104.168.145.196

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
spambots	spam	2019-09-10 14:37:51

Comments on same subnet:

IP	Type	Details	Datetime
104.168.145.99	attackspam	$f2bV_matches	2020-05-26 05:07:13
104.168.145.77	attack	Invalid user elliza from 104.168.145.77 port 57088	2019-12-26 14:28:20
104.168.145.77	attackbots	Dec 24 15:29:42 unicornsoft sshd\[14325\]: User root from 104.168.145.77 not allowed because not listed in AllowUsers Dec 24 15:29:43 unicornsoft sshd\[14325\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.168.145.77 user=root Dec 24 15:29:45 unicornsoft sshd\[14325\]: Failed password for invalid user root from 104.168.145.77 port 57820 ssh2	2019-12-25 05:03:54
104.168.145.77	attackspambots	Dec 23 16:52:22 eventyay sshd[4413]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.168.145.77 Dec 23 16:52:24 eventyay sshd[4413]: Failed password for invalid user yuai from 104.168.145.77 port 33522 ssh2 Dec 23 16:58:46 eventyay sshd[4602]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.168.145.77 ...	2019-12-24 00:50:31
104.168.145.77	attackbotsspam	Dec 21 17:47:30 game-panel sshd[1850]: Failed password for uucp from 104.168.145.77 port 41272 ssh2 Dec 21 17:56:16 game-panel sshd[2277]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.168.145.77 Dec 21 17:56:18 game-panel sshd[2277]: Failed password for invalid user stribley from 104.168.145.77 port 46134 ssh2	2019-12-22 02:17:37
104.168.145.77	attackbots	Triggered by Fail2Ban at Vostok web server	2019-12-21 06:05:40
104.168.145.77	attackspam	$f2bV_matches	2019-12-18 03:29:48
104.168.145.77	attack	Dec 10 15:38:46 hcbbdb sshd\[10011\]: Invalid user jitendra from 104.168.145.77 Dec 10 15:38:46 hcbbdb sshd\[10011\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.168.145.77 Dec 10 15:38:48 hcbbdb sshd\[10011\]: Failed password for invalid user jitendra from 104.168.145.77 port 37410 ssh2 Dec 10 15:47:59 hcbbdb sshd\[11209\]: Invalid user niquette from 104.168.145.77 Dec 10 15:47:59 hcbbdb sshd\[11209\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.168.145.77	2019-12-11 00:09:12
104.168.145.77	attack	Dec 9 01:40:42 jane sshd[14508]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.168.145.77 Dec 9 01:40:44 jane sshd[14508]: Failed password for invalid user dtrmp4 from 104.168.145.77 port 46688 ssh2 ...	2019-12-09 08:49:14
104.168.145.77	attackspambots	Nov 26 13:04:09 sachi sshd\[23879\]: Invalid user password from 104.168.145.77 Nov 26 13:04:09 sachi sshd\[23879\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.168.145.77 Nov 26 13:04:11 sachi sshd\[23879\]: Failed password for invalid user password from 104.168.145.77 port 44058 ssh2 Nov 26 13:09:55 sachi sshd\[24433\]: Invalid user shi from 104.168.145.77 Nov 26 13:09:55 sachi sshd\[24433\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.168.145.77	2019-11-27 09:47:26
104.168.145.77	attack	Nov 25 05:31:04 cloud sshd[28575]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.168.145.77 user=r.r Nov 25 05:31:06 cloud sshd[28575]: Failed password for r.r from 104.168.145.77 port 41100 ssh2 Nov 25 05:37:55 cloud sshd[28877]: Invalid user bosc from 104.168.145.77 port 49590 Nov 25 05:37:55 cloud sshd[28877]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.168.145.77 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=104.168.145.77	2019-11-26 15:22:37
104.168.145.77	attackspam	Nov 24 13:27:44 auw2 sshd\[31869\]: Invalid user danni from 104.168.145.77 Nov 24 13:27:44 auw2 sshd\[31869\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.168.145.77 Nov 24 13:27:46 auw2 sshd\[31869\]: Failed password for invalid user danni from 104.168.145.77 port 57364 ssh2 Nov 24 13:35:15 auw2 sshd\[32464\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.168.145.77 user=daemon Nov 24 13:35:17 auw2 sshd\[32464\]: Failed password for daemon from 104.168.145.77 port 36966 ssh2	2019-11-25 07:43:34
104.168.145.77	attackbotsspam	2019-11-24T09:48:24.897224ns547587 sshd\[5481\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.168.145.77 user=root 2019-11-24T09:48:27.406742ns547587 sshd\[5481\]: Failed password for root from 104.168.145.77 port 43978 ssh2 2019-11-24T09:55:28.449605ns547587 sshd\[8231\]: Invalid user rosiah from 104.168.145.77 port 52378 2019-11-24T09:55:28.455391ns547587 sshd\[8231\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.168.145.77 ...	2019-11-25 00:04:45
104.168.145.77	attackbots	Nov 3 16:55:32 vps691689 sshd[6525]: Failed password for root from 104.168.145.77 port 41790 ssh2 Nov 3 17:01:07 vps691689 sshd[6593]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.168.145.77 ...	2019-11-04 00:17:46
104.168.145.77	attackspambots	Oct 25 17:04:18 plusreed sshd[7756]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.168.145.77 user=root Oct 25 17:04:20 plusreed sshd[7756]: Failed password for root from 104.168.145.77 port 49328 ssh2 ...	2019-10-26 05:10:24

