104.248.136.49

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.248.136.19	attack	Jul 2 18:04:21 host sshd[13973]: Failed password for root from 104.248.136.19 port 44042 ssh2 Jul 2 18:04:21 host sshd[13976]: Failed password for root from 104.248.136.19 port 44330 ssh2 Jul 2 18:04:21 host sshd[13967]: Failed password for root from 104.248.136.19 port 43946 ssh2 Jul 2 18:04:21 host sshd[13979]: Failed password for root from 104.248.136.19 port 44426 ssh2	2022-07-05 20:33:49
104.248.136.138	attack	xmlrpc attack	2020-05-03 00:41:43

Type

Details

Datetime

104.248.136.19

attack

Jul  2 18:04:21 host sshd[13973]: Failed password for root from 104.248.136.19 port 44042 ssh2
Jul  2 18:04:21 host sshd[13976]: Failed password for root from 104.248.136.19 port 44330 ssh2
Jul  2 18:04:21 host sshd[13967]: Failed password for root from 104.248.136.19 port 43946 ssh2
Jul  2 18:04:21 host sshd[13979]: Failed password for root from 104.248.136.19 port 44426 ssh2

2022-07-05 20:33:49

104.248.136.138

attack

xmlrpc attack

2020-05-03 00:41:43

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.248.136.49
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10087
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.248.136.49.			IN	A

;; AUTHORITY SECTION:
.			315	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022701 1800 900 604800 86400

;; Query time: 26 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 28 14:08:17 CST 2022
;; MSG SIZE  rcvd: 107

Host info

Host 49.136.248.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 49.136.248.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
125.163.111.70	attack	May 20 07:49:31 sshgateway sshd\[30645\]: Invalid user tit0nich from 125.163.111.70 May 20 07:49:31 sshgateway sshd\[30645\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.163.111.70 May 20 07:49:33 sshgateway sshd\[30645\]: Failed password for invalid user tit0nich from 125.163.111.70 port 50056 ssh2	2020-05-20 16:25:47
101.251.219.227	attackspam	May 20 09:43:02 h2779839 sshd[24200]: Invalid user ambari-qa from 101.251.219.227 port 47488 May 20 09:43:02 h2779839 sshd[24200]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.251.219.227 May 20 09:43:02 h2779839 sshd[24200]: Invalid user ambari-qa from 101.251.219.227 port 47488 May 20 09:43:05 h2779839 sshd[24200]: Failed password for invalid user ambari-qa from 101.251.219.227 port 47488 ssh2 May 20 09:46:23 h2779839 sshd[24257]: Invalid user uhg from 101.251.219.227 port 37646 May 20 09:46:23 h2779839 sshd[24257]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.251.219.227 May 20 09:46:23 h2779839 sshd[24257]: Invalid user uhg from 101.251.219.227 port 37646 May 20 09:46:25 h2779839 sshd[24257]: Failed password for invalid user uhg from 101.251.219.227 port 37646 ssh2 May 20 09:50:01 h2779839 sshd[24277]: Invalid user pbx from 101.251.219.227 port 56034 ...	2020-05-20 15:55:46
36.133.121.12	attack	May 20 01:41:17 plex sshd[15111]: Invalid user kdy from 36.133.121.12 port 47978	2020-05-20 15:48:34
118.24.82.81	attackbotsspam	May 20 09:46:51 abendstille sshd\[2537\]: Invalid user jid from 118.24.82.81 May 20 09:46:51 abendstille sshd\[2537\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.82.81 May 20 09:46:53 abendstille sshd\[2537\]: Failed password for invalid user jid from 118.24.82.81 port 20644 ssh2 May 20 09:50:01 abendstille sshd\[5466\]: Invalid user rxb from 118.24.82.81 May 20 09:50:01 abendstille sshd\[5466\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.82.81 ...	2020-05-20 15:53:32
195.54.160.211	attack	RU_OOO Network of data-centers Selectel_<177>1589962255 [1:2402000:5550] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2]: {TCP} 195.54.160.211:55625	2020-05-20 16:26:37
185.173.106.206	attackbots	2020-05-20T07:47:51.428979upcloud.m0sh1x2.com sshd[3221]: Invalid user dmdba from 185.173.106.206 port 33540	2020-05-20 15:56:22
122.144.212.144	attack	2020-05-20T08:02:16.502442shield sshd\[12125\]: Invalid user qpx from 122.144.212.144 port 56728 2020-05-20T08:02:16.506138shield sshd\[12125\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.144.212.144 2020-05-20T08:02:19.017965shield sshd\[12125\]: Failed password for invalid user qpx from 122.144.212.144 port 56728 ssh2 2020-05-20T08:04:49.354558shield sshd\[12583\]: Invalid user slv from 122.144.212.144 port 46815 2020-05-20T08:04:49.358181shield sshd\[12583\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.144.212.144	2020-05-20 16:17:19
187.189.11.49	attackbots	May 20 10:06:35 lnxded63 sshd[6203]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.189.11.49 May 20 10:06:37 lnxded63 sshd[6203]: Failed password for invalid user mex from 187.189.11.49 port 34612 ssh2 May 20 10:10:38 lnxded63 sshd[6633]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.189.11.49	2020-05-20 16:19:24
192.241.144.235	attackbots	May 20 08:48:51 nextcloud sshd\[3063\]: Invalid user dxq from 192.241.144.235 May 20 08:48:51 nextcloud sshd\[3063\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.241.144.235 May 20 08:48:53 nextcloud sshd\[3063\]: Failed password for invalid user dxq from 192.241.144.235 port 51066 ssh2	2020-05-20 15:44:48
202.175.46.170	attackbots	May 20 09:49:44 sxvn sshd[777131]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.175.46.170	2020-05-20 16:14:31
51.254.32.102	attackspam	May 20 09:36:31 server sshd[16945]: Failed password for invalid user zt from 51.254.32.102 port 42876 ssh2 May 20 09:45:59 server sshd[24219]: Failed password for invalid user kcb from 51.254.32.102 port 58500 ssh2 May 20 09:49:45 server sshd[27325]: Failed password for invalid user ntk from 51.254.32.102 port 37758 ssh2	2020-05-20 16:13:10
35.226.165.144	attackspambots	May 20 07:46:22 web8 sshd\[10353\]: Invalid user gll from 35.226.165.144 May 20 07:46:22 web8 sshd\[10353\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.226.165.144 May 20 07:46:24 web8 sshd\[10353\]: Failed password for invalid user gll from 35.226.165.144 port 33582 ssh2 May 20 07:49:58 web8 sshd\[12180\]: Invalid user jow from 35.226.165.144 May 20 07:49:58 web8 sshd\[12180\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.226.165.144	2020-05-20 16:00:23
64.227.120.63	attackspambots	firewall-block, port(s): 2251/tcp	2020-05-20 15:53:48
75.98.172.243	attackspam	Web Server Attack	2020-05-20 16:22:51
170.106.36.178	attackbotsspam	" "	2020-05-20 16:05:55

Recently Reported IPs

104.248.131.44	104.248.138.8	104.248.141.5	104.248.143.42
104.248.141.21	105.213.76.24	104.248.143.24	104.248.148.101
104.248.159.20	104.248.159.147	104.248.159.194	104.248.159.145
104.248.159.218	104.248.159.205	104.248.159.178	104.248.159.214
104.248.159.230	104.248.159.18	104.248.159.228	104.248.159.39