180.168.141.242

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Shanghai Meidu Estate Development Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Sep 24 12:34:42 hosname22 sshd[13356]: Did not receive identification string from 180.168.141.242 port 42956 Sep 24 12:34:43 hosname22 sshd[13357]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.168.141.242 user=r.r Sep 24 12:34:45 hosname22 sshd[13357]: Failed password for r.r from 180.168.141.242 port 42975 ssh2 Sep 24 12:34:45 hosname22 sshd[13357]: error: Received disconnect from 180.168.141.242 port 42975:3: com.jcraft.jsch.JSchException: Auth fail [preauth] Sep 24 12:34:45 hosname22 sshd[13357]: Disconnected from 180.168.141.242 port 42975 [preauth] Sep 24 12:34:47 hosname22 sshd[13359]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.168.141.242 user=r.r Sep 24 12:34:49 hosname22 sshd[13359]: Failed password for r.r from 180.168.141.242 port 43097 ssh2 Sep 24 12:34:49 hosname22 sshd[13359]: error: Received disconnect from 180.168.141.242 port 43097:3: com.jcraft.jsch.JSchEx........ -------------------------------	2019-09-24 21:18:05

Type

Details

Datetime

attack

Sep 24 12:34:42 hosname22 sshd[13356]: Did not receive identification string from 180.168.141.242 port 42956
Sep 24 12:34:43 hosname22 sshd[13357]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.168.141.242  user=r.r
Sep 24 12:34:45 hosname22 sshd[13357]: Failed password for r.r from 180.168.141.242 port 42975 ssh2
Sep 24 12:34:45 hosname22 sshd[13357]: error: Received disconnect from 180.168.141.242 port 42975:3: com.jcraft.jsch.JSchException: Auth fail [preauth]
Sep 24 12:34:45 hosname22 sshd[13357]: Disconnected from 180.168.141.242 port 42975 [preauth]
Sep 24 12:34:47 hosname22 sshd[13359]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.168.141.242  user=r.r
Sep 24 12:34:49 hosname22 sshd[13359]: Failed password for r.r from 180.168.141.242 port 43097 ssh2
Sep 24 12:34:49 hosname22 sshd[13359]: error: Received disconnect from 180.168.141.242 port 43097:3: com.jcraft.jsch.JSchEx........
-------------------------------

2019-09-24 21:18:05

Comments on same subnet:

