104.248.123.70

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Sep 9 03:21:43 PorscheCustomer sshd[6467]: Failed password for root from 104.248.123.70 port 42334 ssh2 Sep 9 03:25:36 PorscheCustomer sshd[6562]: Failed password for root from 104.248.123.70 port 48462 ssh2 ...	2020-09-09 23:08:50
attack	Sep 9 03:21:43 PorscheCustomer sshd[6467]: Failed password for root from 104.248.123.70 port 42334 ssh2 Sep 9 03:25:36 PorscheCustomer sshd[6562]: Failed password for root from 104.248.123.70 port 48462 ssh2 ...	2020-09-09 16:49:10

Type

Details

Datetime

attackspam

Sep  9 03:21:43 PorscheCustomer sshd[6467]: Failed password for root from 104.248.123.70 port 42334 ssh2
Sep  9 03:25:36 PorscheCustomer sshd[6562]: Failed password for root from 104.248.123.70 port 48462 ssh2
...

2020-09-09 23:08:50

attack

Sep  9 03:21:43 PorscheCustomer sshd[6467]: Failed password for root from 104.248.123.70 port 42334 ssh2
Sep  9 03:25:36 PorscheCustomer sshd[6562]: Failed password for root from 104.248.123.70 port 48462 ssh2
...

2020-09-09 16:49:10

Comments on same subnet:

IP	Type	Details	Datetime
104.248.123.197	attackspam	Oct 13 12:35:05 lavrea sshd[324863]: Invalid user duncan from 104.248.123.197 port 32850 ...	2020-10-13 21:59:09
104.248.123.197	attackspambots	(sshd) Failed SSH login from 104.248.123.197 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 13 00:31:51 server sshd[31645]: Invalid user whitney from 104.248.123.197 port 42348 Oct 13 00:31:53 server sshd[31645]: Failed password for invalid user whitney from 104.248.123.197 port 42348 ssh2 Oct 13 00:41:36 server sshd[1687]: Invalid user career from 104.248.123.197 port 45714 Oct 13 00:41:38 server sshd[1687]: Failed password for invalid user career from 104.248.123.197 port 45714 ssh2 Oct 13 00:46:19 server sshd[2980]: Invalid user foma from 104.248.123.197 port 48874	2020-10-13 13:24:45
104.248.123.197	attackspam	2020-10-12T23:58:41.827679news0 sshd[579]: User root from 104.248.123.197 not allowed because not listed in AllowUsers 2020-10-12T23:58:44.098078news0 sshd[579]: Failed password for invalid user root from 104.248.123.197 port 33122 ssh2 2020-10-13T00:02:57.159211news0 sshd[700]: User root from 104.248.123.197 not allowed because not listed in AllowUsers ...	2020-10-13 06:09:46
104.248.123.197	attack	Oct 11 19:28:53 web1 sshd\[13339\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.123.197 user=root Oct 11 19:28:55 web1 sshd\[13339\]: Failed password for root from 104.248.123.197 port 59144 ssh2 Oct 11 19:33:17 web1 sshd\[13851\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.123.197 user=mysql Oct 11 19:33:19 web1 sshd\[13851\]: Failed password for mysql from 104.248.123.197 port 34434 ssh2 Oct 11 19:37:41 web1 sshd\[14333\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.123.197 user=root	2020-10-12 13:45:39
104.248.123.197	attack	Sep 30 08:32:58 roki-contabo sshd\[2298\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.123.197 user=root Sep 30 08:33:00 roki-contabo sshd\[2298\]: Failed password for root from 104.248.123.197 port 47318 ssh2 Sep 30 08:42:37 roki-contabo sshd\[2394\]: Invalid user ian from 104.248.123.197 Sep 30 08:42:37 roki-contabo sshd\[2394\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.123.197 Sep 30 08:42:39 roki-contabo sshd\[2394\]: Failed password for invalid user ian from 104.248.123.197 port 56104 ssh2 ...	2020-10-05 04:10:54
104.248.123.197	attackspam	<6 unauthorized SSH connections	2020-10-04 20:02:04
104.248.123.197	attackbotsspam	Sep 15 17:14:11 pornomens sshd\[19627\]: Invalid user ubnt from 104.248.123.197 port 39688 Sep 15 17:14:11 pornomens sshd\[19627\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.123.197 Sep 15 17:14:14 pornomens sshd\[19627\]: Failed password for invalid user ubnt from 104.248.123.197 port 39688 ssh2 ...	2020-09-16 02:24:33
104.248.123.197	attack	[SID2] Fail2ban detected 5 failed SSH login attempts within 30 minutes. This report was submitted automatically.	2020-09-15 18:20:22
104.248.123.197	attackbotsspam	Invalid user lois from 104.248.123.197 port 42692	2020-08-31 01:27:37
104.248.123.197	attackbots	Aug 28 13:13:37 ip106 sshd[24379]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.123.197 Aug 28 13:13:38 ip106 sshd[24379]: Failed password for invalid user fdd from 104.248.123.197 port 50510 ssh2 ...	2020-08-28 19:24:37
104.248.123.197	attackbots	Aug 26 02:07:01 ws19vmsma01 sshd[182304]: Failed password for root from 104.248.123.197 port 59774 ssh2 Aug 26 02:22:20 ws19vmsma01 sshd[191360]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.123.197 Aug 26 02:22:23 ws19vmsma01 sshd[191360]: Failed password for invalid user marwan from 104.248.123.197 port 55240 ssh2 ...	2020-08-26 15:24:20

