104.248.136.49

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.248.136.19	attack	Jul 2 18:04:21 host sshd[13973]: Failed password for root from 104.248.136.19 port 44042 ssh2 Jul 2 18:04:21 host sshd[13976]: Failed password for root from 104.248.136.19 port 44330 ssh2 Jul 2 18:04:21 host sshd[13967]: Failed password for root from 104.248.136.19 port 43946 ssh2 Jul 2 18:04:21 host sshd[13979]: Failed password for root from 104.248.136.19 port 44426 ssh2	2022-07-05 20:33:49
104.248.136.138	attack	xmlrpc attack	2020-05-03 00:41:43

Type

Details

Datetime

104.248.136.19

attack

Jul  2 18:04:21 host sshd[13973]: Failed password for root from 104.248.136.19 port 44042 ssh2
Jul  2 18:04:21 host sshd[13976]: Failed password for root from 104.248.136.19 port 44330 ssh2
Jul  2 18:04:21 host sshd[13967]: Failed password for root from 104.248.136.19 port 43946 ssh2
Jul  2 18:04:21 host sshd[13979]: Failed password for root from 104.248.136.19 port 44426 ssh2

2022-07-05 20:33:49

104.248.136.138

attack

xmlrpc attack

2020-05-03 00:41:43

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.248.136.49
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10087
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.248.136.49.			IN	A

;; AUTHORITY SECTION:
.			315	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022701 1800 900 604800 86400

;; Query time: 26 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 28 14:08:17 CST 2022
;; MSG SIZE  rcvd: 107

