104.238.220.75

Basic Info

City: Los Angeles

Region: California

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.238.220.127	attackbots	14.04.2020 05:10:53 SSH access blocked by firewall	2020-04-14 13:17:47
104.238.220.49	attackspambots	104.238.220.49 was recorded 6 times by 5 hosts attempting to connect to the following ports: 5060. Incident counter (4h, 24h, all-time): 6, 16, 184	2020-04-10 09:21:11
104.238.220.49	attackspam	IP was detected trying to Brute-Force SSH, FTP, Web Apps, Port-Scan or Hacking.	2020-04-06 00:19:40
104.238.220.208	attackbotsspam	[2020-03-03 08:11:41] NOTICE[1148] chan_sip.c: Registration from 'xxxxxtestxxxx ' failed for '104.238.220.208:5063' - Wrong password [2020-03-03 08:11:41] SECURITY[1163] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-03-03T08:11:41.769-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="xxxxxtestxxxx",SessionID="0x7fd82c3ec3d8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/104.238.220.208/5063",Challenge="325a9e9a",ReceivedChallenge="325a9e9a",ReceivedHash="75ec6caeeed2e277308132bf690d2f92" [2020-03-03 08:11:42] NOTICE[1148] chan_sip.c: Registration from 'dennis ' failed for '104.238.220.208:5063' - Wrong password [2020-03-03 08:11:42] SECURITY[1163] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-03-03T08:11:42.650-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="dennis",SessionID="0x7fd82c3faf98",LocalAddress="IPV4/UDP/192.168.244 ...	2020-03-03 21:22:10
104.238.220.208	attackspambots	Automatic report - Port Scan Attack	2020-03-03 09:57:43
104.238.220.208	attackspam	[2020-03-01 14:22:31] NOTICE[1148] chan_sip.c: Registration from 'xxxxxtestxxxx ' failed for '104.238.220.208:5066' - Wrong password [2020-03-01 14:22:31] SECURITY[1163] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-03-01T14:22:31.612-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="xxxxxtestxxxx",SessionID="0x7fd82c4d9f48",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/104.238.220.208/5066",Challenge="271b6473",ReceivedChallenge="271b6473",ReceivedHash="8dc47e78696780cd70769921119f7838" [2020-03-01 14:22:31] NOTICE[1148] chan_sip.c: Registration from '9996 ' failed for '104.238.220.208:5066' - Wrong password [2020-03-01 14:22:31] SECURITY[1163] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-03-01T14:22:31.960-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="9996",SessionID="0x7fd82c538db8",LocalAddress="IPV4/UDP/192.168.244.6/506 ...	2020-03-02 03:29:55
104.238.220.208	attackbots	104.238.220.208 was recorded 11 times by 2 hosts attempting to connect to the following ports: 5062,5063,5064,5066,5068,5069,5070,5067,5078,5061. Incident counter (4h, 24h, all-time): 11, 21, 38	2020-02-24 23:29:32
104.238.220.10	attackbots	Unauthorised access (Jul 28) SRC=104.238.220.10 LEN=40 TTL=243 ID=19539 TCP DPT=445 WINDOW=1024 SYN	2019-07-29 02:09:31
104.238.220.11	attack	Honeypot attack, port: 445, PTR: PTR record not found	2019-06-30 01:28:33

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.238.220.75
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38268
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.238.220.75.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025050301 1800 900 604800 86400

;; Query time: 13 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun May 04 11:30:18 CST 2025
;; MSG SIZE  rcvd: 107

