City: unknown
Region: unknown
Country: United States of America
Internet Service Provider: Microsoft Corporation
Hostname: unknown
Organization: unknown
Usage Type: Data Center/Web Hosting/Transit
| Type | Details | Datetime |
|---|---|---|
| attackspambots | Jul 18 06:36:34 pve1 sshd[25092]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.44.141.85 Jul 18 06:36:36 pve1 sshd[25092]: Failed password for invalid user admin from 104.44.141.85 port 6815 ssh2 ... |
2020-07-18 12:39:21 |
| attackspam | Jul 17 23:48:34 vpn01 sshd[30522]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.44.141.85 Jul 17 23:48:36 vpn01 sshd[30522]: Failed password for invalid user admin from 104.44.141.85 port 48978 ssh2 ... |
2020-07-18 05:49:16 |
| attack | Jul 16 12:40:16 mout sshd[31203]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.44.141.85 user=root Jul 16 12:40:18 mout sshd[31203]: Failed password for root from 104.44.141.85 port 54418 ssh2 |
2020-07-16 18:59:17 |
| attack | 96. On Jul 15 2020 experienced a Brute Force SSH login attempt -> 4 unique times by 104.44.141.85. |
2020-07-16 05:58:37 |
| attack | Jul 15 04:41:58 vpn01 sshd[10089]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.44.141.85 Jul 15 04:42:00 vpn01 sshd[10089]: Failed password for invalid user admin from 104.44.141.85 port 32391 ssh2 ... |
2020-07-15 10:42:12 |
| attackspam | Lines containing failures of 104.44.141.85 Jul 14 00:48:38 nemesis sshd[15502]: Invalid user admin from 104.44.141.85 port 53571 Jul 14 00:48:38 nemesis sshd[15503]: Invalid user admin from 104.44.141.85 port 53573 Jul 14 00:48:38 nemesis sshd[15505]: Invalid user admin from 104.44.141.85 port 53576 Jul 14 00:48:38 nemesis sshd[15504]: Invalid user admin from 104.44.141.85 port 53575 Jul 14 00:48:38 nemesis sshd[15502]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.44.141.85 Jul 14 00:48:38 nemesis sshd[15503]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.44.141.85 Jul 14 00:48:38 nemesis sshd[15505]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.44.141.85 Jul 14 00:48:38 nemesis sshd[15504]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.44.141.85 ........ ----------------------------------------------- https://www.blockl |
2020-07-15 03:39:35 |
| attack | Lines containing failures of 104.44.141.85 Jul 14 00:48:38 nemesis sshd[15502]: Invalid user admin from 104.44.141.85 port 53571 Jul 14 00:48:38 nemesis sshd[15503]: Invalid user admin from 104.44.141.85 port 53573 Jul 14 00:48:38 nemesis sshd[15505]: Invalid user admin from 104.44.141.85 port 53576 Jul 14 00:48:38 nemesis sshd[15504]: Invalid user admin from 104.44.141.85 port 53575 Jul 14 00:48:38 nemesis sshd[15502]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.44.141.85 Jul 14 00:48:38 nemesis sshd[15503]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.44.141.85 Jul 14 00:48:38 nemesis sshd[15505]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.44.141.85 Jul 14 00:48:38 nemesis sshd[15504]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.44.141.85 ........ ----------------------------------------------- https://www.blockl |
2020-07-15 00:57:24 |
| IP | Type | Details | Datetime |
|---|---|---|---|
| 104.44.141.130 | attackbots | 2020-04-23T18:00:53Z - RDP login failed multiple times. (104.44.141.130) |
2020-04-24 04:16:14 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.44.141.85
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 19705
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.44.141.85. IN A
;; AUTHORITY SECTION:
. 513 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2020071400 1800 900 604800 86400
;; Query time: 25 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jul 15 00:57:21 CST 2020
;; MSG SIZE rcvd: 117Host 85.141.44.104.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 85.141.44.104.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 129.204.40.157 | attack | Oct 4 19:55:57 MK-Soft-Root1 sshd[7389]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.40.157 Oct 4 19:55:59 MK-Soft-Root1 sshd[7389]: Failed password for invalid user Collection123 from 129.204.40.157 port 51396 ssh2 ... |
2019-10-05 02:07:37 |
