104.44.141.85 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: Microsoft Corporation

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Jul 18 06:36:34 pve1 sshd[25092]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.44.141.85 Jul 18 06:36:36 pve1 sshd[25092]: Failed password for invalid user admin from 104.44.141.85 port 6815 ssh2 ...	2020-07-18 12:39:21
attackspam	Jul 17 23:48:34 vpn01 sshd[30522]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.44.141.85 Jul 17 23:48:36 vpn01 sshd[30522]: Failed password for invalid user admin from 104.44.141.85 port 48978 ssh2 ...	2020-07-18 05:49:16
attack	Jul 16 12:40:16 mout sshd[31203]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.44.141.85 user=root Jul 16 12:40:18 mout sshd[31203]: Failed password for root from 104.44.141.85 port 54418 ssh2	2020-07-16 18:59:17
attack	96. On Jul 15 2020 experienced a Brute Force SSH login attempt -> 4 unique times by 104.44.141.85.	2020-07-16 05:58:37
attack	Jul 15 04:41:58 vpn01 sshd[10089]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.44.141.85 Jul 15 04:42:00 vpn01 sshd[10089]: Failed password for invalid user admin from 104.44.141.85 port 32391 ssh2 ...	2020-07-15 10:42:12
attackspam	Lines containing failures of 104.44.141.85 Jul 14 00:48:38 nemesis sshd[15502]: Invalid user admin from 104.44.141.85 port 53571 Jul 14 00:48:38 nemesis sshd[15503]: Invalid user admin from 104.44.141.85 port 53573 Jul 14 00:48:38 nemesis sshd[15505]: Invalid user admin from 104.44.141.85 port 53576 Jul 14 00:48:38 nemesis sshd[15504]: Invalid user admin from 104.44.141.85 port 53575 Jul 14 00:48:38 nemesis sshd[15502]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.44.141.85 Jul 14 00:48:38 nemesis sshd[15503]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.44.141.85 Jul 14 00:48:38 nemesis sshd[15505]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.44.141.85 Jul 14 00:48:38 nemesis sshd[15504]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.44.141.85 ........ ----------------------------------------------- https://www.blockl	2020-07-15 03:39:35
attack	Lines containing failures of 104.44.141.85 Jul 14 00:48:38 nemesis sshd[15502]: Invalid user admin from 104.44.141.85 port 53571 Jul 14 00:48:38 nemesis sshd[15503]: Invalid user admin from 104.44.141.85 port 53573 Jul 14 00:48:38 nemesis sshd[15505]: Invalid user admin from 104.44.141.85 port 53576 Jul 14 00:48:38 nemesis sshd[15504]: Invalid user admin from 104.44.141.85 port 53575 Jul 14 00:48:38 nemesis sshd[15502]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.44.141.85 Jul 14 00:48:38 nemesis sshd[15503]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.44.141.85 Jul 14 00:48:38 nemesis sshd[15505]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.44.141.85 Jul 14 00:48:38 nemesis sshd[15504]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.44.141.85 ........ ----------------------------------------------- https://www.blockl	2020-07-15 00:57:24

Comments on same subnet:

IP	Type	Details	Datetime
104.44.141.130	attackbots	2020-04-23T18:00:53Z - RDP login failed multiple times. (104.44.141.130)	2020-04-24 04:16:14

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.44.141.85
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 19705
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.44.141.85.			IN	A

;; AUTHORITY SECTION:
.			513	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020071400 1800 900 604800 86400

;; Query time: 25 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jul 15 00:57:21 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 85.141.44.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 85.141.44.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
118.99.124.26	attackspam	Email rejected due to spam filtering	2020-02-25 04:16:02
118.174.161.185	attack	Automatic report - Port Scan Attack	2020-02-25 03:50:54
212.156.51.34	attackspambots	Unauthorized connection attempt detected from IP address 212.156.51.34 to port 445	2020-02-25 03:59:04
103.226.189.252	attackbots	GET /xmlrpc.php HTTP/1.1	2020-02-25 03:54:04
80.82.78.100	attackbotsspam	80.82.78.100 was recorded 26 times by 13 hosts attempting to connect to the following ports: 1030,1051,1045. Incident counter (4h, 24h, all-time): 26, 115, 19599	2020-02-25 04:07:51
194.26.29.130	attackspam	Feb 24 20:40:51 debian-2gb-nbg1-2 kernel: \[4832452.026181\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=194.26.29.130 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=43420 PROTO=TCP SPT=8080 DPT=5555 WINDOW=1024 RES=0x00 SYN URGP=0	2020-02-25 03:52:44
23.249.168.57	attackbotsspam	02/24/2020-14:21:45.186237 23.249.168.57 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2020-02-25 04:32:25
176.110.120.139	attackspambots	SIP/5060 Probe, BF, Hack -	2020-02-25 04:22:44
174.219.147.213	attack	Brute forcing email accounts	2020-02-25 04:34:57
220.142.164.49	attackbotsspam	1582550507 - 02/24/2020 14:21:47 Host: 220.142.164.49/220.142.164.49 Port: 445 TCP Blocked	2020-02-25 04:29:19
69.94.135.181	attack	Feb 24 13:14:42 tempelhof postfix/smtpd[4962]: connect from runnerup.gratefulhope.com[69.94.135.181] Feb 24 13:14:42 tempelhof postfix/smtpd[4962]: 8509E5481640: client=runnerup.gratefulhope.com[69.94.135.181] Feb 24 13:14:42 tempelhof postfix/smtpd[4962]: disconnect from runnerup.gratefulhope.com[69.94.135.181] Feb 24 13:16:57 tempelhof postfix/smtpd[4162]: connect from runnerup.gratefulhope.com[69.94.135.181] Feb 24 13:16:57 tempelhof postfix/smtpd[4162]: B5FE45481640: client=runnerup.gratefulhope.com[69.94.135.181] Feb 24 13:16:58 tempelhof postfix/smtpd[4162]: disconnect from runnerup.gratefulhope.com[69.94.135.181] Feb 24 14:03:40 tempelhof postfix/smtpd[10040]: connect from runnerup.gratefulhope.com[69.94.135.181] Feb 24 14:03:40 tempelhof postfix/smtpd[10112]: connect from runnerup.gratefulhope.com[69.94.135.181] Feb x@x Feb x@x Feb 24 14:03:40 tempelhof postfix/smtpd[10040]: disconnect from runnerup.gratefulhope.com[69.94.135.181] Feb 24 14:03:40 tempelhof postf........ -------------------------------	2020-02-25 04:12:45
5.188.210.41	attackbotsspam	sie-0 : Trying access unauthorized files=>/media/k2/items/cache/index.php	2020-02-25 04:06:27
54.39.10.56	attackspam	Automatic report - SSH Brute-Force Attack	2020-02-25 04:01:08
59.103.164.133	attack	Unauthorized connection attempt detected from IP address 59.103.164.133 to port 445	2020-02-25 04:04:15
60.243.128.164	attackbots	Email rejected due to spam filtering	2020-02-25 04:18:56

Recently Reported IPs

40.124.15.44	201.229.186.168	180.205.35.5	157.71.235.181
39.78.98.153	70.17.219.12	21.46.104.167	22.57.248.43
215.108.70.79	108.47.77.17	187.167.246.221	118.185.50.107
219.172.250.134	83.201.11.181	113.98.229.118	176.17.1.47
254.45.86.149	8.62.132.174	84.138.57.49	33.82.102.6