104.41.45.22 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.41.45.235	attackspambots	SSH/22 MH Probe, BF, Hack -	2020-09-30 00:04:43
104.41.45.19	attackspambots	We detected a phishing web site hosted at: ==== https://ssl-localwebmailseguro.brazilsouth.cloudapp.azure.com/indexlocaweb.html?$number-$number-$number-$number ==== This is a fake website pretending to be Locaweb website with the intent of committing fraud against the organization and/or its users. The organization's legitimate website is: ==== https://webmail-seguro.com.br/ ==== We kindly ask your cooperation, according to your policies to cease this activity and shut down the phishing page; Thanks in advance. We would also appreciate a reply that this message has been received. Graciously.	2020-02-17 23:10:16

Type

Details

Datetime

104.41.45.235

attackspambots

SSH/22 MH Probe, BF, Hack -

2020-09-30 00:04:43

104.41.45.19

attackspambots

We detected a phishing web site hosted at:

====
https://ssl-localwebmailseguro.brazilsouth.cloudapp.azure.com/indexlocaweb.html?$number-$number-$number-$number
====

This is a fake website pretending to be Locaweb website with the intent of committing fraud against the organization and/or its users. The organization's legitimate website is:
====
https://webmail-seguro.com.br/
====

We kindly ask your cooperation, according to your policies to cease this activity and shut down the phishing page;

Thanks in advance. We would also appreciate a reply that this message has been received.

Graciously.

2020-02-17 23:10:16

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.41.45.22
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26380
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.41.45.22.			IN	A

;; AUTHORITY SECTION:
.			429	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022500 1800 900 604800 86400

;; Query time: 21 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 25 20:33:00 CST 2022
;; MSG SIZE  rcvd: 105

Host info

Host 22.45.41.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 22.45.41.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
175.211.112.66	attackbots	$f2bV_matches_ltvn	2019-11-04 21:27:02
77.37.150.9	attackbots	Nov 4 07:17:22 c10 sshd[32581]: Failed password for r.r from 77.37.150.9 port 50319 ssh2 Nov 4 07:17:24 c10 sshd[32581]: Failed password for r.r from 77.37.150.9 port 50319 ssh2 Nov 4 07:17:26 c10 sshd[32581]: Failed password for r.r from 77.37.150.9 port 50319 ssh2 Nov 4 07:17:28 c10 sshd[32581]: Failed password for r.r from 77.37.150.9 port 50319 ssh2 Nov 4 07:17:31 c10 sshd[32581]: Failed password for r.r from 77.37.150.9 port 50319 ssh2 Nov 4 07:17:33 c10 sshd[32581]: Failed password for r.r from 77.37.150.9 port 50319 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=77.37.150.9	2019-11-04 21:34:32
112.85.42.237	attack	Nov 4 05:07:38 TORMINT sshd\[2243\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.237 user=root Nov 4 05:07:40 TORMINT sshd\[2243\]: Failed password for root from 112.85.42.237 port 16252 ssh2 Nov 4 05:10:41 TORMINT sshd\[2356\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.237 user=root ...	2019-11-04 21:39:06
125.212.207.205	attackspam	SSH Brute-Force reported by Fail2Ban	2019-11-04 21:32:09
159.203.201.25	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-11-04 21:50:54
106.13.204.251	attack	Nov 4 17:03:26 lcl-usvr-02 sshd[8377]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.204.251 user=root Nov 4 17:03:28 lcl-usvr-02 sshd[8377]: Failed password for root from 106.13.204.251 port 49024 ssh2 Nov 4 17:07:54 lcl-usvr-02 sshd[9374]: Invalid user admin from 106.13.204.251 port 58126 Nov 4 17:07:54 lcl-usvr-02 sshd[9374]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.204.251 Nov 4 17:07:54 lcl-usvr-02 sshd[9374]: Invalid user admin from 106.13.204.251 port 58126 Nov 4 17:07:56 lcl-usvr-02 sshd[9374]: Failed password for invalid user admin from 106.13.204.251 port 58126 ssh2 ...	2019-11-04 21:35:53
132.145.201.163	attackbots	Nov 4 15:19:29 gw1 sshd[25766]: Failed password for root from 132.145.201.163 port 21329 ssh2 ...	2019-11-04 21:17:50
60.12.13.98	attackspam	Nov 3 20:20:22 tdfoods sshd\[4305\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.12.13.98 user=root Nov 3 20:20:24 tdfoods sshd\[4305\]: Failed password for root from 60.12.13.98 port 9894 ssh2 Nov 3 20:20:26 tdfoods sshd\[4325\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.12.13.98 user=root Nov 3 20:20:27 tdfoods sshd\[4325\]: Failed password for root from 60.12.13.98 port 10162 ssh2 Nov 3 20:20:28 tdfoods sshd\[4327\]: Invalid user pi from 60.12.13.98	2019-11-04 21:54:51
159.65.30.66	attackspam	SSH Brute-Force reported by Fail2Ban	2019-11-04 21:28:31
85.96.207.48	attackbotsspam	Automatic report - Banned IP Access	2019-11-04 21:47:16
35.240.217.103	attackbots	Nov 4 15:25:24 server sshd\[27801\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.217.240.35.bc.googleusercontent.com user=root Nov 4 15:25:26 server sshd\[27801\]: Failed password for root from 35.240.217.103 port 52192 ssh2 Nov 4 15:42:49 server sshd\[32099\]: Invalid user lollipop from 35.240.217.103 Nov 4 15:42:49 server sshd\[32099\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.217.240.35.bc.googleusercontent.com Nov 4 15:42:51 server sshd\[32099\]: Failed password for invalid user lollipop from 35.240.217.103 port 44508 ssh2 ...	2019-11-04 21:44:07
64.39.99.194	attackbots	5x Failed Password	2019-11-04 21:36:31
124.156.173.209	attackspam	Nov 3 23:44:05 auw2 sshd\[13413\]: Invalid user All from 124.156.173.209 Nov 3 23:44:05 auw2 sshd\[13413\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.156.173.209 Nov 3 23:44:07 auw2 sshd\[13413\]: Failed password for invalid user All from 124.156.173.209 port 45726 ssh2 Nov 3 23:50:11 auw2 sshd\[13909\]: Invalid user Welcome8 from 124.156.173.209 Nov 3 23:50:11 auw2 sshd\[13909\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.156.173.209	2019-11-04 21:42:18
212.237.112.106	attack	Sent mail to target address hacked/leaked from abandonia in 2016	2019-11-04 21:55:23
94.231.136.154	attackspam	Nov 4 13:21:11 webhost01 sshd[16787]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.231.136.154 Nov 4 13:21:13 webhost01 sshd[16787]: Failed password for invalid user kj from 94.231.136.154 port 45942 ssh2 ...	2019-11-04 21:40:03

Recently Reported IPs

104.41.44.123	104.41.46.236	104.41.45.52	104.41.5.138
104.41.46.210	101.109.79.125	104.41.5.140	104.41.46.238
104.41.48.48	104.41.5.5	104.41.50.91	104.41.46.166
104.41.5.226	104.41.50.88	104.41.52.142	104.41.51.173
104.41.55.138	104.41.56.83	101.109.79.137	104.41.6.182