104.248.148.79

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.248.148.34	attack	Nov 25 19:16:03 h2177944 sshd\[29503\]: Invalid user jasmin from 104.248.148.34 port 36974 Nov 25 19:16:03 h2177944 sshd\[29503\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.148.34 Nov 25 19:16:05 h2177944 sshd\[29503\]: Failed password for invalid user jasmin from 104.248.148.34 port 36974 ssh2 Nov 25 19:23:18 h2177944 sshd\[29702\]: Invalid user dyrlie from 104.248.148.34 port 46472 Nov 25 19:23:18 h2177944 sshd\[29702\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.148.34 ...	2019-11-26 04:28:58
104.248.148.98	attackbots	2019-09-22T07:35:38.446967enmeeting.mahidol.ac.th sshd\[11482\]: Invalid user ftpuser from 104.248.148.98 port 49728 2019-09-22T07:35:38.462169enmeeting.mahidol.ac.th sshd\[11482\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.148.98 2019-09-22T07:35:40.546752enmeeting.mahidol.ac.th sshd\[11482\]: Failed password for invalid user ftpuser from 104.248.148.98 port 49728 ssh2 ...	2019-09-22 09:47:15
104.248.148.34	attackspam	Sep 8 18:39:32 vpxxxxxxx22308 sshd[14182]: Invalid user rtest from 104.248.148.34 Sep 8 18:39:32 vpxxxxxxx22308 sshd[14182]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.148.34 Sep 8 18:39:34 vpxxxxxxx22308 sshd[14182]: Failed password for invalid user rtest from 104.248.148.34 port 54336 ssh2 Sep 8 18:49:04 vpxxxxxxx22308 sshd[15625]: Invalid user ts3server from 104.248.148.34 Sep 8 18:49:04 vpxxxxxxx22308 sshd[15625]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.148.34 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=104.248.148.34	2019-09-16 17:22:56
104.248.148.34	attack	2019-09-10T08:55:33.402275abusebot-8.cloudsearch.cf sshd\[23044\]: Invalid user developer from 104.248.148.34 port 37844	2019-09-10 17:18:16
104.248.148.34	attack	2019-09-04T17:02:38.486164abusebot-8.cloudsearch.cf sshd\[20946\]: Invalid user pawel from 104.248.148.34 port 42314	2019-09-05 01:41:10
104.248.148.98	attackbots	$f2bV_matches	2019-09-02 14:11:39
104.248.148.98	attackbotsspam	Aug 27 11:16:46 pkdns2 sshd\[57154\]: Invalid user mono from 104.248.148.98Aug 27 11:16:47 pkdns2 sshd\[57154\]: Failed password for invalid user mono from 104.248.148.98 port 51520 ssh2Aug 27 11:21:39 pkdns2 sshd\[57387\]: Invalid user vtcbikes from 104.248.148.98Aug 27 11:21:41 pkdns2 sshd\[57387\]: Failed password for invalid user vtcbikes from 104.248.148.98 port 40366 ssh2Aug 27 11:26:30 pkdns2 sshd\[57616\]: Invalid user archuser from 104.248.148.98Aug 27 11:26:32 pkdns2 sshd\[57616\]: Failed password for invalid user archuser from 104.248.148.98 port 57660 ssh2 ...	2019-08-27 16:36:34
104.248.148.98	attack	Aug 26 22:46:06 SilenceServices sshd[13571]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.148.98 Aug 26 22:46:08 SilenceServices sshd[13571]: Failed password for invalid user gpu from 104.248.148.98 port 56196 ssh2 Aug 26 22:50:37 SilenceServices sshd[15320]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.148.98	2019-08-27 05:04:36
104.248.148.98	attack	Invalid user jana from 104.248.148.98 port 49152	2019-08-25 00:20:33
104.248.148.98	attackspam	$f2bV_matches	2019-08-13 05:59:54
104.248.148.98	attackbotsspam	Aug 10 22:25:15 unicornsoft sshd\[14958\]: Invalid user ultra from 104.248.148.98 Aug 10 22:25:15 unicornsoft sshd\[14958\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.148.98 Aug 10 22:25:16 unicornsoft sshd\[14958\]: Failed password for invalid user ultra from 104.248.148.98 port 38864 ssh2	2019-08-11 12:11:57
104.248.148.98	attack	Aug 6 12:00:40 MK-Soft-VM4 sshd\[21025\]: Invalid user ts2 from 104.248.148.98 port 47282 Aug 6 12:00:40 MK-Soft-VM4 sshd\[21025\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.148.98 Aug 6 12:00:41 MK-Soft-VM4 sshd\[21025\]: Failed password for invalid user ts2 from 104.248.148.98 port 47282 ssh2 ...	2019-08-07 03:08:17
104.248.148.52	attackbots	Apr 13 17:05:07 ubuntu sshd[20205]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.148.52 Apr 13 17:05:09 ubuntu sshd[20205]: Failed password for invalid user bsd from 104.248.148.52 port 33326 ssh2 Apr 13 17:07:50 ubuntu sshd[20266]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.148.52 Apr 13 17:07:52 ubuntu sshd[20266]: Failed password for invalid user weixin from 104.248.148.52 port 34762 ssh2	2019-07-31 21:11:59
104.248.148.98	attackspambots	Apr 20 08:20:34 ubuntu sshd[9755]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.148.98 Apr 20 08:20:35 ubuntu sshd[9755]: Failed password for invalid user delete from 104.248.148.98 port 38690 ssh2 Apr 20 08:23:14 ubuntu sshd[9836]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.148.98 Apr 20 08:23:17 ubuntu sshd[9836]: Failed password for invalid user correo from 104.248.148.98 port 36342 ssh2	2019-07-31 21:07:40
104.248.148.98	attackspambots	SSH invalid-user multiple login try	2019-07-11 11:37:11