Host info

Host 75.220.238.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 75.220.238.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
211.147.76.138	attack	$f2bV_matches	2020-02-27 02:27:05
162.243.131.219	attack	Connection to TCP 993	2020-02-27 01:55:52
211.159.241.77	attackspambots	Feb 26 14:03:43 server sshd\[14776\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.159.241.77 Feb 26 14:03:45 server sshd\[14776\]: Failed password for invalid user sirius from 211.159.241.77 port 32824 ssh2 Feb 26 20:13:32 server sshd\[14196\]: Invalid user gek from 211.159.241.77 Feb 26 20:13:32 server sshd\[14196\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.159.241.77 Feb 26 20:13:34 server sshd\[14196\]: Failed password for invalid user gek from 211.159.241.77 port 47530 ssh2 ...	2020-02-27 02:19:58
222.186.42.155	attackbots	2020-02-26T19:21:16.107780scmdmz1 sshd[5205]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.155 user=root 2020-02-26T19:21:17.886095scmdmz1 sshd[5205]: Failed password for root from 222.186.42.155 port 18455 ssh2 2020-02-26T19:21:20.532898scmdmz1 sshd[5205]: Failed password for root from 222.186.42.155 port 18455 ssh2 2020-02-26T19:21:16.107780scmdmz1 sshd[5205]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.155 user=root 2020-02-26T19:21:17.886095scmdmz1 sshd[5205]: Failed password for root from 222.186.42.155 port 18455 ssh2 2020-02-26T19:21:20.532898scmdmz1 sshd[5205]: Failed password for root from 222.186.42.155 port 18455 ssh2 2020-02-26T19:21:20.188242scmdmz1 sshd[5207]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.155 user=root 2020-02-26T19:21:22.849672scmdmz1 sshd[5207]: Failed password for root from 222.186.42.155 port 54002 ssh2 ...	2020-02-27 02:22:08
112.85.42.173	attackspam	Feb 26 19:21:40 sso sshd[22080]: Failed password for root from 112.85.42.173 port 14584 ssh2 Feb 26 19:21:44 sso sshd[22080]: Failed password for root from 112.85.42.173 port 14584 ssh2 ...	2020-02-27 02:28:25
162.243.134.233	attackbotsspam	5093/udp 636/tcp 27019/tcp... [2020-02-14/25]13pkt,11pt.(tcp),2pt.(udp)	2020-02-27 01:50:33
80.82.64.219	attackbotsspam	ET CINS Active Threat Intelligence Poor Reputation IP group 69 - port: 3389 proto: TCP cat: Misc Attack	2020-02-27 02:01:09
180.191.110.155	attackbots	1582724149 - 02/26/2020 14:35:49 Host: 180.191.110.155/180.191.110.155 Port: 445 TCP Blocked	2020-02-27 02:29:56
211.194.190.87	attackspam	$f2bV_matches	2020-02-27 02:14:53
211.159.187.191	attackbots	$f2bV_matches	2020-02-27 02:21:02
85.192.131.149	attack	1582724167 - 02/26/2020 14:36:07 Host: 85.192.131.149/85.192.131.149 Port: 445 TCP Blocked	2020-02-27 02:12:25
51.15.87.74	attackbots	Feb 26 19:18:49 ns381471 sshd[29785]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.15.87.74 Feb 26 19:18:51 ns381471 sshd[29785]: Failed password for invalid user pi from 51.15.87.74 port 33106 ssh2	2020-02-27 02:28:44
148.66.133.91	attackspambots	Feb 26 18:57:21 serwer sshd\[29450\]: Invalid user VM from 148.66.133.91 port 50970 Feb 26 18:57:21 serwer sshd\[29450\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.66.133.91 Feb 26 18:57:23 serwer sshd\[29450\]: Failed password for invalid user VM from 148.66.133.91 port 50970 ssh2 ...	2020-02-27 02:06:32
211.159.175.1	attackbotsspam	$f2bV_matches	2020-02-27 02:22:33
140.143.61.200	attack	Feb 26 18:54:00 MK-Soft-Root1 sshd[24598]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.61.200 Feb 26 18:54:02 MK-Soft-Root1 sshd[24598]: Failed password for invalid user michael from 140.143.61.200 port 49826 ssh2 ...	2020-02-27 02:10:13

Recently Reported IPs

170.161.39.221	43.135.130.202	20.169.104.246	138.68.90.94
172.236.228.220	20.150.199.91	166.88.100.17	35.203.211.181
211.59.174.163	65.49.1.98	146.70.200.5	221.154.116.208
104.155.171.213	14.155.204.192	192.168.2.219	205.210.31.210
172.236.228.111	190.96.156.170	34.116.137.200	205.169.39.41