104.248.13.117

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.248.136.19	attack	Jul 2 18:04:21 host sshd[13973]: Failed password for root from 104.248.136.19 port 44042 ssh2 Jul 2 18:04:21 host sshd[13976]: Failed password for root from 104.248.136.19 port 44330 ssh2 Jul 2 18:04:21 host sshd[13967]: Failed password for root from 104.248.136.19 port 43946 ssh2 Jul 2 18:04:21 host sshd[13979]: Failed password for root from 104.248.136.19 port 44426 ssh2	2022-07-05 20:33:49
104.248.130.10	attackspambots	Oct 13 13:54:01 ajax sshd[30630]: Failed password for root from 104.248.130.10 port 51490 ssh2 Oct 13 13:57:38 ajax sshd[31719]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.130.10	2020-10-13 21:22:10
104.248.130.10	attackspam	$f2bV_matches	2020-10-13 12:48:46
104.248.130.10	attack	Oct 12 23:29:47 mout sshd[11709]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.130.10 user=root Oct 12 23:29:49 mout sshd[11709]: Failed password for root from 104.248.130.10 port 33700 ssh2	2020-10-13 05:36:45
104.248.130.10	attackbots	(sshd) Failed SSH login from 104.248.130.10 (DE/Germany/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 12 17:45:45 server2 sshd[5588]: Invalid user urbaldo from 104.248.130.10 port 43142 Oct 12 17:45:47 server2 sshd[5588]: Failed password for invalid user urbaldo from 104.248.130.10 port 43142 ssh2 Oct 12 17:53:34 server2 sshd[7075]: Invalid user todd from 104.248.130.10 port 39720 Oct 12 17:53:35 server2 sshd[7075]: Failed password for invalid user todd from 104.248.130.10 port 39720 ssh2 Oct 12 17:58:00 server2 sshd[7914]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.130.10 user=root	2020-10-13 03:28:41
104.248.130.10	attack	2020-10-12T10:06:45.308138server.espacesoutien.com sshd[4478]: Failed password for invalid user nesus from 104.248.130.10 port 59156 ssh2 2020-10-12T10:09:48.884519server.espacesoutien.com sshd[4706]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.130.10 user=root 2020-10-12T10:09:51.087322server.espacesoutien.com sshd[4706]: Failed password for root from 104.248.130.10 port 34288 ssh2 2020-10-12T10:13:03.737922server.espacesoutien.com sshd[5348]: Invalid user yosshimu from 104.248.130.10 port 37650 ...	2020-10-12 19:00:17
104.248.130.10	attack	Oct 2 21:07:17 icinga sshd[17414]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.130.10 Oct 2 21:07:19 icinga sshd[17414]: Failed password for invalid user temp from 104.248.130.10 port 42444 ssh2 Oct 2 21:18:18 icinga sshd[34166]: Failed password for root from 104.248.130.10 port 44596 ssh2 ...	2020-10-03 06:05:11
104.248.130.10	attackspambots	2020-10-02T16:36:47.063896Z 268056658fdc New connection: 104.248.130.10:34632 (172.17.0.5:2222) [session: 268056658fdc] 2020-10-02T16:50:24.829396Z 05779c6ab74b New connection: 104.248.130.10:33808 (172.17.0.5:2222) [session: 05779c6ab74b]	2020-10-03 01:31:46
104.248.130.10	attack	Unauthorised connection attempt detected at AUO NODE 4. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-10-02 22:01:09
104.248.130.10	attack	Brute-force attempt banned	2020-10-02 18:32:43
104.248.130.10	attackspam	Brute-force attempt banned	2020-10-02 15:05:41
104.248.131.113	attackbotsspam	Oct 1 01:00:19 haigwepa sshd[3976]: Failed password for root from 104.248.131.113 port 19932 ssh2 ...	2020-10-01 08:13:15
104.248.131.113	attackspam	2020-09-30T16:32:13.434091shield sshd\[5022\]: Invalid user cgi from 104.248.131.113 port 52048 2020-09-30T16:32:13.445193shield sshd\[5022\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.131.113 2020-09-30T16:32:15.014608shield sshd\[5022\]: Failed password for invalid user cgi from 104.248.131.113 port 52048 ssh2 2020-09-30T16:35:27.039161shield sshd\[5367\]: Invalid user alex from 104.248.131.113 port 41728 2020-09-30T16:35:27.050789shield sshd\[5367\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.131.113	2020-10-01 00:45:16
104.248.131.113	attack	$f2bV_matches	2020-09-30 17:01:22
104.248.130.17	attackspambots	Invalid user nginx from 104.248.130.17 port 58826	2020-09-29 03:58:53

