198.199.104.20

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	2019-09-20T03:16:46.356532abusebot-7.cloudsearch.cf sshd\[5205\]: Invalid user sonar from 198.199.104.20 port 34212	2019-09-20 11:31:50
attackbotsspam	Aug 30 01:55:43 pkdns2 sshd\[28579\]: Invalid user ca from 198.199.104.20Aug 30 01:55:45 pkdns2 sshd\[28579\]: Failed password for invalid user ca from 198.199.104.20 port 36038 ssh2Aug 30 01:59:45 pkdns2 sshd\[28759\]: Invalid user rpc from 198.199.104.20Aug 30 01:59:47 pkdns2 sshd\[28759\]: Failed password for invalid user rpc from 198.199.104.20 port 52812 ssh2Aug 30 02:03:56 pkdns2 sshd\[28953\]: Invalid user schwein from 198.199.104.20Aug 30 02:03:58 pkdns2 sshd\[28953\]: Failed password for invalid user schwein from 198.199.104.20 port 41348 ssh2 ...	2019-08-30 10:38:41
attackbotsspam	Invalid user beethoven from 198.199.104.20 port 43982	2019-08-23 21:55:25
attackbots	2019-08-23T00:49:49.432960abusebot-2.cloudsearch.cf sshd\[22309\]: Invalid user postgres from 198.199.104.20 port 35636	2019-08-23 10:03:27
attackbotsspam	Aug 19 09:41:17 MK-Soft-Root2 sshd\[5137\]: Invalid user blue from 198.199.104.20 port 46878 Aug 19 09:41:17 MK-Soft-Root2 sshd\[5137\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.199.104.20 Aug 19 09:41:19 MK-Soft-Root2 sshd\[5137\]: Failed password for invalid user blue from 198.199.104.20 port 46878 ssh2 ...	2019-08-19 16:37:47
attackbots	Aug 6 16:02:21 debian sshd\[22211\]: Invalid user ts4 from 198.199.104.20 port 49500 Aug 6 16:02:21 debian sshd\[22211\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.199.104.20 ...	2019-08-07 04:44:20
attack	2019-07-29T17:45:13.134451abusebot-6.cloudsearch.cf sshd\[8398\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.199.104.20 user=root	2019-07-30 01:53:15
attackspambots	Jul 14 19:58:04 core01 sshd\[19115\]: Invalid user sanga from 198.199.104.20 port 57646 Jul 14 19:58:04 core01 sshd\[19115\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.199.104.20 ...	2019-07-15 04:05:53
attack	Jul 13 21:55:04 vps647732 sshd[12125]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.199.104.20 Jul 13 21:55:06 vps647732 sshd[12125]: Failed password for invalid user ftp from 198.199.104.20 port 47206 ssh2 ...	2019-07-14 06:16:55
attack	Jul 8 22:09:51 xb3 sshd[25827]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.199.104.20 user=r.r Jul 8 22:09:53 xb3 sshd[25827]: Failed password for r.r from 198.199.104.20 port 39668 ssh2 Jul 8 22:09:53 xb3 sshd[25827]: Received disconnect from 198.199.104.20: 11: Bye Bye [preauth] Jul 8 22:13:10 xb3 sshd[21406]: Failed password for invalid user developer from 198.199.104.20 port 46246 ssh2 Jul 8 22:13:10 xb3 sshd[21406]: Received disconnect from 198.199.104.20: 11: Bye Bye [preauth] Jul 8 22:15:39 xb3 sshd[14077]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.199.104.20 user=r.r Jul 8 22:15:42 xb3 sshd[14077]: Failed password for r.r from 198.199.104.20 port 34980 ssh2 Jul 8 22:15:42 xb3 sshd[14077]: Received disconnect from 198.199.104.20: 11: Bye Bye [preauth] Jul 8 22:17:53 xb3 sshd[18311]: Failed password for invalid user user from 198.199.104.20 port 51944 ssh2........ -------------------------------	2019-07-09 20:20:29
attackbotsspam	Triggered by Fail2Ban at Vostok web server	2019-06-26 01:27:23
attackbots	Jun 24 23:21:13 debian sshd\[6178\]: Invalid user mongodb from 198.199.104.20 port 59490 Jun 24 23:21:13 debian sshd\[6178\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.199.104.20 ...	2019-06-25 08:30:49

