104.194.206.105

Basic Info

City: Seattle

Region: Washington

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.194.206.242	attack	SYN Timeout; TCP/80 bukkake.tonight.in.your.mothers.fartbox.orgnoobuntu.orgmarc.isamotherfucking.ninjairc.terranirc.orggot.nullrewted.org	2020-05-12 21:30:56
104.194.206.101	attackspambots	Nov 27 07:58:10 h1637304 sshd[4354]: Address 104.194.206.101 maps to jimmynet.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Nov 27 07:58:10 h1637304 sshd[4354]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.194.206.101 user=r.r Nov 27 07:58:12 h1637304 sshd[4354]: Failed password for r.r from 104.194.206.101 port 56246 ssh2 Nov 27 07:58:12 h1637304 sshd[4354]: Received disconnect from 104.194.206.101: 3: com.jcraft.jsch.JSchException: Auth fail [preauth] Nov 27 07:58:13 h1637304 sshd[4356]: Address 104.194.206.101 maps to jimmynet.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Nov 27 07:58:13 h1637304 sshd[4356]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.194.206.101 user=r.r Nov 27 07:58:15 h1637304 sshd[4356]: Failed password for r.r from 104.194.206.101 port 56604 ssh2 Nov 27 07:58:15 h1637304 sshd[4356]: Received........ -------------------------------	2019-11-27 16:13:05

Type

Details

Datetime

104.194.206.242

attack

SYN Timeout; TCP/80
bukkake.tonight.in.your.mothers.fartbox.orgnoobuntu.orgmarc.isamotherfucking.ninjairc.terranirc.orggot.nullrewted.org

2020-05-12 21:30:56

104.194.206.101

attackspambots

Nov 27 07:58:10 h1637304 sshd[4354]: Address 104.194.206.101 maps to jimmynet.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!
Nov 27 07:58:10 h1637304 sshd[4354]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.194.206.101  user=r.r
Nov 27 07:58:12 h1637304 sshd[4354]: Failed password for r.r from 104.194.206.101 port 56246 ssh2
Nov 27 07:58:12 h1637304 sshd[4354]: Received disconnect from 104.194.206.101: 3: com.jcraft.jsch.JSchException: Auth fail [preauth]
Nov 27 07:58:13 h1637304 sshd[4356]: Address 104.194.206.101 maps to jimmynet.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!
Nov 27 07:58:13 h1637304 sshd[4356]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.194.206.101  user=r.r
Nov 27 07:58:15 h1637304 sshd[4356]: Failed password for r.r from 104.194.206.101 port 56604 ssh2
Nov 27 07:58:15 h1637304 sshd[4356]: Received........
-------------------------------

2019-11-27 16:13:05

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.194.206.105
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3877
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.194.206.105.		IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022040702 1800 900 604800 86400

;; Query time: 92 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Apr 08 02:30:57 CST 2022
;; MSG SIZE  rcvd: 108

Host info

105.206.194.104.in-addr.arpa domain name pointer 104.194.206.105.server.wdidc.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
105.206.194.104.in-addr.arpa	name = 104.194.206.105.server.wdidc.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
41.65.3.130	attackspambots	445/tcp 445/tcp 445/tcp... [2019-06-23/08-12]10pkt,1pt.(tcp)	2019-08-13 04:16:32
113.161.21.95	attack	445/tcp 445/tcp [2019-07-09/08-12]2pkt	2019-08-13 04:26:11
106.51.66.24	attack	445/tcp 445/tcp 445/tcp [2019-07-09/08-12]3pkt	2019-08-13 04:07:36
190.196.70.20	attack	445/tcp 445/tcp 445/tcp... [2019-06-22/08-12]11pkt,1pt.(tcp)	2019-08-13 03:55:06
203.156.197.127	attack	445/tcp 445/tcp 445/tcp... [2019-06-24/08-12]12pkt,1pt.(tcp)	2019-08-13 04:09:05
187.216.125.216	attackbots	445/tcp 445/tcp 445/tcp... [2019-06-22/08-12]14pkt,1pt.(tcp)	2019-08-13 04:15:37
157.25.160.75	attack	SSH bruteforce	2019-08-13 04:20:52
118.126.96.180	attackbots	fail2ban honeypot	2019-08-13 04:26:39
154.41.3.166	attackbots	445/tcp 445/tcp 445/tcp... [2019-06-22/08-12]4pkt,1pt.(tcp)	2019-08-13 03:50:58
2.139.215.255	attackspambots	$f2bV_matches_ltvn	2019-08-13 04:03:19
34.227.14.137	attack	Hit on /wp-admin/	2019-08-13 03:59:10
185.254.122.200	attackbotsspam	08/12/2019-15:42:45.389491 185.254.122.200 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-08-13 03:49:35
212.199.194.25	attack	445/tcp 445/tcp 445/tcp... [2019-06-15/08-12]4pkt,1pt.(tcp)	2019-08-13 03:48:22
109.110.52.77	attackspam	Aug 12 18:40:32 *** sshd[31032]: Invalid user hadoop from 109.110.52.77	2019-08-13 03:45:27
154.68.5.87	attackspambots	Brute force attempt	2019-08-13 04:06:06

Recently Reported IPs

104.193.174.9	248.26.139.141	104.194.233.58	104.195.6.71
104.195.6.75	104.196.0.0	104.196.177.85	104.196.180.226
104.207.242.128	104.207.245.42	104.207.246.68	104.207.250.135
104.207.251.151	104.207.253.192	104.207.254.182	104.208.136.106
104.208.24.134	104.208.92.169	104.209.181.191	104.209.223.17