104.196.12.242

Basic Info

City: unknown

Region: unknown

Country: None

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.196.127.133	attack	Wordpress attack	2020-03-22 20:31:57

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.196.12.242
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 14804
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.196.12.242.			IN	A

;; AUTHORITY SECTION:
.			253	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022500 1800 900 604800 86400

;; Query time: 60 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 25 19:47:18 CST 2022
;; MSG SIZE  rcvd: 107

Host info

242.12.196.104.in-addr.arpa domain name pointer 242.12.196.104.bc.googleusercontent.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
242.12.196.104.in-addr.arpa	name = 242.12.196.104.bc.googleusercontent.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
185.153.199.146	attack	Port-scan: detected 442 distinct ports within a 24-hour window.	2020-09-03 20:02:13
217.218.222.34	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-09-03 20:10:56
190.114.246.149	attack	TCP (SYN) 190.114.246.149:54270 -> port 445, len 52	2020-09-03 19:55:09
91.200.224.169	attack	TCP (SYN) 91.200.224.169:13466 -> port 7547, len 40	2020-09-03 20:05:34
182.50.29.236	attack	Port Scan ...	2020-09-03 20:03:07
49.236.192.13	attackbots	TCP (SYN) 49.236.192.13:49717 -> port 445, len 40	2020-09-03 20:08:20
14.178.35.83	attackbots	TCP (SYN) 14.178.35.83:50751 -> port 445, len 52	2020-09-03 20:09:27
168.195.244.22	attackbotsspam	1599065375 - 09/02/2020 18:49:35 Host: 168.195.244.22/168.195.244.22 Port: 445 TCP Blocked	2020-09-03 20:36:50
142.4.213.28	attackbots	142.4.213.28 - - [03/Sep/2020:12:20:42 +0000] "POST /wp-login.php HTTP/1.1" 200 2077 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 142.4.213.28 - - [03/Sep/2020:12:20:44 +0000] "POST /wp-login.php HTTP/1.1" 200 2055 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 142.4.213.28 - - [03/Sep/2020:12:20:46 +0000] "POST /wp-login.php HTTP/1.1" 200 2052 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 142.4.213.28 - - [03/Sep/2020:12:20:49 +0000] "POST /wp-login.php HTTP/1.1" 200 2052 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-" 142.4.213.28 - - [03/Sep/2020:12:20:50 +0000] "POST /xmlrpc.php HTTP/1.1" 200 236 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "-"	2020-09-03 20:35:15
103.206.121.103	attack	ASP vulnerability scan - POST /FCKeditor/editor/filemanager/connectors/asp/connector.asp?Command=FileUpload&Type=File&CurrentFolder=%2F; GET /index.php?m=member&c=index&a=register&siteid=1; POST /admin_aspcms/_system/AspCms_SiteSetting.asp; GET /plus/moon.php; POST /plus/90sec.php; POST /utility/convert/index.php?a=config&source=d7.2_x2.0; POST /utility/convert/data/config.inc.php; GET /uploads/dede/sys_verifies.php?action=getfiles&refiles%5B0%5D=123&refiles%5B1%5D=%5C%22;eval$_POST%5Bysy%5D;die;//; POST /uploads/dede/sys_verifies.php?action=down; POST /index.php/api/Uploadify/preview; GET /user.php?act=login; POST /fdgq.php; POST /ufcwd.php; GET /user.php?act=login; POST /ysyqq.php; POST /zmkeq.php; GET /plus/mytag_js.php?dopost=saveedit&arrs1%5B%5D=99&arrs1%5B%5D=102&arrs1%5B%5D=103&arrs1%5B%5D=95&arrs1%5B%5D=100&arrs1%5B%5D=98&arrs1%5B%5D=112&arrs1%5B%5D=114&arrs1%5B%5D=101&arrs1%5B%5D=102&arrs1%5B%5D=105&arrs1%5B%5D=120&arrs2%5B%5D=109&arrs2%5B%5D=121&arrs2%5B%5D=116&arrs2%5B%5D=97&arrs2%5B%5D=103&arrs...	2020-09-03 20:28:33
194.87.139.159	attack	[portscan] tcp/23 [TELNET] *(RWIN=18198)(09031040)	2020-09-03 20:01:24
145.239.19.186	attack	Sep 3 11:55:22 l02a sshd[2886]: Invalid user riana from 145.239.19.186 Sep 3 11:55:22 l02a sshd[2886]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip186.ip-145-239-19.eu Sep 3 11:55:22 l02a sshd[2886]: Invalid user riana from 145.239.19.186 Sep 3 11:55:24 l02a sshd[2886]: Failed password for invalid user riana from 145.239.19.186 port 48286 ssh2	2020-09-03 20:14:46
123.194.80.69	attack	Unauthorised access (Sep 3) SRC=123.194.80.69 LEN=40 TOS=0x10 PREC=0x40 TTL=47 ID=14612 TCP DPT=8080 WINDOW=45292 SYN Unauthorised access (Sep 2) SRC=123.194.80.69 LEN=40 TOS=0x10 PREC=0x40 TTL=47 ID=49644 TCP DPT=8080 WINDOW=15242 SYN Unauthorised access (Sep 2) SRC=123.194.80.69 LEN=40 TOS=0x10 PREC=0x40 TTL=47 ID=203 TCP DPT=8080 WINDOW=14219 SYN Unauthorised access (Sep 2) SRC=123.194.80.69 LEN=40 TOS=0x10 PREC=0x40 TTL=47 ID=41640 TCP DPT=8080 WINDOW=53553 SYN Unauthorised access (Sep 1) SRC=123.194.80.69 LEN=40 TOS=0x10 PREC=0x40 TTL=47 ID=42356 TCP DPT=8080 WINDOW=54859 SYN Unauthorised access (Sep 1) SRC=123.194.80.69 LEN=40 TTL=51 ID=30241 TCP DPT=8080 WINDOW=33546 SYN Unauthorised access (Sep 1) SRC=123.194.80.69 LEN=40 TTL=48 ID=8772 TCP DPT=8080 WINDOW=31690 SYN	2020-09-03 20:19:39
186.121.247.170	attackspam	TCP (SYN) 186.121.247.170:48989 -> port 1433, len 44	2020-09-03 20:12:58
114.67.108.60	attackbots	$f2bV_matches	2020-09-03 20:30:07

Recently Reported IPs

101.109.215.107	104.196.126.104	104.196.122.204	104.196.130.21
104.196.130.56	104.196.133.201	104.196.124.185	104.196.135.23
104.196.123.46	104.196.134.110	104.196.107.36	104.196.139.14
101.109.215.108	104.196.150.119	104.196.120.103	104.196.138.30
104.196.153.156	104.196.156.114	104.196.151.255	104.196.157.208