Must be a valid IPv4 or IPv6 ip address, e.g. 127.0.0.1 or 2001:DB8:0:0:8:800:200C:417A
Basic Info

City: unknown

Region: unknown

Country: Netherlands

Internet Service Provider: Microsoft Corporation

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:
Type Details Datetime
attack
15.09.2020 06:46:02 - Login Fail on hMailserver 
Detected by ELinOX-hMail-A2F
2020-09-16 01:00:14
attackbots
15.09.2020 06:46:02 - Login Fail on hMailserver 
Detected by ELinOX-hMail-A2F
2020-09-15 16:52:45
Comments on same subnet:
No discussion about this subnet yet..
Whois info:
b
Dig info:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.45.42.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 28655
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.45.42.142.			IN	A

;; AUTHORITY SECTION:
.			548	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020091500 1800 900 604800 86400

;; Query time: 72 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Sep 15 16:52:40 CST 2020
;; MSG SIZE  rcvd: 117
Host info
Host 142.42.45.104.in-addr.arpa. not found: 3(NXDOMAIN)
Nslookup info:
Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 142.42.45.104.in-addr.arpa: NXDOMAIN
Related IP info:
Related comments:
IP Type Details Datetime
49.233.69.138 attackbots
Invalid user testuser from 49.233.69.138 port 51062
2020-04-28 03:10:44
66.102.6.10 attackbotsspam
[Mon Apr 27 18:48:56.427777 2020] [:error] [pid 5592:tid 140574997767936] [client 66.102.6.10:63881] [client 66.102.6.10] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/index.php/prakiraan-iklim/agroklimatologi/kalender-tanam/2787-kalender-tanam-katam-terpadu-pulau-sulawesi/kalender-tanam-katam-terpadu-provinsi-sulawesi-barat/kalender-tanam-katam-terpadu-kabupaten-mamasa-provinsi-sulawesi-barat/kalender-tanam-katam-terpadu-ke
...
2020-04-28 03:48:25
122.51.198.207 attack
Apr 27 20:19:34 Ubuntu-1404-trusty-64-minimal sshd\[23976\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.198.207  user=root
Apr 27 20:19:36 Ubuntu-1404-trusty-64-minimal sshd\[23976\]: Failed password for root from 122.51.198.207 port 51480 ssh2
Apr 27 20:29:23 Ubuntu-1404-trusty-64-minimal sshd\[29906\]: Invalid user marry from 122.51.198.207
Apr 27 20:29:23 Ubuntu-1404-trusty-64-minimal sshd\[29906\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.198.207
Apr 27 20:29:25 Ubuntu-1404-trusty-64-minimal sshd\[29906\]: Failed password for invalid user marry from 122.51.198.207 port 47104 ssh2
2020-04-28 03:25:40
106.12.190.104 attackbotsspam
Apr 27 16:51:04 server sshd[17225]: Failed password for invalid user admin from 106.12.190.104 port 33198 ssh2
Apr 27 17:08:55 server sshd[23068]: Failed password for invalid user bharat from 106.12.190.104 port 46548 ssh2
Apr 27 17:13:23 server sshd[24535]: Failed password for root from 106.12.190.104 port 41588 ssh2
2020-04-28 03:34:59
106.12.10.21 attack
Apr 27 13:10:00 server1 sshd\[14924\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.10.21  user=root
Apr 27 13:10:02 server1 sshd\[14924\]: Failed password for root from 106.12.10.21 port 33378 ssh2
Apr 27 13:13:19 server1 sshd\[15877\]: Invalid user vivek from 106.12.10.21
Apr 27 13:13:19 server1 sshd\[15877\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.10.21 
Apr 27 13:13:21 server1 sshd\[15877\]: Failed password for invalid user vivek from 106.12.10.21 port 50154 ssh2
...
2020-04-28 03:30:39
202.148.28.83 attackspam
Apr 27 14:32:16 PorscheCustomer sshd[1961]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.148.28.83
Apr 27 14:32:18 PorscheCustomer sshd[1961]: Failed password for invalid user test from 202.148.28.83 port 55332 ssh2