Comments on same subnet:

IP	Type	Details	Datetime
198.199.104.179	attackspam	GET /.well-known/dnt-policy.txt access attempts	2020-08-20 01:01:57
198.199.104.250	attackbotsspam	[Wed Jun 24 06:51:50 2020] - DDoS Attack From IP: 198.199.104.250 Port: 37326	2020-07-08 21:37:54
198.199.104.196	attack	Jun 14 10:00:29 ny01 sshd[20567]: Failed password for root from 198.199.104.196 port 56630 ssh2 Jun 14 10:05:59 ny01 sshd[21206]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.199.104.196 Jun 14 10:06:01 ny01 sshd[21206]: Failed password for invalid user fery from 198.199.104.196 port 52236 ssh2	2020-06-14 22:31:04
198.199.104.196	attackspambots	Invalid user lisihui from 198.199.104.196 port 48199	2020-06-14 13:18:05
198.199.104.196	attackbotsspam	Bruteforce detected by fail2ban	2020-06-04 03:57:20
198.199.104.196	attack	May 15 22:50:03 jane sshd[8792]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.199.104.196 May 15 22:50:05 jane sshd[8792]: Failed password for invalid user raphael from 198.199.104.196 port 37448 ssh2 ...	2020-05-16 05:52:18
198.199.104.196	attack	frenzy	2020-05-08 12:44:57
198.199.104.62	attackbots	Port scan attempt detected by AWS-CCS, CTS, India	2019-06-26 02:50:13

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 198.199.104.20
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 37715
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;198.199.104.20.			IN	A

