104.248.138.38

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Invalid user oracle from 104.248.138.38 port 56464	2020-03-28 04:14:09

Comments on same subnet:

IP	Type	Details	Datetime
104.248.138.121	attack	Invalid user public from 104.248.138.121 port 44700	2020-09-16 00:37:25
104.248.138.121	attackbotsspam	Sep 15 10:17:29 [-] sshd[15089]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.138.121 user=root Sep 15 10:17:30 [-] sshd[15089]: Failed password for invalid user root from 104.248.138.121 port 52676 ssh2 Sep 15 10:26:48 [-] sshd[15284]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.138.121 user=root	2020-09-15 16:28:37
104.248.138.121	attackbotsspam	This client attempted to login to an administrator account on a Website, or abused from another resource.	2020-09-14 01:56:07
104.248.138.121	attack	frenzy	2020-09-13 17:51:05
104.248.138.121	attack	Invalid user stephane from 104.248.138.121 port 34704	2020-08-29 07:34:49
104.248.138.221	attackbotsspam	Invalid user zhuowang from 104.248.138.221 port 60666	2020-07-29 01:55:08
104.248.138.221	attackspam	Jul 27 22:13:49 haigwepa sshd[17585]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.138.221 Jul 27 22:13:51 haigwepa sshd[17585]: Failed password for invalid user zxj from 104.248.138.221 port 48756 ssh2 ...	2020-07-28 04:15:21
104.248.138.221	attack	Invalid user cp from 104.248.138.221 port 53760	2020-07-27 06:06:01
104.248.138.221	attackspambots	Jul 25 19:01:29 george sshd[29732]: Failed password for invalid user ssh from 104.248.138.221 port 41482 ssh2 Jul 25 19:05:13 george sshd[29810]: Invalid user tt from 104.248.138.221 port 55100 Jul 25 19:05:13 george sshd[29810]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.138.221 Jul 25 19:05:14 george sshd[29810]: Failed password for invalid user tt from 104.248.138.221 port 55100 ssh2 Jul 25 19:08:48 george sshd[29828]: Invalid user ubuntu from 104.248.138.221 port 40484 ...	2020-07-26 07:48:23
104.248.138.221	attackbots	Invalid user cp from 104.248.138.221 port 53760	2020-07-25 18:10:11
104.248.138.221	attack	Jul 23 18:09:14 django-0 sshd[8070]: Invalid user ftpuser from 104.248.138.221 ...	2020-07-24 02:22:35
104.248.138.221	attack	Jul 21 18:15:12 server1 sshd\[30327\]: Invalid user banco from 104.248.138.221 Jul 21 18:15:12 server1 sshd\[30327\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.138.221 Jul 21 18:15:14 server1 sshd\[30327\]: Failed password for invalid user banco from 104.248.138.221 port 54322 ssh2 Jul 21 18:18:48 server1 sshd\[31350\]: Invalid user deposito from 104.248.138.221 Jul 21 18:18:48 server1 sshd\[31350\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.138.221 ...	2020-07-22 08:20:57
104.248.138.221	attackbots	$f2bV_matches	2020-07-16 15:41:22
104.248.138.221	attackspambots	2020-07-12T03:47:44.046284abusebot-5.cloudsearch.cf sshd[24778]: Invalid user wangxiaoyi from 104.248.138.221 port 58792 2020-07-12T03:47:44.057803abusebot-5.cloudsearch.cf sshd[24778]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.138.221 2020-07-12T03:47:44.046284abusebot-5.cloudsearch.cf sshd[24778]: Invalid user wangxiaoyi from 104.248.138.221 port 58792 2020-07-12T03:47:46.063015abusebot-5.cloudsearch.cf sshd[24778]: Failed password for invalid user wangxiaoyi from 104.248.138.221 port 58792 ssh2 2020-07-12T03:56:02.002750abusebot-5.cloudsearch.cf sshd[24838]: Invalid user gitosis from 104.248.138.221 port 51402 2020-07-12T03:56:02.008431abusebot-5.cloudsearch.cf sshd[24838]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.138.221 2020-07-12T03:56:02.002750abusebot-5.cloudsearch.cf sshd[24838]: Invalid user gitosis from 104.248.138.221 port 51402 2020-07-12T03:56:03.712676abusebot-5.c ...	2020-07-12 12:39:25
104.248.138.221	attackbots	Failed password for invalid user krfarms from 104.248.138.221 port 49908 ssh2	2020-07-10 00:03:41

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.248.138.38
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56246
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.248.138.38.			IN	A

;; AUTHORITY SECTION:
.			502	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020032701 1800 900 604800 86400

