196.158.199.142

Basic Info

City: unknown

Region: unknown

Country: Egypt

Internet Service Provider: Vodafone Egypt

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt from IP address 196.158.199.142 on Port 445(SMB)	2020-04-03 21:19:49

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 196.158.199.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63747
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;196.158.199.142.		IN	A

;; AUTHORITY SECTION:
.			555	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020040300 1800 900 604800 86400

;; Query time: 89 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Apr 03 21:19:46 CST 2020
;; MSG SIZE  rcvd: 119

Host info

Host 142.199.158.196.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 142.199.158.196.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
120.50.13.181	attackbotsspam	$f2bV_matches_ltvn	2019-09-08 02:49:03
59.72.112.47	attack	Sep 7 19:34:18 v22019058497090703 sshd[16823]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.72.112.47 Sep 7 19:34:21 v22019058497090703 sshd[16823]: Failed password for invalid user fln75g from 59.72.112.47 port 42580 ssh2 Sep 7 19:40:36 v22019058497090703 sshd[18085]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.72.112.47 ...	2019-09-08 02:56:44
217.144.185.139	attackbots	[portscan] Port scan	2019-09-08 02:45:14
165.22.26.117	attack	Sep 7 03:15:05 vtv3 sshd\[21798\]: Invalid user ts3server from 165.22.26.117 port 54406 Sep 7 03:15:05 vtv3 sshd\[21798\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.26.117 Sep 7 03:15:07 vtv3 sshd\[21798\]: Failed password for invalid user ts3server from 165.22.26.117 port 54406 ssh2 Sep 7 03:21:43 vtv3 sshd\[25518\]: Invalid user vbox from 165.22.26.117 port 58296 Sep 7 03:21:43 vtv3 sshd\[25518\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.26.117 Sep 7 03:33:44 vtv3 sshd\[31480\]: Invalid user christian from 165.22.26.117 port 42388 Sep 7 03:33:44 vtv3 sshd\[31480\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.26.117 Sep 7 03:33:46 vtv3 sshd\[31480\]: Failed password for invalid user christian from 165.22.26.117 port 42388 ssh2 Sep 7 03:37:44 vtv3 sshd\[1060\]: Invalid user bot from 165.22.26.117 port 55904 Sep 7 03:37:44 vtv3 sshd\[10	2019-09-08 02:46:44
178.62.118.53	attackspambots	SSH Brute Force, server-1 sshd[6663]: Failed password for invalid user jenkins from 178.62.118.53 port 44497 ssh2	2019-09-08 03:02:41
106.12.202.181	attack	Sep 7 08:45:40 wbs sshd\[28701\]: Invalid user cron from 106.12.202.181 Sep 7 08:45:40 wbs sshd\[28701\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.202.181 Sep 7 08:45:42 wbs sshd\[28701\]: Failed password for invalid user cron from 106.12.202.181 port 43017 ssh2 Sep 7 08:51:20 wbs sshd\[29169\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.202.181 user=root Sep 7 08:51:23 wbs sshd\[29169\]: Failed password for root from 106.12.202.181 port 34387 ssh2	2019-09-08 03:04:01
139.59.94.192	attackbots	Sep 7 01:46:58 lcprod sshd\[18863\]: Invalid user 111111 from 139.59.94.192 Sep 7 01:46:58 lcprod sshd\[18863\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.94.192 Sep 7 01:47:00 lcprod sshd\[18863\]: Failed password for invalid user 111111 from 139.59.94.192 port 52421 ssh2 Sep 7 01:52:20 lcprod sshd\[19379\]: Invalid user 12345 from 139.59.94.192 Sep 7 01:52:20 lcprod sshd\[19379\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.94.192	2019-09-08 02:47:39
202.74.243.106	attackspambots	Sep 7 05:45:21 web1 sshd\[28199\]: Invalid user test1 from 202.74.243.106 Sep 7 05:45:21 web1 sshd\[28199\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.74.243.106 Sep 7 05:45:22 web1 sshd\[28199\]: Failed password for invalid user test1 from 202.74.243.106 port 27039 ssh2 Sep 7 05:50:07 web1 sshd\[28596\]: Invalid user admin from 202.74.243.106 Sep 7 05:50:07 web1 sshd\[28596\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.74.243.106	2019-09-08 03:18:23
118.71.111.91	attackspam	Unauthorized connection attempt from IP address 118.71.111.91 on Port 445(SMB)	2019-09-08 03:09:52
81.22.45.219	attack	Sep 7 20:39:00 lumpi kernel: INPUT:DROP:SPAMHAUS_EDROP:IN=eth0 OUT= MAC=52:54:a2:01:a5:04:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.219 DST=172.31.1.100 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=35621 PROTO=TCP SPT=52961 DPT=3566 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-09-08 03:05:02
167.71.40.125	attackspambots	Sep 7 08:54:40 friendsofhawaii sshd\[6904\]: Invalid user admin3 from 167.71.40.125 Sep 7 08:54:40 friendsofhawaii sshd\[6904\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.40.125 Sep 7 08:54:42 friendsofhawaii sshd\[6904\]: Failed password for invalid user admin3 from 167.71.40.125 port 33282 ssh2 Sep 7 08:58:35 friendsofhawaii sshd\[7212\]: Invalid user web from 167.71.40.125 Sep 7 08:58:35 friendsofhawaii sshd\[7212\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.40.125	2019-09-08 03:03:01
140.143.157.33	attackspam	Sep 7 07:25:35 hpm sshd\[23322\]: Invalid user team123 from 140.143.157.33 Sep 7 07:25:35 hpm sshd\[23322\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.157.33 Sep 7 07:25:37 hpm sshd\[23322\]: Failed password for invalid user team123 from 140.143.157.33 port 35750 ssh2 Sep 7 07:29:17 hpm sshd\[23643\]: Invalid user 123123 from 140.143.157.33 Sep 7 07:29:17 hpm sshd\[23643\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.157.33	2019-09-08 02:47:20
185.176.27.18	attack	09/07/2019-14:24:39.128735 185.176.27.18 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-09-08 03:02:11
138.197.179.111	attack	Sep 7 08:37:12 sachi sshd\[10586\]: Invalid user 1234 from 138.197.179.111 Sep 7 08:37:12 sachi sshd\[10586\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.179.111 Sep 7 08:37:14 sachi sshd\[10586\]: Failed password for invalid user 1234 from 138.197.179.111 port 53562 ssh2 Sep 7 08:41:24 sachi sshd\[11016\]: Invalid user 123 from 138.197.179.111 Sep 7 08:41:24 sachi sshd\[11016\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.179.111	2019-09-08 02:48:00
112.252.105.250	attackspambots	firewall-block, port(s): 23/tcp	2019-09-08 03:27:06

Recently Reported IPs

158.181.41.235	41.188.37.157	192.16.122.225	80.241.251.238
109.62.242.28	85.94.178.155	69.225.8.160	2400:b800:6::4
177.89.115.134	118.71.165.23	23.90.57.212	120.29.123.152
5.54.60.111	2.138.7.8	74.82.63.52	202.131.242.75
201.22.88.19	49.204.176.182	26.213.4.141	228.148.205.205