200.69.204.143

Basic Info

City: Buenos Aires

Region: Buenos Aires F.D.

Country: Argentina

Internet Service Provider: NSS S.A.

Hostname: unknown

Organization: NSS S.A.

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Nov 17 18:57:50 server sshd\[20828\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.69.204.143 user=root Nov 17 18:57:52 server sshd\[20828\]: Failed password for root from 200.69.204.143 port 48162 ssh2 Nov 17 19:16:05 server sshd\[25516\]: Invalid user otha from 200.69.204.143 Nov 17 19:16:05 server sshd\[25516\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.69.204.143 Nov 17 19:16:06 server sshd\[25516\]: Failed password for invalid user otha from 200.69.204.143 port 42209 ssh2 ...	2019-11-18 05:51:41
attack	Automatic report - SSH Brute-Force Attack	2019-11-01 19:13:24
attackbots	2019-10-15T13:52:15.110139abusebot-5.cloudsearch.cf sshd\[6482\]: Invalid user Bot from 200.69.204.143 port 2049	2019-10-15 22:15:53
attack	Oct 13 05:18:51 ns341937 sshd[25599]: Failed password for root from 200.69.204.143 port 58113 ssh2 Oct 13 05:42:30 ns341937 sshd[32500]: Failed password for root from 200.69.204.143 port 46817 ssh2 ...	2019-10-13 17:59:27
attackbotsspam	ssh failed login	2019-10-07 02:03:08
attackbots	Oct 5 04:39:17 webhost01 sshd[9359]: Failed password for root from 200.69.204.143 port 23361 ssh2 ...	2019-10-05 05:56:54
attack	$f2bV_matches	2019-09-30 05:02:09
attackbots	Sep 28 18:17:19 Tower sshd[44969]: Connection from 200.69.204.143 port 48769 on 192.168.10.220 port 22 Sep 28 18:17:20 Tower sshd[44969]: Invalid user pos from 200.69.204.143 port 48769 Sep 28 18:17:20 Tower sshd[44969]: error: Could not get shadow information for NOUSER Sep 28 18:17:20 Tower sshd[44969]: Failed password for invalid user pos from 200.69.204.143 port 48769 ssh2 Sep 28 18:17:21 Tower sshd[44969]: Received disconnect from 200.69.204.143 port 48769:11: Bye Bye [preauth] Sep 28 18:17:21 Tower sshd[44969]: Disconnected from invalid user pos 200.69.204.143 port 48769 [preauth]	2019-09-29 08:18:34
attackspambots	2019-09-28T05:26:07.585869abusebot-7.cloudsearch.cf sshd\[1667\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.69.204.143 user=root	2019-09-28 13:47:00
attack	Aug 18 00:45:27 vps691689 sshd[6240]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.69.204.143 Aug 18 00:45:29 vps691689 sshd[6240]: Failed password for invalid user git from 200.69.204.143 port 3426 ssh2 ...	2019-08-18 07:02:08
attackbotsspam	2019-07-20T10:45:07.342420abusebot-4.cloudsearch.cf sshd\[18665\]: Invalid user ebook from 200.69.204.143 port 3105	2019-07-20 19:02:58
attack	2019-07-20T00:44:11.736995abusebot-4.cloudsearch.cf sshd\[16778\]: Invalid user nagios from 200.69.204.143 port 15457	2019-07-20 08:49:49
attack	2019-07-15T18:07:16.612180abusebot-6.cloudsearch.cf sshd\[30976\]: Invalid user io from 200.69.204.143 port 35009	2019-07-16 02:38:56
attackbots	$f2bV_matches	2019-07-08 05:24:52
attackspambots	Jun 30 15:12:20 dev0-dcde-rnet sshd[1372]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.69.204.143 Jun 30 15:12:22 dev0-dcde-rnet sshd[1372]: Failed password for invalid user pc from 200.69.204.143 port 36001 ssh2 Jun 30 15:15:46 dev0-dcde-rnet sshd[1385]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.69.204.143	2019-07-01 04:18:07
attackbots	20 attempts against mh-ssh on milky.magehost.pro	2019-06-24 01:58:27
attackbotsspam	Jun 23 02:54:24 debian sshd\[24711\]: Invalid user nd from 200.69.204.143 port 7873 Jun 23 02:54:24 debian sshd\[24711\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.69.204.143 ...	2019-06-23 09:59:13

