20.185.42.104 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: Microsoft Corporation

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	20 attempts against mh-ssh on soil	2020-10-02 07:04:37
attack	20 attempts against mh-ssh on soil	2020-10-01 23:36:59
attackspam	20 attempts against mh-ssh on soil	2020-10-01 15:42:18

Comments on same subnet:

IP	Type	Details	Datetime
20.185.42.168	attackspambots	Unauthorized SSH login attempts	2020-07-18 16:24:36
20.185.42.168	attackspambots	Jul 15 21:03:14 santamaria sshd\[22606\]: Invalid user ec2-user from 20.185.42.168 Jul 15 21:03:14 santamaria sshd\[22606\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=20.185.42.168 Jul 15 21:03:16 santamaria sshd\[22606\]: Failed password for invalid user ec2-user from 20.185.42.168 port 52898 ssh2 ...	2020-07-16 03:59:06
20.185.42.168	attackbots	<6 unauthorized SSH connections	2020-07-15 15:28:12
20.185.42.182	attack	Unauthorized connection attempt detected from IP address 20.185.42.182 to port 23	2020-06-06 06:31:29

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 20.185.42.104
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18639
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;20.185.42.104.			IN	A

;; AUTHORITY SECTION:
.			414	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020093002 1800 900 604800 86400

;; Query time: 197 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Oct 01 15:42:13 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 104.42.185.20.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 104.42.185.20.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
89.185.77.76	attack	Chat Spam	2020-03-10 21:06:35
36.48.159.58	attackspambots	port scan and connect, tcp 1433 (ms-sql-s)	2020-03-10 20:37:29
36.4.51.211	attackbots	Email rejected due to spam filtering	2020-03-10 21:06:59
64.225.111.247	attackbotsspam	Mar 10 08:18:50 dns-3 sshd[18017]: User r.r from 64.225.111.247 not allowed because not listed in AllowUsers Mar 10 08:18:50 dns-3 sshd[18017]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=64.225.111.247 user=r.r Mar 10 08:18:51 dns-3 sshd[18017]: Failed password for invalid user r.r from 64.225.111.247 port 44362 ssh2 Mar 10 08:18:52 dns-3 sshd[18017]: Received disconnect from 64.225.111.247 port 44362:11: Bye Bye [preauth] Mar 10 08:18:52 dns-3 sshd[18017]: Disconnected from invalid user r.r 64.225.111.247 port 44362 [preauth] Mar 10 08:28:12 dns-3 sshd[18400]: Invalid user demo from 64.225.111.247 port 40906 Mar 10 08:28:12 dns-3 sshd[18400]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=64.225.111.247 Mar 10 08:28:15 dns-3 sshd[18400]: Failed password for invalid user demo from 64.225.111.247 port 40906 ssh2 Mar 10 08:28:16 dns-3 sshd[18400]: Received disconnect from 64.225.111.24........ -------------------------------	2020-03-10 20:58:40
134.175.17.32	attack	Mar 10 10:14:09 mail sshd[17050]: Invalid user chris from 134.175.17.32 Mar 10 10:14:09 mail sshd[17050]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.17.32 Mar 10 10:14:09 mail sshd[17050]: Invalid user chris from 134.175.17.32 Mar 10 10:14:11 mail sshd[17050]: Failed password for invalid user chris from 134.175.17.32 port 45180 ssh2 Mar 10 10:24:25 mail sshd[441]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.17.32 user=root Mar 10 10:24:27 mail sshd[441]: Failed password for root from 134.175.17.32 port 40490 ssh2 ...	2020-03-10 20:32:18
121.46.29.116	attack	$f2bV_matches	2020-03-10 20:35:39
188.226.243.10	attackbotsspam	Mar 10 10:18:30 ns382633 sshd\[8593\]: Invalid user svnuser from 188.226.243.10 port 33966 Mar 10 10:18:30 ns382633 sshd\[8593\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.226.243.10 Mar 10 10:18:31 ns382633 sshd\[8593\]: Failed password for invalid user svnuser from 188.226.243.10 port 33966 ssh2 Mar 10 10:23:32 ns382633 sshd\[9483\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.226.243.10 user=root Mar 10 10:23:34 ns382633 sshd\[9483\]: Failed password for root from 188.226.243.10 port 38194 ssh2	2020-03-10 21:10:08
80.211.78.155	attackbotsspam	Invalid user jeff from 80.211.78.155 port 52704	2020-03-10 20:59:33
93.126.182.75	attack	Email rejected due to spam filtering	2020-03-10 21:01:14
109.166.91.91	attackbotsspam	Email rejected due to spam filtering	2020-03-10 21:03:12
106.12.195.171	attackbotsspam	Mar 10 10:19:09 serwer sshd\[13479\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.195.171 user=root Mar 10 10:19:11 serwer sshd\[13479\]: Failed password for root from 106.12.195.171 port 49274 ssh2 Mar 10 10:23:37 serwer sshd\[13922\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.195.171 user=root ...	2020-03-10 21:03:46
122.154.33.110	attackbotsspam	Mar 10 09:02:44 XXX sshd[1592]: Did not receive identification string from 122.154.33.110 Mar 10 09:02:44 XXX sshd[1591]: Did not receive identification string from 122.154.33.110 Mar 10 09:02:44 XXX sshd[1593]: Did not receive identification string from 122.154.33.110 Mar 10 09:02:44 XXX sshd[1597]: Did not receive identification string from 122.154.33.110 Mar 10 09:02:44 XXX sshd[1595]: Did not receive identification string from 122.154.33.110 Mar 10 09:02:44 XXX sshd[1596]: Did not receive identification string from 122.154.33.110 Mar 10 09:02:44 XXX sshd[1594]: Did not receive identification string from 122.154.33.110 Mar 10 09:02:44 XXX sshd[1599]: Did not receive identification string from 122.154.33.110 Mar 10 09:02:44 XXX sshd[1600]: Did not receive identification string from 122.154.33.110 Mar 10 09:02:44 XXX sshd[1598]: Did not receive identification string from 122.154.33.110 Mar 10 09:02:44 XXX sshd[1601]: Did not receive identification string from 122.154.3........ -------------------------------	2020-03-10 21:14:32
180.76.153.46	attackspam	...	2020-03-10 20:35:16
178.171.64.231	attackbotsspam	Chat Spam	2020-03-10 21:04:02
58.217.158.10	attackspam	Mar 10 12:32:55 mout sshd[588]: Invalid user ljr123 from 58.217.158.10 port 45012	2020-03-10 20:36:13

Recently Reported IPs

82.57.173.238	202.216.221.208	177.154.21.66	79.191.89.115
124.167.66.55	150.136.195.135	195.4.150.144	51.68.45.227
182.126.87.22	118.89.171.146	106.75.211.130	103.251.45.235
39.79.82.170	91.91.103.97	207.46.13.99	134.6.177.147
141.53.114.96	20.30.24.52	92.192.241.24	102.52.146.62