104.140.242.210

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.140.242.35	attack	ET SCAN Sipvicious User-Agent Detected (friendly-scanner) - port: 5060 proto: UDP cat: Attempted Information Leak	2020-05-03 06:40:56
104.140.242.35	attackbotsspam	Lines containing failures of 104.140.242.35 Apr 4 09:56:11 shared02 sshd[13282]: Did not receive identification string from 104.140.242.35 port 60238 Apr 4 09:56:19 shared02 sshd[13290]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.140.242.35 user=r.r Apr 4 09:56:21 shared02 sshd[13290]: Failed password for r.r from 104.140.242.35 port 53796 ssh2 Apr 4 09:56:21 shared02 sshd[13290]: Received disconnect from 104.140.242.35 port 53796:11: Normal Shutdown, Thank you for playing [preauth] Apr 4 09:56:21 shared02 sshd[13290]: Disconnected from authenticating user r.r 104.140.242.35 port 53796 [preauth] Apr 4 09:56:24 shared02 sshd[13309]: Invalid user oracle from 104.140.242.35 port 38016 Apr 4 09:56:24 shared02 sshd[13309]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.140.242.35 Apr 4 09:56:26 shared02 sshd[13309]: Failed password for invalid user oracle from 104.140.242.35........ ------------------------------	2020-04-05 04:15:25
104.140.242.188	attackspam	Chat Spam	2019-12-27 02:50:49
104.140.242.38	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2019-12-10 06:17:16
104.140.242.38	attackbotsspam	DATE:2019-12-09 07:32:18, IP:104.140.242.38, PORT:telnet - Telnet brute force auth on a honeypot server (epe-dc)	2019-12-09 15:05:58

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.140.242.210
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26766
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.140.242.210.		IN	A

;; AUTHORITY SECTION:
.			51	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2021122501 1800 900 604800 86400

;; Query time: 19 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Dec 26 07:44:03 CST 2021
;; MSG SIZE  rcvd: 108

Host info

Host 210.242.140.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 210.242.140.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
103.145.12.227	attackspambots	[2020-09-20 01:54:12] NOTICE[1239][C-0000581f] chan_sip.c: Call from '' (103.145.12.227:63639) to extension '01146812410910' rejected because extension not found in context 'public'. [2020-09-20 01:54:12] SECURITY[1264] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-09-20T01:54:12.827-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="01146812410910",SessionID="0x7f4d48423e18",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/103.145.12.227/63639",ACLName="no_extension_match" [2020-09-20 01:55:49] NOTICE[1239][C-00005821] chan_sip.c: Call from '' (103.145.12.227:55335) to extension '901146812410910' rejected because extension not found in context 'public'. ...	2020-09-20 14:15:55
54.37.82.150	attack	54.37.82.150 - - [20/Sep/2020:06:29:55 +0100] "POST /wp-login.php HTTP/1.1" 200 2340 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 54.37.82.150 - - [20/Sep/2020:06:29:56 +0100] "POST /wp-login.php HTTP/1.1" 200 2319 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 54.37.82.150 - - [20/Sep/2020:06:29:56 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-20 13:55:44
117.50.99.197	attackbots	Sep 20 06:26:43 xeon sshd[37491]: Failed password for root from 117.50.99.197 port 45528 ssh2	2020-09-20 14:00:04
195.254.135.76	attack	2020-09-20T07:08[Censored Hostname] sshd[23098]: Failed password for root from 195.254.135.76 port 43089 ssh2 2020-09-20T07:08[Censored Hostname] sshd[23098]: Failed password for root from 195.254.135.76 port 43089 ssh2 2020-09-20T07:09[Censored Hostname] sshd[23098]: Failed password for root from 195.254.135.76 port 43089 ssh2[...]	2020-09-20 14:06:41
52.203.153.231	attackspambots	52.203.153.231 - - [20/Sep/2020:05:41:08 +0200] "GET /wp-login.php HTTP/1.1" 200 8796 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 52.203.153.231 - - [20/Sep/2020:05:41:09 +0200] "POST /wp-login.php HTTP/1.1" 200 9047 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 52.203.153.231 - - [20/Sep/2020:05:41:11 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-20 13:50:12
78.87.164.125	attackspambots	Telnet Server BruteForce Attack	2020-09-20 13:42:42
222.186.30.35	attack	(sshd) Failed SSH login from 222.186.30.35 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 20 01:50:29 optimus sshd[30138]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.35 user=root Sep 20 01:50:29 optimus sshd[30141]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.35 user=root Sep 20 01:50:30 optimus sshd[30145]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.35 user=root Sep 20 01:50:30 optimus sshd[30143]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.35 user=root Sep 20 01:50:30 optimus sshd[30138]: Failed password for root from 222.186.30.35 port 32982 ssh2	2020-09-20 14:02:27
134.209.179.18	attackspam	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-09-20 14:06:16
113.142.58.155	attackbotsspam	SSH login attempts brute force.	2020-09-20 14:04:34
52.23.244.89	attack	cloud+mapping+experiment.+contact+research@pdrlabs.net	2020-09-20 13:43:13
177.207.251.18	attackspam	Invalid user user from 177.207.251.18 port 12568	2020-09-20 14:16:15
112.85.42.185	attack	Sep 20 08:42:38 ift sshd\[38920\]: Failed password for root from 112.85.42.185 port 27581 ssh2Sep 20 08:43:28 ift sshd\[39138\]: Failed password for root from 112.85.42.185 port 60084 ssh2Sep 20 08:44:36 ift sshd\[39310\]: Failed password for root from 112.85.42.185 port 20241 ssh2Sep 20 08:44:38 ift sshd\[39310\]: Failed password for root from 112.85.42.185 port 20241 ssh2Sep 20 08:44:41 ift sshd\[39310\]: Failed password for root from 112.85.42.185 port 20241 ssh2 ...	2020-09-20 13:55:30
208.185.224.2	attack	Found on CINS badguys / proto=6 . srcport=46388 . dstport=1433 . (4291)	2020-09-20 13:50:27
202.175.46.170	attack	Sep 20 07:46:45 eventyay sshd[10004]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.175.46.170 Sep 20 07:46:48 eventyay sshd[10004]: Failed password for invalid user csgoserver from 202.175.46.170 port 58030 ssh2 Sep 20 07:50:31 eventyay sshd[10056]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.175.46.170 ...	2020-09-20 14:18:41
211.80.102.182	attack	Invalid user frankie from 211.80.102.182 port 1646	2020-09-20 14:11:52

Recently Reported IPs

167.23.21.190	72.19.12.67	119.56.156.123	183.127.180.235
200.72.133.204	67.176.142.252	164.52.195.161	92.184.64.35
211.49.28.255	48.37.213.164	162.210.38.73	223.45.4.255
59.75.64.119	210.116.190.233	176.141.102.62	255.5.236.159
153.253.232.200	202.104.151.194	10.7.234.250	232.139.156.201