104.248.121.159

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Automatic report - Banned IP Access	2019-07-14 06:08:15
attackspambots	Automatic report - Web App Attack	2019-07-13 06:59:08
attackbotsspam	miraniessen.de 104.248.121.159 \[12/Jul/2019:01:59:29 +0200\] "POST /wp-login.php HTTP/1.1" 200 5972 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" miraniessen.de 104.248.121.159 \[12/Jul/2019:01:59:30 +0200\] "POST /wp-login.php HTTP/1.1" 200 5976 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" miraniessen.de 104.248.121.159 \[12/Jul/2019:01:59:31 +0200\] "POST /wp-login.php HTTP/1.1" 200 5967 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-07-12 13:28:11
attack	Automatic report - Web App Attack	2019-07-11 23:44:46
attackspam	Automatic report generated by Wazuh	2019-07-06 14:19:20

Comments on same subnet:

IP	Type	Details	Datetime
104.248.121.165	attackbots	" "	2020-09-01 05:48:36
104.248.121.165	attack	fail2ban/Aug 28 14:04:27 h1962932 sshd[8573]: Invalid user hy from 104.248.121.165 port 34572 Aug 28 14:04:27 h1962932 sshd[8573]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.121.165 Aug 28 14:04:27 h1962932 sshd[8573]: Invalid user hy from 104.248.121.165 port 34572 Aug 28 14:04:29 h1962932 sshd[8573]: Failed password for invalid user hy from 104.248.121.165 port 34572 ssh2 Aug 28 14:08:28 h1962932 sshd[8635]: Invalid user tester from 104.248.121.165 port 41412	2020-08-28 21:48:55
104.248.121.165	attackbots	Invalid user mailtest from 104.248.121.165 port 42582	2020-08-27 21:17:40
104.248.121.165	attack	Aug 25 08:10:34 ip106 sshd[13280]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.121.165 Aug 25 08:10:36 ip106 sshd[13280]: Failed password for invalid user webadmin from 104.248.121.165 port 33090 ssh2 ...	2020-08-25 14:55:39
104.248.121.165	attackspam	Aug 22 13:46:24 l02a sshd[9418]: Invalid user mango from 104.248.121.165 Aug 22 13:46:24 l02a sshd[9418]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.121.165 Aug 22 13:46:24 l02a sshd[9418]: Invalid user mango from 104.248.121.165 Aug 22 13:46:26 l02a sshd[9418]: Failed password for invalid user mango from 104.248.121.165 port 42726 ssh2	2020-08-22 23:55:10
104.248.121.165	attackspambots	Invalid user toor from 104.248.121.165 port 51006	2020-08-22 13:03:42
104.248.121.165	attackbotsspam	Aug 14 06:26:20 rocket sshd[10603]: Failed password for root from 104.248.121.165 port 51328 ssh2 Aug 14 06:30:27 rocket sshd[15462]: Failed password for root from 104.248.121.165 port 33880 ssh2 ...	2020-08-14 14:56:55
104.248.121.165	attackspam	Port Scan detected from 104.248.121.165 (US/United States/New Jersey/North Bergen/-). 4 hits in the last 140 seconds	2020-08-09 07:36:56
104.248.121.165	attack	Aug 2 00:23:30 ny01 sshd[26091]: Failed password for root from 104.248.121.165 port 55430 ssh2 Aug 2 00:25:50 ny01 sshd[26705]: Failed password for root from 104.248.121.165 port 35910 ssh2	2020-08-02 12:37:04
104.248.121.165	attackbots	Aug 2 00:55:56 sip sshd[1160522]: Failed password for root from 104.248.121.165 port 59982 ssh2 Aug 2 01:00:02 sip sshd[1160602]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.121.165 user=root Aug 2 01:00:04 sip sshd[1160602]: Failed password for root from 104.248.121.165 port 41230 ssh2 ...	2020-08-02 07:29:41
104.248.121.165	attackspambots	$f2bV_matches	2020-07-31 23:05:00
104.248.121.165	attack	Jul 28 11:06:58 ns382633 sshd\[25229\]: Invalid user yuanxun from 104.248.121.165 port 60254 Jul 28 11:06:58 ns382633 sshd\[25229\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.121.165 Jul 28 11:07:00 ns382633 sshd\[25229\]: Failed password for invalid user yuanxun from 104.248.121.165 port 60254 ssh2 Jul 28 12:03:15 ns382633 sshd\[3144\]: Invalid user longxiaomi from 104.248.121.165 port 50986 Jul 28 12:03:15 ns382633 sshd\[3144\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.121.165	2020-07-28 19:29:21
104.248.121.165	attackbotsspam	Jul 21 05:53:26 web-main sshd[667038]: Invalid user test2 from 104.248.121.165 port 48286 Jul 21 05:53:29 web-main sshd[667038]: Failed password for invalid user test2 from 104.248.121.165 port 48286 ssh2 Jul 21 06:01:38 web-main sshd[667071]: Invalid user fxy from 104.248.121.165 port 54388	2020-07-21 19:09:58
104.248.121.165	attackspambots	Jul 19 06:37:57 vps sshd[1021942]: Failed password for invalid user test from 104.248.121.165 port 51568 ssh2 Jul 19 06:42:09 vps sshd[1043884]: Invalid user sida from 104.248.121.165 port 41148 Jul 19 06:42:09 vps sshd[1043884]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.121.165 Jul 19 06:42:11 vps sshd[1043884]: Failed password for invalid user sida from 104.248.121.165 port 41148 ssh2 Jul 19 06:46:26 vps sshd[16673]: Invalid user heat from 104.248.121.165 port 58960 ...	2020-07-19 12:55:04
104.248.121.165	attack	Jul 16 18:46:53 server sshd[41314]: Failed password for invalid user kiran from 104.248.121.165 port 41600 ssh2 Jul 16 18:51:21 server sshd[45075]: Failed password for invalid user alink from 104.248.121.165 port 52388 ssh2 Jul 16 18:55:31 server sshd[48497]: Failed password for invalid user mariann from 104.248.121.165 port 34944 ssh2	2020-07-17 01:00:30

