145.239.42.107

Basic Info

City: unknown

Region: unknown

Country: France

Internet Service Provider: OVH SAS

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	$f2bV_matches	2020-01-11 22:35:01
attackspam	Dec 22 15:26:53 ws12vmsma01 sshd[17115]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.42.107 Dec 22 15:26:53 ws12vmsma01 sshd[17115]: Invalid user user from 145.239.42.107 Dec 22 15:26:55 ws12vmsma01 sshd[17115]: Failed password for invalid user user from 145.239.42.107 port 42148 ssh2 ...	2019-12-23 06:38:57
attackspambots	Dec 19 06:54:36 sso sshd[8108]: Failed password for root from 145.239.42.107 port 38590 ssh2 ...	2019-12-19 14:15:08
attackbotsspam	SSH Bruteforce attempt	2019-12-14 07:23:39
attackspambots	Dec 12 23:42:33 loxhost sshd\[21460\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.42.107 user=root Dec 12 23:42:35 loxhost sshd\[21460\]: Failed password for root from 145.239.42.107 port 36628 ssh2 Dec 12 23:48:14 loxhost sshd\[21639\]: Invalid user rashiem from 145.239.42.107 port 45678 Dec 12 23:48:14 loxhost sshd\[21639\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.42.107 Dec 12 23:48:16 loxhost sshd\[21639\]: Failed password for invalid user rashiem from 145.239.42.107 port 45678 ssh2 ...	2019-12-13 06:54:09
attackspambots	Too many connections or unauthorized access detected from Arctic banned ip	2019-12-11 07:36:59
attackbots	Dec 10 15:12:14 hcbbdb sshd\[6439\]: Invalid user ashleykath from 145.239.42.107 Dec 10 15:12:14 hcbbdb sshd\[6439\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.42.107 Dec 10 15:12:16 hcbbdb sshd\[6439\]: Failed password for invalid user ashleykath from 145.239.42.107 port 43196 ssh2 Dec 10 15:18:04 hcbbdb sshd\[7163\]: Invalid user rafols from 145.239.42.107 Dec 10 15:18:04 hcbbdb sshd\[7163\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.42.107	2019-12-10 23:22:44
attackspambots	Dec 9 06:47:08 wbs sshd\[30658\]: Invalid user kate from 145.239.42.107 Dec 9 06:47:08 wbs sshd\[30658\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.42.107 Dec 9 06:47:09 wbs sshd\[30658\]: Failed password for invalid user kate from 145.239.42.107 port 39150 ssh2 Dec 9 06:53:06 wbs sshd\[31319\]: Invalid user oyakuma from 145.239.42.107 Dec 9 06:53:06 wbs sshd\[31319\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.42.107	2019-12-10 00:59:44
attackspam	SSH invalid-user multiple login attempts	2019-12-08 17:11:08
attackspam	SSH brute-force: detected 33 distinct usernames within a 24-hour window.	2019-12-05 19:57:58
attack	ssh intrusion attempt	2019-11-22 17:22:23
attackspam	Nov 17 06:17:17 web8 sshd\[13050\]: Invalid user sig@tjlt from 145.239.42.107 Nov 17 06:17:17 web8 sshd\[13050\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.42.107 Nov 17 06:17:19 web8 sshd\[13050\]: Failed password for invalid user sig@tjlt from 145.239.42.107 port 35220 ssh2 Nov 17 06:21:07 web8 sshd\[15028\]: Invalid user !@\#ewq!@\# from 145.239.42.107 Nov 17 06:21:07 web8 sshd\[15028\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.42.107	2019-11-17 21:27:05
attack	2019-11-13T01:26:48.361927ns547587 sshd\[1369\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.42.107.kr-k.de user=root 2019-11-13T01:26:50.847019ns547587 sshd\[1369\]: Failed password for root from 145.239.42.107 port 54708 ssh2 2019-11-13T01:30:13.300899ns547587 sshd\[5820\]: Invalid user biliamee from 145.239.42.107 port 35256 2019-11-13T01:30:13.304768ns547587 sshd\[5820\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.42.107.kr-k.de ...	2019-11-13 14:46:26
attackspambots	SSH Brute Force, server-1 sshd[4737]: Failed password for invalid user webmaster from 145.239.42.107 port 41128 ssh2	2019-11-12 00:00:12
attackspam	SSH brutforce	2019-11-07 18:12:35
attack	Invalid user stefan from 145.239.42.107 port 52496	2019-10-25 17:10:57
attack	Invalid user stefan from 145.239.42.107 port 52496	2019-10-24 16:47:34
attack	Oct 20 07:05:01 localhost sshd\[30811\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.42.107 user=root Oct 20 07:05:03 localhost sshd\[30811\]: Failed password for root from 145.239.42.107 port 43072 ssh2 Oct 20 07:09:06 localhost sshd\[31175\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.42.107 user=root	2019-10-20 13:19:14

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 145.239.42.107
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 43683
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;145.239.42.107.			IN	A

;; AUTHORITY SECTION:
.			572	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019101901 1800 900 604800 86400