IP	Type	Details	Datetime
180.168.141.246	attackspambots	2020-09-25T05:55:09.528112snf-827550 sshd[32101]: Invalid user vtcbikes from 180.168.141.246 port 44946 2020-09-25T05:55:11.251800snf-827550 sshd[32101]: Failed password for invalid user vtcbikes from 180.168.141.246 port 44946 ssh2 2020-09-25T05:57:48.365405snf-827550 sshd[32723]: Invalid user phil from 180.168.141.246 port 54074 ...	2020-09-25 11:50:54
180.168.141.246	attack	Sep 14 06:41:33 *** sshd[13423]: User root from 180.168.141.246 not allowed because not listed in AllowUsers	2020-09-14 15:27:12
180.168.141.246	attack	Sep 14 00:54:04 vps639187 sshd\[11774\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.168.141.246 user=root Sep 14 00:54:06 vps639187 sshd\[11774\]: Failed password for root from 180.168.141.246 port 54474 ssh2 Sep 14 00:56:48 vps639187 sshd\[11817\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.168.141.246 user=root ...	2020-09-14 07:22:37
180.168.141.246	attackbots	sshd jail - ssh hack attempt	2020-08-15 02:10:58
180.168.141.246	attackbots	frenzy	2020-08-09 15:14:07
180.168.141.246	attack	fail2ban detected bruce force on ssh iptables	2020-08-06 22:34:54
180.168.141.246	attackbotsspam	Aug 6 06:35:44 ip-172-31-61-156 sshd[6735]: Failed password for root from 180.168.141.246 port 53214 ssh2 Aug 6 06:35:42 ip-172-31-61-156 sshd[6735]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.168.141.246 user=root Aug 6 06:35:44 ip-172-31-61-156 sshd[6735]: Failed password for root from 180.168.141.246 port 53214 ssh2 Aug 6 06:43:31 ip-172-31-61-156 sshd[7237]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.168.141.246 user=root Aug 6 06:43:33 ip-172-31-61-156 sshd[7237]: Failed password for root from 180.168.141.246 port 57448 ssh2 ...	2020-08-06 15:01:10
180.168.141.246	attack	Automatic Fail2ban report - Trying login SSH	2020-07-30 17:41:10
180.168.141.246	attackbots	Invalid user nagios from 180.168.141.246 port 60462	2020-07-27 21:04:44
180.168.141.246	attackbots	Jul 24 10:06:28 124388 sshd[29604]: Invalid user krammer from 180.168.141.246 port 36830 Jul 24 10:06:28 124388 sshd[29604]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.168.141.246 Jul 24 10:06:28 124388 sshd[29604]: Invalid user krammer from 180.168.141.246 port 36830 Jul 24 10:06:29 124388 sshd[29604]: Failed password for invalid user krammer from 180.168.141.246 port 36830 ssh2 Jul 24 10:07:30 124388 sshd[29648]: Invalid user gil from 180.168.141.246 port 51608	2020-07-24 19:30:15
180.168.141.246	attackbotsspam	Jul 16 20:34:39 webhost01 sshd[9578]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.168.141.246 Jul 16 20:34:40 webhost01 sshd[9578]: Failed password for invalid user jack from 180.168.141.246 port 43602 ssh2 ...	2020-07-16 22:30:16
180.168.141.246	attackbotsspam	Jul 12 05:56:22 vps647732 sshd[432]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.168.141.246 Jul 12 05:56:25 vps647732 sshd[432]: Failed password for invalid user paul from 180.168.141.246 port 40412 ssh2 ...	2020-07-12 12:22:34
180.168.141.246	attackbotsspam	Jul 11 05:50:21 rotator sshd\[13314\]: Invalid user anasztazia from 180.168.141.246Jul 11 05:50:23 rotator sshd\[13314\]: Failed password for invalid user anasztazia from 180.168.141.246 port 37314 ssh2Jul 11 05:53:48 rotator sshd\[13335\]: Invalid user dujiaju from 180.168.141.246Jul 11 05:53:50 rotator sshd\[13335\]: Failed password for invalid user dujiaju from 180.168.141.246 port 55708 ssh2Jul 11 05:57:06 rotator sshd\[14106\]: Invalid user shaohao from 180.168.141.246Jul 11 05:57:08 rotator sshd\[14106\]: Failed password for invalid user shaohao from 180.168.141.246 port 45868 ssh2 ...	2020-07-11 12:48:23
180.168.141.246	attack	2020-07-08T14:49:35.646452sd-86998 sshd[39627]: Invalid user suner from 180.168.141.246 port 36332 2020-07-08T14:49:35.652092sd-86998 sshd[39627]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.168.141.246 2020-07-08T14:49:35.646452sd-86998 sshd[39627]: Invalid user suner from 180.168.141.246 port 36332 2020-07-08T14:49:37.324347sd-86998 sshd[39627]: Failed password for invalid user suner from 180.168.141.246 port 36332 ssh2 2020-07-08T14:52:44.452538sd-86998 sshd[40124]: Invalid user jeneka from 180.168.141.246 port 58312 ...	2020-07-08 21:32:44
180.168.141.246	attackbotsspam	$f2bV_matches	2020-06-30 12:39:46

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 180.168.141.242
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2414
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;180.168.141.242.		IN	A

;; AUTHORITY SECTION:
.			550	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019092400 1800 900 604800 86400

;; Query time: 53 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Sep 24 21:18:03 CST 2019
;; MSG SIZE  rcvd: 119

