198.199.64.78 is a Hacker from United States (North Bergen)

IP informations Cybercrime IP Feeds Raw whois

198.199.64.78

is a

Hacker

100 %

United States

Report Abuse

145attacks reported

107Brute-ForceSSH

8Brute-Force

7SSH

7HackingBrute-ForceSSH

7uncategorized

3Port Scan

2Fraud VoIP

1Brute-ForceWeb App Attack

1DDoS AttackPort ScanBrute-ForceWeb App AttackSSH

1FTP Brute-ForceHacking

...

2abuse reported

1Web SpamBrute-ForceSSH

1Email Spam

1organizations reported

1uncategorized

from 63 distinct reporters

and 9 distinct sources : BadIPs.com, Blocklist.de, blocklist.net.ua, darklist.de, FireHOL, VoIPBL.org, GreenSnow.co, Charles Haley, AbuseIPDB

198.199.64.78 was first signaled at 2019-03-29 18:23 and last record was at 2020-08-04 14:15.

198.199.64.78

Organization

DigitalOcean, LLC

all IP owned by DigitalOcean, LLC

Localisation

United States

New Jersey, North Bergen

NetRange : First & Last IP

198.199.64.0 - 198.199.127.255

Network CIDR

198.199.64.0/18

ASN

14061

list IP by ASN 14061

Note about 198.0.0.0/8

198.18.0.0/15 reserved for Network Interconnect Device Benchmark Testing [RFC2544]. Complete registration details for 198.18.0.0/15 are found in [IANA registry iana-ipv4-special-registry]. 198.51.100.0/24 reserved for TEST-NET-2 [RFC5737]. Complete registration details for 198.51.100.0/24 are found in [IANA registry iana-ipv4-special-registry].

