104.248.116.140

Basic Info

City: North Bergen

Region: New Jersey

Country: United States

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: DigitalOcean, LLC

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-09-22T19:05:16Z and 2020-09-22T19:12:00Z	2020-09-23 03:24:25
attackspambots	sshd: Failed password for invalid user .... from 104.248.116.140 port 54246 ssh2 (2 attempts)	2020-09-22 19:35:56
attackspambots	2020-09-01T13:00:42.645079shield sshd\[5347\]: Invalid user cherish from 104.248.116.140 port 59714 2020-09-01T13:00:42.653153shield sshd\[5347\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.116.140 2020-09-01T13:00:44.731548shield sshd\[5347\]: Failed password for invalid user cherish from 104.248.116.140 port 59714 ssh2 2020-09-01T13:04:29.741262shield sshd\[6635\]: Invalid user sysadmin from 104.248.116.140 port 38570 2020-09-01T13:04:29.755921shield sshd\[6635\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.116.140	2020-09-01 21:07:22
attackspam	Aug 19 23:09:33 srv-ubuntu-dev3 sshd[95285]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.116.140 Aug 19 23:09:33 srv-ubuntu-dev3 sshd[95285]: Invalid user fernanda from 104.248.116.140 Aug 19 23:09:35 srv-ubuntu-dev3 sshd[95285]: Failed password for invalid user fernanda from 104.248.116.140 port 35502 ssh2 Aug 19 23:12:40 srv-ubuntu-dev3 sshd[95613]: Invalid user secure from 104.248.116.140 Aug 19 23:12:40 srv-ubuntu-dev3 sshd[95613]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.116.140 Aug 19 23:12:40 srv-ubuntu-dev3 sshd[95613]: Invalid user secure from 104.248.116.140 Aug 19 23:12:43 srv-ubuntu-dev3 sshd[95613]: Failed password for invalid user secure from 104.248.116.140 port 42742 ssh2 Aug 19 23:16:00 srv-ubuntu-dev3 sshd[96131]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.116.140 user=root Aug 19 23:16:02 srv-ubuntu-dev3 sshd ...	2020-08-20 05:23:48
attack	Aug 18 18:14:50 haigwepa sshd[25063]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.116.140 Aug 18 18:14:53 haigwepa sshd[25063]: Failed password for invalid user admin from 104.248.116.140 port 51806 ssh2 ...	2020-08-19 00:17:19
attack	reported through recidive - multiple failed attempts(SSH)	2020-08-16 07:31:12
attack	Aug 13 07:56:38 cosmoit sshd[3234]: Failed password for root from 104.248.116.140 port 50296 ssh2	2020-08-13 14:03:28
attack	Aug 7 23:21:51 rancher-0 sshd[892145]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.116.140 user=root Aug 7 23:21:53 rancher-0 sshd[892145]: Failed password for root from 104.248.116.140 port 46638 ssh2 ...	2020-08-08 06:12:15
attackbotsspam	"Unauthorized connection attempt on SSHD detected"	2020-08-08 03:59:51
attack	SSH authentication failure x 6 reported by Fail2Ban ...	2020-07-25 18:49:25
attackspam	Jul 19 17:05:26 rocket sshd[9091]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.116.140 Jul 19 17:05:28 rocket sshd[9091]: Failed password for invalid user smitty from 104.248.116.140 port 50604 ssh2 Jul 19 17:09:29 rocket sshd[9718]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.116.140 ...	2020-07-20 00:22:13
attackbots	Invalid user test from 104.248.116.140 port 54878	2020-07-17 18:49:43
attackspambots	Invalid user test from 104.248.116.140 port 54878	2020-07-16 19:47:48
attack	2020-06-21T06:20:27.743111mail.csmailer.org sshd[10059]: Invalid user app from 104.248.116.140 port 60640 2020-06-21T06:20:27.746409mail.csmailer.org sshd[10059]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.116.140 2020-06-21T06:20:27.743111mail.csmailer.org sshd[10059]: Invalid user app from 104.248.116.140 port 60640 2020-06-21T06:20:29.817627mail.csmailer.org sshd[10059]: Failed password for invalid user app from 104.248.116.140 port 60640 ssh2 2020-06-21T06:23:42.625888mail.csmailer.org sshd[10605]: Invalid user gpadmin from 104.248.116.140 port 60292 ...	2020-06-21 19:55:09
