128.199.143.19

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Singapore

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2020-09-19 00:01:10
attackspam	Fail2Ban Ban Triggered	2020-09-18 16:08:33
attack	Brute-force attempt banned	2020-09-18 06:23:16
attack	Aug 27 21:04:41 124388 sshd[19123]: Failed password for root from 128.199.143.19 port 59248 ssh2 Aug 27 21:08:24 124388 sshd[19267]: Invalid user apotre from 128.199.143.19 port 36934 Aug 27 21:08:24 124388 sshd[19267]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.143.19 Aug 27 21:08:24 124388 sshd[19267]: Invalid user apotre from 128.199.143.19 port 36934 Aug 27 21:08:26 124388 sshd[19267]: Failed password for invalid user apotre from 128.199.143.19 port 36934 ssh2	2020-08-28 05:59:02
attackspambots	Aug 20 22:12:24 game-panel sshd[1421]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.143.19 Aug 20 22:12:27 game-panel sshd[1421]: Failed password for invalid user kody from 128.199.143.19 port 52950 ssh2 Aug 20 22:16:19 game-panel sshd[1577]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.143.19	2020-08-21 06:32:42
attack	Aug 19 17:03:10 localhost sshd[793989]: Invalid user ts3server from 128.199.143.19 port 53030 ...	2020-08-19 17:58:26
attackbotsspam	prod11 ...	2020-08-06 23:59:42
attack	2020-08-03T22:38:16.777506centos sshd[31983]: Failed password for root from 128.199.143.19 port 37832 ssh2 2020-08-03T22:41:39.808586centos sshd[32271]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.143.19 user=root 2020-08-03T22:41:42.135346centos sshd[32271]: Failed password for root from 128.199.143.19 port 36780 ssh2 ...	2020-08-04 06:17:52
attackbots	2020-07-31T11:29:04.774266correo.[domain] sshd[44838]: Failed password for root from 128.199.143.19 port 33440 ssh2 2020-07-31T11:33:23.850780correo.[domain] sshd[45606]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.143.19 user=root 2020-07-31T11:33:25.382857correo.[domain] sshd[45606]: Failed password for root from 128.199.143.19 port 45286 ssh2 ...	2020-08-02 00:10:17
attackbots	2020-07-28T00:00:39.896417ks3355764 sshd[21693]: Invalid user 2 from 128.199.143.19 port 45480 2020-07-28T00:00:41.785575ks3355764 sshd[21693]: Failed password for invalid user 2 from 128.199.143.19 port 45480 ssh2 ...	2020-07-28 06:47:22
attackbotsspam	Invalid user gtmp from 128.199.143.19 port 43238	2020-07-23 14:36:18
attack	2020-07-17T14:13:37+0200 Failed SSH Authentication/Brute Force Attack. (Server 9)	2020-07-17 22:06:42
attackspam	Jul 13 19:46:01 sxvn sshd[57121]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.143.19	2020-07-14 02:20:17
attackspambots	(sshd) Failed SSH login from 128.199.143.19 (SG/Singapore/-): 5 in the last 3600 secs	2020-06-16 23:22:28
