206.189.142.107

Basic Info

City: unknown

Region: unknown

Country: India

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Invalid user miyazawa from 206.189.142.107 port 58764	2020-02-28 10:13:11

Comments on same subnet:

IP	Type	Details	Datetime
206.189.142.10	normal	Yes not log in	2021-06-29 19:45:31
206.189.142.144	attackspambots	Cowrie Honeypot: Unauthorised SSH/Telnet login attempt with user "root" at 2020-10-08T21:52:55Z	2020-10-10 00:50:33
206.189.142.144	attackspambots	Cowrie Honeypot: Unauthorised SSH/Telnet login attempt with user "root" at 2020-10-08T21:52:55Z	2020-10-09 16:37:22
206.189.142.144	attackspam	2020-10-04T20:19:40.164581git sshd[52848]: Unable to negotiate with 206.189.142.144 port 58508: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth] 2020-10-04T20:22:40.678999git sshd[52859]: Connection from 206.189.142.144 port 40310 on 138.197.214.51 port 22 rdomain "" 2020-10-04T20:22:40.903511git sshd[52859]: Unable to negotiate with 206.189.142.144 port 40310: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth] 2020-10-04T20:25:45.496633git sshd[52877]: Connection from 206.189.142.144 port 50340 on 138.197.214.51 port 22 rdomain "" 2020-10-04T20:25:45.719524git sshd[52877]: Unable to negotiate with 206.189.142.144 port 50340: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth] 2020-10-04 ...	2020-10-06 04:24:39
206.189.142.144	attackbotsspam	2020-10-04T20:19:40.164581git sshd[52848]: Unable to negotiate with 206.189.142.144 port 58508: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth] 2020-10-04T20:22:40.678999git sshd[52859]: Connection from 206.189.142.144 port 40310 on 138.197.214.51 port 22 rdomain "" 2020-10-04T20:22:40.903511git sshd[52859]: Unable to negotiate with 206.189.142.144 port 40310: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth] 2020-10-04T20:25:45.496633git sshd[52877]: Connection from 206.189.142.144 port 50340 on 138.197.214.51 port 22 rdomain "" 2020-10-04T20:25:45.719524git sshd[52877]: Unable to negotiate with 206.189.142.144 port 50340: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth] 2020-10-04 ...	2020-10-05 20:25:58
206.189.142.144	attackbots	2020-10-04T20:19:40.164581git sshd[52848]: Unable to negotiate with 206.189.142.144 port 58508: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth] 2020-10-04T20:22:40.678999git sshd[52859]: Connection from 206.189.142.144 port 40310 on 138.197.214.51 port 22 rdomain "" 2020-10-04T20:22:40.903511git sshd[52859]: Unable to negotiate with 206.189.142.144 port 40310: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth] 2020-10-04T20:25:45.496633git sshd[52877]: Connection from 206.189.142.144 port 50340 on 138.197.214.51 port 22 rdomain "" 2020-10-04T20:25:45.719524git sshd[52877]: Unable to negotiate with 206.189.142.144 port 50340: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth] 2020-10-04 ...	2020-10-05 12:16:47
206.189.142.222	attackspambots	Jul 11 07:40:24 *** sshd[6265]: Invalid user sukai from 206.189.142.222	2020-07-11 19:44:42
