104.248.138.121

Basic Info

City: Frankfurt am Main

Region: Hesse

Country: Germany

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Invalid user public from 104.248.138.121 port 44700	2020-09-16 00:37:25
attackbotsspam	Sep 15 10:17:29 [-] sshd[15089]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.138.121 user=root Sep 15 10:17:30 [-] sshd[15089]: Failed password for invalid user root from 104.248.138.121 port 52676 ssh2 Sep 15 10:26:48 [-] sshd[15284]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.138.121 user=root	2020-09-15 16:28:37
attackbotsspam	This client attempted to login to an administrator account on a Website, or abused from another resource.	2020-09-14 01:56:07
attack	frenzy	2020-09-13 17:51:05
attack	Invalid user stephane from 104.248.138.121 port 34704	2020-08-29 07:34:49

Comments on same subnet:

IP	Type	Details	Datetime
104.248.138.221	attackbotsspam	Invalid user zhuowang from 104.248.138.221 port 60666	2020-07-29 01:55:08
104.248.138.221	attackspam	Jul 27 22:13:49 haigwepa sshd[17585]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.138.221 Jul 27 22:13:51 haigwepa sshd[17585]: Failed password for invalid user zxj from 104.248.138.221 port 48756 ssh2 ...	2020-07-28 04:15:21
104.248.138.221	attack	Invalid user cp from 104.248.138.221 port 53760	2020-07-27 06:06:01
104.248.138.221	attackspambots	Jul 25 19:01:29 george sshd[29732]: Failed password for invalid user ssh from 104.248.138.221 port 41482 ssh2 Jul 25 19:05:13 george sshd[29810]: Invalid user tt from 104.248.138.221 port 55100 Jul 25 19:05:13 george sshd[29810]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.138.221 Jul 25 19:05:14 george sshd[29810]: Failed password for invalid user tt from 104.248.138.221 port 55100 ssh2 Jul 25 19:08:48 george sshd[29828]: Invalid user ubuntu from 104.248.138.221 port 40484 ...	2020-07-26 07:48:23
104.248.138.221	attackbots	Invalid user cp from 104.248.138.221 port 53760	2020-07-25 18:10:11
104.248.138.221	attack	Jul 23 18:09:14 django-0 sshd[8070]: Invalid user ftpuser from 104.248.138.221 ...	2020-07-24 02:22:35
104.248.138.221	attack	Jul 21 18:15:12 server1 sshd\[30327\]: Invalid user banco from 104.248.138.221 Jul 21 18:15:12 server1 sshd\[30327\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.138.221 Jul 21 18:15:14 server1 sshd\[30327\]: Failed password for invalid user banco from 104.248.138.221 port 54322 ssh2 Jul 21 18:18:48 server1 sshd\[31350\]: Invalid user deposito from 104.248.138.221 Jul 21 18:18:48 server1 sshd\[31350\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.138.221 ...	2020-07-22 08:20:57
104.248.138.221	attackbots	$f2bV_matches	2020-07-16 15:41:22
104.248.138.221	attackspambots	2020-07-12T03:47:44.046284abusebot-5.cloudsearch.cf sshd[24778]: Invalid user wangxiaoyi from 104.248.138.221 port 58792 2020-07-12T03:47:44.057803abusebot-5.cloudsearch.cf sshd[24778]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.138.221 2020-07-12T03:47:44.046284abusebot-5.cloudsearch.cf sshd[24778]: Invalid user wangxiaoyi from 104.248.138.221 port 58792 2020-07-12T03:47:46.063015abusebot-5.cloudsearch.cf sshd[24778]: Failed password for invalid user wangxiaoyi from 104.248.138.221 port 58792 ssh2 2020-07-12T03:56:02.002750abusebot-5.cloudsearch.cf sshd[24838]: Invalid user gitosis from 104.248.138.221 port 51402 2020-07-12T03:56:02.008431abusebot-5.cloudsearch.cf sshd[24838]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.138.221 2020-07-12T03:56:02.002750abusebot-5.cloudsearch.cf sshd[24838]: Invalid user gitosis from 104.248.138.221 port 51402 2020-07-12T03:56:03.712676abusebot-5.c ...	2020-07-12 12:39:25
104.248.138.221	attackbots	Failed password for invalid user krfarms from 104.248.138.221 port 49908 ssh2	2020-07-10 00:03:41
104.248.138.221	attackbotsspam	Jun 21 22:27:37 ns381471 sshd[13494]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.138.221 Jun 21 22:27:39 ns381471 sshd[13494]: Failed password for invalid user test from 104.248.138.221 port 44388 ssh2	2020-06-22 04:45:20
104.248.138.221	attackbots	ssh brute force	2020-06-20 19:34:36
104.248.138.24	attackspam	Jun 15 14:17:36 minden010 sshd[11117]: Failed password for root from 104.248.138.24 port 37240 ssh2 Jun 15 14:20:41 minden010 sshd[12863]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.138.24 Jun 15 14:20:42 minden010 sshd[12863]: Failed password for invalid user iso from 104.248.138.24 port 37670 ssh2 ...	2020-06-15 22:06:08
104.248.138.24	attack	Jun 9 21:42:18 haigwepa sshd[24525]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.138.24 Jun 9 21:42:20 haigwepa sshd[24525]: Failed password for invalid user liying from 104.248.138.24 port 56706 ssh2 ...	2020-06-10 03:51:39
104.248.138.24	attackspambots	Jun 4 07:52:59 vps647732 sshd[31561]: Failed password for root from 104.248.138.24 port 54714 ssh2 ...	2020-06-04 14:16:16

