104.168.44.80 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.168.44.234	attackbots	(sshd) Failed SSH login from 104.168.44.234 (US/United States/104-168-44-234-host.colocrossing.com): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 11 10:27:58 server sshd[8862]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.168.44.234 user=root Sep 11 10:28:00 server sshd[8862]: Failed password for root from 104.168.44.234 port 58941 ssh2 Sep 11 10:33:47 server sshd[10512]: Invalid user admin from 104.168.44.234 port 40915 Sep 11 10:33:49 server sshd[10512]: Failed password for invalid user admin from 104.168.44.234 port 40915 ssh2 Sep 11 10:38:06 server sshd[11726]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.168.44.234 user=root	2020-09-12 00:00:24
104.168.44.234	attackspam	Sep 9 14:06:52 rudra sshd[463388]: reveeclipse mapping checking getaddrinfo for 104-168-44-234-host.colocrossing.com [104.168.44.234] failed - POSSIBLE BREAK-IN ATTEMPT! Sep 9 14:06:52 rudra sshd[463388]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.168.44.234 user=r.r Sep 9 14:06:54 rudra sshd[463388]: Failed password for r.r from 104.168.44.234 port 50812 ssh2 Sep 9 14:06:54 rudra sshd[463388]: Received disconnect from 104.168.44.234: 11: Bye Bye [preauth] Sep 9 14:12:34 rudra sshd[464223]: reveeclipse mapping checking getaddrinfo for 104-168-44-234-host.colocrossing.com [104.168.44.234] failed - POSSIBLE BREAK-IN ATTEMPT! Sep 9 14:12:34 rudra sshd[464223]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.168.44.234 user=r.r Sep 9 14:12:37 rudra sshd[464223]: Failed password for r.r from 104.168.44.234 port 35947 ssh2 Sep 9 14:12:37 rudra sshd[464223]: Received disconne........ -------------------------------	2020-09-11 16:00:51
104.168.44.234	attackspambots	5x Failed Password	2020-09-11 08:12:37
104.168.44.234	attackbotsspam	Aug 26 19:14:18 vzhost sshd[17838]: reveeclipse mapping checking getaddrinfo for 104-168-44-234-host.colocrossing.com [104.168.44.234] failed - POSSIBLE BREAK-IN ATTEMPT! Aug 26 19:14:18 vzhost sshd[17838]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.168.44.234 user=r.r Aug 26 19:14:20 vzhost sshd[17838]: Failed password for r.r from 104.168.44.234 port 53638 ssh2 Aug 26 19:28:26 vzhost sshd[20952]: reveeclipse mapping checking getaddrinfo for 104-168-44-234-host.colocrossing.com [104.168.44.234] failed - POSSIBLE BREAK-IN ATTEMPT! Aug 26 19:28:26 vzhost sshd[20952]: Invalid user palash from 104.168.44.234 Aug 26 19:28:26 vzhost sshd[20952]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.168.44.234 Aug 26 19:28:28 vzhost sshd[20952]: Failed password for invalid user palash from 104.168.44.234 port 33171 ssh2 Aug 26 19:32:28 vzhost sshd[21845]: reveeclipse mapping checking geta........ -------------------------------	2020-08-27 07:58:19
104.168.44.142	attackbots	Flask-IPban - exploit URL requested:/TP/public/index.php	2020-06-14 05:40:42
104.168.44.158	attack	Port Scan detected from 104.168.44.158 (NL/Netherlands/North Holland/Amsterdam/104-168-44-158-host.colocrossing.com). 4 hits in the last 45 seconds	2020-04-30 15:50:42
