128.199.142.204

Basic Info

City: unknown

Region: unknown

Country: Singapore

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	firewall-block, port(s): 2048/tcp	2020-04-17 02:12:37

Comments on same subnet:

IP	Type	Details	Datetime
128.199.142.0	attackspambots	Sep 12 16:16:37 serwer sshd\[3065\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.142.0 user=root Sep 12 16:16:38 serwer sshd\[3065\]: Failed password for root from 128.199.142.0 port 36918 ssh2 Sep 12 16:25:32 serwer sshd\[3957\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.142.0 user=root ...	2020-09-12 23:12:22
128.199.142.0	attackspambots	$f2bV_matches	2020-09-12 15:17:07
128.199.142.0	attack	SSH Invalid Login	2020-09-12 07:03:24
128.199.142.0	attack	(sshd) Failed SSH login from 128.199.142.0 (SG/Singapore/-): 5 in the last 3600 secs	2020-08-21 00:59:43
128.199.142.138	attackspam	Aug 15 07:06:35 piServer sshd[16442]: Failed password for root from 128.199.142.138 port 56860 ssh2 Aug 15 07:09:24 piServer sshd[16715]: Failed password for root from 128.199.142.138 port 54146 ssh2 ...	2020-08-15 14:57:07
128.199.142.0	attack	Aug 14 22:59:53 jumpserver sshd[155239]: Failed password for root from 128.199.142.0 port 56510 ssh2 Aug 14 23:04:02 jumpserver sshd[155283]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.142.0 user=root Aug 14 23:04:05 jumpserver sshd[155283]: Failed password for root from 128.199.142.0 port 39556 ssh2 ...	2020-08-15 07:49:09
128.199.142.138	attackbotsspam	Aug 14 16:26:15 vps sshd[1025149]: Failed password for invalid user Asdfg%TGB123 from 128.199.142.138 port 48686 ssh2 Aug 14 16:30:19 vps sshd[1046148]: Invalid user %username%qwert from 128.199.142.138 port 57634 Aug 14 16:30:19 vps sshd[1046148]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.142.138 Aug 14 16:30:21 vps sshd[1046148]: Failed password for invalid user %username%qwert from 128.199.142.138 port 57634 ssh2 Aug 14 16:34:27 vps sshd[15694]: Invalid user qwert@123123 from 128.199.142.138 port 38322 ...	2020-08-15 03:01:23
128.199.142.0	attackbots	2020-08-14T07:27:17.993455lavrinenko.info sshd[9049]: Failed password for root from 128.199.142.0 port 40734 ssh2 2020-08-14T07:28:35.008729lavrinenko.info sshd[9057]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.142.0 user=root 2020-08-14T07:28:36.458512lavrinenko.info sshd[9057]: Failed password for root from 128.199.142.0 port 59172 ssh2 2020-08-14T07:29:53.718300lavrinenko.info sshd[9064]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.142.0 user=root 2020-08-14T07:29:55.679886lavrinenko.info sshd[9064]: Failed password for root from 128.199.142.0 port 49378 ssh2 ...	2020-08-14 14:06:02
128.199.142.138	attackspam	Aug 13 12:18:41 itv-usvr-01 sshd[7872]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.142.138 user=root Aug 13 12:18:43 itv-usvr-01 sshd[7872]: Failed password for root from 128.199.142.138 port 45424 ssh2 Aug 13 12:19:13 itv-usvr-01 sshd[7900]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.142.138 user=root Aug 13 12:19:15 itv-usvr-01 sshd[7900]: Failed password for root from 128.199.142.138 port 41368 ssh2	2020-08-13 13:27:42
128.199.142.138	attack	prod6 ...	2020-08-11 01:11:48
128.199.142.138	attackbots	Jul 22 00:29:21 journals sshd\[92219\]: Invalid user sunny from 128.199.142.138 Jul 22 00:29:21 journals sshd\[92219\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.142.138 Jul 22 00:29:23 journals sshd\[92219\]: Failed password for invalid user sunny from 128.199.142.138 port 33938 ssh2 Jul 22 00:34:20 journals sshd\[92660\]: Invalid user arijit from 128.199.142.138 Jul 22 00:34:20 journals sshd\[92660\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.142.138 ...	2020-07-22 05:51:14
128.199.142.0	attackbotsspam	Jul 17 14:07:19 master sshd[13017]: Failed password for invalid user postgres from 128.199.142.0 port 53320 ssh2	2020-07-18 00:33:10
128.199.142.0	attack	SSH login attempts.	2020-07-10 02:27:08
128.199.142.0	attackbots	2020-07-07T14:58:12.930016vps773228.ovh.net sshd[15365]: Invalid user hxlong from 128.199.142.0 port 35054 2020-07-07T14:58:12.940193vps773228.ovh.net sshd[15365]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.142.0 2020-07-07T14:58:12.930016vps773228.ovh.net sshd[15365]: Invalid user hxlong from 128.199.142.0 port 35054 2020-07-07T14:58:14.703660vps773228.ovh.net sshd[15365]: Failed password for invalid user hxlong from 128.199.142.0 port 35054 ssh2 2020-07-07T15:00:59.579535vps773228.ovh.net sshd[15447]: Invalid user bryan from 128.199.142.0 port 48872 ...	2020-07-08 04:08:11
128.199.142.138	attackspambots	SSH Brute Force	2020-07-05 21:14:58

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 128.199.142.204
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 54499
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;128.199.142.204.		IN	A

