104.160.175.138

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: SharkTech

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Corona spam From: "Konrad Meister" Received: from ethanallen.com (unknown [104.160.175.138])	2020-04-23 22:43:22

Comments on same subnet:

IP	Type	Details	Datetime
104.160.175.130	attack	Brute forcing RDP port 3389	2020-07-01 23:17:20
104.160.175.171	attack	May 16 22:35:36 ns382633 sshd\[16766\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.160.175.171 user=root May 16 22:35:37 ns382633 sshd\[16766\]: Failed password for root from 104.160.175.171 port 50468 ssh2 May 16 22:35:39 ns382633 sshd\[16768\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.160.175.171 user=root May 16 22:35:41 ns382633 sshd\[16768\]: Failed password for root from 104.160.175.171 port 50672 ssh2 May 16 22:35:42 ns382633 sshd\[16770\]: Invalid user pi from 104.160.175.171 port 50898 May 16 22:35:42 ns382633 sshd\[16770\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.160.175.171	2020-05-17 06:18:43

Type

Details

Datetime

104.160.175.130

attack

Brute forcing RDP port 3389

2020-07-01 23:17:20

104.160.175.171

attack

May 16 22:35:36 ns382633 sshd\[16766\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.160.175.171  user=root
May 16 22:35:37 ns382633 sshd\[16766\]: Failed password for root from 104.160.175.171 port 50468 ssh2
May 16 22:35:39 ns382633 sshd\[16768\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.160.175.171  user=root
May 16 22:35:41 ns382633 sshd\[16768\]: Failed password for root from 104.160.175.171 port 50672 ssh2
May 16 22:35:42 ns382633 sshd\[16770\]: Invalid user pi from 104.160.175.171 port 50898
May 16 22:35:42 ns382633 sshd\[16770\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.160.175.171

2020-05-17 06:18:43

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.160.175.138
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 50507
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.160.175.138.		IN	A

;; AUTHORITY SECTION:
.			577	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020042300 1800 900 604800 86400

;; Query time: 112 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Apr 23 22:43:14 CST 2020
;; MSG SIZE  rcvd: 119

Host info

138.175.160.104.in-addr.arpa domain name pointer nice8.presister.com.ar.

Nslookup info:

Server:		100.100.2.138
Address:	100.100.2.138#53

Non-authoritative answer:
138.175.160.104.IN-ADDR.ARPA	name = nice8.presister.com.ar.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
117.251.4.232	attackspambots	Honeypot attack, port: 445, PTR: PTR record not found	2020-01-12 06:22:30
77.30.3.194	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-01-12 06:07:35
179.222.89.169	attackspam	port scan and connect, tcp 23 (telnet)	2020-01-12 06:21:49
114.89.144.85	attackspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-01-12 06:21:15
185.176.27.122	attackbotsspam	01/11/2020-22:55:35.164053 185.176.27.122 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-01-12 06:00:34
112.85.42.188	attackspam	01/11/2020-17:12:06.797150 112.85.42.188 Protocol: 6 ET SCAN Potential SSH Scan	2020-01-12 06:14:32
120.71.145.189	attackbots	Jan 11 22:55:10 srv-ubuntu-dev3 sshd[51163]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.71.145.189 user=root Jan 11 22:55:11 srv-ubuntu-dev3 sshd[51163]: Failed password for root from 120.71.145.189 port 52651 ssh2 Jan 11 22:57:47 srv-ubuntu-dev3 sshd[51361]: Invalid user tss from 120.71.145.189 Jan 11 22:57:47 srv-ubuntu-dev3 sshd[51361]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.71.145.189 Jan 11 22:57:47 srv-ubuntu-dev3 sshd[51361]: Invalid user tss from 120.71.145.189 Jan 11 22:57:49 srv-ubuntu-dev3 sshd[51361]: Failed password for invalid user tss from 120.71.145.189 port 34940 ssh2 Jan 11 23:03:45 srv-ubuntu-dev3 sshd[51839]: Invalid user dareen from 120.71.145.189 Jan 11 23:03:45 srv-ubuntu-dev3 sshd[51839]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.71.145.189 Jan 11 23:03:45 srv-ubuntu-dev3 sshd[51839]: Invalid user dareen from 12 ...	2020-01-12 06:06:40
177.155.36.105	attack	Automatic report - Port Scan Attack	2020-01-12 06:25:22
222.186.175.202	attack	Jan 11 23:06:26 MK-Soft-VM4 sshd[26277]: Failed password for root from 222.186.175.202 port 4436 ssh2 Jan 11 23:06:30 MK-Soft-VM4 sshd[26277]: Failed password for root from 222.186.175.202 port 4436 ssh2 ...	2020-01-12 06:10:44
106.13.137.67	attackspambots	Jan 11 14:45:03 server sshd\[20150\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.137.67 user=root Jan 11 14:45:05 server sshd\[20150\]: Failed password for root from 106.13.137.67 port 41544 ssh2 Jan 12 00:07:10 server sshd\[476\]: Invalid user giaou from 106.13.137.67 Jan 12 00:07:10 server sshd\[476\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.137.67 Jan 12 00:07:11 server sshd\[476\]: Failed password for invalid user giaou from 106.13.137.67 port 40390 ssh2 ...	2020-01-12 06:25:39
204.12.197.234	attackbots	20 attempts against mh-misbehave-ban on milky.magehost.pro	2020-01-12 06:14:53
222.186.175.216	attackbots	Jan 12 03:21:46 areeb-Workstation sshd[27304]: Failed password for root from 222.186.175.216 port 30184 ssh2 Jan 12 03:21:50 areeb-Workstation sshd[27304]: Failed password for root from 222.186.175.216 port 30184 ssh2 ...	2020-01-12 05:54:43
89.19.241.97	attackbots	Lines containing failures of 89.19.241.97 Jan 7 11:01:35 web02 sshd[26815]: Invalid user jan from 89.19.241.97 port 46019 Jan 7 11:01:35 web02 sshd[26815]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.19.241.97 Jan 7 11:01:37 web02 sshd[26815]: Failed password for invalid user jan from 89.19.241.97 port 46019 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=89.19.241.97	2020-01-12 06:02:15
167.114.185.237	attack	Jan 11 21:07:14 localhost sshd\[6127\]: Invalid user minecraft from 167.114.185.237 port 55536 Jan 11 21:07:14 localhost sshd\[6127\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.114.185.237 Jan 11 21:07:16 localhost sshd\[6127\]: Failed password for invalid user minecraft from 167.114.185.237 port 55536 ssh2 ...	2020-01-12 06:22:08
85.26.232.125	attackbotsspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-01-12 05:59:59

Recently Reported IPs

115.20.43.153	232.86.52.122	58.187.66.131	200.105.74.140
195.231.6.230	95.244.163.39	87.239.50.205	42.115.4.38
14.191.193.211	146.37.59.182	139.189.252.91	250.60.180.92
101.51.74.53	28.196.178.124	197.245.35.105	14.171.74.105
113.184.153.106	86.57.158.226	118.172.190.31	193.118.52.42