104.248.139.205

Basic Info

City: unknown

Region: unknown

Country: None

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.248.139.121	attackspambots	May 14 08:55:32 NPSTNNYC01T sshd[14068]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.139.121 May 14 08:55:34 NPSTNNYC01T sshd[14068]: Failed password for invalid user user from 104.248.139.121 port 49288 ssh2 May 14 08:59:01 NPSTNNYC01T sshd[14354]: Failed password for root from 104.248.139.121 port 56564 ssh2 ...	2020-05-14 21:25:45
104.248.139.121	attackbotsspam	May 3 06:22:00 legacy sshd[5370]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.139.121 May 3 06:22:02 legacy sshd[5370]: Failed password for invalid user mf from 104.248.139.121 port 40166 ssh2 May 3 06:25:38 legacy sshd[5637]: Failed password for root from 104.248.139.121 port 49638 ssh2 ...	2020-05-03 12:34:29
104.248.139.121	attackspam	SSH auth scanning - multiple failed logins	2020-04-30 07:33:34
104.248.139.121	attack	2020-04-27T13:03:38.800886abusebot-3.cloudsearch.cf sshd[30948]: Invalid user hung from 104.248.139.121 port 41966 2020-04-27T13:03:38.810081abusebot-3.cloudsearch.cf sshd[30948]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.139.121 2020-04-27T13:03:38.800886abusebot-3.cloudsearch.cf sshd[30948]: Invalid user hung from 104.248.139.121 port 41966 2020-04-27T13:03:40.381859abusebot-3.cloudsearch.cf sshd[30948]: Failed password for invalid user hung from 104.248.139.121 port 41966 ssh2 2020-04-27T13:07:22.168837abusebot-3.cloudsearch.cf sshd[31229]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.139.121 user=root 2020-04-27T13:07:24.161636abusebot-3.cloudsearch.cf sshd[31229]: Failed password for root from 104.248.139.121 port 53746 ssh2 2020-04-27T13:11:04.475551abusebot-3.cloudsearch.cf sshd[31503]: Invalid user znc from 104.248.139.121 port 37302 ...	2020-04-27 22:58:33
104.248.139.121	attackbots	Apr 27 11:44:11 dev0-dcde-rnet sshd[22559]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.139.121 Apr 27 11:44:14 dev0-dcde-rnet sshd[22559]: Failed password for invalid user udp from 104.248.139.121 port 52906 ssh2 Apr 27 11:50:16 dev0-dcde-rnet sshd[22729]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.139.121	2020-04-27 18:07:05
104.248.139.121	attackspam	Unauthorised connection attempt detected at AUO NODE 1. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-04-24 23:09:01
104.248.139.121	attackbotsspam	Invalid user od from 104.248.139.121 port 53734	2020-04-23 04:11:27
104.248.139.121	attack	Wordpress malicious attack:[sshd]	2020-04-20 12:17:42
104.248.139.121	attackspam	Apr 20 00:12:29 debian-2gb-nbg1-2 kernel: \[9593314.391754\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=104.248.139.121 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=23968 PROTO=TCP SPT=59620 DPT=19842 WINDOW=1024 RES=0x00 SYN URGP=0	2020-04-20 08:07:04
104.248.139.121	attackbots	scans once in preceeding hours on the ports (in chronological order) 19153 resulting in total of 5 scans from 104.248.0.0/16 block.	2020-04-20 00:13:49
104.248.139.121	attack	Apr 17 13:56:38 sso sshd[29563]: Failed password for root from 104.248.139.121 port 42032 ssh2 Apr 17 14:00:28 sso sshd[30000]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.139.121 ...	2020-04-17 22:34:21
104.248.139.121	attackbotsspam	Apr 17 09:49:30 vpn01 sshd[24030]: Failed password for root from 104.248.139.121 port 47328 ssh2 ...	2020-04-17 16:50:57
104.248.139.121	attackspambots	Apr 8 06:00:12 sso sshd[10238]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.139.121 Apr 8 06:00:14 sso sshd[10238]: Failed password for invalid user aman from 104.248.139.121 port 60516 ssh2 ...	2020-04-08 12:18:20
104.248.139.121	attackspam	(sshd) Failed SSH login from 104.248.139.121 (DE/Germany/-): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 4 09:34:42 ubnt-55d23 sshd[17241]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.139.121 user=root Apr 4 09:34:44 ubnt-55d23 sshd[17241]: Failed password for root from 104.248.139.121 port 43664 ssh2	2020-04-04 16:11:55
104.248.139.121	attack	Mar 28 16:31:05 dev0-dcde-rnet sshd[3144]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.139.121 Mar 28 16:31:06 dev0-dcde-rnet sshd[3144]: Failed password for invalid user oracle from 104.248.139.121 port 41678 ssh2 Mar 28 16:41:28 dev0-dcde-rnet sshd[3230]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.139.121	2020-03-29 00:22:33