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.248.121.159
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2583
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.248.121.159.		IN	A

;; AUTHORITY SECTION:
.			2792	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019060801 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Jun 09 12:32:21 CST 2019
;; MSG SIZE  rcvd: 119

Host info

Host 159.121.248.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 159.121.248.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
186.84.22.34	attackbotsspam	Trying to deliver email spam, but blocked by RBL	2019-07-02 11:22:15
121.190.80.32	attackspam	Trying to deliver email spam, but blocked by RBL	2019-07-02 11:26:06
106.13.62.26	attack	Jul 2 00:20:41 mail sshd\[582\]: Failed password for invalid user usbmux from 106.13.62.26 port 59670 ssh2 Jul 2 00:37:28 mail sshd\[854\]: Invalid user aster from 106.13.62.26 port 37596 Jul 2 00:37:28 mail sshd\[854\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.62.26 ...	2019-07-02 11:09:00
202.28.64.1	attack	Jul 2 01:53:24 vps691689 sshd[11948]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.28.64.1 Jul 2 01:53:25 vps691689 sshd[11948]: Failed password for invalid user kirk from 202.28.64.1 port 49370 ssh2 Jul 2 01:56:04 vps691689 sshd[11971]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.28.64.1 ...	2019-07-02 11:25:23
180.153.61.114	attackspambots	Unauthorized connection attempt from IP address 180.153.61.114 on Port 445(SMB)	2019-07-02 11:22:51
201.174.72.2	attackbotsspam	Unauthorized connection attempt from IP address 201.174.72.2 on Port 445(SMB)	2019-07-02 11:18:47
177.97.0.238	attackbotsspam	Jul 2 05:20:47 vps647732 sshd[12116]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.97.0.238 Jul 2 05:20:49 vps647732 sshd[12116]: Failed password for invalid user cristina from 177.97.0.238 port 59902 ssh2 ...	2019-07-02 11:23:10
5.135.66.118	attackbotsspam	Jul 2 04:44:52 web2 sshd[31193]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.135.66.118 Jul 2 04:44:54 web2 sshd[31193]: Failed password for invalid user libuuid from 5.135.66.118 port 49596 ssh2	2019-07-02 11:24:56
190.205.115.82	attackbotsspam	Unauthorized connection attempt from IP address 190.205.115.82 on Port 445(SMB)	2019-07-02 11:11:43
81.22.45.160	attack	02.07.2019 02:55:52 Connection to port 3389 blocked by firewall	2019-07-02 11:15:07
92.81.221.75	attackspambots	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-02 02:59:50,640 INFO [amun_request_handler] PortScan Detected on Port: 445 (92.81.221.75)	2019-07-02 12:07:01
104.131.7.177	attackbotsspam	xmlrpc attack	2019-07-02 12:16:39
185.176.27.166	attackspam	02.07.2019 02:31:02 Connection to port 49358 blocked by firewall	2019-07-02 11:32:16
157.230.253.56	attackspam	Jul 2 05:45:59 tanzim-HP-Z238-Microtower-Workstation sshd\[4835\]: Invalid user harvey from 157.230.253.56 Jul 2 05:45:59 tanzim-HP-Z238-Microtower-Workstation sshd\[4835\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.253.56 Jul 2 05:46:01 tanzim-HP-Z238-Microtower-Workstation sshd\[4835\]: Failed password for invalid user harvey from 157.230.253.56 port 52118 ssh2 ...	2019-07-02 11:19:43
212.25.60.138	attackbotsspam	Trying to deliver email spam, but blocked by RBL	2019-07-02 11:07:34

Recently Reported IPs

205.185.115.78	15.45.91.60	93.57.30.14	41.193.69.218
118.25.10.61	38.132.108.177	111.200.62.30	23.224.19.24
207.46.13.154	112.245.223.173	157.177.60.203	36.152.65.196
172.160.0.98	9.146.57.80	200.105.209.170	150.14.218.239
95.234.244.210	80.193.26.123	89.233.219.110	111.230.248.125