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.248.138.121
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 12015
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.248.138.121.		IN	A

;; AUTHORITY SECTION:
.			508	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020082801 1800 900 604800 86400

;; Query time: 80 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Aug 29 07:34:45 CST 2020
;; MSG SIZE  rcvd: 119

Host info

Host 121.138.248.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 121.138.248.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
88.202.238.24	attackbots	E-Mail Spam (RBL) [REJECTED]	2020-08-19 08:22:26
183.89.229.146	attackspambots	183.89.229.146 (TH/Thailand/mx-ll-183.89.229-146.dynamic.3bb.in.th), 3 distributed imapd attacks on account [robert179@webpods.com] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Aug 18 16:43:35 server dovecot: imap-login: Disconnected (auth failed, 1 attempts in 7 secs): user=, method=PLAIN, rip=191.97.1.40, lip=69.195.129.243, TLS: Disconnected, session= Aug 18 16:09:28 server dovecot: imap-login: Disconnected (auth failed, 1 attempts in 16 secs): user=, method=PLAIN, rip=177.10.100.115, lip=69.195.129.243, TLS, session=<1zv5dSytQOKxCmRz> Aug 18 16:34:49 server dovecot: imap-login: Disconnected (auth failed, 1 attempts in 7 secs): user=, method=PLAIN, rip=183.89.229.146, lip=69.195.129.243, TLS, session=<3kQh0Syt0ry3WeWS> IP Addresses Blocked: 191.97.1.40 (CO/Colombia/-) 177.10.100.115 (BR/Brazil/177-10-100-115.najatelecom.net.br)	2020-08-19 08:42:59
195.54.167.152	attackbotsspam	Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2020-08-18T23:57:42Z and 2020-08-19T00:25:59Z	2020-08-19 08:46:21
177.10.100.115	attack	177.10.100.115 (BR/Brazil/177-10-100-115.najatelecom.net.br), 3 distributed imapd attacks on account [robert179@webpods.com] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Aug 18 16:43:35 server dovecot: imap-login: Disconnected (auth failed, 1 attempts in 7 secs): user=, method=PLAIN, rip=191.97.1.40, lip=69.195.129.243, TLS: Disconnected, session= Aug 18 16:09:28 server dovecot: imap-login: Disconnected (auth failed, 1 attempts in 16 secs): user=, method=PLAIN, rip=177.10.100.115, lip=69.195.129.243, TLS, session=<1zv5dSytQOKxCmRz> Aug 18 16:34:49 server dovecot: imap-login: Disconnected (auth failed, 1 attempts in 7 secs): user=, method=PLAIN, rip=183.89.229.146, lip=69.195.129.243, TLS, session=<3kQh0Syt0ry3WeWS> IP Addresses Blocked: 191.97.1.40 (CO/Colombia/-)	2020-08-19 08:44:51