104.168.44.166	attackbotsspam	Lines containing failures of 104.168.44.166 Apr 28 19:19:17 UTC__SANYALnet-Labs__cac12 sshd[9912]: Connection from 104.168.44.166 port 49337 on 64.137.176.96 port 22 Apr 28 19:19:17 UTC__SANYALnet-Labs__cac12 sshd[9912]: Did not receive identification string from 104.168.44.166 port 49337 Apr 28 19:19:21 UTC__SANYALnet-Labs__cac12 sshd[9913]: Connection from 104.168.44.166 port 52003 on 64.137.176.96 port 22 Apr 28 19:19:22 UTC__SANYALnet-Labs__cac12 sshd[9913]: Address 104.168.44.166 maps to 104-168-44-166-host.colocrossing.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Apr 28 19:19:22 UTC__SANYALnet-Labs__cac12 sshd[9913]: User r.r from 104.168.44.166 not allowed because not listed in AllowUsers Apr 28 19:19:22 UTC__SANYALnet-Labs__cac12 sshd[9913]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.168.44.166 user=r.r Apr 28 19:19:24 UTC__SANYALnet-Labs__cac12 sshd[9913]: Failed password for invali........ ------------------------------	2020-04-30 14:26:06
104.168.44.166	attackbotsspam	Lines containing failures of 104.168.44.166 Apr 28 19:19:17 UTC__SANYALnet-Labs__cac12 sshd[9912]: Connection from 104.168.44.166 port 49337 on 64.137.176.96 port 22 Apr 28 19:19:17 UTC__SANYALnet-Labs__cac12 sshd[9912]: Did not receive identification string from 104.168.44.166 port 49337 Apr 28 19:19:21 UTC__SANYALnet-Labs__cac12 sshd[9913]: Connection from 104.168.44.166 port 52003 on 64.137.176.96 port 22 Apr 28 19:19:22 UTC__SANYALnet-Labs__cac12 sshd[9913]: Address 104.168.44.166 maps to 104-168-44-166-host.colocrossing.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Apr 28 19:19:22 UTC__SANYALnet-Labs__cac12 sshd[9913]: User r.r from 104.168.44.166 not allowed because not listed in AllowUsers Apr 28 19:19:22 UTC__SANYALnet-Labs__cac12 sshd[9913]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.168.44.166 user=r.r Apr 28 19:19:24 UTC__SANYALnet-Labs__cac12 sshd[9913]: Failed password for invali........ ------------------------------	2020-04-30 04:08:35
104.168.44.143	attackspam	Dec 13 11:33:12 ny01 sshd[31066]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.168.44.143 Dec 13 11:33:14 ny01 sshd[31066]: Failed password for invalid user newsletter from 104.168.44.143 port 43130 ssh2 Dec 13 11:39:50 ny01 sshd[31739]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.168.44.143	2019-12-14 00:46:02
104.168.44.143	attackbotsspam	web-1 [ssh_2] SSH Attack	2019-12-11 23:38:51
104.168.44.143	attackbotsspam	Dec 10 01:53:55 hpm sshd\[17064\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.168.44.143 user=root Dec 10 01:53:58 hpm sshd\[17064\]: Failed password for root from 104.168.44.143 port 34136 ssh2 Dec 10 02:01:01 hpm sshd\[17755\]: Invalid user Administrator from 104.168.44.143 Dec 10 02:01:01 hpm sshd\[17755\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.168.44.143 Dec 10 02:01:03 hpm sshd\[17755\]: Failed password for invalid user Administrator from 104.168.44.143 port 54488 ssh2	2019-12-10 20:05:03

