104.140.148.78

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.140.148.58	attackspam	firewall-block, port(s): 161/udp	2019-09-21 04:37:23
104.140.148.58	attack	Sep 11 14:57:21 localhost kernel: [1966058.443067] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=104.140.148.58 DST=[mungedIP2] LEN=44 TOS=0x00 PREC=0x00 TTL=245 ID=2495 PROTO=TCP SPT=65325 DPT=987 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 11 14:57:21 localhost kernel: [1966058.443093] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=104.140.148.58 DST=[mungedIP2] LEN=44 TOS=0x00 PREC=0x00 TTL=245 ID=2495 PROTO=TCP SPT=65325 DPT=987 SEQ=3815533082 ACK=0 WINDOW=1024 RES=0x00 SYN URGP=0 OPT (020405B4) Sep 11 14:59:52 localhost kernel: [1966209.518449] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=104.140.148.58 DST=[mungedIP2] LEN=44 TOS=0x00 PREC=0x00 TTL=245 ID=43417 PROTO=TCP SPT=64300 DPT=5910 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 11 14:59:52 localhost kernel: [1966209.518469] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=104.140.148.58 DST=[mungedIP2] LEN=4	2019-09-12 03:13:24
104.140.148.58	attackspam	23.08.2019 20:09:25 Connection to port 21 blocked by firewall	2019-08-24 04:38:34
104.140.148.58	attackbotsspam	Automatic report - Port Scan Attack	2019-07-30 03:10:28
104.140.148.58	attackbots	8444/tcp 21/tcp 5900/tcp... [2019-06-13/07-24]35pkt,13pt.(tcp),1pt.(udp)	2019-07-26 11:47:12
104.140.148.58	attackbotsspam	" "	2019-07-25 06:38:18
104.140.148.58	attackspambots	22.07.2019 18:53:41 Connection to port 3306 blocked by firewall	2019-07-23 05:55:25
104.140.148.58	attackbots	RDP brute force attack detected by fail2ban	2019-07-18 14:04:36

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.140.148.78
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 12355
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.140.148.78.			IN	A

;; AUTHORITY SECTION:
.			59	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2023032200 1800 900 604800 86400

;; Query time: 27 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Mar 22 22:41:09 CST 2023
;; MSG SIZE  rcvd: 107

Host info

Host 78.148.140.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 78.148.140.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
201.251.91.118	attack	Brute force attempt	2020-01-08 01:44:06
174.138.44.201	attackspam	174.138.44.201 - - [07/Jan/2020:17:57:53 +0100] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 174.138.44.201 - - [07/Jan/2020:17:57:56 +0100] "POST /wp-login.php HTTP/1.1" 200 2298 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 174.138.44.201 - - [07/Jan/2020:17:57:58 +0100] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 174.138.44.201 - - [07/Jan/2020:17:58:00 +0100] "POST /wp-login.php HTTP/1.1" 200 2272 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 174.138.44.201 - - [07/Jan/2020:17:58:01 +0100] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 174.138.44.201 - - [07/Jan/2020:17:58:03 +0100] "POST /wp-login.php HTTP/1.1" 200 2273 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-01-08 01:33:10
36.67.81.41	attackbotsspam	Unauthorized connection attempt detected from IP address 36.67.81.41 to port 2220 [J]	2020-01-08 01:48:25
122.228.19.80	attack	Honeypot hit.	2020-01-08 02:05:21
180.215.209.212	attackbots	Jan 7 16:34:10 [host] sshd[22854]: Invalid user password123 from 180.215.209.212 Jan 7 16:34:10 [host] sshd[22854]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.215.209.212 Jan 7 16:34:12 [host] sshd[22854]: Failed password for invalid user password123 from 180.215.209.212 port 58716 ssh2	2020-01-08 02:04:28
218.29.231.106	attackbotsspam	01/07/2020-07:59:51.195517 218.29.231.106 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2020-01-08 01:40:32
52.34.195.239	attackbots	01/07/2020-18:29:06.802362 52.34.195.239 Protocol: 6 SURICATA TLS invalid record/traffic	2020-01-08 01:43:34
51.38.186.207	attackbotsspam	Unauthorized connection attempt detected from IP address 51.38.186.207 to port 2220 [J]	2020-01-08 01:46:07
183.88.239.136	attackbotsspam	Automatic report - XMLRPC Attack	2020-01-08 01:47:22
139.59.78.236	attack	Jan 7 07:31:35 wbs sshd\[5604\]: Invalid user ftp_test from 139.59.78.236 Jan 7 07:31:35 wbs sshd\[5604\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.78.236 Jan 7 07:31:37 wbs sshd\[5604\]: Failed password for invalid user ftp_test from 139.59.78.236 port 53184 ssh2 Jan 7 07:33:42 wbs sshd\[5803\]: Invalid user amber from 139.59.78.236 Jan 7 07:33:42 wbs sshd\[5803\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.78.236	2020-01-08 02:00:06
31.173.112.6	attackspambots	1578401958 - 01/07/2020 13:59:18 Host: 31.173.112.6/31.173.112.6 Port: 445 TCP Blocked	2020-01-08 01:57:33
150.95.212.72	attack	Unauthorized connection attempt detected from IP address 150.95.212.72 to port 2220 [J]	2020-01-08 01:33:45
49.234.179.127	attackspambots	Unauthorized connection attempt detected from IP address 49.234.179.127 to port 2220 [J]	2020-01-08 02:07:33
123.241.112.94	attackspam	20/1/7@07:58:59: FAIL: Alarm-Telnet address from=123.241.112.94 ...	2020-01-08 02:08:22
192.99.47.10	attackspam	WordPress wp-login brute force :: 192.99.47.10 0.112 - [07/Jan/2020:17:05:37 0000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 1806 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "HTTP/1.1"	2020-01-08 01:29:35

Recently Reported IPs

44.242.179.137	241.17.47.209	21.98.95.54	84.44.106.7
185.236.42.211	155.96.227.58	22.15.30.51	134.134.154.149
90.9.148.237	179.26.2.46	57.33.41.161	39.13.35.229
253.10.244.239	120.177.253.148	180.36.116.135	102.184.200.151
218.27.249.252	41.80.136.201	83.131.80.36	163.106.178.136