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.168.145.196
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 8118
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.168.145.196.		IN	A

;; AUTHORITY SECTION:
.			258	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019091000 1800 900 604800 86400

;; Query time: 335 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Sep 10 14:37:44 CST 2019
;; MSG SIZE  rcvd: 119

Host info

196.145.168.104.in-addr.arpa domain name pointer hwvps138120.hostwindsdns.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
196.145.168.104.in-addr.arpa	name = hwvps138120.hostwindsdns.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
173.82.177.18	attackspam	Unauthorized connection attempt detected from IP address 173.82.177.18 to port 2220 [J]	2020-01-25 23:08:10
222.186.173.226	attack	Jan 25 15:57:55 legacy sshd[11370]: Failed password for root from 222.186.173.226 port 33136 ssh2 Jan 25 15:58:10 legacy sshd[11370]: error: maximum authentication attempts exceeded for root from 222.186.173.226 port 33136 ssh2 [preauth] Jan 25 15:58:16 legacy sshd[11374]: Failed password for root from 222.186.173.226 port 17846 ssh2 ...	2020-01-25 23:03:35
122.51.91.157	attack	Jan 25 14:37:48 hcbbdb sshd\[15702\]: Invalid user GED from 122.51.91.157 Jan 25 14:37:48 hcbbdb sshd\[15702\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.91.157 Jan 25 14:37:50 hcbbdb sshd\[15702\]: Failed password for invalid user GED from 122.51.91.157 port 39276 ssh2 Jan 25 14:41:35 hcbbdb sshd\[16177\]: Invalid user u from 122.51.91.157 Jan 25 14:41:35 hcbbdb sshd\[16177\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.91.157	2020-01-25 23:05:38
45.143.220.166	attackspambots	[2020-01-25 09:36:11] NOTICE[1148][C-0000264d] chan_sip.c: Call from '' (45.143.220.166:54158) to extension '901146812111747' rejected because extension not found in context 'public'. [2020-01-25 09:36:11] SECURITY[1163] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-01-25T09:36:11.051-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="901146812111747",SessionID="0x7fd82c3e18a8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.143.220.166/54158",ACLName="no_extension_match" [2020-01-25 09:36:12] NOTICE[1148][C-0000264e] chan_sip.c: Call from '' (45.143.220.166:60657) to extension '011441519470639' rejected because extension not found in context 'public'. [2020-01-25 09:36:12] SECURITY[1163] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-01-25T09:36:12.475-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="011441519470639",SessionID="0x7fd82c1014f8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/U ...	2020-01-25 22:44:16
218.62.120.187	attackspam	port scan and connect, tcp 1433 (ms-sql-s)	2020-01-25 22:51:28
45.164.160.17	attackbots	Brute forcing RDP port 3389	2020-01-25 22:43:58
45.43.236.214	attackspam	Brute forcing email accounts	2020-01-25 22:56:15
148.245.112.122	attack	Honeypot attack, port: 445, PTR: na-148-245-112-122.static.avantel.net.mx.	2020-01-25 22:59:05
223.206.250.45	attack	Honeypot attack, port: 445, PTR: mx-ll-223.206.250-45.dynamic.3bb.co.th.	2020-01-25 23:13:59
217.128.22.13	attackspam	Unauthorized connection attempt detected from IP address 217.128.22.13 to port 2220 [J]	2020-01-25 22:53:45
187.122.211.38	attack	Honeypot attack, port: 81, PTR: bb7ad326.virtua.com.br.	2020-01-25 22:38:47
49.51.9.204	attack	Unauthorized connection attempt detected from IP address 49.51.9.204 to port 8883 [J]	2020-01-25 23:11:37
175.212.180.131	attack	Unauthorized connection attempt detected from IP address 175.212.180.131 to port 81 [J]	2020-01-25 23:07:25
115.144.43.182	attackspambots	Honeypot attack, port: 5555, PTR: PTR record not found	2020-01-25 23:10:20
49.233.142.11	attackspambots	Jan 25 15:33:23 ns381471 sshd[26277]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.142.11 Jan 25 15:33:24 ns381471 sshd[26277]: Failed password for invalid user natasa from 49.233.142.11 port 38396 ssh2	2020-01-25 22:38:10

Recently Reported IPs

112.7.211.4	8.35.207.138	221.244.126.250	159.203.199.89
193.9.15.188	113.80.86.2	144.202.43.212	116.199.9.238
180.127.79.248	54.141.37.201	93.250.64.171	120.196.180.168
58.54.176.94	182.78.73.178	69.216.76.152	91.121.226.109
142.44.184.205	89.139.162.98	62.90.164.177	112.223.180.164