104.44.141.85 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: Microsoft Corporation

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Jul 18 06:36:34 pve1 sshd[25092]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.44.141.85 Jul 18 06:36:36 pve1 sshd[25092]: Failed password for invalid user admin from 104.44.141.85 port 6815 ssh2 ...	2020-07-18 12:39:21
attackspam	Jul 17 23:48:34 vpn01 sshd[30522]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.44.141.85 Jul 17 23:48:36 vpn01 sshd[30522]: Failed password for invalid user admin from 104.44.141.85 port 48978 ssh2 ...	2020-07-18 05:49:16
attack	Jul 16 12:40:16 mout sshd[31203]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.44.141.85 user=root Jul 16 12:40:18 mout sshd[31203]: Failed password for root from 104.44.141.85 port 54418 ssh2	2020-07-16 18:59:17
attack	96. On Jul 15 2020 experienced a Brute Force SSH login attempt -> 4 unique times by 104.44.141.85.	2020-07-16 05:58:37
attack	Jul 15 04:41:58 vpn01 sshd[10089]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.44.141.85 Jul 15 04:42:00 vpn01 sshd[10089]: Failed password for invalid user admin from 104.44.141.85 port 32391 ssh2 ...	2020-07-15 10:42:12
attackspam	Lines containing failures of 104.44.141.85 Jul 14 00:48:38 nemesis sshd[15502]: Invalid user admin from 104.44.141.85 port 53571 Jul 14 00:48:38 nemesis sshd[15503]: Invalid user admin from 104.44.141.85 port 53573 Jul 14 00:48:38 nemesis sshd[15505]: Invalid user admin from 104.44.141.85 port 53576 Jul 14 00:48:38 nemesis sshd[15504]: Invalid user admin from 104.44.141.85 port 53575 Jul 14 00:48:38 nemesis sshd[15502]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.44.141.85 Jul 14 00:48:38 nemesis sshd[15503]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.44.141.85 Jul 14 00:48:38 nemesis sshd[15505]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.44.141.85 Jul 14 00:48:38 nemesis sshd[15504]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.44.141.85 ........ ----------------------------------------------- https://www.blockl	2020-07-15 03:39:35
attack	Lines containing failures of 104.44.141.85 Jul 14 00:48:38 nemesis sshd[15502]: Invalid user admin from 104.44.141.85 port 53571 Jul 14 00:48:38 nemesis sshd[15503]: Invalid user admin from 104.44.141.85 port 53573 Jul 14 00:48:38 nemesis sshd[15505]: Invalid user admin from 104.44.141.85 port 53576 Jul 14 00:48:38 nemesis sshd[15504]: Invalid user admin from 104.44.141.85 port 53575 Jul 14 00:48:38 nemesis sshd[15502]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.44.141.85 Jul 14 00:48:38 nemesis sshd[15503]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.44.141.85 Jul 14 00:48:38 nemesis sshd[15505]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.44.141.85 Jul 14 00:48:38 nemesis sshd[15504]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.44.141.85 ........ ----------------------------------------------- https://www.blockl	2020-07-15 00:57:24

Comments on same subnet:

IP	Type	Details	Datetime
104.44.141.130	attackbots	2020-04-23T18:00:53Z - RDP login failed multiple times. (104.44.141.130)	2020-04-24 04:16:14

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.44.141.85
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 19705
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.44.141.85.			IN	A

;; AUTHORITY SECTION:
.			513	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020071400 1800 900 604800 86400

