104.42.9.63 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: Microsoft Corporation

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	X-Sender-IP: 104.42.9.63 X-SID-PRA: TYLWILLG@PFQJBLICD.COM X-SID-Result: NONE X-MS-Exchange-Organization-PCL: 2 X-Microsoft-Antispam: BCL:0; X-Forefront-Antispam-Report: CIP:104.42.9.63;CTRY:US;LANG:en;SCL:0;SRV:;IPV:NLI;SFV:NSPM;H:tevmtstvmtaggwp13.com;PTR:InfoDomainNonexistent;CAT:NONE;SFTY:;SFS:;DIR:INB;SFP:; X-OriginatorOrg: outlook.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 06 Aug 2020 09:51:37.3803 (UTC)	2020-08-07 03:37:19

Type

Details

Datetime

attack

X-Sender-IP: 104.42.9.63
X-SID-PRA: TYLWILLG@PFQJBLICD.COM
X-SID-Result: NONE
X-MS-Exchange-Organization-PCL: 2
X-Microsoft-Antispam: BCL:0;
X-Forefront-Antispam-Report:
CIP:104.42.9.63;CTRY:US;LANG:en;SCL:0;SRV:;IPV:NLI;SFV:NSPM;H:tevmtstvmtaggwp13.com;PTR:InfoDomainNonexistent;CAT:NONE;SFTY:;SFS:;DIR:INB;SFP:;
X-OriginatorOrg: outlook.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 06 Aug 2020 09:51:37.3803
(UTC)

2020-08-07 03:37:19

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.42.9.63
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1218
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.42.9.63.			IN	A

;; AUTHORITY SECTION:
.			439	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020080603 1800 900 604800 86400

;; Query time: 61 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Aug 07 03:37:16 CST 2020
;; MSG SIZE  rcvd: 115

Host info

Host 63.9.42.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 63.9.42.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
51.77.140.244	attackbots	Aug 8 18:15:55 vtv3 sshd\[428\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.140.244 user=root Aug 8 18:15:57 vtv3 sshd\[428\]: Failed password for root from 51.77.140.244 port 53126 ssh2 Aug 8 18:22:59 vtv3 sshd\[4063\]: Invalid user haribo from 51.77.140.244 port 50024 Aug 8 18:22:59 vtv3 sshd\[4063\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.140.244 Aug 8 18:23:01 vtv3 sshd\[4063\]: Failed password for invalid user haribo from 51.77.140.244 port 50024 ssh2 Aug 8 18:39:33 vtv3 sshd\[12214\]: Invalid user werner from 51.77.140.244 port 39452 Aug 8 18:39:33 vtv3 sshd\[12214\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.140.244 Aug 8 18:39:35 vtv3 sshd\[12214\]: Failed password for invalid user werner from 51.77.140.244 port 39452 ssh2 Aug 8 18:44:18 vtv3 sshd\[14900\]: Invalid user administrateur from 51.77.140.244 port 35712 Aug 8 18:44:	2019-08-09 07:08:51
194.177.207.16	attack	Aug 9 01:25:40 lnxmysql61 sshd[3327]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.177.207.16 Aug 9 01:25:40 lnxmysql61 sshd[3327]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.177.207.16 Aug 9 01:25:42 lnxmysql61 sshd[3327]: Failed password for invalid user openhabian from 194.177.207.16 port 52057 ssh2	2019-08-09 07:29:46
204.48.19.178	attackbotsspam	Aug 9 01:07:41 vps647732 sshd[1235]: Failed password for root from 204.48.19.178 port 36500 ssh2 Aug 9 01:11:35 vps647732 sshd[1348]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=204.48.19.178 ...	2019-08-09 07:13:09
182.61.190.9	attackspam	fail2ban honeypot	2019-08-09 07:26:04
14.161.29.126	attackbots	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-08-08 21:39:18,867 INFO [amun_request_handler] PortScan Detected on Port: 445 (14.161.29.126)	2019-08-09 07:38:55
188.0.131.219	attackspambots	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-08-08 21:43:45,586 INFO [amun_request_handler] PortScan Detected on Port: 445 (188.0.131.219)	2019-08-09 07:20:11
121.201.43.233	attack	Aug 8 17:47:55 aat-srv002 sshd[21797]: Failed password for root from 121.201.43.233 port 44716 ssh2 Aug 8 17:54:34 aat-srv002 sshd[21911]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.201.43.233 Aug 8 17:54:36 aat-srv002 sshd[21911]: Failed password for invalid user prueba from 121.201.43.233 port 34336 ssh2 ...	2019-08-09 07:36:41
131.100.78.147	attackspambots	failed_logins	2019-08-09 06:59:33
36.72.219.199	attackbotsspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-08-08 22:08:32,843 INFO [shellcode_manager] (36.72.219.199) no match, writing hexdump (6745907450cf1694ee56e4e10cbc65eb :1839956) - MS17010 (EternalBlue)	2019-08-09 07:02:06
167.71.106.66	attackbots	Aug 9 00:07:14 XXX sshd[64038]: Invalid user admin from 167.71.106.66 port 35670	2019-08-09 07:36:08
139.99.221.61	attack	Aug 8 23:54:54 amit sshd\[6625\]: Invalid user web3 from 139.99.221.61 Aug 8 23:54:54 amit sshd\[6625\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.221.61 Aug 8 23:54:57 amit sshd\[6625\]: Failed password for invalid user web3 from 139.99.221.61 port 58102 ssh2 ...	2019-08-09 07:22:34
23.106.122.244	attack	Postfix SMTP rejection ...	2019-08-09 07:38:16
168.226.35.218	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-08-08 21:42:22,715 INFO [amun_request_handler] PortScan Detected on Port: 445 (168.226.35.218)	2019-08-09 07:28:58
122.175.55.196	attackspam	Aug 8 19:03:08 debian sshd\[16081\]: Invalid user godfrey from 122.175.55.196 port 53568 Aug 8 19:03:08 debian sshd\[16081\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.175.55.196 Aug 8 19:03:10 debian sshd\[16081\]: Failed password for invalid user godfrey from 122.175.55.196 port 53568 ssh2 ...	2019-08-09 07:34:04
138.201.175.35	attack	the ip scan ports..	2019-08-09 07:07:31

Recently Reported IPs

173.254.243.250	62.210.25.243	54.93.216.238	3.8.124.207
217.138.219.135	195.54.160.67	138.68.233.77	68.168.142.29
195.54.160.66	162.241.253.84	34.76.63.237	13.53.137.79
176.43.128.13	51.178.171.55	13.49.137.29	125.31.24.141
20.188.108.164	177.191.254.213	110.88.31.165	8.210.7.25