104.248.138.24

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Jun 15 14:17:36 minden010 sshd[11117]: Failed password for root from 104.248.138.24 port 37240 ssh2 Jun 15 14:20:41 minden010 sshd[12863]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.138.24 Jun 15 14:20:42 minden010 sshd[12863]: Failed password for invalid user iso from 104.248.138.24 port 37670 ssh2 ...	2020-06-15 22:06:08
attack	Jun 9 21:42:18 haigwepa sshd[24525]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.138.24 Jun 9 21:42:20 haigwepa sshd[24525]: Failed password for invalid user liying from 104.248.138.24 port 56706 ssh2 ...	2020-06-10 03:51:39
attackspambots	Jun 4 07:52:59 vps647732 sshd[31561]: Failed password for root from 104.248.138.24 port 54714 ssh2 ...	2020-06-04 14:16:16
attack	Invalid user zxin10 from 104.248.138.24 port 59480	2020-05-28 17:28:17
attack	Invalid user zxin10 from 104.248.138.24 port 59480	2020-05-27 21:39:28

Comments on same subnet:

IP	Type	Details	Datetime
104.248.138.121	attack	Invalid user public from 104.248.138.121 port 44700	2020-09-16 00:37:25
104.248.138.121	attackbotsspam	Sep 15 10:17:29 [-] sshd[15089]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.138.121 user=root Sep 15 10:17:30 [-] sshd[15089]: Failed password for invalid user root from 104.248.138.121 port 52676 ssh2 Sep 15 10:26:48 [-] sshd[15284]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.138.121 user=root	2020-09-15 16:28:37
104.248.138.121	attackbotsspam	This client attempted to login to an administrator account on a Website, or abused from another resource.	2020-09-14 01:56:07
104.248.138.121	attack	frenzy	2020-09-13 17:51:05
104.248.138.121	attack	Invalid user stephane from 104.248.138.121 port 34704	2020-08-29 07:34:49
104.248.138.221	attackbotsspam	Invalid user zhuowang from 104.248.138.221 port 60666	2020-07-29 01:55:08
104.248.138.221	attackspam	Jul 27 22:13:49 haigwepa sshd[17585]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.138.221 Jul 27 22:13:51 haigwepa sshd[17585]: Failed password for invalid user zxj from 104.248.138.221 port 48756 ssh2 ...	2020-07-28 04:15:21
104.248.138.221	attack	Invalid user cp from 104.248.138.221 port 53760	2020-07-27 06:06:01
104.248.138.221	attackspambots	Jul 25 19:01:29 george sshd[29732]: Failed password for invalid user ssh from 104.248.138.221 port 41482 ssh2 Jul 25 19:05:13 george sshd[29810]: Invalid user tt from 104.248.138.221 port 55100 Jul 25 19:05:13 george sshd[29810]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.138.221 Jul 25 19:05:14 george sshd[29810]: Failed password for invalid user tt from 104.248.138.221 port 55100 ssh2 Jul 25 19:08:48 george sshd[29828]: Invalid user ubuntu from 104.248.138.221 port 40484 ...	2020-07-26 07:48:23
104.248.138.221	attackbots	Invalid user cp from 104.248.138.221 port 53760	2020-07-25 18:10:11
104.248.138.221	attack	Jul 23 18:09:14 django-0 sshd[8070]: Invalid user ftpuser from 104.248.138.221 ...	2020-07-24 02:22:35
104.248.138.221	attack	Jul 21 18:15:12 server1 sshd\[30327\]: Invalid user banco from 104.248.138.221 Jul 21 18:15:12 server1 sshd\[30327\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.138.221 Jul 21 18:15:14 server1 sshd\[30327\]: Failed password for invalid user banco from 104.248.138.221 port 54322 ssh2 Jul 21 18:18:48 server1 sshd\[31350\]: Invalid user deposito from 104.248.138.221 Jul 21 18:18:48 server1 sshd\[31350\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.138.221 ...	2020-07-22 08:20:57
104.248.138.221	attackbots	$f2bV_matches	2020-07-16 15:41:22
104.248.138.221	attackspambots	2020-07-12T03:47:44.046284abusebot-5.cloudsearch.cf sshd[24778]: Invalid user wangxiaoyi from 104.248.138.221 port 58792 2020-07-12T03:47:44.057803abusebot-5.cloudsearch.cf sshd[24778]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.138.221 2020-07-12T03:47:44.046284abusebot-5.cloudsearch.cf sshd[24778]: Invalid user wangxiaoyi from 104.248.138.221 port 58792 2020-07-12T03:47:46.063015abusebot-5.cloudsearch.cf sshd[24778]: Failed password for invalid user wangxiaoyi from 104.248.138.221 port 58792 ssh2 2020-07-12T03:56:02.002750abusebot-5.cloudsearch.cf sshd[24838]: Invalid user gitosis from 104.248.138.221 port 51402 2020-07-12T03:56:02.008431abusebot-5.cloudsearch.cf sshd[24838]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.138.221 2020-07-12T03:56:02.002750abusebot-5.cloudsearch.cf sshd[24838]: Invalid user gitosis from 104.248.138.221 port 51402 2020-07-12T03:56:03.712676abusebot-5.c ...	2020-07-12 12:39:25
104.248.138.221	attackbots	Failed password for invalid user krfarms from 104.248.138.221 port 49908 ssh2	2020-07-10 00:03:41