206.189.142.222	attack	2020-07-04T16:01:26.476202shield sshd\[31947\]: Invalid user cod from 206.189.142.222 port 58184 2020-07-04T16:01:26.479864shield sshd\[31947\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.142.222 2020-07-04T16:01:28.885349shield sshd\[31947\]: Failed password for invalid user cod from 206.189.142.222 port 58184 ssh2 2020-07-04T16:05:12.822137shield sshd\[32601\]: Invalid user postgres from 206.189.142.222 port 56426 2020-07-04T16:05:12.825840shield sshd\[32601\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.142.222	2020-07-05 00:14:02
206.189.142.10	attackbots	(sshd) Failed SSH login from 206.189.142.10 (IN/India/vinuth.tulasi): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Mar 7 10:16:55 elude sshd[21207]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.142.10 user=root Mar 7 10:16:58 elude sshd[21207]: Failed password for root from 206.189.142.10 port 46720 ssh2 Mar 7 10:42:10 elude sshd[24854]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.142.10 user=root Mar 7 10:42:11 elude sshd[24854]: Failed password for root from 206.189.142.10 port 60820 ssh2 Mar 7 10:49:43 elude sshd[25938]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.142.10 user=root	2020-03-07 18:39:10
206.189.142.10	attackspambots	Mar 3 09:58:27 vps46666688 sshd[10104]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.142.10 Mar 3 09:58:29 vps46666688 sshd[10104]: Failed password for invalid user zhangyuxiang from 206.189.142.10 port 46604 ssh2 ...	2020-03-03 21:05:19
206.189.142.10	attackbots	Feb 26 22:50:36 nextcloud sshd\[31974\]: Invalid user openvpn from 206.189.142.10 Feb 26 22:50:36 nextcloud sshd\[31974\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.142.10 Feb 26 22:50:39 nextcloud sshd\[31974\]: Failed password for invalid user openvpn from 206.189.142.10 port 46714 ssh2	2020-02-27 06:23:34
206.189.142.10	attackspambots	Feb 26 14:28:42 server sshd\[19036\]: Failed password for invalid user vernemq from 206.189.142.10 port 54836 ssh2 Feb 26 20:34:25 server sshd\[17633\]: Invalid user amandabackup from 206.189.142.10 Feb 26 20:34:25 server sshd\[17633\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.142.10 Feb 26 20:34:27 server sshd\[17633\]: Failed password for invalid user amandabackup from 206.189.142.10 port 58924 ssh2 Feb 26 20:44:33 server sshd\[19303\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.142.10 user=root ...	2020-02-27 04:24:42
206.189.142.10	attack	Feb 22 11:34:26 auw2 sshd\[23860\]: Invalid user arkserver from 206.189.142.10 Feb 22 11:34:26 auw2 sshd\[23860\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.142.10 Feb 22 11:34:28 auw2 sshd\[23860\]: Failed password for invalid user arkserver from 206.189.142.10 port 40808 ssh2 Feb 22 11:36:29 auw2 sshd\[24070\]: Invalid user test from 206.189.142.10 Feb 22 11:36:29 auw2 sshd\[24070\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.142.10	2020-02-23 05:53:44
206.189.142.10	attackspam	Feb 18 08:28:59 cvbnet sshd[4778]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.142.10 Feb 18 08:29:01 cvbnet sshd[4778]: Failed password for invalid user testuser from 206.189.142.10 port 42810 ssh2 ...	2020-02-18 17:08:30
206.189.142.10	attack	Automatic report - Banned IP Access	2020-02-17 21:49:47

