104.42.75.167 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: Microsoft Corporation

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	2020-07-17 17:36:59.556023-0500 localhost sshd[46597]: Failed password for invalid user admin from 104.42.75.167 port 41369 ssh2	2020-07-18 06:57:25
attackspambots	Jul 16 20:56:12 lunarastro sshd[10536]: Failed password for root from 104.42.75.167 port 64148 ssh2 Jul 16 22:48:18 lunarastro sshd[13661]: Failed password for root from 104.42.75.167 port 44968 ssh2	2020-07-17 01:32:31
attackbots	2020-07-14T22:12:40.677885mail.thespaminator.com sshd[4924]: Invalid user admin from 104.42.75.167 port 59186 2020-07-14T22:12:40.680883mail.thespaminator.com sshd[4923]: Invalid user admin from 104.42.75.167 port 59187 ...	2020-07-15 10:29:42

Type

Details

Datetime

attack

2020-07-17 17:36:59.556023-0500  localhost sshd[46597]: Failed password for invalid user admin from 104.42.75.167 port 41369 ssh2

2020-07-18 06:57:25

attackspambots

Jul 16 20:56:12 lunarastro sshd[10536]: Failed password for root from 104.42.75.167 port 64148 ssh2
Jul 16 22:48:18 lunarastro sshd[13661]: Failed password for root from 104.42.75.167 port 44968 ssh2

2020-07-17 01:32:31

attackbots

2020-07-14T22:12:40.677885mail.thespaminator.com sshd[4924]: Invalid user admin from 104.42.75.167 port 59186
2020-07-14T22:12:40.680883mail.thespaminator.com sshd[4923]: Invalid user admin from 104.42.75.167 port 59187
...

2020-07-15 10:29:42

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.42.75.167
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 5888
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.42.75.167.			IN	A

;; AUTHORITY SECTION:
.			521	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020071402 1800 900 604800 86400

