This IP address has been reported a total of
1,465
times from
656 distinct
sources.
104.243.42.167 was first reported on
, and the most recent report was
.
Recent Reports:
We have received reports of abusive activity from this IP address within the last week. It is
potentially still actively engaged in abusive activities.
2026-06-02T07:17:02.261660+10:00 sleep-salami sshd[872906]: Invalid user idempiere from 104.243.42.1 ...
show more2026-06-02T07:17:02.261660+10:00 sleep-salami sshd[872906]: Invalid user idempiere from 104.243.42.167 port 55136
2026-06-02T07:17:02.480600+10:00 sleep-salami sshd[872906]: Disconnected from invalid user idempiere 104.243.42.167 port 55136 [preauth]
2026-06-02T07:18:24.154183+10:00 sleep-salami sshd[872919]: Invalid user delphi from 104.243.42.167 port 51338
2026-06-02T07:18:24.366941+10:00 sleep-salami sshd[872919]: Disconnected from invalid user delphi 104.243.42.167 port 51338 [preauth]
2026-06-02T07:19:52.862734+10:00 sleep-salami sshd[872929]: Invalid user mminchenok from 104.243.42.167 port 45744
...
show less
2026-06-02T00:07:40.200873+03:00 mailhub sshd[4009651]: Failed password for invalid user jenkins fro ...
show more2026-06-02T00:07:40.200873+03:00 mailhub sshd[4009651]: Failed password for invalid user jenkins from 104.243.42.167 port 58570 ssh2
2026-06-02T00:08:53.904813+03:00 mailhub sshd[4010380]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.243.42.167 user=root
2026-06-02T00:08:55.828329+03:00 mailhub sshd[4010380]: Failed password for root from 104.243.42.167 port 54358 ssh2
...
show less
2026-06-02T06:44:40.172227+10:00 sleep-salami sshd[872670]: Disconnected from authenticating user ro ...
show more2026-06-02T06:44:40.172227+10:00 sleep-salami sshd[872670]: Disconnected from authenticating user root 104.243.42.167 port 39846 [preauth]
2026-06-02T06:50:25.573330+10:00 sleep-salami sshd[872689]: Disconnected from authenticating user root 104.243.42.167 port 54356 [preauth]
2026-06-02T06:51:49.157351+10:00 sleep-salami sshd[872709]: Invalid user jenkins from 104.243.42.167 port 44072
2026-06-02T06:51:49.377610+10:00 sleep-salami sshd[872709]: Disconnected from invalid user jenkins 104.243.42.167 port 44072 [preauth]
2026-06-02T06:53:17.457744+10:00 sleep-salami sshd[872714]: Invalid user vlad from 104.243.42.167 port 39076
...
show less
2026-06-01T21:32:34.670888+02:00 box sshd[1340198]: pam_unix(sshd:auth): authentication failure; log ...
show more2026-06-01T21:32:34.670888+02:00 box sshd[1340198]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.243.42.167
2026-06-01T21:32:36.905344+02:00 box sshd[1340198]: Failed password for invalid user support from 104.243.42.167 port 50772 ssh2
2026-06-01T21:39:53.052136+02:00 box sshd[1341270]: Invalid user hb from 104.243.42.167 port 39826
...
show less
Brute-Force
SSH
Anonymous
Fail2ban (sshd jail): 2 failed SSH attempts from 104.243.42.167.
[fail2ban Auto Report] 2026-06-01T15:38:44.441842-04:00 alpha sshd-session[2328912]: Invalid user su ...
show more[fail2ban Auto Report] 2026-06-01T15:38:44.441842-04:00 alpha sshd-session[2328912]: Invalid user support from 104.243.42.167 port 55456
...
show less
Cowrie Honeypot: 5 unauthorised SSH/Telnet login attempts between 2026-06-01T18:35:21Z and 2026-06-0 ...
show moreCowrie Honeypot: 5 unauthorised SSH/Telnet login attempts between 2026-06-01T18:35:21Z and 2026-06-01T18:41:42Z
show less
Brute-Force
SSH
Anonymous
Jun 1 19:29:40 conf sshd[1935288]: Disconnected from invalid user ubuntu 104.243.42.167 port 49026 ...
show moreJun 1 19:29:40 conf sshd[1935288]: Disconnected from invalid user ubuntu 104.243.42.167 port 49026 [preauth]
Jun 1 19:35:28 conf sshd[1936331]: Connection from 104.243.42.167 port 44968 on 79.137.33.6 port 22 rdomain ""
Jun 1 19:35:29 conf sshd[1936331]: Invalid user tomcat from 104.243.42.167 port 44968
...
show less
2026-06-01T19:54:24.088505+02:00 pve-osd-202 sshd[2048588]: Disconnected from authenticating user ro ...
show more2026-06-01T19:54:24.088505+02:00 pve-osd-202 sshd[2048588]: Disconnected from authenticating user root 104.243.42.167 port 48098 [preauth]
2026-06-01T19:55:58.198998+02:00 pve-osd-202 sshd[2048636]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.243.42.167 user=root
2026-06-01T19:56:00.072353+02:00 pve-osd-202 sshd[2048636]: Failed password for root from 104.243.42.167 port 35560 ssh2
2026-06-01T19:56:01.784899+02:00 pve-osd-202 sshd[2048636]: Disconnected from authenticating user root 104.243.42.167 port 35560 [preauth]
2026-06-01T19:57:32.414980+02:00 pve-osd-202 sshd[2048724]: Invalid user user1 from 104.243.42.167 port 34314
...
show less
104.243.42.167 (US/United States/-), 5 distributed sshd attacks on account [root] in the last 3600 s ...
show more104.243.42.167 (US/United States/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_DISTATTACK; Logs: Jun 1 12:55:40 14835 sshd[28538]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.243.42.167 user=root
Jun 1 12:53:01 14835 sshd[27086]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=98.70.3.41 user=root
Jun 1 12:53:03 14835 sshd[27086]: Failed password for root from 98.70.3.41 port 59482 ssh2
Jun 1 12:55:16 14835 sshd[28368]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.230.111.14 user=root
Jun 1 12:55:18 14835 sshd[28368]: Failed password for root from 213.230.111.14 port 37280 ssh2
IP Addresses Blocked:
show less
Brute-Force
SSH
Showing 196 to
210
of 1465 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