attackspam	(sshd) Failed SSH login from 104.248.116.140 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jun 9 09:55:30 srv sshd[31390]: Invalid user Factory from 104.248.116.140 port 35908 Jun 9 09:55:32 srv sshd[31390]: Failed password for invalid user Factory from 104.248.116.140 port 35908 ssh2 Jun 9 10:04:20 srv sshd[31487]: Invalid user admin from 104.248.116.140 port 32790 Jun 9 10:04:22 srv sshd[31487]: Failed password for invalid user admin from 104.248.116.140 port 32790 ssh2 Jun 9 10:06:23 srv sshd[31526]: Invalid user omsagent from 104.248.116.140 port 42616	2020-06-09 16:11:01
attackspambots	Jun 7 22:55:52 vps647732 sshd[1699]: Failed password for root from 104.248.116.140 port 39290 ssh2 ...	2020-06-08 05:12:26
attackspam	Jun 5 13:52:24 nas sshd[27737]: Failed password for root from 104.248.116.140 port 32952 ssh2 Jun 5 13:58:21 nas sshd[28039]: Failed password for root from 104.248.116.140 port 37752 ssh2 ...	2020-06-05 22:43:58
attack	SSH Brute Force	2020-06-01 03:24:51
attack	SSH authentication failure x 6 reported by Fail2Ban ...	2020-05-27 16:30:23
attackspambots	$f2bV_matches	2020-04-20 18:29:27
attackbotsspam	Apr 15 14:11:51 server sshd[19235]: Failed password for invalid user ts3 from 104.248.116.140 port 51638 ssh2 Apr 15 14:15:27 server sshd[22409]: Failed password for invalid user postgres from 104.248.116.140 port 59882 ssh2 Apr 15 14:19:14 server sshd[25188]: Failed password for invalid user nmsguest from 104.248.116.140 port 39896 ssh2	2020-04-15 21:11:43
attackspam	2020-04-15T09:19:30.998050struts4.enskede.local sshd\[26027\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.116.140 user=root 2020-04-15T09:19:34.066355struts4.enskede.local sshd\[26027\]: Failed password for root from 104.248.116.140 port 45720 ssh2 2020-04-15T09:20:47.531999struts4.enskede.local sshd\[26052\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.116.140 user=root 2020-04-15T09:20:50.459609struts4.enskede.local sshd\[26052\]: Failed password for root from 104.248.116.140 port 35458 ssh2 2020-04-15T09:21:39.992484struts4.enskede.local sshd\[26075\]: Invalid user ntps from 104.248.116.140 port 48992 ...	2020-04-15 15:37:44
attackspam	Apr 13 07:58:22 legacy sshd[31955]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.116.140 Apr 13 07:58:24 legacy sshd[31955]: Failed password for invalid user apache from 104.248.116.140 port 34860 ssh2 Apr 13 08:02:20 legacy sshd[32157]: Failed password for root from 104.248.116.140 port 44152 ssh2 ...	2020-04-13 14:36:02
attackbotsspam	Apr 5 08:06:10 haigwepa sshd[3776]: Failed password for root from 104.248.116.140 port 43540 ssh2 ...	2020-04-05 15:01:38
attackspam	SSH login attempts.	2020-03-20 12:29:27
attack	Mar 3 23:36:58 localhost sshd[125039]: Invalid user ftpuser from 104.248.116.140 port 37868 Mar 3 23:36:58 localhost sshd[125039]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.116.140 Mar 3 23:36:58 localhost sshd[125039]: Invalid user ftpuser from 104.248.116.140 port 37868 Mar 3 23:37:00 localhost sshd[125039]: Failed password for invalid user ftpuser from 104.248.116.140 port 37868 ssh2 Mar 3 23:44:27 localhost sshd[125884]: Invalid user musikbot from 104.248.116.140 port 45792 ...	2020-03-04 09:31:46
attack	Feb 28 08:52:42 lnxmysql61 sshd[11162]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.116.140	2020-02-28 21:03:55
attackspambots	Invalid user qgm from 104.248.116.140 port 59036	2020-02-13 09:00:08
attackbots	Feb 9 13:55:29 hpm sshd\[1696\]: Invalid user gpy from 104.248.116.140 Feb 9 13:55:29 hpm sshd\[1696\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.116.140 Feb 9 13:55:31 hpm sshd\[1696\]: Failed password for invalid user gpy from 104.248.116.140 port 51912 ssh2 Feb 9 13:58:37 hpm sshd\[2075\]: Invalid user gf from 104.248.116.140 Feb 9 13:58:37 hpm sshd\[2075\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.116.140	2020-02-10 08:26:11
attackspambots	Feb 6 06:23:08 legacy sshd[22705]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.116.140 Feb 6 06:23:10 legacy sshd[22705]: Failed password for invalid user mqb from 104.248.116.140 port 51358 ssh2 Feb 6 06:26:01 legacy sshd[22999]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.116.140 ...	2020-02-06 13:54:01

