142.11.241.104

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
142.11.241.65	attackspam	Jan 8 05:56:36 localhost sshd[14182]: Did not receive identification string from 142.11.241.65 port 40046 Jan 8 05:56:37 localhost sshd[14183]: error: Received disconnect from 142.11.241.65 port 40096:3: com.jcraft.jsch.JSchException: Auth fail [preauth] Jan 8 05:56:37 localhost sshd[14183]: Disconnected from 142.11.241.65 port 40096 [preauth] Jan 8 05:56:38 localhost sshd[14185]: error: Received disconnect from 142.11.241.65 port 40188:3: com.jcraft.jsch.JSchException: Auth fail [preauth] Jan 8 05:56:38 localhost sshd[14185]: Disconnected from 142.11.241.65 port 40188 [preauth] Jan 8 05:56:38 localhost sshd[14187]: Invalid user pi from 142.11.241.65 port 40318 Jan 8 05:56:38 localhost sshd[14187]: error: Received disconnect from 142.11.241.65 port 40318:3: com.jcraft.jsch.JSchException: Auth fail [preauth] Jan 8 05:56:38 localhost sshd[14187]: Disconnected from 142.11.241.65 port 40318 [preauth] Jan 8 05:56:39 localhost sshd[14189]: Invalid user pi from 142.11........ -------------------------------	2020-01-08 22:49:54

Type

Details

Datetime

142.11.241.65

attackspam

Jan  8 05:56:36 localhost sshd[14182]: Did not receive identification string from 142.11.241.65 port 40046
Jan  8 05:56:37 localhost sshd[14183]: error: Received disconnect from 142.11.241.65 port 40096:3: com.jcraft.jsch.JSchException: Auth fail [preauth]
Jan  8 05:56:37 localhost sshd[14183]: Disconnected from 142.11.241.65 port 40096 [preauth]
Jan  8 05:56:38 localhost sshd[14185]: error: Received disconnect from 142.11.241.65 port 40188:3: com.jcraft.jsch.JSchException: Auth fail [preauth]
Jan  8 05:56:38 localhost sshd[14185]: Disconnected from 142.11.241.65 port 40188 [preauth]
Jan  8 05:56:38 localhost sshd[14187]: Invalid user pi from 142.11.241.65 port 40318
Jan  8 05:56:38 localhost sshd[14187]: error: Received disconnect from 142.11.241.65 port 40318:3: com.jcraft.jsch.JSchException: Auth fail [preauth]
Jan  8 05:56:38 localhost sshd[14187]: Disconnected from 142.11.241.65 port 40318 [preauth]
Jan  8 05:56:39 localhost sshd[14189]: Invalid user pi from 142.11........
-------------------------------

2020-01-08 22:49:54

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.11.241.104
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42989
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;142.11.241.104.			IN	A

;; AUTHORITY SECTION:
.			199	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020700 1800 900 604800 86400

;; Query time: 102 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 07 21:32:26 CST 2022
;; MSG SIZE  rcvd: 107