;; Query time: 25 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jul 15 00:57:21 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 85.141.44.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 85.141.44.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
210.182.116.41	attackbotsspam	Sep 10 03:31:45 microserver sshd[37440]: Invalid user postgres from 210.182.116.41 port 42156 Sep 10 03:31:45 microserver sshd[37440]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.182.116.41 Sep 10 03:31:47 microserver sshd[37440]: Failed password for invalid user postgres from 210.182.116.41 port 42156 ssh2 Sep 10 03:38:37 microserver sshd[38223]: Invalid user admin from 210.182.116.41 port 47472 Sep 10 03:38:37 microserver sshd[38223]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.182.116.41 Sep 10 03:52:11 microserver sshd[40280]: Invalid user support from 210.182.116.41 port 58010 Sep 10 03:52:11 microserver sshd[40280]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.182.116.41 Sep 10 03:52:14 microserver sshd[40280]: Failed password for invalid user support from 210.182.116.41 port 58010 ssh2 Sep 10 03:59:10 microserver sshd[41084]: Invalid user admin from 210.182.116.	2019-09-10 11:10:25
36.72.100.115	attackbots	2019-09-10T03:39:23.943019abusebot-2.cloudsearch.cf sshd\[16996\]: Invalid user minecraft from 36.72.100.115 port 41962	2019-09-10 12:01:43
178.19.180.202	attackbots	Sep 10 03:22:06 smtp postfix/smtpd[56104]: NOQUEUE: reject: RCPT from unknown[178.19.180.202]: 554 5.7.1 Service unavailable; Client host [178.19.180.202] blocked using bl.spamcop.net; Blocked - see https://www.spamcop.net/bl.shtml?178.19.180.202; from= to= proto=ESMTP helo= ...	2019-09-10 11:13:59
193.112.2.207	attackspam	Sep 9 22:16:26 ny01 sshd[29631]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.2.207 Sep 9 22:16:28 ny01 sshd[29631]: Failed password for invalid user admin from 193.112.2.207 port 58090 ssh2 Sep 9 22:22:32 ny01 sshd[30687]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.2.207	2019-09-10 11:29:02
77.247.110.96	attackspam	SIPVicious Scanner Detection, PTR: PTR record not found	2019-09-10 11:12:59
103.51.153.235	attackbots	Sep 9 17:36:01 hpm sshd\[667\]: Invalid user sinusbot from 103.51.153.235 Sep 9 17:36:01 hpm sshd\[667\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.51.153.235 Sep 9 17:36:04 hpm sshd\[667\]: Failed password for invalid user sinusbot from 103.51.153.235 port 40466 ssh2 Sep 9 17:42:55 hpm sshd\[1359\]: Invalid user test from 103.51.153.235 Sep 9 17:42:55 hpm sshd\[1359\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.51.153.235	2019-09-10 12:02:45
77.247.110.149	attackbots	SIPVicious Scanner Detection, PTR: PTR record not found	2019-09-10 11:16:25
218.98.26.173	attackspambots	SSH Brute-Force attacks	2019-09-10 12:04:20
165.22.53.23	attackspambots	Sep 9 17:52:53 tdfoods sshd\[6685\]: Invalid user test from 165.22.53.23 Sep 9 17:52:53 tdfoods sshd\[6685\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.53.23 Sep 9 17:52:55 tdfoods sshd\[6685\]: Failed password for invalid user test from 165.22.53.23 port 55846 ssh2 Sep 9 17:59:33 tdfoods sshd\[7308\]: Invalid user user1 from 165.22.53.23 Sep 9 17:59:33 tdfoods sshd\[7308\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.53.23	2019-09-10 11:59:50
80.211.113.144	attackbots	Sep 9 17:38:30 sachi sshd\[26308\]: Invalid user odoo from 80.211.113.144 Sep 9 17:38:30 sachi sshd\[26308\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.113.144 Sep 9 17:38:32 sachi sshd\[26308\]: Failed password for invalid user odoo from 80.211.113.144 port 57822 ssh2 Sep 9 17:47:48 sachi sshd\[27206\]: Invalid user ansible from 80.211.113.144 Sep 9 17:47:48 sachi sshd\[27206\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.113.144	2019-09-10 11:49:11
196.41.123.182	attackbotsspam	Sep 10 03:21:34 mailserver postfix/smtpd[93785]: connect from 196.41.123.182-colocation.cybersmart.co.za[196.41.123.182] Sep 10 03:21:34 mailserver postfix/smtpd[93785]: lost connection after AUTH from 196.41.123.182-colocation.cybersmart.co.za[196.41.123.182] Sep 10 03:21:34 mailserver postfix/smtpd[93785]: disconnect from 196.41.123.182-colocation.cybersmart.co.za[196.41.123.182] Sep 10 03:21:34 mailserver postfix/smtpd[93785]: connect from 196.41.123.182-colocation.cybersmart.co.za[196.41.123.182] Sep 10 03:21:35 mailserver postfix/smtpd[93785]: lost connection after AUTH from 196.41.123.182-colocation.cybersmart.co.za[196.41.123.182] Sep 10 03:21:35 mailserver postfix/smtpd[93785]: disconnect from 196.41.123.182-colocation.cybersmart.co.za[196.41.123.182] Sep 10 03:21:35 mailserver postfix/smtpd[93785]: connect from 196.41.123.182-colocation.cybersmart.co.za[196.41.123.182] Sep 10 03:21:35 mailserver postfix/smtpd[93785]: lost connection after AUTH from 196.41.123.182-colocation.cybersmart.co.za[196.41.12	2019-09-10 11:40:23
119.40.33.22	attackbotsspam	Sep 9 17:19:39 kapalua sshd\[5287\]: Invalid user 12345 from 119.40.33.22 Sep 9 17:19:39 kapalua sshd\[5287\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.40.33.22 Sep 9 17:19:41 kapalua sshd\[5287\]: Failed password for invalid user 12345 from 119.40.33.22 port 43392 ssh2 Sep 9 17:25:34 kapalua sshd\[6564\]: Invalid user 12345 from 119.40.33.22 Sep 9 17:25:34 kapalua sshd\[6564\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.40.33.22	2019-09-10 11:39:44
180.76.97.86	attack	Sep 10 04:21:40 hosting sshd[30203]: Invalid user 123 from 180.76.97.86 port 44312 ...	2019-09-10 11:36:06
74.63.253.38	attackspam	\[2019-09-09 23:29:15\] SECURITY\[1849\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-09-09T23:29:15.093-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="00048221530117",SessionID="0x7fd9a8163988",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/74.63.253.38/56424",ACLName="no_extension_match" \[2019-09-09 23:29:36\] SECURITY\[1849\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-09-09T23:29:36.457-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="901148221530117",SessionID="0x7fd9a8585a18",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/74.63.253.38/51593",ACLName="no_extension_match" \[2019-09-09 23:29:49\] SECURITY\[1849\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-09-09T23:29:49.237-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="01148221530117",SessionID="0x7fd9a8163988",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/74.63.253.38/61828",ACLName="no_extensio	2019-09-10 11:35:33
142.93.218.128	attackspam	Sep 9 17:05:55 php2 sshd\[15364\]: Invalid user git from 142.93.218.128 Sep 9 17:05:55 php2 sshd\[15364\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.218.128 Sep 9 17:05:56 php2 sshd\[15364\]: Failed password for invalid user git from 142.93.218.128 port 58278 ssh2 Sep 9 17:12:03 php2 sshd\[16087\]: Invalid user kafka from 142.93.218.128 Sep 9 17:12:03 php2 sshd\[16087\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.218.128	2019-09-10 11:30:00

Recently Reported IPs

40.124.15.44	201.229.186.168	180.205.35.5	157.71.235.181
39.78.98.153	70.17.219.12	21.46.104.167	22.57.248.43
215.108.70.79	108.47.77.17	187.167.246.221	118.185.50.107
219.172.250.134	83.201.11.181	113.98.229.118	176.17.1.47
254.45.86.149	8.62.132.174	84.138.57.49	33.82.102.6