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.248.139.205
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32934
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.248.139.205.		IN	A

;; AUTHORITY SECTION:
.			599	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022040102 1800 900 604800 86400

;; Query time: 74 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Apr 01 23:32:23 CST 2022
;; MSG SIZE  rcvd: 108

Host info

Host 205.139.248.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 205.139.248.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
111.67.202.196	attackbots	Jul 14 05:56:33 * sshd[11788]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.67.202.196 Jul 14 05:56:35 * sshd[11788]: Failed password for invalid user life from 111.67.202.196 port 37908 ssh2	2020-07-14 12:00:38
192.241.216.223	attack	Unauthorised access (Jul 13) SRC=192.241.216.223 LEN=40 TTL=239 ID=54321 TCP DPT=3389 WINDOW=65535 SYN	2020-07-14 08:43:59
106.12.131.161	attackbots	Jul 13 16:28:14 Host-KEWR-E sshd[15003]: Disconnected from invalid user aa 106.12.131.161 port 50096 [preauth] ...	2020-07-14 08:40:50
186.33.211.59	attack	Jul 14 01:02:41 sticky sshd\[16292\]: Invalid user git_user from 186.33.211.59 port 41610 Jul 14 01:02:41 sticky sshd\[16292\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.33.211.59 Jul 14 01:02:44 sticky sshd\[16292\]: Failed password for invalid user git_user from 186.33.211.59 port 41610 ssh2 Jul 14 01:06:04 sticky sshd\[16325\]: Invalid user meena from 186.33.211.59 port 36714 Jul 14 01:06:04 sticky sshd\[16325\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.33.211.59	2020-07-14 08:33:18
222.180.236.74	attack	3389BruteforceStormFW21	2020-07-14 08:30:26
190.85.65.236	attackbots	Jul 14 00:29:49 vpn01 sshd[5371]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.85.65.236 Jul 14 00:29:51 vpn01 sshd[5371]: Failed password for invalid user alexis from 190.85.65.236 port 37535 ssh2 ...	2020-07-14 08:56:39
31.154.9.174	attack	Jul 14 06:20:43 web1 sshd[30414]: Invalid user hlw from 31.154.9.174 port 56442 Jul 14 06:20:43 web1 sshd[30414]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.154.9.174 Jul 14 06:20:43 web1 sshd[30414]: Invalid user hlw from 31.154.9.174 port 56442 Jul 14 06:20:45 web1 sshd[30414]: Failed password for invalid user hlw from 31.154.9.174 port 56442 ssh2 Jul 14 06:26:23 web1 sshd[31769]: Invalid user base from 31.154.9.174 port 58238 Jul 14 06:26:23 web1 sshd[31769]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.154.9.174 Jul 14 06:26:23 web1 sshd[31769]: Invalid user base from 31.154.9.174 port 58238 Jul 14 06:26:25 web1 sshd[31769]: Failed password for invalid user base from 31.154.9.174 port 58238 ssh2 Jul 14 06:28:17 web1 sshd[32197]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.154.9.174 user=games Jul 14 06:28:19 web1 sshd[32197]: Failed password ...	2020-07-14 08:36:32
46.0.199.27	attack	SSH Honeypot -> SSH Bruteforce / Login	2020-07-14 08:44:33
198.199.124.109	attackspambots	Jul 13 17:30:34 Tower sshd[24721]: Connection from 198.199.124.109 port 38234 on 192.168.10.220 port 22 rdomain "" Jul 13 17:30:34 Tower sshd[24721]: Invalid user supriya from 198.199.124.109 port 38234 Jul 13 17:30:34 Tower sshd[24721]: error: Could not get shadow information for NOUSER Jul 13 17:30:34 Tower sshd[24721]: Failed password for invalid user supriya from 198.199.124.109 port 38234 ssh2 Jul 13 17:30:34 Tower sshd[24721]: Received disconnect from 198.199.124.109 port 38234:11: Bye Bye [preauth] Jul 13 17:30:34 Tower sshd[24721]: Disconnected from invalid user supriya 198.199.124.109 port 38234 [preauth]	2020-07-14 08:43:02
