104.144.213.106

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: B2 Net Solutions Inc.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Port Scan: TCP/443	2020-09-29 04:57:51
attackbots	Port Scan: TCP/443	2020-09-28 21:16:19
attack	Port Scan: TCP/443	2020-09-28 13:22:13

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.144.213.106
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3324
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.144.213.106.		IN	A

;; AUTHORITY SECTION:
.			181	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020092701 1800 900 604800 86400

;; Query time: 109 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Sep 28 13:22:09 CST 2020
;; MSG SIZE  rcvd: 119

Host info

106.213.144.104.in-addr.arpa domain name pointer uortqxllfw.biventradistrict.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
106.213.144.104.in-addr.arpa	name = uortqxllfw.biventradistrict.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
140.143.53.145	attack	Sep 9 00:36:21 ny01 sshd[32372]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.53.145 Sep 9 00:36:23 ny01 sshd[32372]: Failed password for invalid user jenkins from 140.143.53.145 port 33555 ssh2 Sep 9 00:41:23 ny01 sshd[881]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.53.145	2019-09-09 12:56:44
133.167.106.31	attackspambots	Sep 8 17:53:28 hanapaa sshd\[8172\]: Invalid user 1 from 133.167.106.31 Sep 8 17:53:28 hanapaa sshd\[8172\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=os3-383-24527.vs.sakura.ne.jp Sep 8 17:53:30 hanapaa sshd\[8172\]: Failed password for invalid user 1 from 133.167.106.31 port 54010 ssh2 Sep 8 17:58:03 hanapaa sshd\[8539\]: Invalid user daniel from 133.167.106.31 Sep 8 17:58:03 hanapaa sshd\[8539\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=os3-383-24527.vs.sakura.ne.jp	2019-09-09 12:35:57
172.81.240.1	attackbotsspam	Sep 9 08:33:27 microserver sshd[62011]: Invalid user minecraft from 172.81.240.1 port 51324 Sep 9 08:33:27 microserver sshd[62011]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.81.240.1 Sep 9 08:33:29 microserver sshd[62011]: Failed password for invalid user minecraft from 172.81.240.1 port 51324 ssh2 Sep 9 08:41:18 microserver sshd[63203]: Invalid user user from 172.81.240.1 port 45626 Sep 9 08:41:18 microserver sshd[63203]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.81.240.1 Sep 9 08:53:26 microserver sshd[64717]: Invalid user safeuser from 172.81.240.1 port 57392 Sep 9 08:53:26 microserver sshd[64717]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.81.240.1 Sep 9 08:53:28 microserver sshd[64717]: Failed password for invalid user safeuser from 172.81.240.1 port 57392 ssh2 Sep 9 08:58:21 microserver sshd[65361]: Invalid user radio from 172.81.240.1 port 49158 S	2019-09-09 13:00:55
201.151.239.34	attackspambots	Sep 8 18:52:52 php1 sshd\[31052\]: Invalid user webcam from 201.151.239.34 Sep 8 18:52:52 php1 sshd\[31052\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.151.239.34 Sep 8 18:52:54 php1 sshd\[31052\]: Failed password for invalid user webcam from 201.151.239.34 port 54494 ssh2 Sep 8 18:58:49 php1 sshd\[31625\]: Invalid user sdtdserver from 201.151.239.34 Sep 8 18:58:49 php1 sshd\[31625\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.151.239.34	2019-09-09 13:09:30
49.88.112.85	attackbotsspam	09/09/2019-00:26:05.526777 49.88.112.85 Protocol: 6 ET SCAN Potential SSH Scan	2019-09-09 12:36:57
