128.199.142.148

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Singapore

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Mar 8 02:15:35 ArkNodeAT sshd\[22085\]: Invalid user narciso from 128.199.142.148 Mar 8 02:15:35 ArkNodeAT sshd\[22085\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.142.148 Mar 8 02:15:37 ArkNodeAT sshd\[22085\]: Failed password for invalid user narciso from 128.199.142.148 port 39287 ssh2	2020-03-08 10:12:24
attackbots	SSH Brute Force	2020-03-08 03:02:36
attackspam	Feb 29 13:29:38 webhost01 sshd[14778]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.142.148 Feb 29 13:29:41 webhost01 sshd[14778]: Failed password for invalid user discordbot from 128.199.142.148 port 37676 ssh2 ...	2020-02-29 20:41:52
attackspam	Feb 13 04:45:37 web8 sshd\[32015\]: Invalid user cemergen from 128.199.142.148 Feb 13 04:45:37 web8 sshd\[32015\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.142.148 Feb 13 04:45:39 web8 sshd\[32015\]: Failed password for invalid user cemergen from 128.199.142.148 port 38512 ssh2 Feb 13 04:48:18 web8 sshd\[974\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.142.148 user=root Feb 13 04:48:20 web8 sshd\[974\]: Failed password for root from 128.199.142.148 port 50500 ssh2	2020-02-13 18:35:07
attackspambots	Feb 10 15:44:11 dedicated sshd[32363]: Invalid user mvc from 128.199.142.148 port 51570	2020-02-11 04:49:51
attackspam	2020-02-09T06:37:14.804528-07:00 suse-nuc sshd[15786]: Invalid user gsj from 128.199.142.148 port 35247 ...	2020-02-09 22:14:46
attackbots	Feb 2 16:06:33 markkoudstaal sshd[31228]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.142.148 Feb 2 16:06:35 markkoudstaal sshd[31228]: Failed password for invalid user test from 128.199.142.148 port 39071 ssh2 Feb 2 16:09:18 markkoudstaal sshd[31720]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.142.148	2020-02-03 00:09:50
attackbots	Unauthorized connection attempt detected from IP address 128.199.142.148 to port 2220 [J]	2020-01-23 18:41:34
attackspam	leo_www	2020-01-10 18:43:52
attackspambots	IP blocked	2019-12-28 17:21:26
attackspam	Dec 27 20:23:59 zulu412 sshd\[20656\]: Invalid user http from 128.199.142.148 port 57402 Dec 27 20:23:59 zulu412 sshd\[20656\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.142.148 Dec 27 20:24:01 zulu412 sshd\[20656\]: Failed password for invalid user http from 128.199.142.148 port 57402 ssh2 ...	2019-12-28 04:12:55
attackbotsspam	Dec 23 07:21:20 ns3042688 sshd\[13178\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.142.148 user=root Dec 23 07:21:22 ns3042688 sshd\[13178\]: Failed password for root from 128.199.142.148 port 57961 ssh2 Dec 23 07:27:35 ns3042688 sshd\[15952\]: Invalid user temp from 128.199.142.148 Dec 23 07:27:35 ns3042688 sshd\[15952\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.142.148 Dec 23 07:27:36 ns3042688 sshd\[15952\]: Failed password for invalid user temp from 128.199.142.148 port 32777 ssh2 ...	2019-12-23 18:10:43
attackspam	Dec 23 00:51:16 heissa sshd\[8792\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.142.148 user=mail Dec 23 00:51:18 heissa sshd\[8792\]: Failed password for mail from 128.199.142.148 port 58388 ssh2 Dec 23 00:56:40 heissa sshd\[9628\]: Invalid user tamiyasu from 128.199.142.148 port 60265 Dec 23 00:56:40 heissa sshd\[9628\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.142.148 Dec 23 00:56:42 heissa sshd\[9628\]: Failed password for invalid user tamiyasu from 128.199.142.148 port 60265 ssh2	2019-12-23 08:41:04
attackspambots	Dec 20 19:36:23 legacy sshd[23638]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.142.148 Dec 20 19:36:25 legacy sshd[23638]: Failed password for invalid user guest from 128.199.142.148 port 50398 ssh2 Dec 20 19:42:53 legacy sshd[23938]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.142.148 ...	2019-12-21 02:47:33

相同子网IP讨论:

IP	类型	评论内容	时间
128.199.142.0	attackspambots	Sep 12 16:16:37 serwer sshd\[3065\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.142.0 user=root Sep 12 16:16:38 serwer sshd\[3065\]: Failed password for root from 128.199.142.0 port 36918 ssh2 Sep 12 16:25:32 serwer sshd\[3957\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.142.0 user=root ...	2020-09-12 23:12:22
128.199.142.0	attackspambots	$f2bV_matches	2020-09-12 15:17:07
128.199.142.0	attack	SSH Invalid Login	2020-09-12 07:03:24
128.199.142.0	attack	(sshd) Failed SSH login from 128.199.142.0 (SG/Singapore/-): 5 in the last 3600 secs	2020-08-21 00:59:43
128.199.142.138	attackspam	Aug 15 07:06:35 piServer sshd[16442]: Failed password for root from 128.199.142.138 port 56860 ssh2 Aug 15 07:09:24 piServer sshd[16715]: Failed password for root from 128.199.142.138 port 54146 ssh2 ...	2020-08-15 14:57:07
128.199.142.0	attack	Aug 14 22:59:53 jumpserver sshd[155239]: Failed password for root from 128.199.142.0 port 56510 ssh2 Aug 14 23:04:02 jumpserver sshd[155283]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.142.0 user=root Aug 14 23:04:05 jumpserver sshd[155283]: Failed password for root from 128.199.142.0 port 39556 ssh2 ...	2020-08-15 07:49:09
128.199.142.138	attackbotsspam	Aug 14 16:26:15 vps sshd[1025149]: Failed password for invalid user Asdfg%TGB123 from 128.199.142.138 port 48686 ssh2 Aug 14 16:30:19 vps sshd[1046148]: Invalid user %username%qwert from 128.199.142.138 port 57634 Aug 14 16:30:19 vps sshd[1046148]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.142.138 Aug 14 16:30:21 vps sshd[1046148]: Failed password for invalid user %username%qwert from 128.199.142.138 port 57634 ssh2 Aug 14 16:34:27 vps sshd[15694]: Invalid user qwert@123123 from 128.199.142.138 port 38322 ...	2020-08-15 03:01:23
128.199.142.0	attackbots	2020-08-14T07:27:17.993455lavrinenko.info sshd[9049]: Failed password for root from 128.199.142.0 port 40734 ssh2 2020-08-14T07:28:35.008729lavrinenko.info sshd[9057]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.142.0 user=root 2020-08-14T07:28:36.458512lavrinenko.info sshd[9057]: Failed password for root from 128.199.142.0 port 59172 ssh2 2020-08-14T07:29:53.718300lavrinenko.info sshd[9064]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.142.0 user=root 2020-08-14T07:29:55.679886lavrinenko.info sshd[9064]: Failed password for root from 128.199.142.0 port 49378 ssh2 ...	2020-08-14 14:06:02
128.199.142.138	attackspam	Aug 13 12:18:41 itv-usvr-01 sshd[7872]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.142.138 user=root Aug 13 12:18:43 itv-usvr-01 sshd[7872]: Failed password for root from 128.199.142.138 port 45424 ssh2 Aug 13 12:19:13 itv-usvr-01 sshd[7900]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.142.138 user=root Aug 13 12:19:15 itv-usvr-01 sshd[7900]: Failed password for root from 128.199.142.138 port 41368 ssh2	2020-08-13 13:27:42
128.199.142.138	attack	prod6 ...	2020-08-11 01:11:48
128.199.142.138	attackbots	Jul 22 00:29:21 journals sshd\[92219\]: Invalid user sunny from 128.199.142.138 Jul 22 00:29:21 journals sshd\[92219\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.142.138 Jul 22 00:29:23 journals sshd\[92219\]: Failed password for invalid user sunny from 128.199.142.138 port 33938 ssh2 Jul 22 00:34:20 journals sshd\[92660\]: Invalid user arijit from 128.199.142.138 Jul 22 00:34:20 journals sshd\[92660\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.142.138 ...	2020-07-22 05:51:14
128.199.142.0	attackbotsspam	Jul 17 14:07:19 master sshd[13017]: Failed password for invalid user postgres from 128.199.142.0 port 53320 ssh2	2020-07-18 00:33:10
128.199.142.0	attack	SSH login attempts.	2020-07-10 02:27:08
128.199.142.0	attackbots	2020-07-07T14:58:12.930016vps773228.ovh.net sshd[15365]: Invalid user hxlong from 128.199.142.0 port 35054 2020-07-07T14:58:12.940193vps773228.ovh.net sshd[15365]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.142.0 2020-07-07T14:58:12.930016vps773228.ovh.net sshd[15365]: Invalid user hxlong from 128.199.142.0 port 35054 2020-07-07T14:58:14.703660vps773228.ovh.net sshd[15365]: Failed password for invalid user hxlong from 128.199.142.0 port 35054 ssh2 2020-07-07T15:00:59.579535vps773228.ovh.net sshd[15447]: Invalid user bryan from 128.199.142.0 port 48872 ...	2020-07-08 04:08:11
128.199.142.138	attackspambots	SSH Brute Force	2020-07-05 21:14:58