;; Query time: 37 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jul 15 10:29:38 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 167.75.42.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 167.75.42.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
54.242.159.116	attack	Unauthorized connection attempt detected from IP address 54.242.159.116 to port 22 [J]	2020-01-13 22:51:07
181.118.106.173	attackbots	Jan 13 03:02:03 hostnameis sshd[38918]: reveeclipse mapping checking getaddrinfo for 181.118.106-173.supercanal.com.ar [181.118.106.173] failed - POSSIBLE BREAK-IN ATTEMPT! Jan 13 03:02:03 hostnameis sshd[38918]: Invalid user admin9 from 181.118.106.173 Jan 13 03:02:03 hostnameis sshd[38918]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.118.106.173 Jan 13 03:02:05 hostnameis sshd[38918]: Failed password for invalid user admin9 from 181.118.106.173 port 44624 ssh2 Jan 13 03:02:05 hostnameis sshd[38918]: Received disconnect from 181.118.106.173: 11: Bye Bye [preauth] Jan 13 03:05:16 hostnameis sshd[39017]: reveeclipse mapping checking getaddrinfo for 181.118.106-173.supercanal.com.ar [181.118.106.173] failed - POSSIBLE BREAK-IN ATTEMPT! Jan 13 03:05:16 hostnameis sshd[39017]: Invalid user teamspeak from 181.118.106.173 Jan 13 03:05:16 hostnameis sshd[39017]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 t........ ------------------------------	2020-01-13 22:44:15
112.85.42.181	attackbotsspam	Jan 13 15:36:44 amit sshd\[30459\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.181 user=root Jan 13 15:36:46 amit sshd\[30459\]: Failed password for root from 112.85.42.181 port 19343 ssh2 Jan 13 15:37:06 amit sshd\[30461\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.181 user=root ...	2020-01-13 22:58:14
59.63.48.117	attack	Jan 13 07:58:49 cumulus sshd[29462]: Invalid user webadmin from 59.63.48.117 port 52310 Jan 13 07:58:49 cumulus sshd[29462]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.63.48.117 Jan 13 07:58:52 cumulus sshd[29462]: Failed password for invalid user webadmin from 59.63.48.117 port 52310 ssh2 Jan 13 07:58:52 cumulus sshd[29462]: Received disconnect from 59.63.48.117 port 52310:11: Bye Bye [preauth] Jan 13 07:58:52 cumulus sshd[29462]: Disconnected from 59.63.48.117 port 52310 [preauth] Jan 13 08:01:52 cumulus sshd[29575]: Invalid user bots from 59.63.48.117 port 42550 Jan 13 08:01:52 cumulus sshd[29575]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.63.48.117 Jan 13 08:01:54 cumulus sshd[29575]: Failed password for invalid user bots from 59.63.48.117 port 42550 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=59.63.48.117	2020-01-13 23:11:14
218.64.226.45	attack	1578920887 - 01/13/2020 14:08:07 Host: 218.64.226.45/218.64.226.45 Port: 445 TCP Blocked	2020-01-13 23:14:29
222.186.42.4	attackbotsspam	Jan 13 15:40:38 h2177944 sshd\[21639\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.4 user=root Jan 13 15:40:40 h2177944 sshd\[21639\]: Failed password for root from 222.186.42.4 port 64838 ssh2 Jan 13 15:40:43 h2177944 sshd\[21639\]: Failed password for root from 222.186.42.4 port 64838 ssh2 Jan 13 15:40:47 h2177944 sshd\[21639\]: Failed password for root from 222.186.42.4 port 64838 ssh2 ...	2020-01-13 22:49:38
84.54.187.161	attackspambots	Jan 13 14:55:04 localhost sshd\[16426\]: Invalid user felix from 84.54.187.161 Jan 13 14:55:04 localhost sshd\[16426\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=84.54.187.161 Jan 13 14:55:07 localhost sshd\[16426\]: Failed password for invalid user felix from 84.54.187.161 port 43762 ssh2 Jan 13 14:58:42 localhost sshd\[16539\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=84.54.187.161 user=root Jan 13 14:58:44 localhost sshd\[16539\]: Failed password for root from 84.54.187.161 port 52974 ssh2 ...	2020-01-13 23:24:22
169.0.182.139	attackspam	Honeypot attack, port: 81, PTR: 169-0-182-139.ip.afrihost.co.za.	2020-01-13 23:29:21
120.70.101.46	attackbots	2020-01-13T08:57:29.8171671495-001 sshd[59379]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.70.101.46 user=root 2020-01-13T08:57:31.3557911495-001 sshd[59379]: Failed password for root from 120.70.101.46 port 52045 ssh2 2020-01-13T09:00:26.6259001495-001 sshd[59502]: Invalid user mike from 120.70.101.46 port 59722 2020-01-13T09:00:26.6290591495-001 sshd[59502]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.70.101.46 2020-01-13T09:00:26.6259001495-001 sshd[59502]: Invalid user mike from 120.70.101.46 port 59722 2020-01-13T09:00:28.1316161495-001 sshd[59502]: Failed password for invalid user mike from 120.70.101.46 port 59722 ssh2 2020-01-13T09:03:33.1300301495-001 sshd[59656]: Invalid user udo from 120.70.101.46 port 39164 2020-01-13T09:03:33.1357981495-001 sshd[59656]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.70.101.46 2020-01-13T09:03:33.130 ...	2020-01-13 23:28:22
222.186.169.192	attackbots	2020-01-13T15:04:48.014081abusebot-2.cloudsearch.cf sshd[5895]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.169.192 user=root 2020-01-13T15:04:49.898613abusebot-2.cloudsearch.cf sshd[5895]: Failed password for root from 222.186.169.192 port 24896 ssh2 2020-01-13T15:04:53.249587abusebot-2.cloudsearch.cf sshd[5895]: Failed password for root from 222.186.169.192 port 24896 ssh2 2020-01-13T15:04:48.014081abusebot-2.cloudsearch.cf sshd[5895]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.169.192 user=root 2020-01-13T15:04:49.898613abusebot-2.cloudsearch.cf sshd[5895]: Failed password for root from 222.186.169.192 port 24896 ssh2 2020-01-13T15:04:53.249587abusebot-2.cloudsearch.cf sshd[5895]: Failed password for root from 222.186.169.192 port 24896 ssh2 2020-01-13T15:04:48.014081abusebot-2.cloudsearch.cf sshd[5895]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ...	2020-01-13 23:19:48
113.178.140.253	attackspambots	Honeypot attack, port: 445, PTR: static.vnpt.vn.	2020-01-13 23:26:14
111.198.54.177	attackspambots	Unauthorized connection attempt detected from IP address 111.198.54.177 to port 2220 [J]	2020-01-13 23:16:20
213.194.160.243	attack	Automatic report - Port Scan Attack	2020-01-13 22:50:11
185.53.88.29	attack	01/13/2020-14:27:14.507104 185.53.88.29 Protocol: 17 ET SCAN Sipvicious Scan	2020-01-13 22:57:00
114.119.148.80	attackspambots	badbot	2020-01-13 22:47:54

Recently Reported IPs

104.215.183.88	111.72.196.38	59.153.241.11	52.183.81.201
14.146.126.189	23.100.80.45	180.97.117.122	121.216.196.26
187.31.120.59	164.155.66.25	86.201.33.116	45.12.42.241
23.100.22.122	241.27.50.219	13.82.135.74	159.203.91.147
59.95.101.49	174.89.20.108	52.163.225.87	220.133.210.114