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 206.189.142.107
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2842
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;206.189.142.107.		IN	A

;; AUTHORITY SECTION:
.			556	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020022701 1800 900 604800 86400

;; Query time: 105 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 28 10:13:06 CST 2020
;; MSG SIZE  rcvd: 119

Host info

Host 107.142.189.206.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 107.142.189.206.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
181.127.196.226	attackspambots	Dec 2 14:44:20 penfold sshd[22964]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.127.196.226 user=backup Dec 2 14:44:23 penfold sshd[22964]: Failed password for backup from 181.127.196.226 port 34110 ssh2 Dec 2 14:44:23 penfold sshd[22964]: Received disconnect from 181.127.196.226 port 34110:11: Bye Bye [preauth] Dec 2 14:44:23 penfold sshd[22964]: Disconnected from 181.127.196.226 port 34110 [preauth] Dec 2 14:52:57 penfold sshd[23482]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.127.196.226 user=sync Dec 2 14:52:59 penfold sshd[23482]: Failed password for sync from 181.127.196.226 port 58748 ssh2 Dec 2 14:52:59 penfold sshd[23482]: Received disconnect from 181.127.196.226 port 58748:11: Bye Bye [preauth] Dec 2 14:52:59 penfold sshd[23482]: Disconnected from 181.127.196.226 port 58748 [preauth] Dec 2 15:00:34 penfold sshd[23731]: pam_unix(sshd:auth): authentication........ -------------------------------	2019-12-04 05:04:47
168.194.61.202	attackbots	firewall-block, port(s): 23/tcp	2019-12-04 05:29:04
167.114.226.137	attack	Dec 3 22:40:06 vps647732 sshd[20805]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.114.226.137 Dec 3 22:40:08 vps647732 sshd[20805]: Failed password for invalid user ubnt from 167.114.226.137 port 54931 ssh2 ...	2019-12-04 05:41:15
123.188.207.4	attack	Unauthorised access (Dec 3) SRC=123.188.207.4 LEN=40 TTL=114 ID=41507 TCP DPT=8080 WINDOW=37950 SYN Unauthorised access (Dec 3) SRC=123.188.207.4 LEN=40 TTL=114 ID=8222 TCP DPT=8080 WINDOW=18533 SYN Unauthorised access (Dec 3) SRC=123.188.207.4 LEN=40 TTL=114 ID=8255 TCP DPT=8080 WINDOW=52598 SYN Unauthorised access (Dec 2) SRC=123.188.207.4 LEN=40 TTL=114 ID=9662 TCP DPT=8080 WINDOW=57190 SYN Unauthorised access (Dec 2) SRC=123.188.207.4 LEN=40 TTL=114 ID=11144 TCP DPT=8080 WINDOW=61490 SYN Unauthorised access (Dec 1) SRC=123.188.207.4 LEN=40 TTL=114 ID=26989 TCP DPT=8080 WINDOW=43658 SYN Unauthorised access (Dec 1) SRC=123.188.207.4 LEN=40 TTL=114 ID=32727 TCP DPT=8080 WINDOW=27252 SYN	2019-12-04 05:36:28
151.80.144.255	attackspambots	Dec 3 19:31:17 server sshd\[25920\]: Invalid user admin from 151.80.144.255 Dec 3 19:31:17 server sshd\[25920\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=255.ip-151-80-144.eu Dec 3 19:31:19 server sshd\[25920\]: Failed password for invalid user admin from 151.80.144.255 port 45982 ssh2 Dec 3 19:39:28 server sshd\[28055\]: Invalid user remotelog from 151.80.144.255 Dec 3 19:39:28 server sshd\[28055\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=255.ip-151-80-144.eu ...	2019-12-04 05:16:57
157.230.190.1	attackspam	Dec 3 07:54:41 sachi sshd\[5056\]: Invalid user gdm from 157.230.190.1 Dec 3 07:54:41 sachi sshd\[5056\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.190.1 Dec 3 07:54:43 sachi sshd\[5056\]: Failed password for invalid user gdm from 157.230.190.1 port 53058 ssh2 Dec 3 08:00:20 sachi sshd\[5605\]: Invalid user ftpuser from 157.230.190.1 Dec 3 08:00:20 sachi sshd\[5605\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.190.1	2019-12-04 05:04:01
163.53.151.25	attack	postfix (unknown user, SPF fail or relay access denied)	2019-12-04 05:07:00
139.159.27.62	attackbots	Dec 3 17:32:42 lnxmail61 sshd[13747]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.159.27.62	2019-12-04 05:26:46