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.168.44.80
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 60832
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.168.44.80.			IN	A

;; AUTHORITY SECTION:
.			476	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022401 1800 900 604800 86400

;; Query time: 79 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 25 12:04:28 CST 2022
;; MSG SIZE  rcvd: 106

Host info

80.44.168.104.in-addr.arpa domain name pointer 104-168-44-80-host.colocrossing.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
80.44.168.104.in-addr.arpa	name = 104-168-44-80-host.colocrossing.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
106.12.13.20	attack	Sep 1 16:14:25 PorscheCustomer sshd[7326]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.13.20 Sep 1 16:14:27 PorscheCustomer sshd[7326]: Failed password for invalid user auto from 106.12.13.20 port 45454 ssh2 Sep 1 16:18:22 PorscheCustomer sshd[7376]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.13.20 ...	2020-09-01 22:18:28
106.246.92.234	attackspambots	2020-09-01T12:32:54.392523upcloud.m0sh1x2.com sshd[4136]: Invalid user samba from 106.246.92.234 port 57634	2020-09-01 22:11:56
109.116.41.238	attackbotsspam	Sep 1 16:19:09 abendstille sshd\[21923\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.116.41.238 user=root Sep 1 16:19:11 abendstille sshd\[21923\]: Failed password for root from 109.116.41.238 port 37870 ssh2 Sep 1 16:21:27 abendstille sshd\[23820\]: Invalid user ares from 109.116.41.238 Sep 1 16:21:27 abendstille sshd\[23820\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.116.41.238 Sep 1 16:21:30 abendstille sshd\[23820\]: Failed password for invalid user ares from 109.116.41.238 port 48742 ssh2 ...	2020-09-01 22:35:57
45.15.16.100	attackbots	Sep 1 13:33:37 cdc sshd[3348]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.15.16.100 user=root Sep 1 13:33:38 cdc sshd[3348]: Failed password for invalid user root from 45.15.16.100 port 17336 ssh2	2020-09-01 22:06:25
109.244.100.99	attackbots	sshd jail - ssh hack attempt	2020-09-01 22:08:50
88.250.12.76	attackspam	Portscan detected	2020-09-01 22:19:56
139.59.29.28	attackspam	Sep 1 16:33:27 jane sshd[4211]: Failed password for root from 139.59.29.28 port 38292 ssh2 ...	2020-09-01 23:15:20
178.205.253.205	attack	Port Scan ...	2020-09-01 22:34:41
67.205.135.127	attackbotsspam	2020-09-01T08:33:19.664736mail.thespaminator.com sshd[19101]: Invalid user magno from 67.205.135.127 port 50354 2020-09-01T08:33:21.929099mail.thespaminator.com sshd[19101]: Failed password for invalid user magno from 67.205.135.127 port 50354 ssh2 ...	2020-09-01 22:14:33
112.85.42.238	attackbots	Sep 1 16:14:28 nas sshd[25755]: Failed password for root from 112.85.42.238 port 37683 ssh2 Sep 1 16:14:30 nas sshd[25755]: Failed password for root from 112.85.42.238 port 37683 ssh2 Sep 1 16:14:32 nas sshd[25755]: Failed password for root from 112.85.42.238 port 37683 ssh2 ...	2020-09-01 22:21:11
222.186.173.142	attackspambots	Failed password for root from 222.186.173.142 port 49732 ssh2 Failed password for root from 222.186.173.142 port 49732 ssh2 Failed password for root from 222.186.173.142 port 49732 ssh2 Failed password for root from 222.186.173.142 port 49732 ssh2	2020-09-01 22:14:59
111.231.62.191	attack	Brute-force attempt banned	2020-09-01 22:22:46
35.232.241.208	attack	2020-09-01T15:58:53.774321+02:00 sshd[15779]: Failed password for invalid user status from 35.232.241.208 port 43286 ssh2	2020-09-01 22:10:24
36.89.213.100	attack	Sep 1 16:47:52 buvik sshd[1317]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.89.213.100 Sep 1 16:47:54 buvik sshd[1317]: Failed password for invalid user zj from 36.89.213.100 port 44562 ssh2 Sep 1 16:52:28 buvik sshd[1880]: Invalid user git from 36.89.213.100 ...	2020-09-01 23:10:57
122.252.246.209	attackspam	2020-09-01 07:23:10.313765-0500 localhost smtpd[82782]: NOQUEUE: reject: RCPT from unknown[122.252.246.209]: 554 5.7.1 Service unavailable; Client host [122.252.246.209] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/122.252.246.209; from= to= proto=ESMTP helo=	2020-09-01 22:37:05

Recently Reported IPs

104.168.202.254	104.168.28.229	104.168.36.10	104.17.100.190
104.168.198.45	104.168.83.216	104.22.17.199	104.168.66.86
104.17.100.48	104.17.0.232	104.168.251.14	104.168.214.192
104.168.201.227	104.17.100.73	104.17.100.60	104.17.101.48
104.17.103.35	104.17.101.190	104.22.17.213	104.17.102.35