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 200.69.204.143
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2199
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;200.69.204.143.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040501 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sat Apr 06 02:11:10 +08 2019
;; MSG SIZE  rcvd: 118

Host info

143.204.69.200.in-addr.arpa domain name pointer customer-static-204-143.iplannetworks.net.

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
143.204.69.200.in-addr.arpa	name = customer-static-204-143.iplannetworks.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
128.199.175.116	attackbots	2020-02-22T12:44:54.978988scmdmz1 sshd[1075]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.175.116 user=root 2020-02-22T12:44:56.706839scmdmz1 sshd[1075]: Failed password for root from 128.199.175.116 port 58310 ssh2 2020-02-22T12:45:07.351883scmdmz1 sshd[1134]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.175.116 user=root 2020-02-22T12:45:09.866845scmdmz1 sshd[1134]: Failed password for root from 128.199.175.116 port 42132 ssh2 2020-02-22T12:45:24.215406scmdmz1 sshd[1138]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.175.116 user=root 2020-02-22T12:45:26.063997scmdmz1 sshd[1138]: Failed password for root from 128.199.175.116 port 54296 ssh2 ...	2020-02-22 20:03:59
51.158.120.115	attackbotsspam	Invalid user www from 51.158.120.115 port 53352	2020-02-22 19:58:10
139.129.242.141	attackspambots	frenzy	2020-02-22 20:20:24
193.112.129.55	attack	Feb 22 07:50:22 h1745522 sshd[3363]: Invalid user zgl from 193.112.129.55 port 54762 Feb 22 07:50:22 h1745522 sshd[3363]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.129.55 Feb 22 07:50:22 h1745522 sshd[3363]: Invalid user zgl from 193.112.129.55 port 54762 Feb 22 07:50:24 h1745522 sshd[3363]: Failed password for invalid user zgl from 193.112.129.55 port 54762 ssh2 Feb 22 07:52:33 h1745522 sshd[3420]: Invalid user zcx from 193.112.129.55 port 39348 Feb 22 07:52:33 h1745522 sshd[3420]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.129.55 Feb 22 07:52:33 h1745522 sshd[3420]: Invalid user zcx from 193.112.129.55 port 39348 Feb 22 07:52:35 h1745522 sshd[3420]: Failed password for invalid user zcx from 193.112.129.55 port 39348 ssh2 Feb 22 07:54:31 h1745522 sshd[3443]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.129.55 user=root Feb 22 07 ...	2020-02-22 20:10:43
37.114.146.188	attack	Feb 22 05:43:46 sticky sshd\[5791\]: Invalid user admin from 37.114.146.188 port 43778 Feb 22 05:43:46 sticky sshd\[5791\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.114.146.188 Feb 22 05:43:49 sticky sshd\[5791\]: Failed password for invalid user admin from 37.114.146.188 port 43778 ssh2 Feb 22 05:43:53 sticky sshd\[5799\]: Invalid user admin from 37.114.146.188 port 43786 Feb 22 05:43:53 sticky sshd\[5799\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.114.146.188 ...	2020-02-22 20:09:19
36.74.129.221	attack	20/2/22@00:22:12: FAIL: Alarm-Network address from=36.74.129.221 20/2/22@00:22:13: FAIL: Alarm-Network address from=36.74.129.221 ...	2020-02-22 20:14:20