47.17.177.110	attackbotsspam	Dec 3 21:40:50 raspberrypi sshd[18684]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.17.177.110 Dec 3 21:40:52 raspberrypi sshd[18684]: Failed password for invalid user isis from 47.17.177.110 port 56392 ssh2 ...	2019-12-04 05:14:44
90.3.189.58	attackbotsspam	Dec 3 02:59:33 h2040555 sshd[20053]: Invalid user home from 90.3.189.58 Dec 3 02:59:36 h2040555 sshd[20053]: Failed password for invalid user home from 90.3.189.58 port 57604 ssh2 Dec 3 02:59:36 h2040555 sshd[20053]: Received disconnect from 90.3.189.58: 11: Bye Bye [preauth] Dec 3 03:09:43 h2040555 sshd[20215]: Failed password for sshd from 90.3.189.58 port 56142 ssh2 Dec 3 03:09:43 h2040555 sshd[20215]: Received disconnect from 90.3.189.58: 11: Bye Bye [preauth] Dec 3 03:15:32 h2040555 sshd[20375]: Failed password for r.r from 90.3.189.58 port 40558 ssh2 Dec 3 03:15:32 h2040555 sshd[20375]: Received disconnect from 90.3.189.58: 11: Bye Bye [preauth] Dec 3 03:21:11 h2040555 sshd[20512]: Failed password for games from 90.3.189.58 port 53212 ssh2 Dec 3 03:21:11 h2040555 sshd[20512]: Received disconnect from 90.3.189.58: 11: Bye Bye [preauth] Dec 3 03:27:03 h2040555 sshd[20663]: Invalid user daniel from 90.3.189.58 Dec 3 03:27:05 h2040555 sshd[20663]: Failed pa........ -------------------------------	2019-12-04 05:25:06
201.93.87.250	attack	Dec 3 21:49:37 vmanager6029 sshd\[11285\]: Invalid user gili from 201.93.87.250 port 34283 Dec 3 21:49:37 vmanager6029 sshd\[11285\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.93.87.250 Dec 3 21:49:40 vmanager6029 sshd\[11285\]: Failed password for invalid user gili from 201.93.87.250 port 34283 ssh2	2019-12-04 05:31:05
93.210.161.84	attackspambots	Dec 3 03:37:38 prometheus imapd-ssl: LOGIN, user=sebastian@x Dec 3 03:37:38 prometheus imapd-ssl: LOGIN, user=sebastian@x Dec 3 03:37:38 prometheus imapd-ssl: LOGIN, user=sebastian@x Dec 3 03:38:53 prometheus imapd-ssl: LOGIN FAILED, method=PLAIN, ip=[::ffff:93.210.161.84] Dec 3 03:38:58 prometheus imapd-ssl: LOGOUT, ip=[::ffff:93.210.161.84], rcvd=84, sent=342 Dec 3 03:38:58 prometheus imapd-ssl: LOGIN FAILED, method=PLAIN, ip=[::ffff:93.210.161.84] Dec 3 03:39:03 prometheus imapd-ssl: LOGOUT, ip=[::ffff:93.210.161.84], rcvd=72, sent=342 Dec 3 03:39:03 prometheus imapd-ssl: LOGIN FAILED, user=sebastian, ip=[::ffff:93.210.161.84] Dec 3 03:39:08 prometheus imapd-ssl: LOGOUT, ip=[::ffff:93.210.161.84], rcvd=48, sent=338 Dec 3 03:39:09 prometheus imapd-ssl: LOGIN FAILED, method=PLAIN, ip=[::ffff:93.210.161.84] Dec 3 03:39:14 prometheus imapd-ssl: LOGOUT, ip=[::ffff:93.210.161.84], rcvd=84, sent=342 Dec 3 03:39:14 prometheus imapd-ssl: LOGIN FAILED, method=PLAIN........ -------------------------------	2019-12-04 05:39:56
177.139.167.7	attackbots	Dec 3 21:21:35 mail sshd\[28561\]: Invalid user jaynell from 177.139.167.7 Dec 3 21:21:35 mail sshd\[28561\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.139.167.7 Dec 3 21:21:38 mail sshd\[28561\]: Failed password for invalid user jaynell from 177.139.167.7 port 32835 ssh2 ...	2019-12-04 05:16:36
91.121.78.69	attack	RDP Brute-Force (Grieskirchen RZ1)	2019-12-04 05:41:32
101.206.72.167	attackbotsspam	Dec 3 14:50:30 TORMINT sshd\[22598\]: Invalid user test from 101.206.72.167 Dec 3 14:50:30 TORMINT sshd\[22598\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.206.72.167 Dec 3 14:50:32 TORMINT sshd\[22598\]: Failed password for invalid user test from 101.206.72.167 port 46324 ssh2 ...	2019-12-04 05:35:16

Recently Reported IPs

116.62.174.68	1.243.143.233	201.103.81.58	194.93.56.240
54.37.226.123	36.78.211.185	223.16.183.248	180.167.195.167
127.235.200.133	248.158.67.26	218.149.14.228	119.160.69.76
185.217.1.242	85.209.3.205	218.147.221.223	182.53.2.65
217.197.242.40	180.242.222.113	183.88.144.7	202.53.146.6