104.45.42.142 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Netherlands

Internet Service Provider: Microsoft Corporation

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	15.09.2020 06:46:02 - Login Fail on hMailserver Detected by ELinOX-hMail-A2F	2020-09-16 01:00:14
attackbots	15.09.2020 06:46:02 - Login Fail on hMailserver Detected by ELinOX-hMail-A2F	2020-09-15 16:52:45

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.45.42.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 28655
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.45.42.142.			IN	A

;; AUTHORITY SECTION:
.			548	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020091500 1800 900 604800 86400

;; Query time: 72 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Sep 15 16:52:40 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 142.42.45.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 142.42.45.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
179.184.85.114	attackspam	Jan 1 23:31:26 plesk sshd[15429]: Address 179.184.85.114 maps to abatedouro.static.vivo.com.br, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Jan 1 23:31:26 plesk sshd[15429]: Invalid user pulse from 179.184.85.114 Jan 1 23:31:26 plesk sshd[15429]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.184.85.114 Jan 1 23:31:28 plesk sshd[15429]: Failed password for invalid user pulse from 179.184.85.114 port 40422 ssh2 Jan 1 23:31:28 plesk sshd[15429]: Received disconnect from 179.184.85.114: 11: Bye Bye [preauth] Jan 1 23:44:02 plesk sshd[16045]: Address 179.184.85.114 maps to abatedouro.static.vivo.com.br, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Jan 1 23:44:02 plesk sshd[16045]: Invalid user useruser from 179.184.85.114 Jan 1 23:44:02 plesk sshd[16045]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.184.85.114 Jan 1 23:4........ -------------------------------	2020-01-04 01:31:38
222.186.180.223	attackspam	Jan 3 12:43:35 plusreed sshd[12197]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.223 user=root Jan 3 12:43:37 plusreed sshd[12197]: Failed password for root from 222.186.180.223 port 63378 ssh2 ...	2020-01-04 01:47:04
49.207.178.37	attackspambots	Unauthorized connection attempt from IP address 49.207.178.37 on Port 445(SMB)	2020-01-04 02:06:26
95.59.255.246	attack	Unauthorized connection attempt from IP address 95.59.255.246 on Port 445(SMB)	2020-01-04 01:55:44
170.84.92.146	attackbotsspam	Jan 3 14:02:02 grey postfix/smtpd\[22924\]: NOQUEUE: reject: RCPT from unknown\[170.84.92.146\]: 554 5.7.1 Service unavailable\; Client host \[170.84.92.146\] blocked using bl.spamcop.net\; Blocked - see https://www.spamcop.net/bl.shtml\?170.84.92.146\; from=\ to=\ proto=ESMTP helo=\<\[170.84.92.146\]\> ...	2020-01-04 01:48:01
78.188.24.71	attackspambots	port scan and connect, tcp 8000 (http-alt)	2020-01-04 01:53:32
213.217.5.23	attack	SSH/22 MH Probe, BF, Hack -	2020-01-04 01:29:23
218.92.0.178	attack	Jan 3 18:49:18 nextcloud sshd\[17169\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.178 user=root Jan 3 18:49:20 nextcloud sshd\[17169\]: Failed password for root from 218.92.0.178 port 8166 ssh2 Jan 3 18:49:46 nextcloud sshd\[17663\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.178 user=root ...	2020-01-04 01:52:54
201.184.155.18	attack	Unauthorized connection attempt from IP address 201.184.155.18 on Port 445(SMB)	2020-01-04 02:00:34
222.186.175.202	attack	Jan 3 19:00:30 v22018086721571380 sshd[5532]: error: maximum authentication attempts exceeded for root from 222.186.175.202 port 37684 ssh2 [preauth]	2020-01-04 02:03:32
41.105.240.132	attackbotsspam	Lines containing failures of 41.105.240.132 Jan 3 14:00:32 shared07 sshd[25270]: Invalid user operator from 41.105.240.132 port 13774 Jan 3 14:00:33 shared07 sshd[25270]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.105.240.132 Jan 3 14:00:34 shared07 sshd[25270]: Failed password for invalid user operator from 41.105.240.132 port 13774 ssh2 Jan 3 14:00:34 shared07 sshd[25270]: Connection closed by invalid user operator 41.105.240.132 port 13774 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=41.105.240.132	2020-01-04 01:48:18
82.221.105.6	attack	Unauthorized connection attempt detected from IP address 82.221.105.6 to port 2086	2020-01-04 02:04:29
115.221.209.125	attackbotsspam	Jan 3 23:36:56 apex-mail dovecot-auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=115.221.209.125 Jan 3 23:37:14 apex-mail dovecot-auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=115.221.209.125 Jan 3 23:37:26 apex-mail dovecot-auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=115.221.209.125 Jan 3 23:37:40 apex-mail dovecot-auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=115.221.209.125 Jan 3 23:41:29 apex-mail dovecot-auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=115.221.209.125 Jan 3 23:41:45 apex-mail dovecot-auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=115.221.209.125 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=115.221.209.125	2020-01-04 01:30:21
78.47.31.75	attackspam	Unauthorized connection attempt detected from IP address 78.47.31.75 to port 22	2020-01-04 01:37:29
45.71.150.227	attackspam	Automatic report - XMLRPC Attack	2020-01-04 02:08:03

Recently Reported IPs

119.29.168.187	89.44.33.3	194.61.54.228	56.251.133.172
188.162.197.245	116.75.116.182	128.71.154.160	54.38.54.131
189.150.23.24	139.162.36.227	83.24.168.171	177.207.192.151
154.180.135.208	110.81.178.9	73.98.38.135	52.142.58.128
115.99.235.68	72.176.8.106	83.221.107.60	201.118.98.47