104.168.71.44 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: None

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.168.71.152	attackspam	(sshd) Failed SSH login from 104.168.71.152 (US/United States/104-168-71-152-host.colocrossing.com): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jun 18 09:34:51 amsweb01 sshd[10984]: Invalid user www-data from 104.168.71.152 port 56111 Jun 18 09:34:53 amsweb01 sshd[10984]: Failed password for invalid user www-data from 104.168.71.152 port 56111 ssh2 Jun 18 09:40:33 amsweb01 sshd[11763]: Invalid user sftp_user from 104.168.71.152 port 55927 Jun 18 09:40:35 amsweb01 sshd[11763]: Failed password for invalid user sftp_user from 104.168.71.152 port 55927 ssh2 Jun 18 09:51:31 amsweb01 sshd[13339]: Invalid user ninja from 104.168.71.152 port 55567	2020-06-18 16:19:44
104.168.71.152	attackspam	Jun 17 19:47:35 mail sshd[23946]: Failed password for invalid user traffic from 104.168.71.152 port 57329 ssh2 Jun 17 20:07:40 mail sshd[26552]: Failed password for root from 104.168.71.152 port 54410 ssh2 ...	2020-06-18 03:29:44

Type

Details

Datetime

104.168.71.152

attackspam

(sshd) Failed SSH login from 104.168.71.152 (US/United States/104-168-71-152-host.colocrossing.com): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jun 18 09:34:51 amsweb01 sshd[10984]: Invalid user www-data from 104.168.71.152 port 56111
Jun 18 09:34:53 amsweb01 sshd[10984]: Failed password for invalid user www-data from 104.168.71.152 port 56111 ssh2
Jun 18 09:40:33 amsweb01 sshd[11763]: Invalid user sftp_user from 104.168.71.152 port 55927
Jun 18 09:40:35 amsweb01 sshd[11763]: Failed password for invalid user sftp_user from 104.168.71.152 port 55927 ssh2
Jun 18 09:51:31 amsweb01 sshd[13339]: Invalid user ninja from 104.168.71.152 port 55567

2020-06-18 16:19:44

104.168.71.152

attackspam

Jun 17 19:47:35 mail sshd[23946]: Failed password for invalid user traffic from 104.168.71.152 port 57329 ssh2
Jun 17 20:07:40 mail sshd[26552]: Failed password for root from 104.168.71.152 port 54410 ssh2
...

2020-06-18 03:29:44

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.168.71.44
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 16182
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.168.71.44.			IN	A

;; AUTHORITY SECTION:
.			389	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022031100 1800 900 604800 86400

;; Query time: 16 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Mar 11 18:26:23 CST 2022
;; MSG SIZE  rcvd: 106