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.248.13.117
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 13864
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.248.13.117.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020702 1800 900 604800 86400

;; Query time: 16 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 08 06:10:26 CST 2022
;; MSG SIZE  rcvd: 107

Host info

117.13.248.104.in-addr.arpa domain name pointer ubuntu-s-2vcpu-4gb-nyc3-01.facturamos.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
117.13.248.104.in-addr.arpa	name = ubuntu-s-2vcpu-4gb-nyc3-01.facturamos.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
162.243.233.102	attackbots	Sep 20 10:02:14 serwer sshd\[15461\]: Invalid user l4d2server from 162.243.233.102 port 55830 Sep 20 10:02:14 serwer sshd\[15461\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.233.102 Sep 20 10:02:16 serwer sshd\[15461\]: Failed password for invalid user l4d2server from 162.243.233.102 port 55830 ssh2 ...	2020-09-21 00:34:29
152.136.108.226	attackspam	"Unauthorized connection attempt on SSHD detected"	2020-09-21 00:32:59
62.32.94.164	attackbots	Unauthorized connection attempt from IP address 62.32.94.164 on Port 445(SMB)	2020-09-21 00:25:20
103.209.81.218	attack	Unauthorized connection attempt from IP address 103.209.81.218 on Port 445(SMB)	2020-09-21 00:30:20
171.236.57.209	attackspambots	Unauthorized connection attempt from IP address 171.236.57.209 on Port 445(SMB)	2020-09-21 00:23:37
78.188.58.174	attack	Unauthorized connection attempt from IP address 78.188.58.174 on Port 445(SMB)	2020-09-21 00:27:34
182.23.53.172	attackspam	Unauthorized connection attempt from IP address 182.23.53.172 on Port 445(SMB)	2020-09-21 00:26:14
114.35.119.25	attackspam	Auto Detect Rule! proto TCP (SYN), 114.35.119.25:28299->gjan.info:23, len 40	2020-09-21 00:20:36
218.161.73.109	attack	TCP (SYN) 218.161.73.109:17171 -> port 23, len 44	2020-09-21 00:37:01
3.7.243.166	attack	3.7.243.166 - - [20/Sep/2020:17:53:54 +0200] "GET /wp-login.php HTTP/1.1" 200 1984 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 3.7.243.166 - - [20/Sep/2020:17:53:55 +0200] "POST /wp-login.php HTTP/1.1" 200 2104 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 3.7.243.166 - - [20/Sep/2020:17:53:55 +0200] "GET /wp-login.php HTTP/1.1" 200 1984 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 3.7.243.166 - - [20/Sep/2020:17:53:56 +0200] "POST /wp-login.php HTTP/1.1" 200 2090 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 3.7.243.166 - - [20/Sep/2020:17:53:56 +0200] "GET /wp-login.php HTTP/1.1" 200 1984 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 3.7.243.166 - - [20/Sep/2020:17:53:57 +0200] "POST /wp-login.php HTTP/1.1" 200 2091 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-21 00:43:20
94.102.49.191	attackspam	ET DROP Dshield Block Listed Source group 1 - port: 2481 proto: tcp cat: Misc Attackbytes: 60	2020-09-21 00:55:45
83.66.86.153	attack	Unauthorized connection attempt from IP address 83.66.86.153 on Port 445(SMB)	2020-09-21 00:29:31
118.232.236.197	attack	$f2bV_matches	2020-09-21 00:41:30
54.176.101.14	attackbots	Automatically reported by fail2ban report script (mx1)	2020-09-21 00:56:16
218.92.0.250	attack	Sep 20 16:37:04 IngegnereFirenze sshd[28041]: User root from 218.92.0.250 not allowed because not listed in AllowUsers ...	2020-09-21 00:39:22

Recently Reported IPs

123.135.156.244	165.232.140.5	125.25.83.96	190.210.41.160
176.99.98.246	80.255.187.222	132.232.79.249	37.145.61.119
36.89.118.177	35.186.168.193	203.150.128.178	171.252.224.196
59.99.141.82	78.184.215.67	103.140.95.189	185.147.213.139
151.242.27.178	202.142.154.53	186.10.102.130	121.101.129.124