104.168.243.66

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.168.243.221	spam	Spammer using interterkgroup.org. [104.168.243.221] Blacklisted in https://multirbl.valli.org/lookup/104.168.243.221.html, https://cleantalk.org/blacklists/104.168.243.221#anc131368, https://www.liveipmap.com/104.168.243.221?lang=en_us	2022-09-21 02:15:19
104.168.243.105	attackbots	Apr 24 13:10:50 ip-172-31-61-156 sshd[628]: Invalid user ftpnew from 104.168.243.105 Apr 24 13:10:50 ip-172-31-61-156 sshd[628]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.168.243.105 Apr 24 13:10:50 ip-172-31-61-156 sshd[628]: Invalid user ftpnew from 104.168.243.105 Apr 24 13:10:52 ip-172-31-61-156 sshd[628]: Failed password for invalid user ftpnew from 104.168.243.105 port 58992 ssh2 Apr 24 13:14:51 ip-172-31-61-156 sshd[811]: Invalid user oradata from 104.168.243.105 ...	2020-04-24 22:18:11
104.168.243.113	attack	Mar 26 04:54:43 debian-2gb-nbg1-2 kernel: \[7453960.080440\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=104.168.243.113 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=237 ID=54321 PROTO=TCP SPT=46193 DPT=23 WINDOW=65535 RES=0x00 SYN URGP=0	2020-03-26 12:55:27
104.168.243.80	attack	Oct 22 08:35:18 mxgate1 postfix/postscreen[29065]: CONNECT from [104.168.243.80]:45310 to [176.31.12.44]:25 Oct 22 08:35:18 mxgate1 postfix/dnsblog[29066]: addr 104.168.243.80 listed by domain b.barracudacentral.org as 127.0.0.2 Oct 22 08:35:24 mxgate1 postfix/postscreen[30288]: PASS NEW [104.168.243.80]:45310 Oct 22 08:35:27 mxgate1 postfix/smtpd[30333]: connect from slot0.violetpisces.com[104.168.243.80] Oct x@x Oct 22 08:35:28 mxgate1 postfix/smtpd[30333]: disconnect from slot0.violetpisces.com[104.168.243.80] ehlo=2 starttls=1 mail=1 rcpt=0/1 quhostname=1 commands=5/6 Oct 22 08:45:27 mxgate1 postfix/anvil[30340]: statistics: max connection rate 1/60s for (smtpd:104.168.243.80) at Oct 22 08:35:27 Oct 22 08:45:27 mxgate1 postfix/anvil[30340]: statistics: max connection count 1 for (smtpd:104.168.243.80) at Oct 22 08:35:27 Oct 22 08:45:27 mxgate1 postfix/anvil[30340]: statistics: max message rate 1/60s for (smtpd:104.168.243.80) at Oct 22 08:35:28 Oct 22 09:05:29 mxgat........ -------------------------------	2019-10-24 18:34:50
104.168.243.214	attackspam	2019-07-28T01:13:22.053931abusebot-2.cloudsearch.cf sshd\[25337\]: Invalid user p0\$12 from 104.168.243.214 port 56212	2019-07-28 11:51:40
104.168.243.214	attackspam	Jul 26 15:38:06 meumeu sshd[3721]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.168.243.214 Jul 26 15:38:08 meumeu sshd[3721]: Failed password for invalid user 3 from 104.168.243.214 port 55742 ssh2 Jul 26 15:45:58 meumeu sshd[5079]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.168.243.214 ...	2019-07-26 21:50:45

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.168.243.66
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 15355
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.168.243.66.			IN	A

;; AUTHORITY SECTION:
.			427	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022040201 1800 900 604800 86400

;; Query time: 58 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Apr 03 05:16:14 CST 2022
;; MSG SIZE  rcvd: 107