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.248.148.79
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 5509
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.248.148.79.			IN	A

;; AUTHORITY SECTION:
.			64	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022032000 1800 900 604800 86400

;; Query time: 59 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Mar 20 16:38:38 CST 2022
;; MSG SIZE  rcvd: 107

Host info

79.148.248.104.in-addr.arpa domain name pointer hagley.school.nz.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
79.148.248.104.in-addr.arpa	name = hagley.school.nz.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
50.2.209.38	attackbotsspam	Jun 15 06:59:22 mxgate1 postfix/postscreen[7201]: CONNECT from [50.2.209.38]:45203 to [176.31.12.44]:25 Jun 15 06:59:22 mxgate1 postfix/dnsblog[7202]: addr 50.2.209.38 listed by domain zen.spamhaus.org as 127.0.0.3 Jun 15 06:59:28 mxgate1 postfix/postscreen[7201]: DNSBL rank 2 for [50.2.209.38]:45203 Jun x@x Jun 15 06:59:29 mxgate1 postfix/postscreen[7201]: DISCONNECT [50.2.209.38]:45203 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=50.2.209.38	2020-06-15 15:53:57
167.99.96.114	attackbots	$f2bV_matches	2020-06-15 16:05:11
79.7.80.86	attackbotsspam	Jun 15 05:53:02 ns41 sshd[11668]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.7.80.86	2020-06-15 15:30:47
182.75.216.190	attackbots	Invalid user user from 182.75.216.190 port 32644	2020-06-15 15:57:25
91.207.74.92	attackspambots	Automatic report - XMLRPC Attack	2020-06-15 16:00:26
128.199.108.248	attack	Lines containing failures of 128.199.108.248 Jun 15 05:43:43 shared12 sshd[22457]: Invalid user eh from 128.199.108.248 port 58532 Jun 15 05:43:43 shared12 sshd[22457]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.108.248 Jun 15 05:43:46 shared12 sshd[22457]: Failed password for invalid user eh from 128.199.108.248 port 58532 ssh2 Jun 15 05:43:46 shared12 sshd[22457]: Received disconnect from 128.199.108.248 port 58532:11: Bye Bye [preauth] Jun 15 05:43:46 shared12 sshd[22457]: Disconnected from invalid user eh 128.199.108.248 port 58532 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=128.199.108.248	2020-06-15 16:01:53
46.33.47.245	attackbotsspam	DATE:2020-06-15 05:52:57, IP:46.33.47.245, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2020-06-15 15:36:07
40.72.97.22	attackbots	Jun 15 07:58:49 abendstille sshd\[23699\]: Invalid user randy from 40.72.97.22 Jun 15 07:58:49 abendstille sshd\[23699\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.72.97.22 Jun 15 07:58:51 abendstille sshd\[23699\]: Failed password for invalid user randy from 40.72.97.22 port 54642 ssh2 Jun 15 08:02:13 abendstille sshd\[27244\]: Invalid user rtest from 40.72.97.22 Jun 15 08:02:13 abendstille sshd\[27244\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.72.97.22 ...	2020-06-15 15:36:35
