216.68.91.104 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: Fuse Internet Access

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	2020-05-22T15:05:59.416448struts4.enskede.local sshd\[4960\]: Invalid user jsq from 216.68.91.104 port 59340 2020-05-22T15:05:59.424410struts4.enskede.local sshd\[4960\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ttgp-091104.thetonegroup.com 2020-05-22T15:06:02.914161struts4.enskede.local sshd\[4960\]: Failed password for invalid user jsq from 216.68.91.104 port 59340 ssh2 2020-05-22T15:10:39.989732struts4.enskede.local sshd\[4991\]: Invalid user rwa from 216.68.91.104 port 46196 2020-05-22T15:10:39.996133struts4.enskede.local sshd\[4991\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ttgp-091104.thetonegroup.com ...	2020-05-23 03:30:13
attackspam	frenzy	2020-05-10 15:58:37
attack	May 5 11:19:31 nextcloud sshd\[6590\]: Invalid user ftpadmin2 from 216.68.91.104 May 5 11:19:31 nextcloud sshd\[6590\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=216.68.91.104 May 5 11:19:33 nextcloud sshd\[6590\]: Failed password for invalid user ftpadmin2 from 216.68.91.104 port 60460 ssh2	2020-05-05 19:25:04
attackbotsspam	Port Scan detected from 216.68.91.104 (US/United States/California/Los Angeles/ttgp-091104.thetonegroup.com). 4 hits in the last 181 seconds	2020-04-26 05:03:22
attackbots	Invalid user un from 216.68.91.104 port 52072	2020-04-22 06:01:44
attack	Apr 20 18:17:26 dev0-dcde-rnet sshd[19305]: Failed password for root from 216.68.91.104 port 40824 ssh2 Apr 20 18:31:53 dev0-dcde-rnet sshd[19378]: Failed password for root from 216.68.91.104 port 45536 ssh2	2020-04-21 01:09:49
attack	SSH brute-force: detected 6 distinct usernames within a 24-hour window.	2020-04-20 01:26:39
attack	Apr 16 03:53:19 *** sshd[5463]: Invalid user ubuntu from 216.68.91.104	2020-04-16 14:42:03
attackspambots	2020-03-26T22:04:20.673590shield sshd\[9797\]: Invalid user user from 216.68.91.104 port 46228 2020-03-26T22:04:20.682806shield sshd\[9797\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ttgp-091104.thetonegroup.com 2020-03-26T22:04:22.431872shield sshd\[9797\]: Failed password for invalid user user from 216.68.91.104 port 46228 ssh2 2020-03-26T22:10:52.191896shield sshd\[11773\]: Invalid user aws from 216.68.91.104 port 59680 2020-03-26T22:10:52.199863shield sshd\[11773\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ttgp-091104.thetonegroup.com	2020-03-27 06:46:22
attackbotsspam	Mar 22 20:02:23 gw1 sshd[6680]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=216.68.91.104 Mar 22 20:02:26 gw1 sshd[6680]: Failed password for invalid user cpanel from 216.68.91.104 port 35118 ssh2 ...	2020-03-23 02:25:56
attack	Port Scan detected from 216.68.91.104 (US/United States/ttgp-091104.thetonegroup.com). 4 hits in the last 210 seconds	2020-03-10 03:37:28
attack	Jan 14 19:00:02 ms-srv sshd[5586]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=216.68.91.104 Jan 14 19:00:05 ms-srv sshd[5586]: Failed password for invalid user guest from 216.68.91.104 port 56002 ssh2	2020-03-08 22:33:31
attackspambots	2020-02-26T14:06:29.468433randservbullet-proofcloud-66.localdomain sshd[6207]: Invalid user work from 216.68.91.104 port 47026 2020-02-26T14:06:29.474700randservbullet-proofcloud-66.localdomain sshd[6207]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ttgp-091104.thetonegroup.com 2020-02-26T14:06:29.468433randservbullet-proofcloud-66.localdomain sshd[6207]: Invalid user work from 216.68.91.104 port 47026 2020-02-26T14:06:31.955300randservbullet-proofcloud-66.localdomain sshd[6207]: Failed password for invalid user work from 216.68.91.104 port 47026 ssh2 ...	2020-02-26 22:23:11
attack	Feb 22 05:05:37 hpm sshd\[16016\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ttgp-091104.thetonegroup.com user=root Feb 22 05:05:39 hpm sshd\[16016\]: Failed password for root from 216.68.91.104 port 49146 ssh2 Feb 22 05:08:32 hpm sshd\[16267\]: Invalid user daniel from 216.68.91.104 Feb 22 05:08:32 hpm sshd\[16267\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ttgp-091104.thetonegroup.com Feb 22 05:08:34 hpm sshd\[16267\]: Failed password for invalid user daniel from 216.68.91.104 port 48786 ssh2	2020-02-22 23:19:40
attackbotsspam	Feb 11 11:40:15 firewall sshd[17251]: Invalid user kic from 216.68.91.104 Feb 11 11:40:18 firewall sshd[17251]: Failed password for invalid user kic from 216.68.91.104 port 36316 ssh2 Feb 11 11:42:05 firewall sshd[17351]: Invalid user vnw from 216.68.91.104 ...	2020-02-12 05:19:14
attackspambots	Unauthorized connection attempt detected from IP address 216.68.91.104 to port 2220 [J]	2020-01-24 21:29:52

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 216.68.91.104
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17678
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;216.68.91.104.			IN	A

;; AUTHORITY SECTION:
.			395	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020012400 1800 900 604800 86400

;; Query time: 428 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jan 24 21:29:49 CST 2020
;; MSG SIZE  rcvd: 117