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.248.123.70
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 51846
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.248.123.70.			IN	A

;; AUTHORITY SECTION:
.			336	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020090900 1800 900 604800 86400

;; Query time: 65 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Sep 09 16:49:03 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 70.123.248.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 70.123.248.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
81.248.164.243	attack	Automatic report - Port Scan Attack	2020-09-02 13:17:00
34.68.146.105	attackspam	Sep 2 05:23:07 vmd26974 sshd[15746]: Failed password for root from 34.68.146.105 port 56136 ssh2 Sep 2 05:54:50 vmd26974 sshd[29128]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=34.68.146.105 ...	2020-09-02 13:34:56
134.175.2.7	attack	Invalid user alexa from 134.175.2.7 port 53824	2020-09-02 13:21:14
37.194.122.6	attackspambots	port scan and connect, tcp 1433 (ms-sql-s)	2020-09-02 13:28:50
87.251.73.238	attackspam	[H1.VM6] Blocked by UFW	2020-09-02 13:37:32
208.109.8.138	attackbotsspam	Trolling for resource vulnerabilities	2020-09-02 13:11:58
52.173.253.120	attackspam	Sep 2 06:13:58 meumeu sshd[899814]: Invalid user rcg from 52.173.253.120 port 1792 Sep 2 06:13:58 meumeu sshd[899814]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.173.253.120 Sep 2 06:13:58 meumeu sshd[899814]: Invalid user rcg from 52.173.253.120 port 1792 Sep 2 06:13:59 meumeu sshd[899814]: Failed password for invalid user rcg from 52.173.253.120 port 1792 ssh2 Sep 2 06:15:59 meumeu sshd[899918]: Invalid user user from 52.173.253.120 port 1792 Sep 2 06:15:59 meumeu sshd[899918]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.173.253.120 Sep 2 06:15:59 meumeu sshd[899918]: Invalid user user from 52.173.253.120 port 1792 Sep 2 06:16:00 meumeu sshd[899918]: Failed password for invalid user user from 52.173.253.120 port 1792 ssh2 Sep 2 06:18:17 meumeu sshd[900008]: Invalid user admin from 52.173.253.120 port 1792 ...	2020-09-02 13:33:37
178.62.12.192	attackspambots	Invalid user dac from 178.62.12.192 port 34558	2020-09-02 13:39:17
195.223.211.242	attackbots	Sep 1 19:24:26 ns3033917 sshd[8285]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.223.211.242 Sep 1 19:24:26 ns3033917 sshd[8285]: Invalid user tomek from 195.223.211.242 port 35004 Sep 1 19:24:28 ns3033917 sshd[8285]: Failed password for invalid user tomek from 195.223.211.242 port 35004 ssh2 ...	2020-09-02 13:01:57
129.226.174.26	attackspambots	Invalid user git from 129.226.174.26 port 55688	2020-09-02 13:17:53
149.200.186.60	attackspam	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-09-02 13:05:35
62.92.48.242	attack	Sep 2 06:54:28 vpn01 sshd[10671]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.92.48.242 Sep 2 06:54:30 vpn01 sshd[10671]: Failed password for invalid user sistemas from 62.92.48.242 port 59122 ssh2 ...	2020-09-02 12:59:01
45.142.120.147	attackspambots	2020-09-01T22:53:43.014598linuxbox-skyline auth[26446]: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=xen1 rhost=45.142.120.147 ...	2020-09-02 13:01:27
2.236.188.179	attack	Invalid user kate from 2.236.188.179 port 53406	2020-09-02 13:15:36
92.195.107.89	attackspambots	SSH/22 MH Probe, BF, Hack -	2020-09-02 13:35:14

Recently Reported IPs

181.15.198.218	173.249.16.117	117.89.130.184	61.164.47.131
163.107.202.49	118.246.38.2	120.76.251.205	37.37.226.138
14.217.77.25	5.128.29.155	95.46.140.49	171.236.71.110
91.229.112.18	174.231.2.59	74.208.235.136	220.132.209.144
55.127.198.114	156.199.2.86	23.41.169.222	188.80.33.49