104.131.157.96	attackspambots	Jun 15 05:41:05 ns382633 sshd\[23992\]: Invalid user admin from 104.131.157.96 port 43810 Jun 15 05:41:05 ns382633 sshd\[23992\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.157.96 Jun 15 05:41:07 ns382633 sshd\[23992\]: Failed password for invalid user admin from 104.131.157.96 port 43810 ssh2 Jun 15 05:52:20 ns382633 sshd\[25863\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.157.96 user=root Jun 15 05:52:22 ns382633 sshd\[25863\]: Failed password for root from 104.131.157.96 port 52874 ssh2	2020-06-15 16:05:24
106.13.228.62	attackbots	Jun 15 05:52:31 ns41 sshd[11635]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.228.62	2020-06-15 15:59:28
203.148.20.254	attackspambots	Invalid user tomcat from 203.148.20.254 port 60793	2020-06-15 15:31:05
177.152.124.21	attack	Jun 15 07:55:50 minden010 sshd[6755]: Failed password for root from 177.152.124.21 port 42712 ssh2 Jun 15 07:57:35 minden010 sshd[7352]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.152.124.21 Jun 15 07:57:37 minden010 sshd[7352]: Failed password for invalid user elias from 177.152.124.21 port 37798 ssh2 ...	2020-06-15 15:42:50
101.231.146.34	attackbots	Jun 15 07:38:10 django-0 sshd\[32356\]: Invalid user liulei from 101.231.146.34Jun 15 07:38:12 django-0 sshd\[32356\]: Failed password for invalid user liulei from 101.231.146.34 port 36786 ssh2Jun 15 07:42:30 django-0 sshd\[32420\]: Invalid user server1 from 101.231.146.34 ...	2020-06-15 15:52:21
201.249.50.74	attackbots	2020-06-15T10:58:26.686591lavrinenko.info sshd[13358]: Invalid user angga from 201.249.50.74 port 46546 2020-06-15T10:58:26.696731lavrinenko.info sshd[13358]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.249.50.74 2020-06-15T10:58:26.686591lavrinenko.info sshd[13358]: Invalid user angga from 201.249.50.74 port 46546 2020-06-15T10:58:28.564400lavrinenko.info sshd[13358]: Failed password for invalid user angga from 201.249.50.74 port 46546 ssh2 2020-06-15T11:01:38.214672lavrinenko.info sshd[13537]: Invalid user tom from 201.249.50.74 port 40901 ...	2020-06-15 16:04:38
160.20.200.234	attackspam	Failed password for invalid user zb from 160.20.200.234 port 42610 ssh2	2020-06-15 15:32:39

Recently Reported IPs

104.248.145.141	104.248.152.254	104.248.154.93	104.248.158.222
104.248.169.168	104.248.17.165	104.248.172.13	104.248.189.50
104.248.191.52	104.248.193.37	104.248.20.82	104.248.230.161
104.248.232.237	104.248.234.83	104.248.242.72	104.248.245.55
104.248.25.60	104.248.29.114	104.248.29.199	104.248.30.188