Comments on same subnet:

IP	Type	Details	Datetime
104.248.116.198	attack	Port scan: Attack repeated for 24 hours	2020-02-23 06:35:04
104.248.116.76	attackspambots	Sep 25 14:19:59 xeon sshd[4390]: Failed password for invalid user admin from 104.248.116.76 port 54256 ssh2	2019-09-26 00:06:56
104.248.116.76	attackspambots	Sep 22 07:03:12 www sshd\[2463\]: Invalid user ea from 104.248.116.76Sep 22 07:03:14 www sshd\[2463\]: Failed password for invalid user ea from 104.248.116.76 port 32996 ssh2Sep 22 07:07:03 www sshd\[2518\]: Invalid user cs16 from 104.248.116.76Sep 22 07:07:04 www sshd\[2518\]: Failed password for invalid user cs16 from 104.248.116.76 port 50294 ssh2 ...	2019-09-22 20:23:15
104.248.116.76	attackspam	Sep 15 00:58:21 yabzik sshd[10331]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.116.76 Sep 15 00:58:23 yabzik sshd[10331]: Failed password for invalid user mail1 from 104.248.116.76 port 51274 ssh2 Sep 15 01:02:14 yabzik sshd[11723]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.116.76	2019-09-15 06:05:06
104.248.116.76	attackbots	$f2bV_matches	2019-09-02 09:31:10
104.248.116.76	attackspam	Brute forcing Wordpress login	2019-08-13 15:11:06
104.248.116.76	attack	2019-08-08T13:13:18.307574abusebot-4.cloudsearch.cf sshd\[15481\]: Invalid user leyla from 104.248.116.76 port 53310	2019-08-08 23:04:06
104.248.116.76	attack	Aug 6 13:26:20 dedicated sshd[23305]: Invalid user toor from 104.248.116.76 port 35510	2019-08-06 19:33:15
104.248.116.87	attack	Apr 25 17:29:12 ubuntu sshd[13992]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.116.87 Apr 25 17:29:15 ubuntu sshd[13992]: Failed password for invalid user mongodb from 104.248.116.87 port 47128 ssh2 Apr 25 17:31:20 ubuntu sshd[14056]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.116.87 Apr 25 17:31:22 ubuntu sshd[14056]: Failed password for invalid user minecraft from 104.248.116.87 port 43338 ssh2	2019-07-31 23:08:15
104.248.116.76	attack	Jul 25 07:18:24 srv-4 sshd\[27872\]: Invalid user srikanth from 104.248.116.76 Jul 25 07:18:24 srv-4 sshd\[27872\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.116.76 Jul 25 07:18:26 srv-4 sshd\[27872\]: Failed password for invalid user srikanth from 104.248.116.76 port 54870 ssh2 ...	2019-07-25 12:46:12
104.248.116.76	attackbotsspam	Jul 25 00:55:59 srv-4 sshd\[30763\]: Invalid user he from 104.248.116.76 Jul 25 00:55:59 srv-4 sshd\[30763\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.116.76 Jul 25 00:56:01 srv-4 sshd\[30763\]: Failed password for invalid user he from 104.248.116.76 port 52682 ssh2 ...	2019-07-25 06:37:17
104.248.116.76	attackspam	Jul 16 03:02:15 vps200512 sshd\[28803\]: Invalid user fenix from 104.248.116.76 Jul 16 03:02:15 vps200512 sshd\[28803\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.116.76 Jul 16 03:02:17 vps200512 sshd\[28803\]: Failed password for invalid user fenix from 104.248.116.76 port 34812 ssh2 Jul 16 03:07:01 vps200512 sshd\[28844\]: Invalid user ftp from 104.248.116.76 Jul 16 03:07:01 vps200512 sshd\[28844\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.116.76	2019-07-16 15:09:53
104.248.116.76	attackbots	Jul 15 16:12:15 vps200512 sshd\[17216\]: Invalid user usuario from 104.248.116.76 Jul 15 16:12:15 vps200512 sshd\[17216\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.116.76 Jul 15 16:12:16 vps200512 sshd\[17216\]: Failed password for invalid user usuario from 104.248.116.76 port 59632 ssh2 Jul 15 16:16:58 vps200512 sshd\[17276\]: Invalid user appldisc from 104.248.116.76 Jul 15 16:16:58 vps200512 sshd\[17276\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.116.76	2019-07-16 04:28:46
104.248.116.76	attackbotsspam	Jul 13 00:19:54 vibhu-HP-Z238-Microtower-Workstation sshd\[15225\]: Invalid user ajmal from 104.248.116.76 Jul 13 00:19:54 vibhu-HP-Z238-Microtower-Workstation sshd\[15225\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.116.76 Jul 13 00:19:56 vibhu-HP-Z238-Microtower-Workstation sshd\[15225\]: Failed password for invalid user ajmal from 104.248.116.76 port 48282 ssh2 Jul 13 00:24:52 vibhu-HP-Z238-Microtower-Workstation sshd\[16187\]: Invalid user black from 104.248.116.76 Jul 13 00:24:52 vibhu-HP-Z238-Microtower-Workstation sshd\[16187\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.116.76 ...	2019-07-13 03:11:08
104.248.116.76	attackbotsspam	Jul 12 11:21:26 vibhu-HP-Z238-Microtower-Workstation sshd\[26342\]: Invalid user choi from 104.248.116.76 Jul 12 11:21:26 vibhu-HP-Z238-Microtower-Workstation sshd\[26342\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.116.76 Jul 12 11:21:27 vibhu-HP-Z238-Microtower-Workstation sshd\[26342\]: Failed password for invalid user choi from 104.248.116.76 port 47026 ssh2 Jul 12 11:26:39 vibhu-HP-Z238-Microtower-Workstation sshd\[27314\]: Invalid user training from 104.248.116.76 Jul 12 11:26:39 vibhu-HP-Z238-Microtower-Workstation sshd\[27314\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.116.76 ...	2019-07-12 14:08:09

