104.47.53.142 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: Microsoft Corporation

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Dec 20 02:05:21 debian-2gb-vpn-nbg1-1 kernel: [1175082.103361] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:38:96:44:d2:74:7f:6e:37:e3:08:00 SRC=104.47.53.142 DST=78.46.192.101 LEN=52 TOS=0x02 PREC=0x00 TTL=105 ID=54535 DF PROTO=TCP SPT=37112 DPT=25 WINDOW=64240 RES=0x00 CWR ECE SYN URGP=0	2019-12-20 07:45:08

Type

Details

Datetime

attackspam

Dec 20 02:05:21 debian-2gb-vpn-nbg1-1 kernel: [1175082.103361] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:38:96:44:d2:74:7f:6e:37:e3:08:00 SRC=104.47.53.142 DST=78.46.192.101 LEN=52 TOS=0x02 PREC=0x00 TTL=105 ID=54535 DF PROTO=TCP SPT=37112 DPT=25 WINDOW=64240 RES=0x00 CWR ECE SYN URGP=0

2019-12-20 07:45:08

Comments on same subnet:

IP	Type	Details	Datetime
104.47.53.179	attack	Dec 20 01:34:40 debian-2gb-vpn-nbg1-1 kernel: [1173241.209223] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:38:96:44:d2:74:7f:6e:37:e3:08:00 SRC=104.47.53.179 DST=78.46.192.101 LEN=52 TOS=0x02 PREC=0x00 TTL=104 ID=30845 DF PROTO=TCP SPT=62627 DPT=25 WINDOW=64240 RES=0x00 CWR ECE SYN URGP=0	2019-12-20 07:57:52

Type

Details

Datetime

104.47.53.179

attack

Dec 20 01:34:40 debian-2gb-vpn-nbg1-1 kernel: [1173241.209223] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:38:96:44:d2:74:7f:6e:37:e3:08:00 SRC=104.47.53.179 DST=78.46.192.101 LEN=52 TOS=0x02 PREC=0x00 TTL=104 ID=30845 DF PROTO=TCP SPT=62627 DPT=25 WINDOW=64240 RES=0x00 CWR ECE SYN URGP=0

2019-12-20 07:57:52

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.47.53.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52744
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.47.53.142.			IN	A

;; AUTHORITY SECTION:
.			576	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121902 1800 900 604800 86400

;; Query time: 133 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Dec 20 07:45:05 CST 2019
;; MSG SIZE  rcvd: 117