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 128.199.142.148
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 14600
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;128.199.142.148.		IN	A

;; AUTHORITY SECTION:
.			462	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019122001 1800 900 604800 86400

;; Query time: 118 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Dec 21 02:47:19 CST 2019
;; MSG SIZE  rcvd: 119

HOST信息:

Host 148.142.199.128.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 148.142.199.128.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
218.92.0.172	attack	SSH bruteforce	2020-01-16 05:48:49
101.50.116.28	attack	Unauthorized connection attempt detected from IP address 101.50.116.28 to port 445	2020-01-16 06:08:39
85.118.98.220	attack	Unauthorized connection attempt from IP address 85.118.98.220 on Port 445(SMB)	2020-01-16 05:34:08
31.169.84.6	attack	Jan 15 22:28:06 meumeu sshd[2841]: Failed password for root from 31.169.84.6 port 37416 ssh2 Jan 15 22:31:06 meumeu sshd[3365]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.169.84.6 Jan 15 22:31:09 meumeu sshd[3365]: Failed password for invalid user amit from 31.169.84.6 port 36290 ssh2 ...	2020-01-16 05:35:49
67.230.183.193	attackspambots	Jan 16 03:25:39 lcl-usvr-02 sshd[25539]: Invalid user thomas from 67.230.183.193 port 16276 Jan 16 03:25:39 lcl-usvr-02 sshd[25539]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=67.230.183.193 Jan 16 03:25:39 lcl-usvr-02 sshd[25539]: Invalid user thomas from 67.230.183.193 port 16276 Jan 16 03:25:42 lcl-usvr-02 sshd[25539]: Failed password for invalid user thomas from 67.230.183.193 port 16276 ssh2 Jan 16 03:31:01 lcl-usvr-02 sshd[26620]: Invalid user celery from 67.230.183.193 port 47504 ...	2020-01-16 06:07:30
37.9.46.11	attack	B: Magento admin pass test (wrong country)	2020-01-16 05:46:43
132.248.38.242	attack	Unauthorized connection attempt from IP address 132.248.38.242 on Port 445(SMB)	2020-01-16 05:37:20
201.210.162.8	attack	Unauthorized connection attempt from IP address 201.210.162.8 on Port 445(SMB)	2020-01-16 05:53:38
47.112.48.170	attack	Scanning	2020-01-16 06:08:03
94.21.243.204	attackbotsspam	Nov 1 12:26:52 odroid64 sshd\[13090\]: Invalid user pzserver from 94.21.243.204 Nov 1 12:26:52 odroid64 sshd\[13090\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.21.243.204 Nov 29 00:42:52 odroid64 sshd\[28969\]: User root from 94.21.243.204 not allowed because not listed in AllowUsers Nov 29 00:42:52 odroid64 sshd\[28969\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.21.243.204 user=root ...	2020-01-16 05:51:25
93.56.33.34	attackbots	Unauthorized connection attempt from IP address 93.56.33.34 on Port 445(SMB)	2020-01-16 05:52:56
116.231.150.238	attackbotsspam	Unauthorized connection attempt from IP address 116.231.150.238 on Port 445(SMB)	2020-01-16 05:38:37
79.45.13.110	attackbotsspam	Unauthorized connection attempt detected from IP address 79.45.13.110 to port 81	2020-01-16 05:56:10
168.194.155.18	attackspambots	Unauthorized connection attempt from IP address 168.194.155.18 on Port 445(SMB)	2020-01-16 05:43:06
94.191.62.170	attackbots	Nov 3 03:16:19 odroid64 sshd\[7711\]: User root from 94.191.62.170 not allowed because not listed in AllowUsers Nov 3 03:16:19 odroid64 sshd\[7711\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.191.62.170 user=root ...	2020-01-16 06:04:21

最近上报的IP列表

36.65.230.150	31.173.85.76	31.135.47.176	70.157.132.59
223.204.240.166	222.252.53.224	27.64.192.64	23.82.29.57
216.38.8.179	211.181.237.54	202.57.41.246	201.178.215.173
200.123.25.196	60.15.229.166	200.59.189.124	86.134.102.120
193.161.13.137	122.213.111.0	183.246.102.181	191.250.157.72