attackbots	2020-06-08T01:03:10.6931991495-001 sshd[54210]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.143.19 user=root 2020-06-08T01:03:12.7219131495-001 sshd[54210]: Failed password for root from 128.199.143.19 port 52776 ssh2 2020-06-08T01:06:59.7637991495-001 sshd[54323]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.143.19 user=root 2020-06-08T01:07:01.8977641495-001 sshd[54323]: Failed password for root from 128.199.143.19 port 55326 ssh2 2020-06-08T01:10:39.2150421495-001 sshd[54451]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.143.19 user=root 2020-06-08T01:10:41.5498691495-001 sshd[54451]: Failed password for root from 128.199.143.19 port 57880 ssh2 ...	2020-06-08 13:48:22
attackspam	Brute-force attempt banned	2020-06-08 01:23:56
attackspambots	May 29 06:23:01 [host] sshd[975]: pam_unix(sshd:au May 29 06:23:03 [host] sshd[975]: Failed password May 29 06:26:53 [host] sshd[1060]: Invalid user ab May 29 06:26:53 [host] sshd[1060]: pam_unix(sshd:a	2020-05-29 12:44:53
attackbots	5x Failed Password	2020-05-26 10:31:20
attackspambots	May 21 00:15:14 rotator sshd\[893\]: Invalid user meitao from 128.199.143.19May 21 00:15:16 rotator sshd\[893\]: Failed password for invalid user meitao from 128.199.143.19 port 39510 ssh2May 21 00:18:48 rotator sshd\[1423\]: Invalid user mgr from 128.199.143.19May 21 00:18:50 rotator sshd\[1423\]: Failed password for invalid user mgr from 128.199.143.19 port 45214 ssh2May 21 00:22:23 rotator sshd\[2210\]: Invalid user gni from 128.199.143.19May 21 00:22:25 rotator sshd\[2210\]: Failed password for invalid user gni from 128.199.143.19 port 50920 ssh2 ...	2020-05-21 06:39:08
attackbots	Invalid user admin from 128.199.143.19 port 50496	2020-05-14 13:08:57
attackbotsspam	May 13 23:32:41 meumeu sshd[27897]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.143.19 May 13 23:32:43 meumeu sshd[27897]: Failed password for invalid user manager from 128.199.143.19 port 55254 ssh2 May 13 23:36:33 meumeu sshd[31867]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.143.19 ...	2020-05-14 07:20:10
attackbotsspam	20 attempts against mh-ssh on echoip	2020-05-08 07:19:17
attackbotsspam	May 3 00:04:26 gw1 sshd[3604]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.143.19 May 3 00:04:28 gw1 sshd[3604]: Failed password for invalid user grafana from 128.199.143.19 port 33804 ssh2 ...	2020-05-03 03:15:37
attackspam	Apr 28 15:08:31 server sshd[22823]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.143.19 Apr 28 15:08:34 server sshd[22823]: Failed password for invalid user jt from 128.199.143.19 port 54650 ssh2 Apr 28 15:13:51 server sshd[23667]: Failed password for root from 128.199.143.19 port 38620 ssh2 ...	2020-04-28 21:18:35
attack	Apr 17 12:55:35 roki sshd[2808]: Invalid user rb from 128.199.143.19 Apr 17 12:55:35 roki sshd[2808]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.143.19 Apr 17 12:55:36 roki sshd[2808]: Failed password for invalid user rb from 128.199.143.19 port 35312 ssh2 Apr 17 12:57:25 roki sshd[2927]: Invalid user jn from 128.199.143.19 Apr 17 12:57:25 roki sshd[2927]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.143.19 ...	2020-04-17 19:42:05