Host info

44.71.168.104.in-addr.arpa domain name pointer 104-168-71-44-host.colocrossing.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
44.71.168.104.in-addr.arpa	name = 104-168-71-44-host.colocrossing.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
103.228.183.10	attackbotsspam	2020-03-01T05:58:38.291394 sshd[20180]: Invalid user mc2 from 103.228.183.10 port 48130 2020-03-01T05:58:38.307019 sshd[20180]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.228.183.10 2020-03-01T05:58:38.291394 sshd[20180]: Invalid user mc2 from 103.228.183.10 port 48130 2020-03-01T05:58:40.024345 sshd[20180]: Failed password for invalid user mc2 from 103.228.183.10 port 48130 ssh2 ...	2020-03-01 13:30:45
2.184.4.3	attackspambots	Mar 1 06:06:48 mail sshd[15402]: Invalid user stats from 2.184.4.3 Mar 1 06:06:48 mail sshd[15402]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.184.4.3 Mar 1 06:06:48 mail sshd[15402]: Invalid user stats from 2.184.4.3 Mar 1 06:06:51 mail sshd[15402]: Failed password for invalid user stats from 2.184.4.3 port 32918 ssh2 Mar 1 06:24:25 mail sshd[10301]: Invalid user ftpuser from 2.184.4.3 ...	2020-03-01 13:43:17
54.39.22.191	attackspambots	Mar 1 06:25:01 localhost sshd\[23122\]: Invalid user paul from 54.39.22.191 port 45990 Mar 1 06:25:01 localhost sshd\[23122\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.22.191 Mar 1 06:25:03 localhost sshd\[23122\]: Failed password for invalid user paul from 54.39.22.191 port 45990 ssh2	2020-03-01 13:40:19
60.6.170.77	attack	Honeypot attack, port: 5555, PTR: PTR record not found	2020-03-01 13:45:53
1.62.90.230	attack	CN_APNIC-HM_<177>1583038744 [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 1.62.90.230:6496	2020-03-01 13:06:02
111.252.7.159	attack	Honeypot attack, port: 445, PTR: 111-252-7-159.dynamic-ip.hinet.net.	2020-03-01 13:31:09
115.159.237.70	attack	Mar 1 06:31:49 ns381471 sshd[30294]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.159.237.70 Mar 1 06:31:51 ns381471 sshd[30294]: Failed password for invalid user deb from 115.159.237.70 port 37764 ssh2	2020-03-01 13:42:33
222.186.173.180	attackspam	Mar 1 07:29:05 ift sshd\[25964\]: Failed password for root from 222.186.173.180 port 32368 ssh2Mar 1 07:29:08 ift sshd\[25964\]: Failed password for root from 222.186.173.180 port 32368 ssh2Mar 1 07:29:19 ift sshd\[25964\]: Failed password for root from 222.186.173.180 port 32368 ssh2Mar 1 07:29:27 ift sshd\[25989\]: Failed password for root from 222.186.173.180 port 41884 ssh2Mar 1 07:29:30 ift sshd\[25989\]: Failed password for root from 222.186.173.180 port 41884 ssh2 ...	2020-03-01 13:32:08
51.15.99.106	attackbots	Mar 1 10:25:17 gw1 sshd[12849]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.15.99.106 Mar 1 10:25:19 gw1 sshd[12849]: Failed password for invalid user yala from 51.15.99.106 port 54932 ssh2 ...	2020-03-01 13:45:12
5.39.79.48	attackbotsspam	2020-03-01T04:44:28.511897vps773228.ovh.net sshd[31246]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns339079.ip-5-39-79.eu 2020-03-01T04:44:28.488244vps773228.ovh.net sshd[31246]: Invalid user deployer from 5.39.79.48 port 40703 2020-03-01T04:44:30.665499vps773228.ovh.net sshd[31246]: Failed password for invalid user deployer from 5.39.79.48 port 40703 ssh2 2020-03-01T05:59:08.689552vps773228.ovh.net sshd[31805]: Invalid user cron from 5.39.79.48 port 34920 2020-03-01T05:59:08.699683vps773228.ovh.net sshd[31805]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns339079.ip-5-39-79.eu 2020-03-01T05:59:08.689552vps773228.ovh.net sshd[31805]: Invalid user cron from 5.39.79.48 port 34920 2020-03-01T05:59:09.879226vps773228.ovh.net sshd[31805]: Failed password for invalid user cron from 5.39.79.48 port 34920 ssh2 2020-03-01T06:13:59.061110vps773228.ovh.net sshd[31911]: Invalid user radio from 5.39.79.48 port ...	2020-03-01 13:20:54
139.59.58.234	attackspam	Feb 29 23:49:27 NPSTNNYC01T sshd[3325]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.58.234 Feb 29 23:49:29 NPSTNNYC01T sshd[3325]: Failed password for invalid user lab from 139.59.58.234 port 50852 ssh2 Feb 29 23:59:08 NPSTNNYC01T sshd[3885]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.58.234 ...	2020-03-01 13:03:34
213.186.33.40	spam	MARRE de ces ORDURES et autres FILS de PUTE genre SOUS MERDES capables de POLLUER STUPIDEMENT pour ne pas dire CONNEMENT la Planète par des POURRIELS INUTILES sur des listes VOLÉES on ne sait où et SANS notre accord, en TOTALE INFRACTION avec les Législations Européennes comme Française sur la RGPD, donc à condamner à 750 € par pourriel émis ! christophe@transletter.eu MICCICHE Christophe Léonard Michel (COUDOUX - 13111) 512 509 597 puis 831 288 469 - SAS https://www.interppro.net interppro.net => Network Solutions, LLC => web.com => 23.236.62.147 https://www.mywot.com/scorecard/interppro.net https://www.mywot.com/scorecard/web.com https://en.asytech.cn/check-ip/23.236.62.147 https://www.infogreffe.fr/entreprise-societe/831288469-interppro-130417B008730000.html transletter.eu => 188.165.53.185 188.165.53.185 => OVH https://www.mywot.com/scorecard/transletter.eu https://www.mywot.com/scorecard/ovh.com https://en.asytech.cn/check-ip/188.165.53.185 Message-ID: <15f55a827779eb9c458f92891af92f81@transletter.eu> From: Cliquez ICI pour vous désabonner cmati.com => 213.186.33.40 213.186.33.40 => OVH https://www.mywot.com/scorecard/cmati.com https://www.mywot.com/scorecard/ovh.com https://en.asytech.cn/check-ip/213.186.33.40	2020-03-01 13:46:35
222.186.180.41	attack	Mar 1 00:17:05 ny01 sshd[21724]: Failed password for root from 222.186.180.41 port 55302 ssh2 Mar 1 00:17:20 ny01 sshd[21724]: error: maximum authentication attempts exceeded for root from 222.186.180.41 port 55302 ssh2 [preauth] Mar 1 00:17:36 ny01 sshd[21938]: Failed password for root from 222.186.180.41 port 20878 ssh2	2020-03-01 13:22:54
59.89.57.201	attack	Mar 1 05:54:36 vps647732 sshd[27849]: Failed password for uucp from 59.89.57.201 port 39954 ssh2 Mar 1 05:59:00 vps647732 sshd[27962]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.89.57.201 ...	2020-03-01 13:13:03
46.229.214.208	attackbotsspam	Brute-force attempt banned	2020-03-01 13:34:28

Recently Reported IPs

104.168.68.145	104.169.5.3	104.17.101.129	104.17.109.88
104.17.110.88	104.17.113.193	104.17.114.193	104.17.114.49
104.17.115.49	104.17.121.18	104.17.122.18	104.17.131.41
104.17.134.61	104.17.143.30	104.17.144.30	104.17.153.60
104.17.153.64	104.17.154.60	104.17.154.64	104.17.156.3