118.70.233.117	attackbots	pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.70.233.117 Invalid user test from 118.70.233.117 port 58924 Failed password for invalid user test from 118.70.233.117 port 58924 ssh2 pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.70.233.117 user=root Failed password for root from 118.70.233.117 port 34508 ssh2	2020-08-19 08:16:33
218.92.0.221	attackspam	2020-08-19T02:45:30.872382vps773228.ovh.net sshd[21205]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.221 user=root 2020-08-19T02:45:33.008479vps773228.ovh.net sshd[21205]: Failed password for root from 218.92.0.221 port 34124 ssh2 2020-08-19T02:45:30.872382vps773228.ovh.net sshd[21205]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.221 user=root 2020-08-19T02:45:33.008479vps773228.ovh.net sshd[21205]: Failed password for root from 218.92.0.221 port 34124 ssh2 2020-08-19T02:45:35.766979vps773228.ovh.net sshd[21205]: Failed password for root from 218.92.0.221 port 34124 ssh2 ...	2020-08-19 08:48:26
125.114.153.217	attackbotsspam	E-Mail Spam (RBL) [REJECTED]	2020-08-19 08:25:21
187.174.65.4	attack	Aug 18 20:00:30 Tower sshd[16275]: Connection from 187.174.65.4 port 57262 on 192.168.10.220 port 22 rdomain "" Aug 18 20:00:31 Tower sshd[16275]: Invalid user dockeruser from 187.174.65.4 port 57262 Aug 18 20:00:31 Tower sshd[16275]: error: Could not get shadow information for NOUSER Aug 18 20:00:31 Tower sshd[16275]: Failed password for invalid user dockeruser from 187.174.65.4 port 57262 ssh2 Aug 18 20:00:31 Tower sshd[16275]: Received disconnect from 187.174.65.4 port 57262:11: Bye Bye [preauth] Aug 18 20:00:31 Tower sshd[16275]: Disconnected from invalid user dockeruser 187.174.65.4 port 57262 [preauth]	2020-08-19 08:50:59
45.162.4.67	attack	Brute-force attempt banned	2020-08-19 08:35:20
210.245.12.150	attackspambots	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-08-19 08:24:41
223.72.62.41	attack	Aug 19 07:14:47 webhost01 sshd[2085]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.72.62.41 Aug 19 07:14:49 webhost01 sshd[2085]: Failed password for invalid user yoyo from 223.72.62.41 port 15267 ssh2 ...	2020-08-19 08:36:43
106.13.201.158	attackspam	Ssh brute force	2020-08-19 08:44:06
121.133.111.113	attack	TCP (SYN) 121.133.111.113:31475 -> port 23, len 44	2020-08-19 08:47:08
148.72.12.26	attackspambots	Automatic report - XMLRPC Attack	2020-08-19 08:48:57
134.209.150.94	attackspambots	TCP (SYN) 134.209.150.94:59079 -> port 4746, len 44	2020-08-19 08:40:52

Recently Reported IPs

18.18.107.230	82.250.120.249	114.125.57.241	173.227.46.99
60.33.91.182	108.85.70.129	183.184.28.41	220.133.204.153
101.128.214.210	77.52.208.95	185.184.54.51	101.181.76.61
71.62.53.63	151.15.54.9	5.78.220.92	175.63.180.240
96.81.77.13	85.20.185.70	91.15.145.233	173.145.7.238