Host info

142.53.47.104.in-addr.arpa domain name pointer mail-bl2nam06olkn0142.outbound.protection.outlook.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
142.53.47.104.in-addr.arpa	name = mail-bl2nam06olkn0142.outbound.protection.outlook.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
193.32.160.154	attackspambots	Nov 10 18:34:39 relay postfix/smtpd\[7415\]: NOQUEUE: reject: RCPT from unknown\[193.32.160.154\]: 554 5.7.1 \: Relay access denied\; from=\<8z6d31g9n351@ipc.ru\> to=\ proto=ESMTP helo=\<\[193.32.160.151\]\> Nov 10 18:34:39 relay postfix/smtpd\[7415\]: NOQUEUE: reject: RCPT from unknown\[193.32.160.154\]: 554 5.7.1 \: Relay access denied\; from=\<8z6d31g9n351@ipc.ru\> to=\ proto=ESMTP helo=\<\[193.32.160.151\]\> Nov 10 18:34:39 relay postfix/smtpd\[7415\]: NOQUEUE: reject: RCPT from unknown\[193.32.160.154\]: 554 5.7.1 \: Relay access denied\; from=\<8z6d31g9n351@ipc.ru\> to=\ proto=ESMTP helo=\<\[193.32.160.151\]\> Nov 10 18:34:39 relay postfix/smtpd\[7415\]: NOQUEUE: reject: RCPT from unknown\[193.32.160.154\]: 554 5.7.1 \: Relay access denied\; from=\<8z6d31g9n351@ipc.ru\> to=\ proto=ESMTP he ...	2019-11-11 01:34:49
185.209.0.90	attack	11/10/2019-12:37:04.404366 185.209.0.90 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-11-11 01:39:59
119.147.210.4	attackbots	Nov 10 22:26:15 vibhu-HP-Z238-Microtower-Workstation sshd\[31085\]: Invalid user vagrant5 from 119.147.210.4 Nov 10 22:26:15 vibhu-HP-Z238-Microtower-Workstation sshd\[31085\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.147.210.4 Nov 10 22:26:18 vibhu-HP-Z238-Microtower-Workstation sshd\[31085\]: Failed password for invalid user vagrant5 from 119.147.210.4 port 26130 ssh2 Nov 10 22:31:06 vibhu-HP-Z238-Microtower-Workstation sshd\[31370\]: Invalid user schwich from 119.147.210.4 Nov 10 22:31:06 vibhu-HP-Z238-Microtower-Workstation sshd\[31370\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.147.210.4 ...	2019-11-11 01:27:34
91.121.211.59	attackbotsspam	Nov 10 11:46:53 plusreed sshd[22338]: Invalid user master from 91.121.211.59 ...	2019-11-11 00:58:38
51.255.79.108	attackspam	Automatic report - XMLRPC Attack	2019-11-11 01:25:18
213.147.183.1	attackbots	Nov 10 19:08:56 server sshd\[18004\]: Invalid user pi from 213.147.183.1 Nov 10 19:08:56 server sshd\[18006\]: Invalid user pi from 213.147.183.1 Nov 10 19:08:57 server sshd\[18004\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=213-147-183-1.hdsl.highway.telekom.at Nov 10 19:08:57 server sshd\[18006\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=213-147-183-1.hdsl.highway.telekom.at Nov 10 19:08:59 server sshd\[18004\]: Failed password for invalid user pi from 213.147.183.1 port 58824 ssh2 ...	2019-11-11 01:24:48
106.12.132.66	attack	Nov 10 17:08:48 ArkNodeAT sshd\[30902\]: Invalid user 7890 from 106.12.132.66 Nov 10 17:08:48 ArkNodeAT sshd\[30902\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.132.66 Nov 10 17:08:50 ArkNodeAT sshd\[30902\]: Failed password for invalid user 7890 from 106.12.132.66 port 49164 ssh2	2019-11-11 01:32:40
37.59.38.216	attack	2019-11-10T17:12:44.292448abusebot-5.cloudsearch.cf sshd\[27072\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns331058.ip-37-59-38.eu user=root	2019-11-11 01:26:42
35.170.203.107	attackspambots	TCP Port Scanning	2019-11-11 01:27:01
124.232.133.206	attack	Nov 10 17:08:44 [snip] postfix/smtpd[24483]: warning: unknown[124.232.133.206]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 10 17:08:50 [snip] postfix/smtpd[24483]: warning: unknown[124.232.133.206]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 10 17:09:01 [snip] postfix/smtpd[24483]: warning: unknown[124.232.133.206]: SASL LOGIN authentication failed: UGFzc3dvcmQ6[...]	2019-11-11 01:23:06
222.186.175.217	attackspam	Nov 10 18:13:36 MK-Soft-Root2 sshd[24273]: Failed password for root from 222.186.175.217 port 53890 ssh2 Nov 10 18:13:40 MK-Soft-Root2 sshd[24273]: Failed password for root from 222.186.175.217 port 53890 ssh2 ...	2019-11-11 01:24:29
114.5.81.67	attack	Nov 10 19:09:23 hosting sshd[17624]: Invalid user pi from 114.5.81.67 port 35692 Nov 10 19:09:24 hosting sshd[17623]: Invalid user pi from 114.5.81.67 port 35686 Nov 10 19:09:23 hosting sshd[17624]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.5.81.67 Nov 10 19:09:23 hosting sshd[17624]: Invalid user pi from 114.5.81.67 port 35692 Nov 10 19:09:24 hosting sshd[17624]: Failed password for invalid user pi from 114.5.81.67 port 35692 ssh2 ...	2019-11-11 01:08:20
185.53.88.92	attackspambots	Portscan or hack attempt detected by psad/fwsnort	2019-11-11 01:35:04
124.156.116.72	attackspam	Nov 10 17:05:06 MK-Soft-VM6 sshd[7630]: Failed password for root from 124.156.116.72 port 33030 ssh2 ...	2019-11-11 01:05:42
218.93.27.230	attackspambots	Nov 10 17:09:28 nextcloud sshd\[27535\]: Invalid user arijit from 218.93.27.230 Nov 10 17:09:28 nextcloud sshd\[27535\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.93.27.230 Nov 10 17:09:30 nextcloud sshd\[27535\]: Failed password for invalid user arijit from 218.93.27.230 port 53764 ssh2 ...	2019-11-11 01:04:02

Recently Reported IPs

141.226.24.178	40.92.19.64	36.75.177.16	189.211.84.117
203.40.101.22	117.50.93.75	201.22.140.31	40.92.72.99
192.236.248.152	212.92.122.36	61.76.103.167	41.250.234.170
202.162.194.76	83.160.62.252	212.30.52.70	205.209.128.111
92.112.202.118	37.105.163.228	87.107.124.133	103.78.254.182