| 51.105.96.190 | attackspambots | Oct 4 08:23:27 localhost kernel: [3929626.659342] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=51.105.96.190 DST=[mungedIP2] LEN=68 TOS=0x00 PREC=0x00 TTL=244 ID=14132 PROTO=UDP SPT=30008 DPT=111 LEN=48 Oct 4 08:23:27 localhost kernel: [3929626.659370] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=51.105.96.190 DST=[mungedIP2] LEN=68 TOS=0x00 PREC=0x00 TTL=244 ID=14132 PROTO=UDP SPT=30008 DPT=111 LEN=48 Oct 4 08:23:31 localhost kernel: [3929630.711703] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=51.105.96.190 DST=[mungedIP2] LEN=68 TOS=0x00 PREC=0x00 TTL=244 ID=5882 PROTO=UDP SPT=30008 DPT=111 LEN=48 Oct 4 08:23:31 localhost kernel: [3929630.711728] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=51.105.96.190 DST=[mungedIP2] LEN=68 TOS=0x00 PREC=0x00 TTL=244 ID=5882 PROTO=UDP SPT=30008 DPT=111 LEN=48 Oct 4 08:23:31 localhost kernel: [3929630 |
2019-10-05 01:42:09 |
| 62.149.156.90 | attack | Automated reporting of Malicious Activity |
2019-10-05 01:33:13 |
| 92.63.194.90 | attackspam | SSH Brute-Force reported by Fail2Ban |
2019-10-05 01:50:01 |
| 34.208.139.143 | attackbots | [LAN access from remote] from 34.208.139.143:27705 to 192.168.XX.XX:5000, Thursday, Oct 03,2019 05:32:22 [LAN access from remote] from 34.208.139.143:1598 to 192.168.XX.XX:5001, Thursday, Oct 03,2019 05:32:13 |
2019-10-05 01:32:44 |
| 128.199.142.138 | attackspambots | Oct 4 19:52:33 core sshd[945]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.142.138 user=root Oct 4 19:52:34 core sshd[945]: Failed password for root from 128.199.142.138 port 39096 ssh2 ... |
2019-10-05 02:09:09 |
| 185.94.111.1 | attack | 10/04/2019-13:25:29.354825 185.94.111.1 Protocol: 17 GPL SNMP public access udp |
2019-10-05 01:49:38 |
| 80.82.64.127 | attackbotsspam | 10/04/2019-19:00:43.227589 80.82.64.127 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 82 |
2019-10-05 01:53:48 |
| 177.204.219.226 | attack | ssh brute force |
2019-10-05 02:09:36 |
| 222.186.15.246 | attackbots | Oct 4 16:44:13 ip-172-31-1-72 sshd\[5398\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.246 user=root Oct 4 16:44:15 ip-172-31-1-72 sshd\[5398\]: Failed password for root from 222.186.15.246 port 27436 ssh2 Oct 4 16:46:24 ip-172-31-1-72 sshd\[5429\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.246 user=root Oct 4 16:46:27 ip-172-31-1-72 sshd\[5429\]: Failed password for root from 222.186.15.246 port 45318 ssh2 Oct 4 16:46:29 ip-172-31-1-72 sshd\[5429\]: Failed password for root from 222.186.15.246 port 45318 ssh2 |
2019-10-05 01:40:44 |
| 49.247.207.56 | attackspam | Oct 4 17:43:45 mail sshd\[30225\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.247.207.56 Oct 4 17:43:47 mail sshd\[30225\]: Failed password for invalid user Rodrigue from 49.247.207.56 port 52858 ssh2 Oct 4 17:48:32 mail sshd\[30790\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.247.207.56 user=root Oct 4 17:48:35 mail sshd\[30790\]: Failed password for root from 49.247.207.56 port 36740 ssh2 Oct 4 17:53:21 mail sshd\[31412\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.247.207.56 user=root |
2019-10-05 01:46:37 |
| 51.15.212.48 | attackbotsspam | 2019-10-04T17:13:15.265344shield sshd\[9997\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.15.212.48 user=root 2019-10-04T17:13:17.255134shield sshd\[9997\]: Failed password for root from 51.15.212.48 port 59676 ssh2 2019-10-04T17:17:35.301455shield sshd\[11340\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.15.212.48 user=root 2019-10-04T17:17:37.316514shield sshd\[11340\]: Failed password for root from 51.15.212.48 port 44248 ssh2 2019-10-04T17:21:52.112749shield sshd\[12797\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.15.212.48 user=root |
2019-10-05 01:53:02 |
| 185.73.113.89 | attack | Oct 4 07:36:01 hanapaa sshd\[10501\]: Invalid user Word2017 from 185.73.113.89 Oct 4 07:36:01 hanapaa sshd\[10501\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185-73-113-89.nrp.co Oct 4 07:36:03 hanapaa sshd\[10501\]: Failed password for invalid user Word2017 from 185.73.113.89 port 52818 ssh2 Oct 4 07:39:55 hanapaa sshd\[10958\]: Invalid user Machine@123 from 185.73.113.89 Oct 4 07:39:55 hanapaa sshd\[10958\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185-73-113-89.nrp.co |
2019-10-05 01:51:43 |
| 212.92.115.187 | attack | RDP brute forcing (d) |
2019-10-05 02:02:00 |
| 80.82.70.239 | attackbots | 10/04/2019-13:03:08.373038 80.82.70.239 Protocol: 6 ET DROP Dshield Block Listed Source group 1 |
2019-10-05 01:46:15 |