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.248.138.24
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 25833
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.248.138.24.			IN	A

;; AUTHORITY SECTION:
.			529	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020052700 1800 900 604800 86400

;; Query time: 107 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed May 27 21:39:23 CST 2020
;; MSG SIZE  rcvd: 118

Host info

24.138.248.104.in-addr.arpa domain name pointer main.serverlords.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
24.138.248.104.in-addr.arpa	name = main.serverlords.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
116.75.123.215	attackbotsspam	Telnet Honeypot -> Telnet Bruteforce / Login	2020-09-14 23:39:01
71.94.131.149	attackspam	Automatic report - Banned IP Access	2020-09-14 23:42:18
115.84.112.138	attackspam	(imapd) Failed IMAP login from 115.84.112.138 (LA/Laos/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Sep 14 06:30:00 ir1 dovecot[3110802]: imap-login: Disconnected (auth failed, 1 attempts in 6 secs): user=, method=PLAIN, rip=115.84.112.138, lip=5.63.12.44, session=	2020-09-14 23:18:38
173.231.59.218	attackspambots	Automatic report - Banned IP Access	2020-09-14 23:51:21
123.31.32.150	attack	Sep 14 14:55:55 nextcloud sshd\[15946\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.31.32.150 user=root Sep 14 14:55:57 nextcloud sshd\[15946\]: Failed password for root from 123.31.32.150 port 57458 ssh2 Sep 14 14:58:50 nextcloud sshd\[20006\]: Invalid user admin from 123.31.32.150 Sep 14 14:58:50 nextcloud sshd\[20006\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.31.32.150	2020-09-14 23:19:47
117.50.12.228	attackbots	2020-09-14 05:44:52,306 fail2ban.actions: WARNING [ssh] Ban 117.50.12.228	2020-09-14 23:24:46
92.222.92.171	attackbotsspam	Multiple SSH authentication failures from 92.222.92.171	2020-09-14 23:28:22
189.240.62.227	attackbots	Brute%20Force%20SSH	2020-09-14 23:32:59
111.229.76.239	attackspambots	Sep 14 15:10:40 mail sshd\[2597\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.76.239 user=root Sep 14 15:10:42 mail sshd\[2597\]: Failed password for root from 111.229.76.239 port 47960 ssh2 Sep 14 15:15:44 mail sshd\[2644\]: Invalid user jacob from 111.229.76.239 Sep 14 15:15:44 mail sshd\[2644\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.76.239 Sep 14 15:15:47 mail sshd\[2644\]: Failed password for invalid user jacob from 111.229.76.239 port 40626 ssh2 ...	2020-09-14 23:50:19
190.64.213.155	attackspam	Sep 14 19:37:58 itv-usvr-02 sshd[2064]: Invalid user dsa from 190.64.213.155 port 53840 Sep 14 19:37:58 itv-usvr-02 sshd[2064]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.64.213.155 Sep 14 19:37:58 itv-usvr-02 sshd[2064]: Invalid user dsa from 190.64.213.155 port 53840 Sep 14 19:38:00 itv-usvr-02 sshd[2064]: Failed password for invalid user dsa from 190.64.213.155 port 53840 ssh2 Sep 14 19:44:35 itv-usvr-02 sshd[2362]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.64.213.155 user=root Sep 14 19:44:37 itv-usvr-02 sshd[2362]: Failed password for root from 190.64.213.155 port 43382 ssh2	2020-09-14 23:50:36
192.42.116.16	attack	Sep 14 10:54:01 mx sshd[22135]: Failed password for root from 192.42.116.16 port 4083 ssh2 Sep 14 10:54:04 mx sshd[22135]: Failed password for root from 192.42.116.16 port 4083 ssh2	2020-09-14 23:46:56
95.169.9.46	attack	(sshd) Failed SSH login from 95.169.9.46 (US/United States/95.169.9.46.16clouds.com): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 14 09:39:48 grace sshd[19293]: Invalid user packer from 95.169.9.46 port 38402 Sep 14 09:39:50 grace sshd[19293]: Failed password for invalid user packer from 95.169.9.46 port 38402 ssh2 Sep 14 10:09:35 grace sshd[22702]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.169.9.46 user=root Sep 14 10:09:37 grace sshd[22702]: Failed password for root from 95.169.9.46 port 55358 ssh2 Sep 14 10:28:00 grace sshd[24759]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.169.9.46 user=root	2020-09-14 23:35:11
54.249.234.248	attack	Sep 14 03:04:52 rancher-0 sshd[33677]: Invalid user 4rfvbgt5 from 54.249.234.248 port 50890 ...	2020-09-14 23:28:51
51.38.32.230	attack	[SID2] Fail2ban detected 5 failed SSH login attempts within 30 minutes. This report was submitted automatically.	2020-09-14 23:42:59
134.209.157.198	attackbotsspam	This client attempted to login to an administrator account on a Website, or abused from another resource.	2020-09-14 23:38:12

Recently Reported IPs

178.201.238.142	64.232.203.106	114.187.229.192	131.146.110.6
220.132.159.135	133.90.131.0	65.218.222.187	22.244.16.99
103.104.160.71	161.62.172.75	180.210.39.29	100.21.183.73
75.203.8.170	132.99.121.226	47.15.159.118	202.4.105.82
191.55.224.74	156.219.74.44	35.246.189.213	116.196.121.148