相同子网IP讨论:

IP	类型	评论内容	时间
128.199.143.157	attackbotsspam	2020-10-13T21:24:52.575820hostname sshd[85209]: Failed password for root from 128.199.143.157 port 48436 ssh2 ...	2020-10-14 03:49:09
128.199.143.157	attack	Oct 13 10:56:17 ip-172-31-61-156 sshd[30285]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.143.157 user=root Oct 13 10:56:20 ip-172-31-61-156 sshd[30285]: Failed password for root from 128.199.143.157 port 32790 ssh2 Oct 13 11:00:26 ip-172-31-61-156 sshd[30468]: Invalid user ruth from 128.199.143.157 Oct 13 11:00:26 ip-172-31-61-156 sshd[30468]: Invalid user ruth from 128.199.143.157 ...	2020-10-13 19:08:52
128.199.143.157	attackspam	Banned for a week because repeated abuses, for example SSH, but not only	2020-10-05 04:26:47
128.199.143.157	attackspam	Oct 4 04:53:37 server sshd[1956246]: Invalid user server from 128.199.143.157 port 42990 Oct 4 04:53:40 server sshd[1956246]: Failed password for invalid user server from 128.199.143.157 port 42990 ssh2 ...	2020-10-04 20:20:41
128.199.143.157	attackspambots	Fail2Ban Ban Triggered	2020-10-04 12:02:42
128.199.143.89	attackbotsspam	$f2bV_matches	2020-09-11 00:10:47
128.199.143.89	attack	(sshd) Failed SSH login from 128.199.143.89 (SG/Singapore/edm.maceo-solutions.com): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 10 01:53:52 server sshd[4691]: Invalid user BOBEAR from 128.199.143.89 port 45261 Sep 10 01:53:54 server sshd[4691]: Failed password for invalid user BOBEAR from 128.199.143.89 port 45261 ssh2 Sep 10 02:07:18 server sshd[12201]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.143.89 user=root Sep 10 02:07:20 server sshd[12201]: Failed password for root from 128.199.143.89 port 34004 ssh2 Sep 10 02:10:33 server sshd[13077]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.143.89 user=root	2020-09-10 15:34:34
128.199.143.89	attackbots	Time: Wed Sep 9 17:43:57 2020 +0000 IP: 128.199.143.89 (SG/Singapore/edm.maceo-solutions.com) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 9 17:23:39 ca-1-ams1 sshd[54398]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.143.89 user=root Sep 9 17:23:41 ca-1-ams1 sshd[54398]: Failed password for root from 128.199.143.89 port 36262 ssh2 Sep 9 17:40:18 ca-1-ams1 sshd[54823]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.143.89 user=root Sep 9 17:40:20 ca-1-ams1 sshd[54823]: Failed password for root from 128.199.143.89 port 41584 ssh2 Sep 9 17:43:57 ca-1-ams1 sshd[54938]: Invalid user rebecca from 128.199.143.89 port 40642	2020-09-10 06:12:25
128.199.143.89	attackbotsspam	Sep 2 14:05:13 buvik sshd[13887]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.143.89 Sep 2 14:05:15 buvik sshd[13887]: Failed password for invalid user win from 128.199.143.89 port 35682 ssh2 Sep 2 14:10:54 buvik sshd[14730]: Invalid user pgx from 128.199.143.89 ...	2020-09-02 20:13:58
128.199.143.89	attackspambots	Too many connections or unauthorized access detected from Arctic banned ip	2020-09-02 12:10:20
128.199.143.89	attack	Port Scan detected from 128.199.143.89 (SG/Singapore/-/Singapore (Pioneer)/edm.maceo-solutions.com). 4 hits in the last 205 seconds	2020-09-02 05:20:54
128.199.143.89	attack	Aug 31 16:34:13 jane sshd[17022]: Failed password for root from 128.199.143.89 port 56263 ssh2 ...	2020-09-01 04:35:38
128.199.143.89	attackbots	Aug 26 17:23:16 ny01 sshd[22117]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.143.89 Aug 26 17:23:18 ny01 sshd[22117]: Failed password for invalid user gaojian from 128.199.143.89 port 52077 ssh2 Aug 26 17:27:30 ny01 sshd[23020]: Failed password for root from 128.199.143.89 port 56265 ssh2	2020-08-27 05:38:43
128.199.143.89	attackspambots	$f2bV_matches	2020-08-25 17:33:56
128.199.143.89	attack	Invalid user back from 128.199.143.89 port 48615	2020-08-24 06:48:45

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 128.199.143.19
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 15029
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;128.199.143.19.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020041701 1800 900 604800 86400