Host info

66.243.168.104.in-addr.arpa domain name pointer hwsrv-642592.hostwindsdns.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
66.243.168.104.in-addr.arpa	name = hwsrv-642592.hostwindsdns.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
125.16.97.246	attackbotsspam	Dec 20 00:48:33 hcbbdb sshd\[15162\]: Invalid user pass1234678 from 125.16.97.246 Dec 20 00:48:33 hcbbdb sshd\[15162\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.16.97.246 Dec 20 00:48:35 hcbbdb sshd\[15162\]: Failed password for invalid user pass1234678 from 125.16.97.246 port 33386 ssh2 Dec 20 00:54:44 hcbbdb sshd\[15845\]: Invalid user zoran from 125.16.97.246 Dec 20 00:54:44 hcbbdb sshd\[15845\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.16.97.246	2019-12-20 09:01:44
125.160.17.32	attackspam	Bruteforce on SSH Honeypot	2019-12-20 13:35:08
107.13.186.21	attackbots	2019-12-20T04:50:31.718082hub.schaetter.us sshd\[20092\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.13.186.21 user=root 2019-12-20T04:50:33.751173hub.schaetter.us sshd\[20092\]: Failed password for root from 107.13.186.21 port 37878 ssh2 2019-12-20T04:56:48.675488hub.schaetter.us sshd\[20145\]: Invalid user rpm from 107.13.186.21 port 55070 2019-12-20T04:56:48.685976hub.schaetter.us sshd\[20145\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.13.186.21 2019-12-20T04:56:50.473331hub.schaetter.us sshd\[20145\]: Failed password for invalid user rpm from 107.13.186.21 port 55070 ssh2 ...	2019-12-20 13:07:28
187.141.128.42	attackspambots	Dec 20 01:48:10 loxhost sshd\[6028\]: Invalid user kimmerle from 187.141.128.42 port 38628 Dec 20 01:48:10 loxhost sshd\[6028\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.141.128.42 Dec 20 01:48:12 loxhost sshd\[6028\]: Failed password for invalid user kimmerle from 187.141.128.42 port 38628 ssh2 Dec 20 01:53:48 loxhost sshd\[6268\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.141.128.42 user=root Dec 20 01:53:50 loxhost sshd\[6268\]: Failed password for root from 187.141.128.42 port 34330 ssh2 ...	2019-12-20 09:02:31
164.52.24.181	attackspambots	Unauthorized connection attempt detected from IP address 164.52.24.181 to port 4433	2019-12-20 09:03:13
128.90.84.117	attack	IDS	2019-12-20 13:20:20
103.3.59.154	attackspam	1576817775 - 12/20/2019 05:56:15 Host: 103.3.59.154/103.3.59.154 Port: 445 TCP Blocked	2019-12-20 13:35:42
46.166.151.47	attackbotsspam	\[2019-12-19 23:54:55\] SECURITY\[2857\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-12-19T23:54:55.605-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="10046812400530",SessionID="0x7f0fb49cc118",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/46.166.151.47/63529",ACLName="no_extension_match" \[2019-12-19 23:56:18\] SECURITY\[2857\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-12-19T23:56:18.845-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="10046462607501",SessionID="0x7f0fb49cc118",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/46.166.151.47/64851",ACLName="no_extension_match" \[2019-12-19 23:56:46\] SECURITY\[2857\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-12-19T23:56:46.772-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="10046192777617",SessionID="0x7f0fb4a47618",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/46.166.151.47/50621",ACLName="no_extens	2019-12-20 13:08:10
123.25.83.155	attackbots	Unauthorized connection attempt detected from IP address 123.25.83.155 to port 445	2019-12-20 13:24:34
36.82.97.230	attackbots	1576817816 - 12/20/2019 05:56:56 Host: 36.82.97.230/36.82.97.230 Port: 445 TCP Blocked	2019-12-20 13:02:01
142.112.115.160	attack	Dec 20 00:19:59 TORMINT sshd\[23818\]: Invalid user wojianipy from 142.112.115.160 Dec 20 00:19:59 TORMINT sshd\[23818\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.112.115.160 Dec 20 00:20:01 TORMINT sshd\[23818\]: Failed password for invalid user wojianipy from 142.112.115.160 port 52272 ssh2 ...	2019-12-20 13:22:54
83.103.98.211	attackspam	Dec 19 14:46:04 hpm sshd\[24281\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=83-103-98-211.ip.fastwebnet.it user=www-data Dec 19 14:46:07 hpm sshd\[24281\]: Failed password for www-data from 83.103.98.211 port 55050 ssh2 Dec 19 14:51:45 hpm sshd\[24803\]: Invalid user admin from 83.103.98.211 Dec 19 14:51:45 hpm sshd\[24803\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=83-103-98-211.ip.fastwebnet.it Dec 19 14:51:47 hpm sshd\[24803\]: Failed password for invalid user admin from 83.103.98.211 port 50685 ssh2	2019-12-20 09:01:59
94.199.198.137	attackbotsspam	Dec 20 06:08:09 vps691689 sshd[22692]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.199.198.137 Dec 20 06:08:11 vps691689 sshd[22692]: Failed password for invalid user nfs from 94.199.198.137 port 38828 ssh2 Dec 20 06:13:17 vps691689 sshd[22844]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.199.198.137 ...	2019-12-20 13:17:34
66.94.126.62	attack	DATE:2019-12-19 23:33:31,IP:66.94.126.62,MATCHES:10,PORT:ssh	2019-12-20 08:59:40
184.64.13.67	attackspam	Dec 20 05:56:53 ns381471 sshd[22466]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=184.64.13.67 Dec 20 05:56:56 ns381471 sshd[22466]: Failed password for invalid user monson from 184.64.13.67 port 46006 ssh2	2019-12-20 13:00:24

Recently Reported IPs

104.168.172.156	104.168.254.58	104.168.46.79	104.168.5.225
104.18.20.58	104.18.202.219	104.18.202.229	104.18.203.85
104.18.204.48	104.18.204.85	104.18.21.58	104.18.223.34
104.18.223.49	104.18.224.49	104.18.226.99	104.18.227.99
104.18.231.51	104.18.232.51	104.18.234.76	104.18.24.62