128.199.142.148

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Singapore

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Mar 8 02:15:35 ArkNodeAT sshd\[22085\]: Invalid user narciso from 128.199.142.148 Mar 8 02:15:35 ArkNodeAT sshd\[22085\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.142.148 Mar 8 02:15:37 ArkNodeAT sshd\[22085\]: Failed password for invalid user narciso from 128.199.142.148 port 39287 ssh2	2020-03-08 10:12:24
attackbots	SSH Brute Force	2020-03-08 03:02:36
attackspam	Feb 29 13:29:38 webhost01 sshd[14778]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.142.148 Feb 29 13:29:41 webhost01 sshd[14778]: Failed password for invalid user discordbot from 128.199.142.148 port 37676 ssh2 ...	2020-02-29 20:41:52
attackspam	Feb 13 04:45:37 web8 sshd\[32015\]: Invalid user cemergen from 128.199.142.148 Feb 13 04:45:37 web8 sshd\[32015\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.142.148 Feb 13 04:45:39 web8 sshd\[32015\]: Failed password for invalid user cemergen from 128.199.142.148 port 38512 ssh2 Feb 13 04:48:18 web8 sshd\[974\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.142.148 user=root Feb 13 04:48:20 web8 sshd\[974\]: Failed password for root from 128.199.142.148 port 50500 ssh2	2020-02-13 18:35:07
attackspambots	Feb 10 15:44:11 dedicated sshd[32363]: Invalid user mvc from 128.199.142.148 port 51570	2020-02-11 04:49:51
attackspam	2020-02-09T06:37:14.804528-07:00 suse-nuc sshd[15786]: Invalid user gsj from 128.199.142.148 port 35247 ...	2020-02-09 22:14:46
attackbots	Feb 2 16:06:33 markkoudstaal sshd[31228]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.142.148 Feb 2 16:06:35 markkoudstaal sshd[31228]: Failed password for invalid user test from 128.199.142.148 port 39071 ssh2 Feb 2 16:09:18 markkoudstaal sshd[31720]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.142.148	2020-02-03 00:09:50
attackbots	Unauthorized connection attempt detected from IP address 128.199.142.148 to port 2220 [J]	2020-01-23 18:41:34
attackspam	leo_www	2020-01-10 18:43:52
attackspambots	IP blocked	2019-12-28 17:21:26
attackspam	Dec 27 20:23:59 zulu412 sshd\[20656\]: Invalid user http from 128.199.142.148 port 57402 Dec 27 20:23:59 zulu412 sshd\[20656\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.142.148 Dec 27 20:24:01 zulu412 sshd\[20656\]: Failed password for invalid user http from 128.199.142.148 port 57402 ssh2 ...	2019-12-28 04:12:55
attackbotsspam	Dec 23 07:21:20 ns3042688 sshd\[13178\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.142.148 user=root Dec 23 07:21:22 ns3042688 sshd\[13178\]: Failed password for root from 128.199.142.148 port 57961 ssh2 Dec 23 07:27:35 ns3042688 sshd\[15952\]: Invalid user temp from 128.199.142.148 Dec 23 07:27:35 ns3042688 sshd\[15952\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.142.148 Dec 23 07:27:36 ns3042688 sshd\[15952\]: Failed password for invalid user temp from 128.199.142.148 port 32777 ssh2 ...	2019-12-23 18:10:43
attackspam	Dec 23 00:51:16 heissa sshd\[8792\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.142.148 user=mail Dec 23 00:51:18 heissa sshd\[8792\]: Failed password for mail from 128.199.142.148 port 58388 ssh2 Dec 23 00:56:40 heissa sshd\[9628\]: Invalid user tamiyasu from 128.199.142.148 port 60265 Dec 23 00:56:40 heissa sshd\[9628\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.142.148 Dec 23 00:56:42 heissa sshd\[9628\]: Failed password for invalid user tamiyasu from 128.199.142.148 port 60265 ssh2	2019-12-23 08:41:04
attackspambots	Dec 20 19:36:23 legacy sshd[23638]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.142.148 Dec 20 19:36:25 legacy sshd[23638]: Failed password for invalid user guest from 128.199.142.148 port 50398 ssh2 Dec 20 19:42:53 legacy sshd[23938]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.142.148 ...	2019-12-21 02:47:33

相同子网IP讨论:

IP	类型	评论内容	时间
128.199.142.0	attackspambots	Sep 12 16:16:37 serwer sshd\[3065\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.142.0 user=root Sep 12 16:16:38 serwer sshd\[3065\]: Failed password for root from 128.199.142.0 port 36918 ssh2 Sep 12 16:25:32 serwer sshd\[3957\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.142.0 user=root ...	2020-09-12 23:12:22
128.199.142.0	attackspambots	$f2bV_matches	2020-09-12 15:17:07
128.199.142.0	attack	SSH Invalid Login	2020-09-12 07:03:24
128.199.142.0	attack	(sshd) Failed SSH login from 128.199.142.0 (SG/Singapore/-): 5 in the last 3600 secs	2020-08-21 00:59:43
128.199.142.138	attackspam	Aug 15 07:06:35 piServer sshd[16442]: Failed password for root from 128.199.142.138 port 56860 ssh2 Aug 15 07:09:24 piServer sshd[16715]: Failed password for root from 128.199.142.138 port 54146 ssh2 ...	2020-08-15 14:57:07
128.199.142.0	attack	Aug 14 22:59:53 jumpserver sshd[155239]: Failed password for root from 128.199.142.0 port 56510 ssh2 Aug 14 23:04:02 jumpserver sshd[155283]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.142.0 user=root Aug 14 23:04:05 jumpserver sshd[155283]: Failed password for root from 128.199.142.0 port 39556 ssh2 ...	2020-08-15 07:49:09
128.199.142.138	attackbotsspam	Aug 14 16:26:15 vps sshd[1025149]: Failed password for invalid user Asdfg%TGB123 from 128.199.142.138 port 48686 ssh2 Aug 14 16:30:19 vps sshd[1046148]: Invalid user %username%qwert from 128.199.142.138 port 57634 Aug 14 16:30:19 vps sshd[1046148]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.142.138 Aug 14 16:30:21 vps sshd[1046148]: Failed password for invalid user %username%qwert from 128.199.142.138 port 57634 ssh2 Aug 14 16:34:27 vps sshd[15694]: Invalid user qwert@123123 from 128.199.142.138 port 38322 ...	2020-08-15 03:01:23
128.199.142.0	attackbots	2020-08-14T07:27:17.993455lavrinenko.info sshd[9049]: Failed password for root from 128.199.142.0 port 40734 ssh2 2020-08-14T07:28:35.008729lavrinenko.info sshd[9057]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.142.0 user=root 2020-08-14T07:28:36.458512lavrinenko.info sshd[9057]: Failed password for root from 128.199.142.0 port 59172 ssh2 2020-08-14T07:29:53.718300lavrinenko.info sshd[9064]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.142.0 user=root 2020-08-14T07:29:55.679886lavrinenko.info sshd[9064]: Failed password for root from 128.199.142.0 port 49378 ssh2 ...	2020-08-14 14:06:02
128.199.142.138	attackspam	Aug 13 12:18:41 itv-usvr-01 sshd[7872]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.142.138 user=root Aug 13 12:18:43 itv-usvr-01 sshd[7872]: Failed password for root from 128.199.142.138 port 45424 ssh2 Aug 13 12:19:13 itv-usvr-01 sshd[7900]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.142.138 user=root Aug 13 12:19:15 itv-usvr-01 sshd[7900]: Failed password for root from 128.199.142.138 port 41368 ssh2	2020-08-13 13:27:42
128.199.142.138	attack	prod6 ...	2020-08-11 01:11:48
128.199.142.138	attackbots	Jul 22 00:29:21 journals sshd\[92219\]: Invalid user sunny from 128.199.142.138 Jul 22 00:29:21 journals sshd\[92219\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.142.138 Jul 22 00:29:23 journals sshd\[92219\]: Failed password for invalid user sunny from 128.199.142.138 port 33938 ssh2 Jul 22 00:34:20 journals sshd\[92660\]: Invalid user arijit from 128.199.142.138 Jul 22 00:34:20 journals sshd\[92660\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.142.138 ...	2020-07-22 05:51:14
128.199.142.0	attackbotsspam	Jul 17 14:07:19 master sshd[13017]: Failed password for invalid user postgres from 128.199.142.0 port 53320 ssh2	2020-07-18 00:33:10
128.199.142.0	attack	SSH login attempts.	2020-07-10 02:27:08
128.199.142.0	attackbots	2020-07-07T14:58:12.930016vps773228.ovh.net sshd[15365]: Invalid user hxlong from 128.199.142.0 port 35054 2020-07-07T14:58:12.940193vps773228.ovh.net sshd[15365]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.142.0 2020-07-07T14:58:12.930016vps773228.ovh.net sshd[15365]: Invalid user hxlong from 128.199.142.0 port 35054 2020-07-07T14:58:14.703660vps773228.ovh.net sshd[15365]: Failed password for invalid user hxlong from 128.199.142.0 port 35054 ssh2 2020-07-07T15:00:59.579535vps773228.ovh.net sshd[15447]: Invalid user bryan from 128.199.142.0 port 48872 ...	2020-07-08 04:08:11
128.199.142.138	attackspambots	SSH Brute Force	2020-07-05 21:14:58

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 128.199.142.148
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 14600
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;128.199.142.148.		IN	A

;; AUTHORITY SECTION:
.			462	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019122001 1800 900 604800 86400

;; Query time: 118 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Dec 21 02:47:19 CST 2019
;; MSG SIZE  rcvd: 119

HOST信息:

Host 148.142.199.128.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 148.142.199.128.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
80.211.73.8	attackspam	Sending spam phishing emails with HTML Attachments	2020-08-13 21:59:54
167.99.12.47	attackspam	Automatic report - Banned IP Access	2020-08-13 21:56:49
112.85.42.104	attackbotsspam	Aug 13 13:19:35 localhost sshd[109578]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.104 user=root Aug 13 13:19:37 localhost sshd[109578]: Failed password for root from 112.85.42.104 port 47288 ssh2 Aug 13 13:19:39 localhost sshd[109578]: Failed password for root from 112.85.42.104 port 47288 ssh2 Aug 13 13:19:35 localhost sshd[109578]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.104 user=root Aug 13 13:19:37 localhost sshd[109578]: Failed password for root from 112.85.42.104 port 47288 ssh2 Aug 13 13:19:39 localhost sshd[109578]: Failed password for root from 112.85.42.104 port 47288 ssh2 Aug 13 13:19:35 localhost sshd[109578]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.104 user=root Aug 13 13:19:37 localhost sshd[109578]: Failed password for root from 112.85.42.104 port 47288 ssh2 Aug 13 13:19:39 localhost sshd[109578]: F ...	2020-08-13 21:22:13
190.15.59.5	attackspam	"fail2ban match"	2020-08-13 22:09:03
112.85.42.195	attackspam	Aug 13 13:30:40 onepixel sshd[4160164]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.195 user=root Aug 13 13:30:42 onepixel sshd[4160164]: Failed password for root from 112.85.42.195 port 17583 ssh2 Aug 13 13:30:40 onepixel sshd[4160164]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.195 user=root Aug 13 13:30:42 onepixel sshd[4160164]: Failed password for root from 112.85.42.195 port 17583 ssh2 Aug 13 13:30:46 onepixel sshd[4160164]: Failed password for root from 112.85.42.195 port 17583 ssh2	2020-08-13 21:38:50
27.67.197.54	attackbotsspam	1597321196 - 08/13/2020 14:19:56 Host: 27.67.197.54/27.67.197.54 Port: 445 TCP Blocked	2020-08-13 21:31:26
5.135.165.55	attackspambots	Aug 13 02:37:54 web9 sshd\[12980\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.135.165.55 user=root Aug 13 02:37:56 web9 sshd\[12980\]: Failed password for root from 5.135.165.55 port 36358 ssh2 Aug 13 02:41:39 web9 sshd\[13552\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.135.165.55 user=root Aug 13 02:41:41 web9 sshd\[13552\]: Failed password for root from 5.135.165.55 port 46584 ssh2 Aug 13 02:45:33 web9 sshd\[14118\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.135.165.55 user=root	2020-08-13 21:35:10
59.14.34.130	attackbots	Aug 13 15:22:47 nextcloud sshd\[14300\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.14.34.130 user=root Aug 13 15:22:49 nextcloud sshd\[14300\]: Failed password for root from 59.14.34.130 port 38614 ssh2 Aug 13 15:26:14 nextcloud sshd\[18839\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.14.34.130 user=root	2020-08-13 21:32:41
104.236.48.174	attackbots	Aug 13 15:10:06 vps647732 sshd[823]: Failed password for root from 104.236.48.174 port 36440 ssh2 ...	2020-08-13 21:25:14
203.217.140.77	attack	Aug 13 09:15:39 firewall sshd[24449]: Failed password for root from 203.217.140.77 port 21348 ssh2 Aug 13 09:19:56 firewall sshd[24598]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.217.140.77 user=root Aug 13 09:19:59 firewall sshd[24598]: Failed password for root from 203.217.140.77 port 17492 ssh2 ...	2020-08-13 21:29:10
144.217.83.201	attack	Aug 13 13:13:28 game-panel sshd[3378]: Failed password for root from 144.217.83.201 port 47726 ssh2 Aug 13 13:17:40 game-panel sshd[3626]: Failed password for root from 144.217.83.201 port 57770 ssh2	2020-08-13 21:42:29
31.211.82.33	attack	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-08-13 22:11:14
183.187.138.71	attack	Telnet Server BruteForce Attack	2020-08-13 21:36:31
193.70.88.213	attackspam	2020-08-13T14:19:37.910593+02:00 sshd[15653]: Failed password for root from 193.70.88.213 port 42776 ssh2	2020-08-13 21:21:41
185.153.197.32	attackspam	[MK-VM4] Blocked by UFW	2020-08-13 21:36:08

最近上报的IP列表

36.65.230.150	31.173.85.76	31.135.47.176	70.157.132.59
223.204.240.166	222.252.53.224	27.64.192.64	23.82.29.57
216.38.8.179	211.181.237.54	202.57.41.246	201.178.215.173
200.123.25.196	60.15.229.166	200.59.189.124	86.134.102.120
193.161.13.137	122.213.111.0	183.246.102.181	191.250.157.72