104.168.98.130

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: Hudson Valley Host

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Sep 8 02:40:08 taivassalofi sshd[40314]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.168.98.130 Sep 8 02:40:10 taivassalofi sshd[40314]: Failed password for invalid user ftp from 104.168.98.130 port 48128 ssh2 ...	2019-09-08 07:44:28

Type

Details

Datetime

attackbotsspam

Sep  8 02:40:08 taivassalofi sshd[40314]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.168.98.130
Sep  8 02:40:10 taivassalofi sshd[40314]: Failed password for invalid user ftp from 104.168.98.130 port 48128 ssh2
...

2019-09-08 07:44:28

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.168.98.130
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 60322
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.168.98.130.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019090701 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Sep 08 07:44:21 CST 2019
;; MSG SIZE  rcvd: 118

Host info

130.98.168.104.in-addr.arpa domain name pointer 104-168-98-130-host.colocrossing.com.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
130.98.168.104.in-addr.arpa	name = 104-168-98-130-host.colocrossing.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
192.95.53.5	attackbots	Oct 25 09:22:03 MK-Soft-VM4 sshd[22889]: Failed password for root from 192.95.53.5 port 45144 ssh2 ...	2019-10-25 16:15:24
83.25.176.106	attackbots	$f2bV_matches	2019-10-25 16:10:07
106.12.24.108	attackspambots	2019-10-25T10:31:16.942200centos sshd\[19281\]: Invalid user yo from 106.12.24.108 port 41752 2019-10-25T10:31:16.946284centos sshd\[19281\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.24.108 2019-10-25T10:31:18.903046centos sshd\[19281\]: Failed password for invalid user yo from 106.12.24.108 port 41752 ssh2	2019-10-25 16:32:37
159.203.201.55	attack	" "	2019-10-25 16:36:40
61.164.96.98	attack	10/25/2019-02:23:01.075990 61.164.96.98 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 62	2019-10-25 16:02:36
148.70.65.131	attackbots	Oct 24 18:03:14 friendsofhawaii sshd\[8313\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.65.131 user=root Oct 24 18:03:16 friendsofhawaii sshd\[8313\]: Failed password for root from 148.70.65.131 port 57708 ssh2 Oct 24 18:08:49 friendsofhawaii sshd\[8740\]: Invalid user test from 148.70.65.131 Oct 24 18:08:49 friendsofhawaii sshd\[8740\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.65.131 Oct 24 18:08:51 friendsofhawaii sshd\[8740\]: Failed password for invalid user test from 148.70.65.131 port 39860 ssh2	2019-10-25 16:08:41
202.106.93.46	attackbots	2019-10-25T06:01:54.943842abusebot-3.cloudsearch.cf sshd\[5836\]: Invalid user prakash from 202.106.93.46 port 48029	2019-10-25 16:15:04
45.125.66.26	attackbotsspam	\[2019-10-25 03:56:09\] SECURITY\[2634\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-10-25T03:56:09.015-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="010125401148525260109",SessionID="0x7fdf2c003608",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.125.66.26/64304",ACLName="no_extension_match" \[2019-10-25 03:56:26\] SECURITY\[2634\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-10-25T03:56:26.609-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="0100124301148825681007",SessionID="0x7fdf2c007318",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.125.66.26/53684",ACLName="no_extension_match" \[2019-10-25 03:56:49\] SECURITY\[2634\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-10-25T03:56:49.217-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="010125501148525260109",SessionID="0x7fdf2c0ef9d8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.125.66.26/58465"	2019-10-25 16:13:50
51.68.138.143	attack	Oct 24 18:32:41 hpm sshd\[30145\]: Invalid user chan from 51.68.138.143 Oct 24 18:32:41 hpm sshd\[30145\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=143.ip-51-68-138.eu Oct 24 18:32:43 hpm sshd\[30145\]: Failed password for invalid user chan from 51.68.138.143 port 56391 ssh2 Oct 24 18:36:20 hpm sshd\[30429\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=143.ip-51-68-138.eu user=root Oct 24 18:36:22 hpm sshd\[30429\]: Failed password for root from 51.68.138.143 port 46498 ssh2	2019-10-25 16:20:55
50.116.101.52	attackspambots	Oct 22 17:42:30 carla sshd[22550]: reveeclipse mapping checking getaddrinfo for server.dm3-us.host [50.116.101.52] failed - POSSIBLE BREAK-IN ATTEMPT! Oct 22 17:42:30 carla sshd[22550]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=50.116.101.52 user=r.r Oct 22 17:42:32 carla sshd[22550]: Failed password for r.r from 50.116.101.52 port 59498 ssh2 Oct 22 17:42:32 carla sshd[22551]: Received disconnect from 50.116.101.52: 11: Bye Bye Oct 22 17:55:24 carla sshd[22595]: reveeclipse mapping checking getaddrinfo for server.ensash.com [50.116.101.52] failed - POSSIBLE BREAK-IN ATTEMPT! Oct 22 17:55:24 carla sshd[22595]: Invalid user xtn from 50.116.101.52 Oct 22 17:55:24 carla sshd[22595]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=50.116.101.52 Oct 22 17:55:26 carla sshd[22595]: Failed password for invalid user xtn from 50.116.101.52 port 53506 ssh2 Oct 22 17:55:26 carla sshd[22596]: Rece........ -------------------------------	2019-10-25 16:21:15
79.105.240.232	attack	445/tcp [2019-10-25]1pkt	2019-10-25 16:14:45
5.32.176.107	attackspambots	8080/tcp [2019-10-25]1pkt	2019-10-25 16:11:07
98.4.160.39	attackbotsspam	Repeated brute force against a port	2019-10-25 16:06:05
110.139.198.152	attackbotsspam	445/tcp 445/tcp 445/tcp [2019-10-25]3pkt	2019-10-25 16:05:28
77.62.150.200	attackspam	RDP brute forcing (r)	2019-10-25 16:24:24

Recently Reported IPs

200.0.182.110	157.145.26.226	136.108.51.138	107.35.0.208
34.221.126.230	123.101.66.171	189.209.252.140	49.235.250.170
95.78.182.255	120.28.115.2	18.244.144.99	45.247.182.159
96.166.198.206	134.209.107.151	3.19.58.248	46.50.31.9
93.189.163.171	183.157.189.119	134.73.76.133	185.244.25.66