104.144.208.141

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: B2 Net Solutions Inc.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Looking for resource vulnerabilities	2019-07-17 05:25:04

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.144.208.141
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10932
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.144.208.141.		IN	A

;; AUTHORITY SECTION:
.			1493	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071601 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Jul 17 05:24:59 CST 2019
;; MSG SIZE  rcvd: 119

Host info

Host 141.208.144.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 141.208.144.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
106.55.23.112	attack	Invalid user ts from 106.55.23.112 port 50490	2020-10-01 21:16:40
103.208.137.2	attackbotsspam	timhelmke.de 103.208.137.2 [01/Oct/2020:15:11:41 +0200] "POST /wp-login.php HTTP/1.1" 200 6650 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" timhelmke.de 103.208.137.2 [01/Oct/2020:15:11:42 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4050 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-10-01 21:19:44
162.243.10.64	attackbotsspam	(sshd) Failed SSH login from 162.243.10.64 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 1 08:08:11 server sshd[31885]: Invalid user cognos from 162.243.10.64 port 49188 Oct 1 08:08:13 server sshd[31885]: Failed password for invalid user cognos from 162.243.10.64 port 49188 ssh2 Oct 1 08:11:40 server sshd[320]: Invalid user roberto from 162.243.10.64 port 56922 Oct 1 08:11:42 server sshd[320]: Failed password for invalid user roberto from 162.243.10.64 port 56922 ssh2 Oct 1 08:15:05 server sshd[1946]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.10.64 user=root	2020-10-01 21:31:45
96.57.82.166	attack	Oct 1 13:30:23 rocket sshd[17729]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=96.57.82.166 Oct 1 13:30:25 rocket sshd[17729]: Failed password for invalid user hbase from 96.57.82.166 port 61759 ssh2 Oct 1 13:31:50 rocket sshd[17851]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=96.57.82.166 ...	2020-10-01 21:17:19
141.98.9.33	attackspambots	Oct 1 15:19:25 sshgateway sshd\[14823\]: Invalid user admin from 141.98.9.33 Oct 1 15:19:25 sshgateway sshd\[14823\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.98.9.33 Oct 1 15:19:27 sshgateway sshd\[14823\]: Failed password for invalid user admin from 141.98.9.33 port 41119 ssh2	2020-10-01 21:26:15
190.244.125.190	attackbots	Sep 30 22:33:29 server770 sshd[17896]: Did not receive identification string from 190.244.125.190 port 55657 Sep 30 22:33:55 server770 sshd[17901]: Invalid user user from 190.244.125.190 port 55974 Sep 30 22:33:56 server770 sshd[17901]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.244.125.190 Sep 30 22:33:57 server770 sshd[17901]: Failed password for invalid user user from 190.244.125.190 port 55974 ssh2 Sep 30 22:33:58 server770 sshd[17901]: Connection closed by 190.244.125.190 port 55974 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=190.244.125.190	2020-10-01 21:24:46
167.71.196.176	attack	Oct 1 13:38:23 mout sshd[15908]: Invalid user test2 from 167.71.196.176 port 34030	2020-10-01 21:17:36
106.75.7.217	attackspam	Oct 1 16:25:25 www4 sshd\[31743\]: Invalid user git from 106.75.7.217 Oct 1 16:25:25 www4 sshd\[31743\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.7.217 Oct 1 16:25:26 www4 sshd\[31743\]: Failed password for invalid user git from 106.75.7.217 port 35684 ssh2 ...	2020-10-01 21:32:40
49.232.8.218	attack	Invalid user sshuser from 49.232.8.218 port 54574	2020-10-01 21:42:43
139.155.226.188	attackbots	Oct 1 15:37:49 server sshd[22762]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.226.188 Oct 1 15:37:51 server sshd[22762]: Failed password for invalid user mmx from 139.155.226.188 port 36540 ssh2 Oct 1 15:51:11 server sshd[23652]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.226.188 user=root Oct 1 15:51:13 server sshd[23652]: Failed password for invalid user root from 139.155.226.188 port 41544 ssh2	2020-10-01 21:51:50
111.229.45.26	attackbots	20 attempts against mh-ssh on star	2020-10-01 21:36:32
79.137.72.121	attackspam	Oct 1 13:16:10 email sshd\[21216\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.137.72.121 user=root Oct 1 13:16:11 email sshd\[21216\]: Failed password for root from 79.137.72.121 port 37406 ssh2 Oct 1 13:19:55 email sshd\[21879\]: Invalid user VM from 79.137.72.121 Oct 1 13:19:55 email sshd\[21879\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.137.72.121 Oct 1 13:19:56 email sshd\[21879\]: Failed password for invalid user VM from 79.137.72.121 port 44792 ssh2 ...	2020-10-01 21:42:22
51.178.87.50	attackspam	SSH login attempts.	2020-10-01 21:31:12
20.191.88.144	attack	Oct 1 16:07:00 dignus sshd[26558]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=20.191.88.144 user=root Oct 1 16:07:02 dignus sshd[26558]: Failed password for root from 20.191.88.144 port 47530 ssh2 Oct 1 16:11:43 dignus sshd[27005]: Invalid user xxx from 20.191.88.144 port 58040 Oct 1 16:11:43 dignus sshd[27005]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=20.191.88.144 Oct 1 16:11:45 dignus sshd[27005]: Failed password for invalid user xxx from 20.191.88.144 port 58040 ssh2 ...	2020-10-01 21:25:06
167.71.104.1	attackspam	167.71.104.1 - - [01/Oct/2020:00:36:30 +0200] "GET /wp-login.php HTTP/1.1" 200 9061 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 167.71.104.1 - - [01/Oct/2020:00:36:31 +0200] "POST /wp-login.php HTTP/1.1" 200 9378 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 167.71.104.1 - - [01/Oct/2020:00:36:33 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-10-01 21:22:28

Recently Reported IPs

27.221.179.2	249.63.20.34	249.101.240.190	213.60.97.210
26.109.135.118	168.56.84.250	49.28.202.223	117.25.100.11
88.109.56.74	26.77.243.48	104.223.143.39	58.7.254.73
116.79.91.191	167.50.126.196	212.178.31.167	177.183.124.155
2.181.78.138	115.254.214.150	216.220.32.183	109.9.249.119