz from 142.44.243.160 port 45144 ssh2 2019-12-31T16:50:55.103610vps751288.ovh.net sshd\[7654\]: Invalid user eskedal from 142.44.243.160 port 60289 2019-12-31T16:50:55.113652vps751288.ovh.net sshd\[7654\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=160.ip-142-44-243.net	2020-01-01 06:14:17

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.44.243.161
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 62135
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;142.44.243.161.			IN	A

;; AUTHORITY SECTION:
.			539	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019092801 1800 900 604800 86400

;; Query time: 536 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Sep 29 14:08:35 CST 2019
;; MSG SIZE  rcvd: 118

Host info

161.243.44.142.in-addr.arpa domain name pointer 161.ip-142-44-243.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
161.243.44.142.in-addr.arpa	name = 161.ip-142-44-243.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
94.124.246.43	attackspam	scan z	2019-08-30 13:20:17
180.241.24.29	attackspambots	" "	2019-08-30 14:13:19
128.199.199.113	attack	Aug 30 07:49:35 herz-der-gamer sshd[23613]: Invalid user app from 128.199.199.113 port 40818 Aug 30 07:49:35 herz-der-gamer sshd[23613]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.199.113 Aug 30 07:49:35 herz-der-gamer sshd[23613]: Invalid user app from 128.199.199.113 port 40818 Aug 30 07:49:37 herz-der-gamer sshd[23613]: Failed password for invalid user app from 128.199.199.113 port 40818 ssh2 ...	2019-08-30 14:18:09
104.199.174.199	attackspambots	Aug 30 05:29:55 yabzik sshd[8012]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.199.174.199 Aug 30 05:29:56 yabzik sshd[8012]: Failed password for invalid user bambi from 104.199.174.199 port 8878 ssh2 Aug 30 05:34:09 yabzik sshd[9562]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.199.174.199	2019-08-30 13:51:34
212.83.149.238	attack	Aug 30 05:49:53 MK-Soft-VM7 sshd\[32389\]: Invalid user ahmet from 212.83.149.238 port 50132 Aug 30 05:49:53 MK-Soft-VM7 sshd\[32389\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.83.149.238 Aug 30 05:49:55 MK-Soft-VM7 sshd\[32389\]: Failed password for invalid user ahmet from 212.83.149.238 port 50132 ssh2 ...	2019-08-30 14:00:00
138.197.105.79	attack	Aug 30 07:44:58 SilenceServices sshd[24415]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.105.79 Aug 30 07:44:59 SilenceServices sshd[24415]: Failed password for invalid user admin from 138.197.105.79 port 57534 ssh2 Aug 30 07:49:53 SilenceServices sshd[26238]: Failed password for root from 138.197.105.79 port 44606 ssh2	2019-08-30 14:04:45
82.186.144.163	attackbotsspam	23/tcp [2019-08-30]1pkt	2019-08-30 13:21:22
27.220.79.160	attack	Aug 29 17:36:54 TORMINT sshd\[10612\]: Invalid user maui from 27.220.79.160 Aug 29 17:36:54 TORMINT sshd\[10612\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.220.79.160 Aug 29 17:36:56 TORMINT sshd\[10612\]: Failed password for invalid user maui from 27.220.79.160 port 48156 ssh2 ...	2019-08-30 13:29:50
35.235.78.74	attackspam	Aug 30 07:41:33 OPSO sshd\[28716\]: Invalid user year from 35.235.78.74 port 42494 Aug 30 07:41:33 OPSO sshd\[28716\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.235.78.74 Aug 30 07:41:35 OPSO sshd\[28716\]: Failed password for invalid user year from 35.235.78.74 port 42494 ssh2 Aug 30 07:49:57 OPSO sshd\[29899\]: Invalid user marilena from 35.235.78.74 port 59822 Aug 30 07:49:57 OPSO sshd\[29899\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.235.78.74	2019-08-30 13:57:06
51.75.171.29	attack	Aug 29 19:49:10 web1 sshd\[8536\]: Invalid user sugar from 51.75.171.29 Aug 29 19:49:10 web1 sshd\[8536\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.171.29 Aug 29 19:49:12 web1 sshd\[8536\]: Failed password for invalid user sugar from 51.75.171.29 port 34572 ssh2 Aug 29 19:53:15 web1 sshd\[8892\]: Invalid user jobs from 51.75.171.29 Aug 29 19:53:15 web1 sshd\[8892\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.171.29	2019-08-30 13:53:41
128.199.240.120	attackbots	Invalid user docker from 128.199.240.120 port 38668	2019-08-30 13:16:57
101.109.119.58	attackspam	SMB Server BruteForce Attack	2019-08-30 13:19:50
119.146.145.104	attackspam	Aug 30 07:43:44 v22019058497090703 sshd[22947]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.146.145.104 Aug 30 07:43:45 v22019058497090703 sshd[22947]: Failed password for invalid user minecraft2 from 119.146.145.104 port 5650 ssh2 Aug 30 07:49:43 v22019058497090703 sshd[23397]: Failed password for root from 119.146.145.104 port 5651 ssh2 ...	2019-08-30 14:10:46
70.168.93.204	attackbots	Attempt to login to email server on IMAP service on 30-08-2019 06:49:39.	2019-08-30 14:13:55
14.34.28.131	attackbotsspam	Aug 30 07:49:53 cvbmail sshd\[21133\]: Invalid user rtorrent from 14.34.28.131 Aug 30 07:49:53 cvbmail sshd\[21133\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.34.28.131 Aug 30 07:49:56 cvbmail sshd\[21133\]: Failed password for invalid user rtorrent from 14.34.28.131 port 57678 ssh2	2019-08-30 13:57:49

Recently Reported IPs

54.36.149.100	97.74.234.94	125.111.156.233	1.29.41.166
135.10.216.15	168.80.128.152	188.213.49.121	45.136.109.186
183.92.43.134	167.71.222.193	113.173.169.245	144.48.111.222
167.71.236.0	182.239.92.39	117.63.1.228	73.252.254.22
51.15.138.43	91.137.18.101	188.68.47.181	35.229.86.127