104.236.55.139

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.236.55.217	attackbotsspam	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-10-05 07:15:56
104.236.55.217	attackbotsspam	ET CINS Active Threat Intelligence Poor Reputation IP group 96 - port: 13094 proto: tcp cat: Misc Attackbytes: 60	2020-10-04 23:28:36
104.236.55.217	attackspambots	TCP (SYN) 104.236.55.217:46138 -> port 13094, len 44	2020-10-04 15:12:06
104.236.55.217	attack	firewall-block, port(s): 26310/tcp	2020-10-01 07:07:18
104.236.55.217	attack	TCP (SYN) 104.236.55.217:56414 -> port 24410, len 44	2020-09-30 23:33:00
104.236.55.217	attackbotsspam	SIP/5060 Probe, BF, Hack -	2020-09-30 16:02:10
104.236.55.217	attackbotsspam	SIP/5060 Probe, BF, Hack -	2020-07-04 16:34:36
104.236.55.217	attack	Jul 4 01:17:22 debian-2gb-nbg1-2 kernel: \[16076863.379293\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=104.236.55.217 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=4316 PROTO=TCP SPT=52404 DPT=28588 WINDOW=1024 RES=0x00 SYN URGP=0	2020-07-04 08:18:00
104.236.55.217	attack	Fail2Ban Ban Triggered	2020-06-20 04:39:47
104.236.55.217	attackspam	Jun 14 15:04:11 debian-2gb-nbg1-2 kernel: \[14398563.603736\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=104.236.55.217 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=33337 PROTO=TCP SPT=59900 DPT=13440 WINDOW=1024 RES=0x00 SYN URGP=0	2020-06-14 21:51:18
104.236.55.217	attackspambots	32205/tcp 1903/tcp 10619/tcp... [2020-04-13/05-08]95pkt,32pt.(tcp)	2020-05-09 20:34:02
104.236.55.217	attackspambots	Lines containing failures of 104.236.55.217 Oct 5 19:30:37 kopano sshd[3110]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.55.217 user=r.r Oct 5 19:30:39 kopano sshd[3110]: Failed password for r.r from 104.236.55.217 port 42758 ssh2 Oct 5 19:30:39 kopano sshd[3110]: Received disconnect from 104.236.55.217 port 42758:11: Bye Bye [preauth] Oct 5 19:30:39 kopano sshd[3110]: Disconnected from authenticating user r.r 104.236.55.217 port 42758 [preauth] Oct 5 19:37:07 kopano sshd[3287]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.55.217 user=r.r Oct 5 19:37:09 kopano sshd[3287]: Failed password for r.r from 104.236.55.217 port 50624 ssh2 Oct 5 19:37:09 kopano sshd[3287]: Received disconnect from 104.236.55.217 port 50624:11: Bye Bye [preauth] Oct 5 19:37:09 kopano sshd[3287]: Disconnected from authenticating user r.r 104.236.55.217 port 50624 [preauth] Oct 5 19:40:........ ------------------------------	2019-10-07 20:13:11

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.236.55.139
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58317
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.236.55.139.			IN	A

;; AUTHORITY SECTION:
.			391	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022500 1800 900 604800 86400

;; Query time: 60 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 25 20:18:32 CST 2022
;; MSG SIZE  rcvd: 107