Host info

Host 242.141.168.180.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 242.141.168.180.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
195.201.132.198	attackspambots	Too many connections or unauthorized access detected from Arctic banned ip	2019-07-27 10:15:22
202.105.18.222	attackspam	Invalid user farah from 202.105.18.222 port 26079	2019-07-27 10:14:54
103.65.195.163	attackspam	Jul 26 23:42:15 yabzik sshd[29787]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.65.195.163 Jul 26 23:42:16 yabzik sshd[29787]: Failed password for invalid user sz from 103.65.195.163 port 60138 ssh2 Jul 26 23:47:47 yabzik sshd[31596]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.65.195.163	2019-07-27 10:50:00
104.248.33.229	attackbotsspam	fail2ban	2019-07-27 10:04:36
163.172.28.183	attack	Jul 26 19:40:51 work-partkepr sshd\[6038\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.172.28.183 user=root Jul 26 19:40:53 work-partkepr sshd\[6038\]: Failed password for root from 163.172.28.183 port 40734 ssh2 ...	2019-07-27 10:47:08
51.68.187.192	attackspambots	Triggered by Fail2Ban	2019-07-27 10:27:41
61.219.171.213	attackspambots	Jul 26 22:20:34 xtremcommunity sshd\[28868\]: Invalid user princess from 61.219.171.213 port 39181 Jul 26 22:20:34 xtremcommunity sshd\[28868\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.219.171.213 Jul 26 22:20:36 xtremcommunity sshd\[28868\]: Failed password for invalid user princess from 61.219.171.213 port 39181 ssh2 Jul 26 22:25:36 xtremcommunity sshd\[29012\]: Invalid user fe from 61.219.171.213 port 36453 Jul 26 22:25:36 xtremcommunity sshd\[29012\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.219.171.213 ...	2019-07-27 10:34:22
198.27.81.223	attack	Jul 27 03:42:11 vps647732 sshd[14118]: Failed password for root from 198.27.81.223 port 48850 ssh2 ...	2019-07-27 10:38:16
106.13.139.111	attack	[Aegis] @ 2019-07-27 01:36:47 0100 -> Attempted Administrator Privilege Gain: ET SCAN LibSSH Based Frequent SSH Connections Likely BruteForce Attack	2019-07-27 10:52:56
86.124.138.80	attackbots	Automatic report - Port Scan Attack	2019-07-27 10:32:46
137.74.194.226	attackspambots	Jul 27 03:23:54 SilenceServices sshd[23544]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=137.74.194.226 Jul 27 03:23:56 SilenceServices sshd[23544]: Failed password for invalid user nancy from 137.74.194.226 port 49186 ssh2 Jul 27 03:28:11 SilenceServices sshd[28656]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=137.74.194.226	2019-07-27 10:05:01
94.102.51.31	attackspam	proto=tcp . spt=46997 . dpt=3389 . src=94.102.51.31 . dst=xx.xx.4.1 . (listed on CINS badguys Jul 26) (583)	2019-07-27 10:08:27
114.98.239.5	attack	Automatic report - Banned IP Access	2019-07-27 10:36:07
139.59.20.248	attack	Jul 26 21:49:06 heissa sshd\[6737\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.20.248 user=root Jul 26 21:49:09 heissa sshd\[6737\]: Failed password for root from 139.59.20.248 port 46010 ssh2 Jul 26 21:53:55 heissa sshd\[7326\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.20.248 user=root Jul 26 21:53:57 heissa sshd\[7326\]: Failed password for root from 139.59.20.248 port 39002 ssh2 Jul 26 21:58:49 heissa sshd\[7799\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.20.248 user=root	2019-07-27 10:16:40
179.50.226.247	attackspam	Jul 27 03:28:14 debian sshd\[24121\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.50.226.247 user=root Jul 27 03:28:16 debian sshd\[24121\]: Failed password for root from 179.50.226.247 port 46330 ssh2 ...	2019-07-27 10:40:21

Recently Reported IPs

185.201.5.32	103.129.99.21	115.68.207.48	190.197.75.186
73.90.129.233	114.186.241.183	80.11.182.36	195.228.22.54
111.243.151.27	2003:c9:370a:f300:89f7:13b6:9169:2c26	185.193.126.33	178.33.216.209
45.83.89.11	35.205.65.215	122.116.94.67	38.79.124.28
133.39.84.172	3.232.13.130	203.19.115.82	193.19.151.92