142.252.198.159

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.252.198.159
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 37105
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;142.252.198.159.		IN	A

;; AUTHORITY SECTION:
.			161	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020702 1800 900 604800 86400

;; Query time: 52 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 08 11:10:17 CST 2022
;; MSG SIZE  rcvd: 108

Host info

b';; connection timed out; no servers could be reached
'

Nslookup info:

server can't find 142.252.198.159.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
37.45.70.89	attackspam	failed_logins	2019-11-10 18:11:47
185.53.88.33	attackbots	\[2019-11-10 04:21:04\] NOTICE\[2601\] chan_sip.c: Registration from '"1000" \' failed for '185.53.88.33:5347' - Wrong password \[2019-11-10 04:21:04\] SECURITY\[2634\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-11-10T04:21:04.141-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="1000",SessionID="0x7fdf2c73c4b8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.53.88.33/5347",Challenge="11e139a4",ReceivedChallenge="11e139a4",ReceivedHash="dbd22d76f5f6f69cc02420f5c0e5ec3d" \[2019-11-10 04:21:04\] NOTICE\[2601\] chan_sip.c: Registration from '"1000" \' failed for '185.53.88.33:5347' - Wrong password \[2019-11-10 04:21:04\] SECURITY\[2634\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-11-10T04:21:04.247-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="1000",SessionID="0x7fdf2ca50d88",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/1	2019-11-10 18:02:32
118.213.95.50	attackbots	scan r	2019-11-10 17:46:26
140.143.200.251	attackbotsspam	2019-11-10T10:15:06.688864scmdmz1 sshd\[12958\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.200.251 user=root 2019-11-10T10:15:08.807089scmdmz1 sshd\[12958\]: Failed password for root from 140.143.200.251 port 49156 ssh2 2019-11-10T10:20:39.136669scmdmz1 sshd\[13365\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.200.251 user=root ...	2019-11-10 18:14:11
122.10.90.9	attackspam	port scan and connect, tcp 1433 (ms-sql-s)	2019-11-10 17:45:09
185.143.223.81	attack	Nov 10 09:56:17 h2177944 kernel: \[6251750.875937\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.143.223.81 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=17556 PROTO=TCP SPT=53588 DPT=2207 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 10 10:07:41 h2177944 kernel: \[6252435.424221\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.143.223.81 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=43449 PROTO=TCP SPT=53588 DPT=62817 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 10 10:07:57 h2177944 kernel: \[6252450.973972\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.143.223.81 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=42693 PROTO=TCP SPT=53588 DPT=41807 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 10 10:24:42 h2177944 kernel: \[6253456.309303\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.143.223.81 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=25053 PROTO=TCP SPT=53588 DPT=39618 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 10 10:26:26 h2177944 kernel: \[6253559.858001\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.143.223.81 DST=85.2	2019-11-10 17:57:39
76.73.206.93	attackbotsspam	Nov 10 08:32:17 vps691689 sshd[15849]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=76.73.206.93 Nov 10 08:32:20 vps691689 sshd[15849]: Failed password for invalid user JEAdmi from 76.73.206.93 port 39915 ssh2 Nov 10 08:36:38 vps691689 sshd[15888]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=76.73.206.93 ...	2019-11-10 17:49:14
106.13.59.20	attack	Nov 9 23:39:02 hanapaa sshd\[31733\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.59.20 user=root Nov 9 23:39:04 hanapaa sshd\[31733\]: Failed password for root from 106.13.59.20 port 59448 ssh2 Nov 9 23:43:51 hanapaa sshd\[32279\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.59.20 user=root Nov 9 23:43:53 hanapaa sshd\[32279\]: Failed password for root from 106.13.59.20 port 37264 ssh2 Nov 9 23:48:32 hanapaa sshd\[32654\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.59.20 user=root	2019-11-10 18:14:58
41.220.143.6	attack	Nov 10 10:49:05 hosting sshd[15032]: Invalid user sa654321 from 41.220.143.6 port 34604 ...	2019-11-10 17:49:40
209.17.96.138	attack	209.17.96.138 was recorded 9 times by 9 hosts attempting to connect to the following ports: 5901,8080,67,138,993,5910,5984. Incident counter (4h, 24h, all-time): 9, 27, 178	2019-11-10 18:10:58
103.79.169.156	attackspambots	Unauthorised access (Nov 10) SRC=103.79.169.156 LEN=48 PREC=0x20 TTL=113 ID=17568 DF TCP DPT=445 WINDOW=8192 SYN	2019-11-10 18:06:35
222.186.180.9	attackspam	2019-11-10T10:00:10.501308abusebot-7.cloudsearch.cf sshd\[11469\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.9 user=root	2019-11-10 18:08:56
51.75.123.107	attackspambots	Lines containing failures of 51.75.123.107 Nov 8 21:35:50 MAKserver06 sshd[27244]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.123.107 user=r.r Nov 8 21:35:51 MAKserver06 sshd[27244]: Failed password for r.r from 51.75.123.107 port 56776 ssh2 Nov 8 21:35:52 MAKserver06 sshd[27244]: Received disconnect from 51.75.123.107 port 56776:11: Bye Bye [preauth] Nov 8 21:35:52 MAKserver06 sshd[27244]: Disconnected from authenticating user r.r 51.75.123.107 port 56776 [preauth] Nov 8 21:47:55 MAKserver06 sshd[3786]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.123.107 user=r.r Nov 8 21:47:57 MAKserver06 sshd[3786]: Failed password for r.r from 51.75.123.107 port 54702 ssh2 Nov 8 21:47:59 MAKserver06 sshd[3786]: Received disconnect from 51.75.123.107 port 54702:11: Bye Bye [preauth] Nov 8 21:47:59 MAKserver06 sshd[3786]: Disconnected from authenticating user r.r 51.75.123.107........ ------------------------------	2019-11-10 17:48:01
186.189.134.55	attackspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/186.189.134.55/ AW - 1H : (1) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : AW NAME ASN : ASN11816 IP : 186.189.134.55 CIDR : 186.189.134.0/23 PREFIX COUNT : 115 UNIQUE IP COUNT : 100608 ATTACKS DETECTED ASN11816 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 DateTime : 2019-11-10 07:28:18 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-11-10 17:54:12
51.158.67.13	attackbotsspam	Nov 10 09:38:40 localhost sshd\[32621\]: Invalid user testing from 51.158.67.13 port 38264 Nov 10 09:38:40 localhost sshd\[32621\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.158.67.13 Nov 10 09:38:42 localhost sshd\[32621\]: Failed password for invalid user testing from 51.158.67.13 port 38264 ssh2 ...	2019-11-10 18:04:09

Recently Reported IPs

1.246.222.109	165.254.191.194	200.111.22.69	115.84.114.177
23.95.94.200	112.132.87.220	45.148.232.236	142.154.36.237
189.213.228.17	58.253.10.61	210.89.63.112	43.129.225.87
112.18.192.233	35.211.248.167	185.30.14.43	125.161.109.64
40.107.11.112	49.204.178.230	37.224.112.121	41.33.33.146