Cybercrime IP Feeds

Date UTC	Category	Sub Categories	Source List	Source	Logs
2020-08-04 14:15	attacks	Brute-Force		AbuseIPDB	Aug 5 00:57:11 root sshd[15209]: Failed password for root from 198.199.64.78 port 49334 ssh2 Aug 5 01:11:43 root sshd[17040]: Failed password for root
2020-08-04 13:45	attacks	Brute-ForceSSH		AbuseIPDB	Aug 5 00:43:50 buvik sshd[27906]: Failed password for root from 198.199.64.78 port 35316 ssh2 Aug 5 00:45:12 buvik sshd[28175]: pam_unix(sshd:auth): a
2020-08-04 13:17	attacks	Brute-ForceSSH		AbuseIPDB	Aug 5 00:16:24 buvik sshd[23900]: Failed password for root from 198.199.64.78 port 59350 ssh2 Aug 5 00:17:43 buvik sshd[24114]: pam_unix(sshd:auth): a
2020-08-04 12:50	attacks	Brute-ForceSSH		AbuseIPDB	Aug 4 23:49:21 buvik sshd[26539]: Failed password for root from 198.199.64.78 port 55154 ssh2 Aug 4 23:50:38 buvik sshd[26868]: pam_unix(sshd:auth): a
2020-08-04 12:23	attacks	Brute-ForceSSH		AbuseIPDB	Aug 4 23:22:23 buvik sshd[22720]: Failed password for root from 198.199.64.78 port 53530 ssh2 Aug 4 23:23:45 buvik sshd[22904]: pam_unix(sshd:auth): a
2020-08-04 11:57	attacks	Brute-ForceSSH		AbuseIPDB	Aug 4 22:53:35 vps639187 sshd\[29948\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.199.64.78 user=
2020-08-04 11:20	attacks	Brute-ForceSSH		AbuseIPDB	Aug 4 22:16:54 vps639187 sshd\[29441\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.199.64.78 user=
2020-08-04 10:45	attacks	Brute-ForceSSH		AbuseIPDB	Aug 4 21:41:33 vps639187 sshd\[28890\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.199.64.78 user=
2020-08-04 10:09	attacks	Brute-ForceSSH		AbuseIPDB	Aug 4 21:05:50 vps639187 sshd\[28360\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.199.64.78 user=
2020-08-04 09:34	attacks	Brute-ForceSSH		AbuseIPDB	Aug 4 20:30:16 vps639187 sshd\[27888\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.199.64.78 user=
2020-08-04 06:41	attacks	Brute-ForceSSH		AbuseIPDB	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-08-04T15:33:47Z and 2020-08-04T15:41:36Z
2020-08-04 06:39	attacks	Brute-ForceSSH		AbuseIPDB	Aug 4 17:36:00 hidden sshd[21415]: Failed password for hidden from 198.199.64.78 port 39628 ssh2 Aug 4 17:39:45 hidden sshd[22023]: pam_unix(ssh
2020-08-04 06:30	attacks	SSH		AbuseIPDB	Aug 4 17:24:25 xeon sshd[62169]: Failed password for root from 198.199.64.78 port 42470 ssh2
2020-08-04 06:26	attacks	Brute-ForceSSH		AbuseIPDB	SSH bruteforce
2020-08-04 03:39	attacks	Brute-ForceSSH		AbuseIPDB	fail2ban -- 198.199.64.78
2020-08-04 03:25	attacks	Port Scan		AbuseIPDB	Port Scan detected from 198.199.64.78 (US/United States/New Jersey/North Bergen/-). 4 hits in the last 190 seconds
2020-08-04 00:47	abuse	Web SpamBrute-ForceSSH		AbuseIPDB	Unauthorised connection attempt detected at AUO NODE 4. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)
2020-08-03 21:34	attacks	Brute-ForceSSH		AbuseIPDB	Failed password for root from 198.199.64.78 port 34368 ssh2
2020-08-03 18:16	attacks	Brute-ForceSSH		AbuseIPDB	Aug 4 13:16:47 localhost sshd[4077851]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.199.64.78 user=roo
2020-08-03 16:21	attacks	Brute-ForceSSH		AbuseIPDB	Aug 4 03:21:07 rancher-0 sshd[754545]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.199.64.78 user=root
2020-08-03 15:30	attacks	Brute-ForceSSH		AbuseIPDB	Aug 4 00:23:20 vlre-nyc-1 sshd\[7695\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.199.64.78 user=
2020-08-03 15:17	attacks	Brute-ForceSSH		AbuseIPDB	Aug 4 02:17:51 rancher-0 sshd[753122]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.199.64.78 user=root
2020-08-03 15:11	attacks	Brute-ForceSSH		AbuseIPDB	SSH brutforce
2020-08-03 14:40	attacks	Brute-ForceSSH		AbuseIPDB
2020-08-03 13:51	attacks	Brute-ForceSSH		AbuseIPDB	Aug 3 22:51:26 scw-6657dc sshd[31272]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.199.64.78 user=root
2020-08-03 12:44	attacks	Brute-ForceSSH		AbuseIPDB	Aug 3 21:44:37 scw-6657dc sshd[28961]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.199.64.78 user=root
2020-08-03 11:43	attacks	Brute-ForceSSH		AbuseIPDB	(sshd) Failed SSH login from 198.199.64.78 (US/United States/-): 5 in the last 3600 secs
2020-08-03 11:39	attacks	Brute-ForceSSH		AbuseIPDB	Aug 3 20:39:08 scw-6657dc sshd[26812]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.199.64.78 user=root
2020-08-03 05:23	attacks	Brute-ForceSSH		AbuseIPDB	Aug 3 14:23:11 *** sshd[8101]: User root from 198.199.64.78 not allowed because not listed in AllowUsers
2020-08-02 11:11	attacks	Brute-ForceSSH		AbuseIPDB	Aug 2 20:03:58 rush sshd[5519]: Failed password for root from 198.199.64.78 port 57006 ssh2 Aug 2 20:07:34 rush sshd[5687]: Failed password for root f
2020-08-02 10:53	attacks	Brute-ForceSSH		AbuseIPDB	Aug 2 19:45:53 rush sshd[4692]: Failed password for root from 198.199.64.78 port 34848 ssh2 Aug 2 19:49:28 rush sshd[4807]: Failed password for root f
2020-08-02 10:35	attacks	Brute-ForceSSH		AbuseIPDB	Aug 2 19:27:42 rush sshd[4033]: Failed password for root from 198.199.64.78 port 40924 ssh2 Aug 2 19:31:23 rush sshd[4163]: Failed password for root f