177.103.254.24	attack	Sep 9 04:55:47 hcbbdb sshd\[8999\]: Invalid user zabbix from 177.103.254.24 Sep 9 04:55:47 hcbbdb sshd\[8999\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.103.254.24 Sep 9 04:55:49 hcbbdb sshd\[8999\]: Failed password for invalid user zabbix from 177.103.254.24 port 37822 ssh2 Sep 9 05:03:14 hcbbdb sshd\[9851\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.103.254.24 user=root Sep 9 05:03:17 hcbbdb sshd\[9851\]: Failed password for root from 177.103.254.24 port 41408 ssh2	2019-09-09 13:06:36
51.38.98.228	attackspambots	Sep 9 06:32:56 SilenceServices sshd[5763]: Failed password for git from 51.38.98.228 port 38542 ssh2 Sep 9 06:41:19 SilenceServices sshd[9141]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.98.228 Sep 9 06:41:20 SilenceServices sshd[9141]: Failed password for invalid user ubuntu from 51.38.98.228 port 44160 ssh2	2019-09-09 12:59:24
162.144.42.147	attack	WordPress wp-login brute force :: 162.144.42.147 0.060 BYPASS [09/Sep/2019:12:41:27 1000] [censored_2] "POST /wp-login.php HTTP/1.1" 200 4630 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-09-09 12:31:22
51.68.46.156	attackspam	Sep 9 06:36:04 SilenceServices sshd[6989]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.46.156 Sep 9 06:36:06 SilenceServices sshd[6989]: Failed password for invalid user deploy123 from 51.68.46.156 port 40150 ssh2 Sep 9 06:41:32 SilenceServices sshd[9228]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.46.156	2019-09-09 12:46:22
210.56.28.219	attackspambots	Sep 9 03:47:29 MK-Soft-Root2 sshd\[22048\]: Invalid user guest from 210.56.28.219 port 57010 Sep 9 03:47:29 MK-Soft-Root2 sshd\[22048\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.56.28.219 Sep 9 03:47:30 MK-Soft-Root2 sshd\[22048\]: Failed password for invalid user guest from 210.56.28.219 port 57010 ssh2 ...	2019-09-09 12:21:22
106.13.54.207	attackbotsspam	Sep 9 05:39:24 nextcloud sshd\[16611\]: Invalid user user from 106.13.54.207 Sep 9 05:39:24 nextcloud sshd\[16611\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.54.207 Sep 9 05:39:25 nextcloud sshd\[16611\]: Failed password for invalid user user from 106.13.54.207 port 36682 ssh2 ...	2019-09-09 12:32:03
71.6.233.232	attack	firewall-block, port(s): 50880/tcp	2019-09-09 12:41:01
213.6.16.226	attackspambots	Sep 9 05:17:05 mail sshd\[10852\]: Failed password for invalid user hadoop from 213.6.16.226 port 32923 ssh2 Sep 9 05:17:27 mail sshd\[10942\]: Invalid user hadoop from 213.6.16.226 port 38423 Sep 9 05:17:27 mail sshd\[10942\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.6.16.226 Sep 9 05:17:28 mail sshd\[10942\]: Failed password for invalid user hadoop from 213.6.16.226 port 38423 ssh2 Sep 9 05:17:51 mail sshd\[11040\]: Invalid user hadoop from 213.6.16.226 port 43923	2019-09-09 12:18:32
114.234.126.161	attack	Unauthorised access (Sep 8) SRC=114.234.126.161 LEN=40 TOS=0x10 PREC=0x40 TTL=49 ID=48780 TCP DPT=8080 WINDOW=34982 SYN	2019-09-09 12:25:04
188.134.88.32	attackbotsspam	port scan/probe/communication attempt	2019-09-09 12:19:30

Recently Reported IPs

138.128.216.164	121.98.84.232	113.111.63.218	154.83.15.154
122.51.68.7	193.30.244.7	84.208.227.60	181.228.12.155
103.45.70.58	121.196.9.87	222.90.79.50	212.56.152.151
138.19.116.86	167.71.237.73	172.48.3.96	106.29.89.93
78.188.133.242	251.17.82.2	226.11.162.157	238.78.56.24