222.186.175.154	attackbotsspam	2020-07-13T20:34:19.004798uwu-server sshd[4143754]: Failed password for root from 222.186.175.154 port 24796 ssh2 2020-07-13T20:34:23.185893uwu-server sshd[4143754]: Failed password for root from 222.186.175.154 port 24796 ssh2 2020-07-13T20:34:26.651331uwu-server sshd[4143754]: Failed password for root from 222.186.175.154 port 24796 ssh2 2020-07-13T20:34:31.155704uwu-server sshd[4143754]: Failed password for root from 222.186.175.154 port 24796 ssh2 2020-07-13T20:34:31.273305uwu-server sshd[4143754]: error: maximum authentication attempts exceeded for root from 222.186.175.154 port 24796 ssh2 [preauth] ...	2020-07-14 08:48:13
46.41.139.134	attackspambots	Jul 14 05:54:57 piServer sshd[923]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.41.139.134 Jul 14 05:54:59 piServer sshd[923]: Failed password for invalid user guang from 46.41.139.134 port 34598 ssh2 Jul 14 05:56:30 piServer sshd[1121]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.41.139.134 ...	2020-07-14 12:06:49
45.112.97.139	attack	DATE:2020-07-13 22:27:53, IP:45.112.97.139, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-07-14 08:52:00
60.167.180.218	attack	Jul 14 00:26:10 ip-172-31-61-156 sshd[6269]: Failed password for invalid user qpal from 60.167.180.218 port 59704 ssh2 Jul 14 00:38:25 ip-172-31-61-156 sshd[6714]: Invalid user mph from 60.167.180.218 Jul 14 00:38:25 ip-172-31-61-156 sshd[6714]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.167.180.218 Jul 14 00:38:25 ip-172-31-61-156 sshd[6714]: Invalid user mph from 60.167.180.218 Jul 14 00:38:27 ip-172-31-61-156 sshd[6714]: Failed password for invalid user mph from 60.167.180.218 port 37588 ssh2 ...	2020-07-14 08:55:55
202.173.127.46	attackspambots	Jul 13 13:37:33 Tower sshd[30931]: refused connect from 182.74.86.27 (182.74.86.27) Jul 13 17:35:14 Tower sshd[30931]: Connection from 202.173.127.46 port 53636 on 192.168.10.220 port 22 rdomain "" Jul 13 17:35:16 Tower sshd[30931]: Invalid user fang from 202.173.127.46 port 53636 Jul 13 17:35:16 Tower sshd[30931]: error: Could not get shadow information for NOUSER Jul 13 17:35:16 Tower sshd[30931]: Failed password for invalid user fang from 202.173.127.46 port 53636 ssh2 Jul 13 17:35:16 Tower sshd[30931]: Received disconnect from 202.173.127.46 port 53636:11: Bye Bye [preauth] Jul 13 17:35:16 Tower sshd[30931]: Disconnected from invalid user fang 202.173.127.46 port 53636 [preauth]	2020-07-14 08:49:36
61.133.232.251	attackbots	Jul 14 01:00:51 server sshd[17127]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.133.232.251 Jul 14 01:00:53 server sshd[17127]: Failed password for invalid user xc from 61.133.232.251 port 48844 ssh2 Jul 14 02:12:35 server sshd[21433]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.133.232.251 Jul 14 02:12:37 server sshd[21433]: Failed password for invalid user cnc from 61.133.232.251 port 52254 ssh2	2020-07-14 08:55:31

Recently Reported IPs

104.248.137.229	104.248.171.217	104.248.171.242	104.248.178.118
104.248.193.67	104.248.200.72	104.248.203.136	104.248.204.195
104.248.206.131	104.248.207.234	104.248.21.26	104.248.218.207
104.248.228.162	104.248.231.61	104.248.232.212	104.248.235.74
104.248.237.199	104.248.237.29	104.248.239.17	104.248.242.172