;; AUTHORITY SECTION:
.			2612	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019062401 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Jun 25 08:30:43 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 20.104.199.198.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 20.104.199.198.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
59.47.38.99	attackbotsspam	CN_APNIC-HM_<177>1586059104 [1:2403388:56467] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 45 [Classification: Misc Attack] [Priority: 2]: {TCP} 59.47.38.99:25311	2020-04-05 12:20:32
111.229.43.153	attack	Apr 5 05:03:23 ns382633 sshd\[15213\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.43.153 user=root Apr 5 05:03:25 ns382633 sshd\[15213\]: Failed password for root from 111.229.43.153 port 44574 ssh2 Apr 5 05:54:30 ns382633 sshd\[25479\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.43.153 user=root Apr 5 05:54:31 ns382633 sshd\[25479\]: Failed password for root from 111.229.43.153 port 43716 ssh2 Apr 5 05:58:44 ns382633 sshd\[26297\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.43.153 user=root	2020-04-05 12:04:27
91.207.40.45	attackspambots	2020-04-05T06:08:41.713064centos sshd[9765]: Failed password for root from 91.207.40.45 port 52928 ssh2 2020-04-05T06:12:30.494531centos sshd[10071]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.207.40.45 user=root 2020-04-05T06:12:33.080165centos sshd[10071]: Failed password for root from 91.207.40.45 port 35526 ssh2 ...	2020-04-05 12:32:04
222.186.173.142	attackspambots	Apr 5 05:58:39 server sshd[14118]: Failed none for root from 222.186.173.142 port 45334 ssh2 Apr 5 05:58:42 server sshd[14118]: Failed password for root from 222.186.173.142 port 45334 ssh2 Apr 5 05:58:45 server sshd[14118]: Failed password for root from 222.186.173.142 port 45334 ssh2	2020-04-05 12:03:05
197.253.19.74	attackbotsspam	Apr 5 01:00:17 vps46666688 sshd[4917]: Failed password for root from 197.253.19.74 port 22864 ssh2 ...	2020-04-05 12:33:22
176.31.116.214	attack	Apr 5 05:54:41 s1 sshd\[3252\]: Invalid user oracle from 176.31.116.214 port 55350 Apr 5 05:54:41 s1 sshd\[3252\]: Failed password for invalid user oracle from 176.31.116.214 port 55350 ssh2 Apr 5 05:56:30 s1 sshd\[4097\]: Invalid user www from 176.31.116.214 port 37601 Apr 5 05:56:30 s1 sshd\[4097\]: Failed password for invalid user www from 176.31.116.214 port 37601 ssh2 Apr 5 05:58:19 s1 sshd\[4178\]: Invalid user postgres from 176.31.116.214 port 48091 Apr 5 05:58:19 s1 sshd\[4178\]: Failed password for invalid user postgres from 176.31.116.214 port 48091 ssh2 ...	2020-04-05 12:25:26
181.48.67.89	attack	Apr 5 05:39:44 ovpn sshd\[25234\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.48.67.89 user=root Apr 5 05:39:46 ovpn sshd\[25234\]: Failed password for root from 181.48.67.89 port 36786 ssh2 Apr 5 05:53:41 ovpn sshd\[28756\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.48.67.89 user=root Apr 5 05:53:43 ovpn sshd\[28756\]: Failed password for root from 181.48.67.89 port 55102 ssh2 Apr 5 05:58:17 ovpn sshd\[29974\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.48.67.89 user=root	2020-04-05 12:27:32
188.254.0.124	attack	Apr 4 21:15:56 mockhub sshd[16751]: Failed password for root from 188.254.0.124 port 49972 ssh2 ...	2020-04-05 12:31:43
150.136.62.61	attack	Lines containing failures of 150.136.62.61 Apr 3 22:10:33 penfold sshd[16388]: Invalid user tooradmin from 150.136.62.61 port 51108 Apr 3 22:10:33 penfold sshd[16388]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.136.62.61 Apr 3 22:10:35 penfold sshd[16388]: Failed password for invalid user tooradmin from 150.136.62.61 port 51108 ssh2 Apr 3 22:10:35 penfold sshd[16388]: Received disconnect from 150.136.62.61 port 51108:11: Bye Bye [preauth] Apr 3 22:10:35 penfold sshd[16388]: Disconnected from invalid user tooradmin 150.136.62.61 port 51108 [preauth] Apr 3 22:23:06 penfold sshd[17039]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.136.62.61 user=r.r Apr 3 22:23:08 penfold sshd[17039]: Failed password for r.r from 150.136.62.61 port 38582 ssh2 Apr 3 22:23:10 penfold sshd[17039]: Received disconnect from 150.136.62.61 port 38582:11: Bye Bye [preauth] Apr 3 22:23:10 penfo........ ------------------------------	2020-04-05 12:11:48
222.186.30.218	attack	[MK-VM6] SSH login failed	2020-04-05 12:32:53
27.254.137.144	attackspam	Apr 5 03:49:15 game-panel sshd[12849]: Failed password for root from 27.254.137.144 port 42566 ssh2 Apr 5 03:54:00 game-panel sshd[12993]: Failed password for root from 27.254.137.144 port 34662 ssh2	2020-04-05 12:15:48
46.38.145.5	attackbotsspam	Apr 5 06:18:35 web01.agentur-b-2.de postfix/smtpd[77022]: warning: unknown[46.38.145.5]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 5 06:19:06 web01.agentur-b-2.de postfix/smtpd[77480]: warning: unknown[46.38.145.5]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 5 06:19:36 web01.agentur-b-2.de postfix/smtpd[77022]: warning: unknown[46.38.145.5]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 5 06:20:06 web01.agentur-b-2.de postfix/smtpd[73670]: warning: unknown[46.38.145.5]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 5 06:20:36 web01.agentur-b-2.de postfix/smtpd[73670]: warning: unknown[46.38.145.5]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2020-04-05 12:29:49
202.88.154.70	attack	Invalid user lmi from 202.88.154.70 port 44330	2020-04-05 12:13:20
222.186.180.9	attackspambots	Apr 5 06:10:59 santamaria sshd\[2920\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.9 user=root Apr 5 06:11:01 santamaria sshd\[2920\]: Failed password for root from 222.186.180.9 port 55010 ssh2 Apr 5 06:11:19 santamaria sshd\[2922\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.9 user=root ...	2020-04-05 12:27:00
180.168.201.126	attack	Invalid user xmj from 180.168.201.126 port 10457	2020-04-05 12:28:34

Recently Reported IPs

186.10.126.110	68.116.82.153	186.0.138.30	185.97.135.202
122.4.51.212	185.95.204.19	185.85.139.138	187.109.58.59
185.74.85.21	26.97.114.179	185.70.36.94	124.26.50.88
185.8.176.2	167.90.166.76	224.155.141.43	46.179.63.81
185.70.36.90	185.67.115.7	185.67.2.59	224.241.73.6