35.193.80.255	attack	Lines containing failures of 35.193.80.255 Feb 21 10:40:41 nexus sshd[7724]: Invalid user confluence from 35.193.80.255 port 34068 Feb 21 10:40:41 nexus sshd[7724]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.193.80.255 Feb 21 10:40:43 nexus sshd[7724]: Failed password for invalid user confluence from 35.193.80.255 port 34068 ssh2 Feb 21 10:40:43 nexus sshd[7724]: Received disconnect from 35.193.80.255 port 34068:11: Bye Bye [preauth] Feb 21 10:40:43 nexus sshd[7724]: Disconnected from 35.193.80.255 port 34068 [preauth] Feb 21 10:43:29 nexus sshd[8272]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.193.80.255 user=daemon Feb 21 10:43:31 nexus sshd[8272]: Failed password for daemon from 35.193.80.255 port 33486 ssh2 Feb 21 10:43:31 nexus sshd[8272]: Received disconnect from 35.193.80.255 port 33486:11: Bye Bye [preauth] Feb 21 10:43:31 nexus sshd[8272]: Disconnected from 35.193.80........ ------------------------------	2020-02-22 20:03:07
183.129.160.229	attackbots	Feb 22 13:12:59 debian-2gb-nbg1-2 kernel: \[4632785.295954\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=183.129.160.229 DST=195.201.40.59 LEN=44 TOS=0x00 PREC=0x00 TTL=111 ID=5179 PROTO=TCP SPT=25184 DPT=40624 WINDOW=29200 RES=0x00 SYN URGP=0	2020-02-22 20:28:35
80.211.237.180	attackbotsspam	Feb 21 19:44:30 php1 sshd\[22926\]: Invalid user mc from 80.211.237.180 Feb 21 19:44:30 php1 sshd\[22926\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.237.180 Feb 21 19:44:33 php1 sshd\[22926\]: Failed password for invalid user mc from 80.211.237.180 port 38314 ssh2 Feb 21 19:47:42 php1 sshd\[23244\]: Invalid user sunfang from 80.211.237.180 Feb 21 19:47:42 php1 sshd\[23244\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.237.180	2020-02-22 20:29:08
181.197.93.224	attackbotsspam	Fail2Ban Ban Triggered	2020-02-22 20:25:34
190.217.68.204	attackspambots	Unauthorized connection attempt detected from IP address 190.217.68.204 to port 445	2020-02-22 20:24:56
37.98.224.105	attack	2020-02-22T20:50:28.374907luisaranguren sshd[186331]: Invalid user csgoserver from 37.98.224.105 port 36362 2020-02-22T20:50:30.194923luisaranguren sshd[186331]: Failed password for invalid user csgoserver from 37.98.224.105 port 36362 ssh2 ...	2020-02-22 20:17:09
136.55.161.35	attack	Invalid user postgres from 136.55.161.35 port 60148	2020-02-22 20:07:53
185.53.88.26	attack	[2020-02-22 07:15:41] NOTICE[1148][C-0000b116] chan_sip.c: Call from '' (185.53.88.26:51604) to extension '9441519470639' rejected because extension not found in context 'public'. [2020-02-22 07:15:41] SECURITY[1163] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-02-22T07:15:41.494-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="9441519470639",SessionID="0x7fd82c9bc688",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.53.88.26/51604",ACLName="no_extension_match" [2020-02-22 07:15:54] NOTICE[1148][C-0000b117] chan_sip.c: Call from '' (185.53.88.26:60144) to extension '011442037694876' rejected because extension not found in context 'public'. [2020-02-22 07:15:54] SECURITY[1163] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-02-22T07:15:54.756-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="011442037694876",SessionID="0x7fd82c80d368",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.53. ...	2020-02-22 20:27:16
36.92.21.50	attackbotsspam	Automatic report - SSH Brute-Force Attack	2020-02-22 20:27:30

Recently Reported IPs

52.98.2.178	79.135.32.21	31.199.192.20	54.231.235.26
221.132.17.74	220.118.32.54	116.109.27.81	103.207.2.204
88.35.5.195	80.20.125.243	37.202.66.112	156.208.246.89
5.55.57.40	2.235.236.254	90.151.95.218	132.232.36.226
185.163.111.228	52.38.144.216	86.108.1.215	115.59.2.159