104.45.42.142 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Netherlands

Internet Service Provider: Microsoft Corporation

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	15.09.2020 06:46:02 - Login Fail on hMailserver Detected by ELinOX-hMail-A2F	2020-09-16 01:00:14
attackbots	15.09.2020 06:46:02 - Login Fail on hMailserver Detected by ELinOX-hMail-A2F	2020-09-15 16:52:45

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.45.42.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 28655
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.45.42.142.			IN	A

;; AUTHORITY SECTION:
.			548	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020091500 1800 900 604800 86400

;; Query time: 72 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Sep 15 16:52:40 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 142.42.45.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 142.42.45.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
49.233.69.138	attackbots	Invalid user testuser from 49.233.69.138 port 51062	2020-04-28 03:10:44
66.102.6.10	attackbotsspam	[Mon Apr 27 18:48:56.427777 2020] [:error] [pid 5592:tid 140574997767936] [client 66.102.6.10:63881] [client 66.102.6.10] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/index.php/prakiraan-iklim/agroklimatologi/kalender-tanam/2787-kalender-tanam-katam-terpadu-pulau-sulawesi/kalender-tanam-katam-terpadu-provinsi-sulawesi-barat/kalender-tanam-katam-terpadu-kabupaten-mamasa-provinsi-sulawesi-barat/kalender-tanam-katam-terpadu-ke ...	2020-04-28 03:48:25
122.51.198.207	attack	Apr 27 20:19:34 Ubuntu-1404-trusty-64-minimal sshd\[23976\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.198.207 user=root Apr 27 20:19:36 Ubuntu-1404-trusty-64-minimal sshd\[23976\]: Failed password for root from 122.51.198.207 port 51480 ssh2 Apr 27 20:29:23 Ubuntu-1404-trusty-64-minimal sshd\[29906\]: Invalid user marry from 122.51.198.207 Apr 27 20:29:23 Ubuntu-1404-trusty-64-minimal sshd\[29906\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.198.207 Apr 27 20:29:25 Ubuntu-1404-trusty-64-minimal sshd\[29906\]: Failed password for invalid user marry from 122.51.198.207 port 47104 ssh2	2020-04-28 03:25:40
106.12.190.104	attackbotsspam	Apr 27 16:51:04 server sshd[17225]: Failed password for invalid user admin from 106.12.190.104 port 33198 ssh2 Apr 27 17:08:55 server sshd[23068]: Failed password for invalid user bharat from 106.12.190.104 port 46548 ssh2 Apr 27 17:13:23 server sshd[24535]: Failed password for root from 106.12.190.104 port 41588 ssh2	2020-04-28 03:34:59
106.12.10.21	attack	Apr 27 13:10:00 server1 sshd\[14924\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.10.21 user=root Apr 27 13:10:02 server1 sshd\[14924\]: Failed password for root from 106.12.10.21 port 33378 ssh2 Apr 27 13:13:19 server1 sshd\[15877\]: Invalid user vivek from 106.12.10.21 Apr 27 13:13:19 server1 sshd\[15877\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.10.21 Apr 27 13:13:21 server1 sshd\[15877\]: Failed password for invalid user vivek from 106.12.10.21 port 50154 ssh2 ...	2020-04-28 03:30:39
202.148.28.83	attackspam	Apr 27 14:32:16 PorscheCustomer sshd[1961]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.148.28.83 Apr 27 14:32:18 PorscheCustomer sshd[1961]: Failed password for invalid user test from 202.148.28.83 port 55332 ssh2 Apr 27 14:36:14 PorscheCustomer sshd[2086]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.148.28.83 ...	2020-04-28 03:37:12
178.154.200.227	attackspambots	[Mon Apr 27 18:49:08.308481 2020] [:error] [pid 5631:tid 140575006160640] [client 178.154.200.227:55500] [client 178.154.200.227] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "XqbGtGv@BskOIbdcVScwiQAAAcM"] ...	2020-04-28 03:39:41
159.65.37.144	attackbotsspam	Apr 27 11:18:47 NPSTNNYC01T sshd[1729]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.37.144 Apr 27 11:18:49 NPSTNNYC01T sshd[1729]: Failed password for invalid user mits from 159.65.37.144 port 60022 ssh2 Apr 27 11:22:51 NPSTNNYC01T sshd[5840]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.37.144 ...	2020-04-28 03:29:56
111.229.72.226	attackbotsspam	Apr 27 20:38:40 DAAP sshd[29440]: Invalid user docker from 111.229.72.226 port 41666 Apr 27 20:38:40 DAAP sshd[29440]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.72.226 Apr 27 20:38:40 DAAP sshd[29440]: Invalid user docker from 111.229.72.226 port 41666 Apr 27 20:38:42 DAAP sshd[29440]: Failed password for invalid user docker from 111.229.72.226 port 41666 ssh2 Apr 27 20:40:04 DAAP sshd[29503]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.72.226 user=root Apr 27 20:40:07 DAAP sshd[29503]: Failed password for root from 111.229.72.226 port 54432 ssh2 ...	2020-04-28 03:27:13
180.76.249.74	attack	Apr 27 15:52:18 lukav-desktop sshd\[18958\]: Invalid user user2 from 180.76.249.74 Apr 27 15:52:18 lukav-desktop sshd\[18958\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.249.74 Apr 27 15:52:20 lukav-desktop sshd\[18958\]: Failed password for invalid user user2 from 180.76.249.74 port 50206 ssh2 Apr 27 15:56:29 lukav-desktop sshd\[19169\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.249.74 user=root Apr 27 15:56:31 lukav-desktop sshd\[19169\]: Failed password for root from 180.76.249.74 port 40604 ssh2	2020-04-28 03:13:53
54.38.185.131	attackbots	Invalid user ew from 54.38.185.131 port 44104	2020-04-28 03:38:36
142.93.215.100	attackspam	Apr 27 16:51:35 ns382633 sshd\[10174\]: Invalid user xbmc from 142.93.215.100 port 60448 Apr 27 16:51:35 ns382633 sshd\[10174\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.215.100 Apr 27 16:51:37 ns382633 sshd\[10174\]: Failed password for invalid user xbmc from 142.93.215.100 port 60448 ssh2 Apr 27 17:03:40 ns382633 sshd\[12211\]: Invalid user as from 142.93.215.100 port 51346 Apr 27 17:03:40 ns382633 sshd\[12211\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.215.100	2020-04-28 03:21:04
149.56.100.237	attack	Apr 27 13:25:23 IngegnereFirenze sshd[2186]: Failed password for invalid user test from 149.56.100.237 port 50622 ssh2 ...	2020-04-28 03:46:40
222.122.60.110	attack	Invalid user kelly from 222.122.60.110 port 54684	2020-04-28 03:44:25
124.156.214.11	attackbotsspam	2020-04-27T21:26:51.542049centos sshd[29633]: Failed password for invalid user oracle from 124.156.214.11 port 36426 ssh2 2020-04-27T21:32:18.316861centos sshd[29952]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.156.214.11 user=ftp 2020-04-27T21:32:19.986489centos sshd[29952]: Failed password for ftp from 124.156.214.11 port 39724 ssh2 ...	2020-04-28 03:35:55

Recently Reported IPs

119.29.168.187	89.44.33.3	194.61.54.228	56.251.133.172
188.162.197.245	116.75.116.182	128.71.154.160	54.38.54.131
189.150.23.24	139.162.36.227	83.24.168.171	177.207.192.151
154.180.135.208	110.81.178.9	73.98.38.135	52.142.58.128
115.99.235.68	72.176.8.106	83.221.107.60	201.118.98.47