;; AUTHORITY SECTION:
.			499	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020041601 1800 900 604800 86400

;; Query time: 100 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Apr 17 02:12:33 CST 2020
;; MSG SIZE  rcvd: 119

Host info

Host 204.142.199.128.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 204.142.199.128.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
95.163.214.206	attack	Aug 26 16:35:42 root sshd[32335]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.163.214.206 Aug 26 16:35:44 root sshd[32335]: Failed password for invalid user vergil from 95.163.214.206 port 37792 ssh2 Aug 26 16:40:13 root sshd[32409]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.163.214.206 ...	2019-08-27 02:19:55
162.197.47.156	attackbots	Aug 26 06:10:24 hcbb sshd\[26048\]: Invalid user password from 162.197.47.156 Aug 26 06:10:24 hcbb sshd\[26048\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162-197-47-156.lightspeed.snantx.sbcglobal.net Aug 26 06:10:26 hcbb sshd\[26048\]: Failed password for invalid user password from 162.197.47.156 port 46714 ssh2 Aug 26 06:19:22 hcbb sshd\[26750\]: Invalid user teamspeak from 162.197.47.156 Aug 26 06:19:22 hcbb sshd\[26750\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162-197-47-156.lightspeed.snantx.sbcglobal.net	2019-08-27 02:49:35
45.116.32.200	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-08-27 02:08:48
218.82.69.103	attackbotsspam	2019-08-26T18:04:22.520799abusebot.cloudsearch.cf sshd\[10822\]: Invalid user user from 218.82.69.103 port 36810	2019-08-27 02:19:36
49.156.53.19	attackspambots	Aug 26 18:12:09 debian sshd\[9645\]: Invalid user telnetd from 49.156.53.19 port 58534 Aug 26 18:12:09 debian sshd\[9645\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.156.53.19 ...	2019-08-27 02:16:07
109.244.96.201	attack	Aug 26 19:57:45 localhost sshd\[6796\]: Invalid user minecraft from 109.244.96.201 port 34470 Aug 26 19:57:45 localhost sshd\[6796\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.244.96.201 Aug 26 19:57:47 localhost sshd\[6796\]: Failed password for invalid user minecraft from 109.244.96.201 port 34470 ssh2	2019-08-27 02:01:50
188.17.77.203	attackspam	Unauthorized connection attempt from IP address 188.17.77.203 on Port 445(SMB)	2019-08-27 02:48:34
46.28.183.157	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-08-27 02:30:10
163.47.39.70	attackspam	2019-08-02 02:10:36,938 fail2ban.actions [791]: NOTICE [sshd] Ban 163.47.39.70 2019-08-02 05:19:25,430 fail2ban.actions [791]: NOTICE [sshd] Ban 163.47.39.70 2019-08-02 08:27:23,823 fail2ban.actions [791]: NOTICE [sshd] Ban 163.47.39.70 ...	2019-08-27 02:06:10
92.118.38.35	attack	Aug 26 19:54:46 webserver postfix/smtpd\[22969\]: warning: unknown\[92.118.38.35\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 26 19:55:26 webserver postfix/smtpd\[22969\]: warning: unknown\[92.118.38.35\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 26 19:56:06 webserver postfix/smtpd\[22969\]: warning: unknown\[92.118.38.35\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 26 19:56:45 webserver postfix/smtpd\[22969\]: warning: unknown\[92.118.38.35\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 26 19:57:26 webserver postfix/smtpd\[22969\]: warning: unknown\[92.118.38.35\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-08-27 02:12:09
185.59.138.217	attackbotsspam	Aug 26 07:34:54 php1 sshd\[19135\]: Invalid user tar from 185.59.138.217 Aug 26 07:34:54 php1 sshd\[19135\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.59.138.217 Aug 26 07:34:56 php1 sshd\[19135\]: Failed password for invalid user tar from 185.59.138.217 port 47496 ssh2 Aug 26 07:39:18 php1 sshd\[19613\]: Invalid user upload1 from 185.59.138.217 Aug 26 07:39:18 php1 sshd\[19613\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.59.138.217	2019-08-27 02:35:38
112.133.251.109	attackbotsspam	Unauthorized connection attempt from IP address 112.133.251.109 on Port 445(SMB)	2019-08-27 02:35:00
180.247.27.72	attack	Unauthorized connection attempt from IP address 180.247.27.72 on Port 445(SMB)	2019-08-27 02:42:34
80.73.91.130	attack	Unauthorized connection attempt from IP address 80.73.91.130 on Port 445(SMB)	2019-08-27 02:48:12
112.249.42.207	attackspam	Unauthorised access (Aug 26) SRC=112.249.42.207 LEN=40 TTL=49 ID=53449 TCP DPT=8080 WINDOW=27422 SYN Unauthorised access (Aug 25) SRC=112.249.42.207 LEN=40 TTL=49 ID=32094 TCP DPT=8080 WINDOW=64563 SYN Unauthorised access (Aug 25) SRC=112.249.42.207 LEN=40 TTL=49 ID=5847 TCP DPT=8080 WINDOW=60805 SYN	2019-08-27 02:15:21

Recently Reported IPs

46.70.95.132	28.22.116.104	223.187.140.210	134.232.72.232
169.95.197.231	38.192.54.85	227.153.32.108	2.95.28.61
190.238.22.209	160.0.83.243	136.223.3.173	249.224.184.174
53.108.70.16	201.48.109.197	187.69.150.221	57.84.115.156
47.75.167.60	20.62.48.18	165.103.7.177	54.124.31.226