2020-08-02 10:17	attacks	Brute-ForceSSH		AbuseIPDB	Aug 2 19:09:59 rush sshd[3452]: Failed password for root from 198.199.64.78 port 46998 ssh2 Aug 2 19:13:30 rush sshd[3562]: Failed password for root f
2020-08-02 09:59	attacks	Brute-ForceSSH		AbuseIPDB	Aug 2 18:52:20 rush sshd[2835]: Failed password for root from 198.199.64.78 port 53072 ssh2 Aug 2 18:55:58 rush sshd[2963]: Failed password for root f
2020-08-02 09:41	attacks	Brute-ForceSSH		AbuseIPDB	Aug 2 18:34:37 rush sshd[2343]: Failed password for root from 198.199.64.78 port 59148 ssh2 Aug 2 18:38:14 rush sshd[2444]: Failed password for root f
2020-08-02 09:33	attacks	Brute-ForceSSH		AbuseIPDB
2020-08-02 09:23	attacks	Brute-ForceSSH		AbuseIPDB	Aug 2 18:16:48 rush sshd[1701]: Failed password for root from 198.199.64.78 port 36990 ssh2 Aug 2 18:20:17 rush sshd[1860]: Failed password for root f
2020-08-02 09:06	attacks	Brute-ForceSSH		AbuseIPDB	Aug 2 17:58:59 rush sshd[1163]: Failed password for root from 198.199.64.78 port 43064 ssh2 Aug 2 18:02:35 rush sshd[1260]: Failed password for root f
2020-08-02 08:48	attacks	Brute-ForceSSH		AbuseIPDB	Aug 2 17:40:54 rush sshd[594]: Failed password for root from 198.199.64.78 port 49138 ssh2 Aug 2 17:44:30 rush sshd[689]: Failed password for root fro
2020-08-02 08:27	attacks	Brute-ForceSSH		AbuseIPDB	Aug 2 10:27:30 propaganda sshd[60532]: Connection from 198.199.64.78 port 35654 on 10.0.0.160 port 22 rdomain "" Aug 2 10:27:30 propaganda s
2020-08-02 05:42	attacks	Brute-ForceSSH		AbuseIPDB	Aug 2 17:42:17 hosting sshd[2365]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.199.64.78 user=root Aug
2020-08-02 05:32	attacks	Brute-ForceSSH		AbuseIPDB	"fail2ban match"
2020-08-02 05:32	attacks	Brute-ForceSSH		AbuseIPDB	2020-08-02T10:31:58.617155mail.thespaminator.com sshd[32368]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=
2020-08-02 04:26	attacks	Brute-ForceSSH		AbuseIPDB	Aug 2 16:26:37 hosting sshd[28237]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.199.64.78 user=root Au
2020-08-02 03:49	attacks	Brute-ForceSSH		AbuseIPDB	Aug 2 15:45:21 hosting sshd[23997]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.199.64.78 user=root Au
2020-08-02 03:33	attacks	Brute-ForceSSH		AbuseIPDB	Aug 2 15:24:55 hosting sshd[19521]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.199.64.78 user=root Au
2020-08-02 01:52	attacks	Brute-ForceSSH		AbuseIPDB	Aug 2 00:50:07 web9 sshd\[6203\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.199.64.78 user=root A
2020-08-02 01:25	attacks	Brute-ForceSSH		AbuseIPDB	Aug 2 00:22:27 web9 sshd\[2419\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.199.64.78 user=root A
2020-08-02 00:59	attacks	Brute-ForceSSH		AbuseIPDB	Aug 2 11:52:23 v22019038103785759 sshd\[31472\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.199.64
2020-08-02 00:57	attacks	Brute-ForceSSH		AbuseIPDB	Aug 1 23:54:34 web9 sshd\[30984\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.199.64.78 user=root
2020-07-12 15:21	attacks	FTP Brute-ForceHacking		AbuseIPDB	Lines containing failures of 198.199.64.78 Jul 13 02:09:06 shared10 sshd[20169]: Invalid user myuser from 198.199.64.78 port 54842 Jul 13 02:09:06 sha
2020-07-12 15:27	attacks	Brute-ForceSSH		AbuseIPDB
2020-07-12 15:27	attacks	Brute-ForceSSH		AbuseIPDB	Automatic report BANNED IP
2020-07-12 15:33	attacks	Brute-ForceSSH		AbuseIPDB	Multiple SSH authentication failures from 198.199.64.78
2020-07-12 15:40	attacks	Brute-ForceSSH		AbuseIPDB	20 attempts against mh-ssh on fire
2020-07-12 16:00	attacks	HackingBrute-ForceSSH		AbuseIPDB	Jul 13 00:15:10 XXX sshd[62638]: Invalid user myuser from 198.199.64.78 port 34600
2020-07-19 05:38	attacks	Brute-ForceSSH		AbuseIPDB	IP blocked
2020-07-19 08:25	attacks	Brute-ForceSSH		AbuseIPDB	Failed password for invalid user openerp from 198.199.64.78 port 50650 ssh2
2020-07-19 14:57	attacks	Brute-Force		AbuseIPDB	$f2bV_matches
2020-07-30 18:25	attacks	Port Scan		AbuseIPDB	Port Scan detected from 198.199.64.78 (US/United States/New Jersey/North Bergen/-). 4 hits in the last 100 seconds
2020-07-31 15:56	attacks		bi_any_0_1d	BadIPs.com
2020-07-31 15:56	attacks	SSH	bi_sshd_0_1d	BadIPs.com
2020-07-31 15:57	attacks	SSH	bi_ssh_0_1d	BadIPs.com
2020-07-31 15:57	attacks		blocklist_de	Blocklist.de
2020-07-31 15:57	attacks	SSH	blocklist_de_ssh	Blocklist.de
2020-07-31 15:58	abuse	Email Spam	blocklist_net_ua	blocklist.net.ua
2020-07-31 15:59	attacks		darklist_de	darklist.de
2020-07-31 16:01	attacks		firehol_level2	FireHOL
2020-07-31 16:03	attacks		firehol_level4	FireHOL
2020-07-31 16:24	attacks	Fraud VoIP	voipbl	VoIPBL.org
2020-08-01 14:55	attacks	Bad Web Bot	bi_badbots_0_1d	BadIPs.com
2020-08-01 14:55	attacks	Brute-Force	bi_bruteforce_0_1d	BadIPs.com
2020-08-01 15:06	attacks		greensnow	GreenSnow.co
2020-08-02 14:00	attacks	SSH	bi_ssh-ddos_0_1d	BadIPs.com
2020-08-03 12:52	attacks	Fraud VoIP	blocklist_de_sip	Blocklist.de
2020-08-03 13:04	attacks	SSH	haley_ssh	Charles Haley
2020-08-04 12:00	attacks		bi_username-notfound_0_1d	BadIPs.com
2019-03-29 18:23	organizations		datacenters