Host info

Host 49.136.248.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 49.136.248.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
37.59.119.181	attackbots	2019-11-10T17:43:57.234564abusebot-7.cloudsearch.cf sshd\[13377\]: Invalid user testwww123 from 37.59.119.181 port 56088	2019-11-11 04:34:02
51.77.192.7	attackbots	51.77.192.7 was recorded 5 times by 5 hosts attempting to connect to the following ports: 8545. Incident counter (4h, 24h, all-time): 5, 32, 157	2019-11-11 04:10:55
198.245.63.94	attackbots	Nov 11 01:51:33 areeb-Workstation sshd[16305]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.245.63.94 Nov 11 01:51:35 areeb-Workstation sshd[16305]: Failed password for invalid user lauro from 198.245.63.94 port 36892 ssh2 ...	2019-11-11 04:25:11
124.74.248.218	attackspam	Nov 11 02:28:45 itv-usvr-01 sshd[16663]: Invalid user routledge from 124.74.248.218 Nov 11 02:28:45 itv-usvr-01 sshd[16663]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.74.248.218 Nov 11 02:28:45 itv-usvr-01 sshd[16663]: Invalid user routledge from 124.74.248.218 Nov 11 02:28:46 itv-usvr-01 sshd[16663]: Failed password for invalid user routledge from 124.74.248.218 port 48894 ssh2	2019-11-11 04:46:59
167.179.64.136	attackbotsspam	Invalid user james from 167.179.64.136 port 59888	2019-11-11 04:10:25
62.148.142.202	attackspam	Nov 10 20:16:12 sso sshd[7026]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.148.142.202 Nov 10 20:16:14 sso sshd[7026]: Failed password for invalid user gunnells from 62.148.142.202 port 43162 ssh2 ...	2019-11-11 04:31:08
120.92.138.124	attack	Nov 5 13:57:32 debian sshd\[16440\]: Invalid user telegraf from 120.92.138.124 port 10622 Nov 5 13:57:32 debian sshd\[16440\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.138.124 Nov 5 13:57:33 debian sshd\[16440\]: Failed password for invalid user telegraf from 120.92.138.124 port 10622 ssh2 Nov 5 14:01:49 debian sshd\[16791\]: Invalid user production from 120.92.138.124 port 45158 Nov 5 14:01:49 debian sshd\[16791\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.138.124 Nov 5 14:01:52 debian sshd\[16791\]: Failed password for invalid user production from 120.92.138.124 port 45158 ssh2 Nov 5 14:06:19 debian sshd\[17174\]: Invalid user nickollas from 120.92.138.124 port 15190 Nov 5 14:06:19 debian sshd\[17174\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.138.124 Nov 5 14:06:21 debian sshd\[17174\]: Failed password for ...	2019-11-11 04:19:36
106.13.143.111	attackbotsspam	Nov 10 20:59:58 MK-Soft-VM8 sshd[20530]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.143.111 Nov 10 21:00:01 MK-Soft-VM8 sshd[20530]: Failed password for invalid user xiao from 106.13.143.111 port 34320 ssh2 ...	2019-11-11 04:36:57
93.110.105.1	attack	Nov 10 16:57:14 mxgate1 postfix/postscreen[24419]: CONNECT from [93.110.105.1]:39683 to [176.31.12.44]:25 Nov 10 16:57:14 mxgate1 postfix/dnsblog[24421]: addr 93.110.105.1 listed by domain zen.spamhaus.org as 127.0.0.11 Nov 10 16:57:20 mxgate1 postfix/postscreen[24419]: DNSBL rank 2 for [93.110.105.1]:39683 Nov x@x Nov 10 16:57:21 mxgate1 postfix/postscreen[24419]: HANGUP after 0.93 from [93.110.105.1]:39683 in tests after SMTP handshake Nov 10 16:57:21 mxgate1 postfix/postscreen[24419]: DISCONNECT [93.110.105.1]:39683 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=93.110.105.1	2019-11-11 04:26:06
185.153.196.28	attackspambots	Nov 10 21:32:45 mc1 kernel: \[4704249.646598\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=185.153.196.28 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=12428 PROTO=TCP SPT=43801 DPT=23390 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 10 21:37:13 mc1 kernel: \[4704518.090532\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=185.153.196.28 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=4729 PROTO=TCP SPT=43801 DPT=1906 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 10 21:39:41 mc1 kernel: \[4704666.299073\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=185.153.196.28 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=52248 PROTO=TCP SPT=43801 DPT=3397 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-11-11 04:43:48
128.199.219.181	attackbots	Nov 10 09:47:53 wbs sshd\[6581\]: Invalid user P@sSw0rd from 128.199.219.181 Nov 10 09:47:53 wbs sshd\[6581\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.219.181 Nov 10 09:47:55 wbs sshd\[6581\]: Failed password for invalid user P@sSw0rd from 128.199.219.181 port 43265 ssh2 Nov 10 09:51:42 wbs sshd\[6892\]: Invalid user mail!@\#123 from 128.199.219.181 Nov 10 09:51:42 wbs sshd\[6892\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.219.181	2019-11-11 04:18:32
159.89.107.227	attackspam	Flask-IPban - exploit URL requested:/wp-login.php	2019-11-11 04:38:21
222.186.175.161	attackbots	Nov 11 02:08:27 areeb-Workstation sshd[19722]: Failed password for root from 222.186.175.161 port 58030 ssh2 Nov 11 02:08:45 areeb-Workstation sshd[19722]: error: maximum authentication attempts exceeded for root from 222.186.175.161 port 58030 ssh2 [preauth] ...	2019-11-11 04:44:24
36.37.115.106	attackspam	Nov 10 18:51:19 vps691689 sshd[27740]: Failed password for root from 36.37.115.106 port 33494 ssh2 Nov 10 18:55:56 vps691689 sshd[27807]: Failed password for root from 36.37.115.106 port 41770 ssh2 ...	2019-11-11 04:42:26
35.205.240.168	attack	invalid login attempt	2019-11-11 04:15:39

Recently Reported IPs

104.248.131.44	104.248.138.8	104.248.141.5	104.248.143.42
104.248.141.21	105.213.76.24	104.248.143.24	104.248.148.101
104.248.159.20	104.248.159.147	104.248.159.194	104.248.159.145
104.248.159.218	104.248.159.205	104.248.159.178	104.248.159.214
104.248.159.230	104.248.159.18	104.248.159.228	104.248.159.39