Apr 27 14:36:14 PorscheCustomer sshd[2086]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.148.28.83
...
2020-04-28 03:37:12
178.154.200.227 attackspambots
[Mon Apr 27 18:49:08.308481 2020] [:error] [pid 5631:tid 140575006160640] [client 178.154.200.227:55500] [client 178.154.200.227] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "XqbGtGv@BskOIbdcVScwiQAAAcM"]
...
2020-04-28 03:39:41
159.65.37.144 attackbotsspam
Apr 27 11:18:47 NPSTNNYC01T sshd[1729]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.37.144
Apr 27 11:18:49 NPSTNNYC01T sshd[1729]: Failed password for invalid user mits from 159.65.37.144 port 60022 ssh2
Apr 27 11:22:51 NPSTNNYC01T sshd[5840]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.37.144
...
2020-04-28 03:29:56
111.229.72.226 attackbotsspam
Apr 27 20:38:40 DAAP sshd[29440]: Invalid user docker from 111.229.72.226 port 41666
Apr 27 20:38:40 DAAP sshd[29440]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.72.226
Apr 27 20:38:40 DAAP sshd[29440]: Invalid user docker from 111.229.72.226 port 41666
Apr 27 20:38:42 DAAP sshd[29440]: Failed password for invalid user docker from 111.229.72.226 port 41666 ssh2
Apr 27 20:40:04 DAAP sshd[29503]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.72.226  user=root
Apr 27 20:40:07 DAAP sshd[29503]: Failed password for root from 111.229.72.226 port 54432 ssh2
...
2020-04-28 03:27:13
180.76.249.74 attack
Apr 27 15:52:18 lukav-desktop sshd\[18958\]: Invalid user user2 from 180.76.249.74
Apr 27 15:52:18 lukav-desktop sshd\[18958\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.249.74
Apr 27 15:52:20 lukav-desktop sshd\[18958\]: Failed password for invalid user user2 from 180.76.249.74 port 50206 ssh2
Apr 27 15:56:29 lukav-desktop sshd\[19169\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.249.74  user=root
Apr 27 15:56:31 lukav-desktop sshd\[19169\]: Failed password for root from 180.76.249.74 port 40604 ssh2
2020-04-28 03:13:53
54.38.185.131 attackbots
Invalid user ew from 54.38.185.131 port 44104
2020-04-28 03:38:36
142.93.215.100 attackspam
Apr 27 16:51:35 ns382633 sshd\[10174\]: Invalid user xbmc from 142.93.215.100 port 60448
Apr 27 16:51:35 ns382633 sshd\[10174\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.215.100
Apr 27 16:51:37 ns382633 sshd\[10174\]: Failed password for invalid user xbmc from 142.93.215.100 port 60448 ssh2
Apr 27 17:03:40 ns382633 sshd\[12211\]: Invalid user as from 142.93.215.100 port 51346
Apr 27 17:03:40 ns382633 sshd\[12211\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.215.100
2020-04-28 03:21:04
149.56.100.237 attack
Apr 27 13:25:23 IngegnereFirenze sshd[2186]: Failed password for invalid user test from 149.56.100.237 port 50622 ssh2
...
2020-04-28 03:46:40
222.122.60.110 attack
Invalid user kelly from 222.122.60.110 port 54684
2020-04-28 03:44:25
124.156.214.11 attackbotsspam
2020-04-27T21:26:51.542049centos sshd[29633]: Failed password for invalid user oracle from 124.156.214.11 port 36426 ssh2
2020-04-27T21:32:18.316861centos sshd[29952]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.156.214.11  user=ftp
2020-04-27T21:32:19.986489centos sshd[29952]: Failed password for ftp from 124.156.214.11 port 39724 ssh2
...
2020-04-28 03:35:55

Recently Reported IPs

119.29.168.187 89.44.33.3 194.61.54.228 56.251.133.172
188.162.197.245 116.75.116.182 128.71.154.160 54.38.54.131
189.150.23.24 139.162.36.227 83.24.168.171 177.207.192.151
154.180.135.208 110.81.178.9 73.98.38.135 52.142.58.128
115.99.235.68 72.176.8.106 83.221.107.60 201.118.98.47