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.248.116.140
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3325
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.248.116.140.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040400 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Thu Apr 04 17:52:28 +08 2019
;; MSG SIZE  rcvd: 119

Host info

Host 140.116.248.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 140.116.248.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
180.253.140.13	attackbots	PHI,WP GET /wp-login.php	2019-07-16 04:57:01
27.203.218.18	attack	TCP port 23 (Telnet) attempt blocked by firewall. [2019-07-15 18:51:37]	2019-07-16 05:09:48
210.14.77.102	attack	Jul 15 22:34:19 eventyay sshd[3641]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.14.77.102 Jul 15 22:34:20 eventyay sshd[3641]: Failed password for invalid user vtcbikes from 210.14.77.102 port 33095 ssh2 Jul 15 22:39:07 eventyay sshd[4959]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.14.77.102 ...	2019-07-16 04:41:15
122.176.44.163	attack	2019-07-15 06:38:09,149 fail2ban.actions [760]: NOTICE [sshd] Ban 122.176.44.163 2019-07-15 09:44:15,175 fail2ban.actions [760]: NOTICE [sshd] Ban 122.176.44.163 2019-07-15 12:53:32,160 fail2ban.actions [760]: NOTICE [sshd] Ban 122.176.44.163 ...	2019-07-16 04:52:29
51.68.198.119	attack	Jul 15 22:06:15 icinga sshd[13068]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.198.119 Jul 15 22:06:16 icinga sshd[13068]: Failed password for invalid user jesus from 51.68.198.119 port 34484 ssh2 ...	2019-07-16 04:49:52
5.190.112.241	attackbotsspam	Automatic report - Port Scan Attack	2019-07-16 04:36:13
212.34.1.30	attack	445/tcp 445/tcp [2019-07-12/15]2pkt	2019-07-16 05:11:05
172.245.245.14	attackspambots	445/tcp 445/tcp 445/tcp... [2019-05-17/07-15]12pkt,1pt.(tcp)	2019-07-16 05:12:38
143.0.52.117	attackspam	Jul 15 22:54:31 eventyay sshd[8734]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=143.0.52.117 Jul 15 22:54:33 eventyay sshd[8734]: Failed password for invalid user sandi from 143.0.52.117 port 52883 ssh2 Jul 15 22:59:53 eventyay sshd[10240]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=143.0.52.117 ...	2019-07-16 05:13:12
46.176.216.209	attackbots	Automatic report - Port Scan Attack	2019-07-16 04:44:52
221.214.152.34	attackspam	5500/tcp 5500/tcp 5500/tcp... [2019-06-22/07-14]13pkt,1pt.(tcp)	2019-07-16 04:50:47
89.248.162.168	attackbots	15.07.2019 20:46:49 Connection to port 2438 blocked by firewall	2019-07-16 04:51:22
103.118.112.249	attackbotsspam	Automatic report - Port Scan Attack	2019-07-16 04:58:43
77.42.125.251	attackspambots	Automatic report - Port Scan Attack	2019-07-16 04:46:47
118.165.155.202	attackbots	37215/tcp 37215/tcp 37215/tcp... [2019-07-11/14]7pkt,1pt.(tcp)	2019-07-16 04:32:55

Recently Reported IPs

115.59.187.127	94.191.81.131	93.190.223.192	91.135.247.48
88.202.190.153	82.117.196.30	81.213.166.175	77.247.109.78
51.77.222.140	45.119.80.95	37.49.227.138	31.163.119.16
14.18.118.232	5.190.179.242	212.64.28.77	185.193.125.134
178.187.202.49	104.131.84.59	37.79.44.112	118.172.30.153