only last 50 and first 10 AbuseIPDB logs are shown

Threats Categories :

abuse

IPs used to spam forum, boards, blogs or smtp servers, automated web scripts or scrappers (bad bots)

anonymizer

Onion Router IP addresses. TOR network IPs, TOR exit points, socks or ssl proxy.

attacks

bruteforce ssh/ftp/system account, IPs that have been detected by fail2ban, ports scan, vulnerabilities scan, DDoS.

malware

Addresses that have been identified distributing malware, form-grabber and stealer, Viruses, Worms, Trojans, Ransomware, Adware, Spyware

Whois

NetRange: 198.199.64.0 - 198.199.127.255
CIDR: 198.199.64.0/18
NetName: DIGITALOCEAN-5
NetHandle: NET-198-199-64-0-1
Parent: NET198 (NET-198-0-0-0-0)
NetType: Direct Allocation
OriginAS: AS14061
Organization: DigitalOcean, LLC (DO-13)
RegDate: 2013-03-27
Updated: 2013-03-27
Comment: Simple Cloud Hosting
Ref: https://rdap.arin.net/registry/ip/ 198.199.64.0

OrgName: DigitalOcean, LLC
OrgId: DO-13
Address: 101 Ave of the Americas
Address: 10th Floor
City: New York
StateProv: NY
PostalCode: 10013
Country: US
RegDate: 2012-05-14
Updated: 2019-02-04
Comment: http://www.digitalocean.com
Comment: Simple Cloud Hosting
Ref: https://rdap.arin.net/registry/entity/DO-13

OrgNOCHandle: NOC32014-ARIN
OrgNOCName: Network Operations Center
OrgNOCPhone: +1-347-875-6044
OrgNOCEmail: noc@digitalocean.com
OrgNOCRef: https://rdap.arin.net/registry/entity/NOC32014-ARIN

OrgTechHandle: NOC32014-ARIN
OrgTechName: Network Operations Center
OrgTechPhone: +1-347-875-6044
OrgTechEmail: noc@digitalocean.com
OrgTechRef: https://rdap.arin.net/registry/entity/NOC32014-ARIN

OrgAbuseHandle: ABUSE5232-ARIN
OrgAbuseName: Abuse, DigitalOcean
OrgAbusePhone: +1-347-875-6044
OrgAbuseEmail: abuse@digitalocean.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE5232-ARIN

most specific ip range is highlighted

Updated : 2020-07-31