Host info

104.91.68.216.in-addr.arpa domain name pointer ttgp-091104.thetonegroup.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
104.91.68.216.in-addr.arpa	name = ttgp-091104.thetonegroup.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
139.99.114.236	attackspam	WordPress login Brute force / Web App Attack on client site.	2019-07-20 01:01:16
94.102.51.30	attack	19/7/19@12:46:38: FAIL: Alarm-Intrusion address from=94.102.51.30 ...	2019-07-20 01:37:42
78.128.113.68	attackspam	Time: Fri Jul 19 13:56:24 2019 -0300 IP: 78.128.113.68 (BG/Bulgaria/ip-113-68.4vendeta.com) Failures: 30 (smtpauth) Interval: 3600 seconds Blocked: Permanent Block	2019-07-20 01:09:11
148.70.2.5	attackspambots	Jul 19 19:09:04 giegler sshd[22984]: Invalid user lena from 148.70.2.5 port 49012	2019-07-20 01:12:13
115.149.129.60	attackspam	445/tcp [2019-07-19]1pkt	2019-07-20 00:41:21
36.80.129.102	attackbots	445/tcp [2019-07-19]1pkt	2019-07-20 00:39:19
123.201.158.194	attackspam	Jul 19 18:56:19 mail sshd\[6303\]: Invalid user ll from 123.201.158.194 port 56444 Jul 19 18:56:19 mail sshd\[6303\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.201.158.194 Jul 19 18:56:21 mail sshd\[6303\]: Failed password for invalid user ll from 123.201.158.194 port 56444 ssh2 Jul 19 19:02:05 mail sshd\[7639\]: Invalid user prueba from 123.201.158.194 port 54091 Jul 19 19:02:05 mail sshd\[7639\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.201.158.194	2019-07-20 01:17:58
190.64.68.181	attack	Jul 19 18:41:49 OPSO sshd\[28679\]: Invalid user horus from 190.64.68.181 port 47617 Jul 19 18:41:49 OPSO sshd\[28679\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.64.68.181 Jul 19 18:41:51 OPSO sshd\[28679\]: Failed password for invalid user horus from 190.64.68.181 port 47617 ssh2 Jul 19 18:47:58 OPSO sshd\[29112\]: Invalid user alex from 190.64.68.181 port 46754 Jul 19 18:47:58 OPSO sshd\[29112\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.64.68.181	2019-07-20 00:52:33
87.120.36.244	attack	2019-07-1918:41:33dovecot_loginauthenticatorfailedfor$server.com$[87.120.36.244]:38860:535Incorrectauthenticationdata$set_id=company@mondo-it.ch$2019-07-1918:41:57dovecot_loginauthenticatorfailedfor$server.com$[87.120.36.244]:46024:535Incorrectauthenticationdata$set_id=company@myt-shirt.ch$2019-07-1918:43:11dovecot_loginauthenticatorfailedfor$server.com$[87.120.36.244]:39108:535Incorrectauthenticationdata$set_id=company@pescheria.ch$2019-07-1918:43:59dovecot_loginauthenticatorfailedfor$server.com$[87.120.36.244]:53594:535Incorrectauthenticationdata$set_id=company@purexis.ch$2019-07-1918:44:47dovecot_loginauthenticatorfailedfor$server.com$[87.120.36.244]:40492:535Incorrectauthenticationdata$set_id=company@rs-solution.ch$2019-07-1918:44:52dovecot_loginauthenticatorfailedfor$server.com$[87.120.36.244]:40704:535Incorrectauthenticationdata$set_id=company@rssolution.ch$2019-07-1918:45:49dovecot_loginauthenticatorfailedfor$server.com$[87.120.36.244]:59046:535Incorrectauthenticationdata\(set	2019-07-20 01:14:51
62.234.8.41	attack	Jul 19 16:47:12 animalibera sshd[25135]: Invalid user jaime from 62.234.8.41 port 58278 ...	2019-07-20 01:23:34
1.203.110.74	attackbotsspam	web-1 [ssh] SSH Attack	2019-07-20 01:31:23
51.140.181.87	attack	Jul 19 18:47:38 * sshd[8584]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.140.181.87 Jul 19 18:47:40 * sshd[8584]: Failed password for invalid user www from 51.140.181.87 port 40892 ssh2	2019-07-20 01:03:51
138.68.3.141	attackbotsspam	$f2bV_matches	2019-07-20 01:19:50
139.99.40.27	attack	Jul 19 16:41:18 ip-172-31-1-72 sshd\[17707\]: Invalid user wangzy from 139.99.40.27 Jul 19 16:41:18 ip-172-31-1-72 sshd\[17707\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.40.27 Jul 19 16:41:20 ip-172-31-1-72 sshd\[17707\]: Failed password for invalid user wangzy from 139.99.40.27 port 40030 ssh2 Jul 19 16:46:55 ip-172-31-1-72 sshd\[17833\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.40.27 user=ubuntu Jul 19 16:46:57 ip-172-31-1-72 sshd\[17833\]: Failed password for ubuntu from 139.99.40.27 port 37666 ssh2	2019-07-20 01:27:52
118.99.96.76	attack	Automatic report - Banned IP Access	2019-07-20 01:14:20

Recently Reported IPs

87.116.175.34	112.87.4.201	83.143.119.52	59.13.182.88
94.197.59.232	51.91.126.182	41.32.244.211	83.142.52.107
59.127.6.32	50.3.197.165	249.190.129.137	89.219.22.200
144.80.58.139	190.247.16.37	63.81.87.233	195.154.134.155
58.97.13.101	79.69.5.142	2.191.5.108	131.132.202.254