;; Query time: 63 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Oct 20 13:19:10 CST 2019
;; MSG SIZE  rcvd: 118

Host info

107.42.239.145.in-addr.arpa domain name pointer 145.239.42.107.kr-k.de.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
107.42.239.145.in-addr.arpa	name = 145.239.42.107.kr-k.de.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
190.211.141.217	attack	Sep 3 09:30:43 mail sshd\[2376\]: Invalid user chwei from 190.211.141.217 port 49161 Sep 3 09:30:43 mail sshd\[2376\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.211.141.217 ...	2019-09-03 16:48:31
118.68.246.43	attackspam	445/tcp 445/tcp [2019-09-03]2pkt	2019-09-03 16:56:37
150.95.110.73	attackspambots	Automated report - ssh fail2ban: Sep 3 10:06:24 authentication failure Sep 3 10:06:26 wrong password, user=postgres, port=43602, ssh2 Sep 3 10:10:56 authentication failure	2019-09-03 16:40:12
190.221.50.90	attackbots	Sep 2 22:05:54 wbs sshd\[29745\]: Invalid user admin from 190.221.50.90 Sep 2 22:05:54 wbs sshd\[29745\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.221.50.90 Sep 2 22:05:56 wbs sshd\[29745\]: Failed password for invalid user admin from 190.221.50.90 port 20918 ssh2 Sep 2 22:11:17 wbs sshd\[30404\]: Invalid user student from 190.221.50.90 Sep 2 22:11:17 wbs sshd\[30404\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.221.50.90	2019-09-03 16:24:57
107.170.227.141	attackspam	Sep 3 10:23:11 meumeu sshd[420]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.170.227.141 Sep 3 10:23:13 meumeu sshd[420]: Failed password for invalid user sameer from 107.170.227.141 port 33354 ssh2 Sep 3 10:27:16 meumeu sshd[904]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.170.227.141 ...	2019-09-03 16:39:36
59.167.178.41	attackbots	Sep 3 04:57:12 plusreed sshd[5607]: Invalid user bootcamp from 59.167.178.41 ...	2019-09-03 17:05:11
218.98.26.165	attack	Sep 3 10:26:57 herz-der-gamer sshd[23317]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.98.26.165 user=root Sep 3 10:26:59 herz-der-gamer sshd[23317]: Failed password for root from 218.98.26.165 port 11986 ssh2 ...	2019-09-03 16:50:32
198.108.67.51	attack	firewall-block, port(s): 5604/tcp	2019-09-03 16:58:16
186.89.236.247	attack	445/tcp [2019-09-03]1pkt	2019-09-03 16:54:07
154.124.162.121	attackbots	TCP src-port=19034 dst-port=25 dnsbl-sorbs abuseat-org barracuda (Project Honey Pot rated Suspicious) (1335)	2019-09-03 16:16:39
123.138.18.35	attackbots	Sep 3 10:22:36 mail sshd\[9733\]: Invalid user user from 123.138.18.35 port 32772 Sep 3 10:22:36 mail sshd\[9733\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.138.18.35 Sep 3 10:22:38 mail sshd\[9733\]: Failed password for invalid user user from 123.138.18.35 port 32772 ssh2 Sep 3 10:26:12 mail sshd\[10340\]: Invalid user appman from 123.138.18.35 port 47278 Sep 3 10:26:12 mail sshd\[10340\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.138.18.35	2019-09-03 16:30:42
159.89.230.141	attackspam	2019-09-03T08:10:54.231074abusebot-2.cloudsearch.cf sshd\[634\]: Invalid user dean from 159.89.230.141 port 48810	2019-09-03 16:43:11
193.169.255.102	attack	WordPress login Brute force / Web App Attack on client site.	2019-09-03 17:02:29
51.15.17.103	attackspam	Sep 2 22:22:32 kapalua sshd\[3812\]: Invalid user chris from 51.15.17.103 Sep 2 22:22:32 kapalua sshd\[3812\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.15.17.103 Sep 2 22:22:33 kapalua sshd\[3812\]: Failed password for invalid user chris from 51.15.17.103 port 45038 ssh2 Sep 2 22:26:29 kapalua sshd\[4292\]: Invalid user cad from 51.15.17.103 Sep 2 22:26:29 kapalua sshd\[4292\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.15.17.103	2019-09-03 16:54:30
110.252.46.64	attackbotsspam	Unauthorised access (Sep 3) SRC=110.252.46.64 LEN=40 TTL=49 ID=44715 TCP DPT=8080 WINDOW=13850 SYN Unauthorised access (Sep 2) SRC=110.252.46.64 LEN=40 TTL=49 ID=28821 TCP DPT=8080 WINDOW=13850 SYN	2019-09-03 16:51:50

Recently Reported IPs

211.179.76.9	34.87.24.125	185.40.15.247	142.93.218.34
202.52.52.94	200.194.28.159	184.186.75.132	103.61.39.106
174.142.90.14	52.14.33.15	83.149.128.234	23.244.43.2
213.215.82.36	195.138.72.83	167.71.4.130	160.106.238.48
185.40.12.193	83.22.197.253	207.180.196.57	174.139.98.234