;; Query time: 86 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Apr 17 19:42:00 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 19.143.199.128.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 19.143.199.128.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
49.233.153.154	attackspam	<6 unauthorized SSH connections	2020-05-28 15:04:03
108.12.225.85	attackbotsspam	May 28 06:30:37 xeon sshd[20971]: Failed password for invalid user enable from 108.12.225.85 port 55062 ssh2	2020-05-28 14:58:23
180.166.141.58	attackbotsspam	May 28 08:34:00 debian-2gb-nbg1-2 kernel: \[12906431.044624\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=180.166.141.58 DST=195.201.40.59 LEN=40 TOS=0x08 PREC=0x00 TTL=237 ID=35175 PROTO=TCP SPT=50029 DPT=17566 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-28 14:39:20
104.248.137.95	attackbots	May 27 21:49:11 server1 sshd\[10705\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.137.95 user=root May 27 21:49:13 server1 sshd\[10705\]: Failed password for root from 104.248.137.95 port 37270 ssh2 May 27 21:52:32 server1 sshd\[11722\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.137.95 user=root May 27 21:52:34 server1 sshd\[11722\]: Failed password for root from 104.248.137.95 port 42406 ssh2 May 27 21:55:57 server1 sshd\[12709\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.137.95 user=root ...	2020-05-28 14:57:15
40.85.100.216	attackbotsspam	Invalid user gretta from 40.85.100.216 port 58636	2020-05-28 14:32:58
35.241.123.113	attackspam	ssh brute force	2020-05-28 14:29:02
218.95.175.166	attackspambots	May 28 08:25:34 ns382633 sshd\[21862\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.95.175.166 user=root May 28 08:25:36 ns382633 sshd\[21862\]: Failed password for root from 218.95.175.166 port 49897 ssh2 May 28 08:44:08 ns382633 sshd\[24974\]: Invalid user built from 218.95.175.166 port 65340 May 28 08:44:08 ns382633 sshd\[24974\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.95.175.166 May 28 08:44:10 ns382633 sshd\[24974\]: Failed password for invalid user built from 218.95.175.166 port 65340 ssh2	2020-05-28 15:03:20
177.53.56.71	attackspam	May 28 02:15:18 Tower sshd[39992]: Connection from 177.53.56.71 port 44256 on 192.168.10.220 port 22 rdomain "" May 28 02:15:19 Tower sshd[39992]: Failed password for root from 177.53.56.71 port 44256 ssh2 May 28 02:15:19 Tower sshd[39992]: Received disconnect from 177.53.56.71 port 44256:11: Bye Bye [preauth] May 28 02:15:19 Tower sshd[39992]: Disconnected from authenticating user root 177.53.56.71 port 44256 [preauth]	2020-05-28 14:30:03
93.84.86.69	attackbotsspam	May 27 22:10:29 dignus sshd[13925]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.84.86.69 May 27 22:10:31 dignus sshd[13925]: Failed password for invalid user casagrande from 93.84.86.69 port 33838 ssh2 May 27 22:13:40 dignus sshd[14078]: Invalid user ftp_user from 93.84.86.69 port 52858 May 27 22:13:40 dignus sshd[14078]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.84.86.69 May 27 22:13:42 dignus sshd[14078]: Failed password for invalid user ftp_user from 93.84.86.69 port 52858 ssh2 ...	2020-05-28 14:58:48
193.77.155.50	attackspambots	Triggered by Fail2Ban at Ares web server	2020-05-28 14:58:03
36.111.182.48	attackbots	SSH login attempts.	2020-05-28 15:02:50
131.108.60.30	attackspambots	$f2bV_matches	2020-05-28 14:49:18
125.231.134.200	attackbotsspam	Telnet/23 MH Probe, Scan, BF, Hack -	2020-05-28 14:39:46
77.65.79.150	attack	SSH login attempts.	2020-05-28 14:33:27
88.70.168.110	attack	SSH login attempts.	2020-05-28 14:53:03

最近上报的IP列表

204.163.13.63	182.118.116.123	181.79.119.45	58.205.105.125
216.174.169.19	62.159.212.55	254.140.236.154	5.24.26.81
219.100.197.7	128.228.135.191	61.54.172.71	164.206.150.182
50.118.11.227	227.62.157.72	56.219.176.28	142.88.37.209
13.84.201.159	47.118.165.115	125.75.98.105	66.187.161.112