Host info

Host 139.55.236.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 139.55.236.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
167.71.216.37	attack	167.71.216.37 - - [29/Jun/2020:13:03:32 +0200] "POST /xmlrpc.php HTTP/1.1" 403 20981 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 167.71.216.37 - - [29/Jun/2020:13:11:14 +0200] "POST /xmlrpc.php HTTP/1.1" 403 461 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-06-29 22:38:12
124.128.158.37	attack	Jun 29 15:12:28 minden010 sshd[19558]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.128.158.37 Jun 29 15:12:31 minden010 sshd[19558]: Failed password for invalid user tcb from 124.128.158.37 port 19407 ssh2 Jun 29 15:16:08 minden010 sshd[20902]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.128.158.37 ...	2020-06-29 21:54:55
49.88.112.112	attackbots	June 29 2020, 11:02:29 [sshd] - Banned from the Mad Pony WordPress hosting platform by Fail2ban.	2020-06-29 23:07:04
125.94.151.182	attackbotsspam	Unauthorised access (Jun 29) SRC=125.94.151.182 LEN=52 TOS=0x02 TTL=112 ID=610 DF TCP DPT=445 WINDOW=8192 CWR ECE SYN	2020-06-29 21:54:21
124.225.220.12	attack	Fail2Ban Ban Triggered	2020-06-29 22:48:29
185.202.0.78	attackspam	Repeated RDP login failures. Last user: Administrator	2020-06-29 22:37:20
106.13.30.99	attack	2020-06-29T04:39:32 t 22d[54496]: pam_unix(22d:auth): authentication failure, logname= uid=0 euid=0 tty=22 ruser= rhost=106.13.30.99 ", "Jun 29 04:39:35 t 22d[54496]: Failed password for invalid user jenkins from 106.13.30.99 port 35344 222"], "failures": 3, "mlfid": " t 22d[54496]: ", "user": "jenkins", "ip4": "106.13.30.99"}	2020-06-29 22:51:33
223.206.221.222	attackbots	20/6/29@07:11:14: FAIL: Alarm-Network address from=223.206.221.222 ...	2020-06-29 22:44:04
106.13.175.233	attackspam	Jun 29 15:23:58 abendstille sshd\[23346\]: Invalid user ota from 106.13.175.233 Jun 29 15:23:58 abendstille sshd\[23346\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.175.233 Jun 29 15:24:00 abendstille sshd\[23346\]: Failed password for invalid user ota from 106.13.175.233 port 39666 ssh2 Jun 29 15:28:08 abendstille sshd\[27293\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.175.233 user=root Jun 29 15:28:10 abendstille sshd\[27293\]: Failed password for root from 106.13.175.233 port 58552 ssh2 ...	2020-06-29 22:39:10
118.70.72.103	attackbots	Jun 29 11:11:50 *** sshd[27039]: User root from 118.70.72.103 not allowed because not listed in AllowUsers	2020-06-29 22:30:06
14.250.69.30	attackspambots	Jun 29 14:38:42 rancher-0 sshd[29932]: Invalid user Administrator from 14.250.69.30 port 53270 Jun 29 14:38:45 rancher-0 sshd[29932]: Failed password for invalid user Administrator from 14.250.69.30 port 53270 ssh2 ...	2020-06-29 23:02:47
45.83.67.58	attackbotsspam	trying to access non-authorized port	2020-06-29 22:35:00
168.245.117.238	attackspam	Return-Path: bounces+17224171-eb2b-office=bon-it.co.uk@sendgrid.net Received: from xvfrtrzz.outbound-mail.sendgrid.net (xvfrtrzz.outbound-mail.sendgrid.net [168.245.117.238]) We recently reviewed your account, and we suspect an unauthorized activity. For security reasons your Online Banking access to your accounts has been blocked to prevent unauthorised use.	2020-06-29 22:41:08
188.163.104.75	attackbots	188.163.104.75 - - [29/Jun/2020:15:41:11 +0100] "POST /wp-login.php HTTP/1.1" 200 2065 "https://therockpool.org/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.143 Safari/537.36" 188.163.104.75 - - [29/Jun/2020:15:41:12 +0100] "POST /wp-login.php HTTP/1.1" 200 2065 "https://therockpool.org/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.143 Safari/537.36" 188.163.104.75 - - [29/Jun/2020:15:45:44 +0100] "POST /wp-login.php HTTP/1.1" 200 2065 "https://therockpool.org/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.143 Safari/537.36" ...	2020-06-29 22:47:12
139.59.67.82	attackbots	Jun 29 14:33:25 gestao sshd[22675]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.67.82 Jun 29 14:33:28 gestao sshd[22675]: Failed password for invalid user ftpuser from 139.59.67.82 port 33746 ssh2 Jun 29 14:37:10 gestao sshd[22827]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.67.82 ...	2020-06-29 22:38:28

Recently Reported IPs

104.236.53.160	101.109.51.63	104.236.54.67	104.236.55.167
104.236.56.62	104.236.58.86	104.236.59.183	104.236.55.48
104.236.55.190	104.236.59.86	104.236.65.142	104.236.62.242
104.236.68.59	101.109.51.73	104.236.61.99	104.236.69.29
104.236.68.209	104.236.76.154	104.236.74.45	160.210.68.62