;; Query time: 101 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Mar 28 04:14:05 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 38.138.248.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 38.138.248.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
185.148.38.126	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-10-09 20:58:34
92.63.194.26	attack	2019-10-09T14:09:12.9979571240 sshd\[15594\]: Invalid user admin from 92.63.194.26 port 58414 2019-10-09T14:09:13.0006341240 sshd\[15594\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.63.194.26 2019-10-09T14:09:15.2859551240 sshd\[15594\]: Failed password for invalid user admin from 92.63.194.26 port 58414 ssh2 ...	2019-10-09 20:53:52
46.101.103.207	attack	Oct 9 15:18:04 sauna sshd[47750]: Failed password for root from 46.101.103.207 port 55110 ssh2 ...	2019-10-09 20:25:58
132.148.23.27	attackbotsspam	WordPress login Brute force / Web App Attack on client site.	2019-10-09 20:57:53
178.32.10.94	attack	2019-10-09T11:48:39.340441abusebot-4.cloudsearch.cf sshd\[29896\]: Invalid user usuario from 178.32.10.94 port 17120	2019-10-09 20:31:23
165.22.114.237	attackspambots	Oct 9 13:36:15 MainVPS sshd[2638]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.114.237 user=root Oct 9 13:36:17 MainVPS sshd[2638]: Failed password for root from 165.22.114.237 port 36820 ssh2 Oct 9 13:39:52 MainVPS sshd[2978]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.114.237 user=root Oct 9 13:39:54 MainVPS sshd[2978]: Failed password for root from 165.22.114.237 port 49902 ssh2 Oct 9 13:43:34 MainVPS sshd[3249]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.114.237 user=root Oct 9 13:43:37 MainVPS sshd[3249]: Failed password for root from 165.22.114.237 port 34256 ssh2 ...	2019-10-09 20:53:27
198.108.67.102	attackbots	firewall-block, port(s): 9105/tcp	2019-10-09 20:52:30
143.208.180.212	attack	2019-10-09T12:14:00.759355shield sshd\[14317\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=iflex.tigobusiness.com.gt user=root 2019-10-09T12:14:02.591419shield sshd\[14317\]: Failed password for root from 143.208.180.212 port 39076 ssh2 2019-10-09T12:18:15.903242shield sshd\[14884\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=iflex.tigobusiness.com.gt user=root 2019-10-09T12:18:18.737154shield sshd\[14884\]: Failed password for root from 143.208.180.212 port 50046 ssh2 2019-10-09T12:22:29.385933shield sshd\[15785\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=iflex.tigobusiness.com.gt user=root	2019-10-09 20:40:41
192.144.142.72	attackbots	Oct 9 13:37:21 MK-Soft-VM7 sshd[26565]: Failed password for root from 192.144.142.72 port 43984 ssh2 ...	2019-10-09 20:28:25
165.227.45.246	attackspam	2019-10-09T12:32:47.635928homeassistant sshd[7146]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.45.246 user=root 2019-10-09T12:32:49.180645homeassistant sshd[7146]: Failed password for root from 165.227.45.246 port 59744 ssh2 ...	2019-10-09 20:33:16
121.24.161.183	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/121.24.161.183/ CN - 1H : (511) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : CN NAME ASN : ASN4837 IP : 121.24.161.183 CIDR : 121.24.0.0/14 PREFIX COUNT : 1262 UNIQUE IP COUNT : 56665856 WYKRYTE ATAKI Z ASN4837 : 1H - 7 3H - 24 6H - 51 12H - 100 24H - 199 DateTime : 2019-10-09 13:40:48 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-10-09 20:39:37
222.186.175.147	attackspam	Oct 9 14:33:15 MainVPS sshd[6978]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.147 user=root Oct 9 14:33:18 MainVPS sshd[6978]: Failed password for root from 222.186.175.147 port 26016 ssh2 Oct 9 14:33:22 MainVPS sshd[6978]: Failed password for root from 222.186.175.147 port 26016 ssh2 Oct 9 14:33:15 MainVPS sshd[6978]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.147 user=root Oct 9 14:33:18 MainVPS sshd[6978]: Failed password for root from 222.186.175.147 port 26016 ssh2 Oct 9 14:33:22 MainVPS sshd[6978]: Failed password for root from 222.186.175.147 port 26016 ssh2 Oct 9 14:33:15 MainVPS sshd[6978]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.147 user=root Oct 9 14:33:18 MainVPS sshd[6978]: Failed password for root from 222.186.175.147 port 26016 ssh2 Oct 9 14:33:22 MainVPS sshd[6978]: Failed password for root from 222.186.175.147	2019-10-09 20:53:00
74.122.128.210	attackbots	Oct 9 13:54:50 microserver sshd[18622]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=74.122.128.210 user=root Oct 9 13:54:52 microserver sshd[18622]: Failed password for root from 74.122.128.210 port 59882 ssh2 Oct 9 13:58:29 microserver sshd[19231]: Invalid user 123 from 74.122.128.210 port 41849 Oct 9 13:58:29 microserver sshd[19231]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=74.122.128.210 Oct 9 13:58:32 microserver sshd[19231]: Failed password for invalid user 123 from 74.122.128.210 port 41849 ssh2 Oct 9 14:08:57 microserver sshd[20597]: Invalid user Passw0rd@01 from 74.122.128.210 port 44333 Oct 9 14:08:57 microserver sshd[20597]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=74.122.128.210 Oct 9 14:08:59 microserver sshd[20597]: Failed password for invalid user Passw0rd@01 from 74.122.128.210 port 44333 ssh2 Oct 9 14:12:23 microserver sshd[21193]: Invalid user Cde	2019-10-09 21:02:53
190.187.67.67	attackspambots	Oct 9 12:28:16 sshgateway sshd\[20471\]: Invalid user www from 190.187.67.67 Oct 9 12:28:16 sshgateway sshd\[20471\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.187.67.67 Oct 9 12:28:18 sshgateway sshd\[20471\]: Failed password for invalid user www from 190.187.67.67 port 2844 ssh2	2019-10-09 20:45:32
46.101.101.66	attack	Oct 9 13:40:52 pornomens sshd\[17289\]: Invalid user zimbra from 46.101.101.66 port 54744 Oct 9 13:40:52 pornomens sshd\[17289\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.101.66 Oct 9 13:40:53 pornomens sshd\[17289\]: Failed password for invalid user zimbra from 46.101.101.66 port 54744 ssh2 ...	2019-10-09 20:37:32

Recently Reported IPs

195.9.109.198	123.158.183.6	218.152.226.166	139.33.137.55
12.53.239.229	124.125.237.129	40.218.14.13	223.10.7.116
138.68.67.173	85.43.184.14	142.93.33.150	206.72.203.57
78.46.223.169	41.35.115.125	132.157.130.152	197.60.83.139
134.122.26.244	104.14.29.2	31.132.152.126	195.154.189.14