Host info

104.241.11.142.in-addr.arpa domain name pointer hwsrv-936978.hostwindsdns.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
104.241.11.142.in-addr.arpa	name = hwsrv-936978.hostwindsdns.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
159.203.35.141	attack	k+ssh-bruteforce	2020-08-25 14:58:41
37.120.171.243	attackspam	Aug 25 04:58:10 rocket sshd[26992]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.120.171.243 Aug 25 04:58:12 rocket sshd[26992]: Failed password for invalid user study from 37.120.171.243 port 34084 ssh2 ...	2020-08-25 14:25:31
85.30.248.93	attackbots	Aug 25 07:55:18 sticky sshd\[31297\]: Invalid user admin from 85.30.248.93 port 50356 Aug 25 07:55:18 sticky sshd\[31297\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.30.248.93 Aug 25 07:55:20 sticky sshd\[31297\]: Failed password for invalid user admin from 85.30.248.93 port 50356 ssh2 Aug 25 07:59:39 sticky sshd\[31365\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.30.248.93 user=root Aug 25 07:59:41 sticky sshd\[31365\]: Failed password for root from 85.30.248.93 port 54586 ssh2	2020-08-25 14:54:17
138.197.180.29	attackspambots	Invalid user vitalina from 138.197.180.29 port 37414	2020-08-25 14:57:02
119.29.158.26	attackspam	Aug 25 08:02:26 sip sshd[1416366]: Invalid user admin from 119.29.158.26 port 35494 Aug 25 08:02:27 sip sshd[1416366]: Failed password for invalid user admin from 119.29.158.26 port 35494 ssh2 Aug 25 08:05:47 sip sshd[1416397]: Invalid user pgsql from 119.29.158.26 port 43950 ...	2020-08-25 14:48:15
160.153.245.123	attack	CMS (WordPress or Joomla) login attempt.	2020-08-25 14:21:59
103.114.221.16	attackspam	Aug 25 08:04:52 PorscheCustomer sshd[17612]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.114.221.16 Aug 25 08:04:54 PorscheCustomer sshd[17612]: Failed password for invalid user test from 103.114.221.16 port 36654 ssh2 Aug 25 08:09:17 PorscheCustomer sshd[17680]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.114.221.16 ...	2020-08-25 14:20:19
161.35.24.85	attackspambots	Aug 25 06:34:58 web8 sshd\[29060\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=161.35.24.85 user=root Aug 25 06:35:00 web8 sshd\[29060\]: Failed password for root from 161.35.24.85 port 58116 ssh2 Aug 25 06:38:06 web8 sshd\[30595\]: Invalid user karin from 161.35.24.85 Aug 25 06:38:06 web8 sshd\[30595\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=161.35.24.85 Aug 25 06:38:09 web8 sshd\[30595\]: Failed password for invalid user karin from 161.35.24.85 port 57632 ssh2	2020-08-25 14:48:00
103.133.105.65	attackbotsspam	email spam	2020-08-25 14:29:32
121.201.74.154	attackbotsspam	Invalid user tu from 121.201.74.154 port 56068	2020-08-25 14:27:09
150.109.115.108	attackbots	Aug 24 21:11:45 mockhub sshd[21870]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.109.115.108 Aug 24 21:11:48 mockhub sshd[21870]: Failed password for invalid user hadoop from 150.109.115.108 port 37506 ssh2 ...	2020-08-25 14:45:41
60.166.155.80	attackbots	Port probing on unauthorized port 1433	2020-08-25 14:25:12
139.59.85.41	attackbots	139.59.85.41 - - [25/Aug/2020:08:18:28 +0200] "GET /wp-login.php HTTP/1.1" 200 1689 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.85.41 - - [25/Aug/2020:08:18:31 +0200] "POST /wp-login.php HTTP/1.1" 200 1819 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.85.41 - - [25/Aug/2020:08:18:32 +0200] "GET /wp-login.php HTTP/1.1" 200 1689 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.85.41 - - [25/Aug/2020:08:18:34 +0200] "POST /wp-login.php HTTP/1.1" 200 1816 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.85.41 - - [25/Aug/2020:08:21:21 +0200] "GET /wp-login.php HTTP/1.1" 200 2010 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.85.41 - - [25/Aug/2020:08:21:27 +0200] "POST /wp-login.php HTTP/1.1" 200 2143 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/6 ...	2020-08-25 14:30:30
181.67.168.19	attackbotsspam	IP 181.67.168.19 attacked honeypot on port: 8080 at 8/24/2020 8:56:07 PM	2020-08-25 14:52:48
222.186.15.115	attackbotsspam	Aug 25 11:52:00 gw1 sshd[7844]: Failed password for root from 222.186.15.115 port 18437 ssh2 ...	2020-08-25 14:54:45

Recently Reported IPs

221.163.23.81	123.4.67.255	14.191.43.56	113.176.176.137
213.37.74.147	175.115.212.115	104.248.168.145	88.193.135.10
84.228.164.204	114.134.188.34	5.131.243.11	60.246.12.115
180.149.235.218	210.213.212.44	110.83.222.158	39.155.6.65
200.59.56.49	104.144.112.51	94.136.154.49	91.109.128.180