104.248.2.196 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.248.240.174	attackproxy	Fraud connect	2024-05-14 20:51:04
104.248.205.67	spamattack	Phishing	2022-01-28 16:41:36
104.248.246.41	attack	fail2ban detected brute force on sshd	2020-10-12 07:24:44
104.248.205.67	attackspambots	Oct 11 20:16:41 cho sshd[449424]: Failed password for invalid user mugihiko from 104.248.205.67 port 47586 ssh2 Oct 11 20:19:53 cho sshd[449593]: Invalid user chick from 104.248.205.67 port 51910 Oct 11 20:19:53 cho sshd[449593]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.205.67 Oct 11 20:19:53 cho sshd[449593]: Invalid user chick from 104.248.205.67 port 51910 Oct 11 20:19:55 cho sshd[449593]: Failed password for invalid user chick from 104.248.205.67 port 51910 ssh2 ...	2020-10-12 02:35:14
104.248.246.41	attackbots	Invalid user test from 104.248.246.41 port 55920	2020-10-11 23:39:01
104.248.205.67	attackbots	TCP port : 3918	2020-10-11 18:26:20
104.248.246.41	attackbotsspam	(sshd) Failed SSH login from 104.248.246.41 (DE/Germany/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 11 00:30:27 server4 sshd[7206]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.246.41 user=root Oct 11 00:30:29 server4 sshd[7206]: Failed password for root from 104.248.246.41 port 44390 ssh2 Oct 11 00:39:51 server4 sshd[12389]: Invalid user prueba from 104.248.246.41 Oct 11 00:39:52 server4 sshd[12389]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.246.41 Oct 11 00:39:53 server4 sshd[12389]: Failed password for invalid user prueba from 104.248.246.41 port 54958 ssh2	2020-10-11 15:38:18
104.248.246.41	attack	SSH brutforce	2020-10-11 08:55:57
104.248.246.8	attackspam	Cowrie Honeypot: Unauthorised SSH/Telnet login attempt with user "root" at 2020-10-07T19:04:42Z	2020-10-08 05:35:17
104.248.246.8	attack	Oct 6 06:01:26 ns4 sshd[27242]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.246.8 user=r.r Oct 6 06:01:29 ns4 sshd[27242]: Failed password for r.r from 104.248.246.8 port 46506 ssh2 Oct 6 06:10:46 ns4 sshd[28508]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.246.8 user=r.r Oct 6 06:10:48 ns4 sshd[28508]: Failed password for r.r from 104.248.246.8 port 33954 ssh2 Oct 6 06:14:29 ns4 sshd[28931]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.246.8 user=r.r Oct 6 06:14:31 ns4 sshd[28931]: Failed password for r.r from 104.248.246.8 port 44924 ssh2 Oct 6 06:18:09 ns4 sshd[29265]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.246.8 user=r.r Oct 6 06:18:11 ns4 sshd[29265]: Failed password for r.r from 104.248.246.8 port 55894 ssh2 Oct 6 06:22:32 ns4 sshd[29859]: pam........ -------------------------------	2020-10-07 21:59:43
104.248.246.8	attack	Oct 6 06:01:26 ns4 sshd[27242]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.246.8 user=r.r Oct 6 06:01:29 ns4 sshd[27242]: Failed password for r.r from 104.248.246.8 port 46506 ssh2 Oct 6 06:10:46 ns4 sshd[28508]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.246.8 user=r.r Oct 6 06:10:48 ns4 sshd[28508]: Failed password for r.r from 104.248.246.8 port 33954 ssh2 Oct 6 06:14:29 ns4 sshd[28931]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.246.8 user=r.r Oct 6 06:14:31 ns4 sshd[28931]: Failed password for r.r from 104.248.246.8 port 44924 ssh2 Oct 6 06:18:09 ns4 sshd[29265]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.246.8 user=r.r Oct 6 06:18:11 ns4 sshd[29265]: Failed password for r.r from 104.248.246.8 port 55894 ssh2 Oct 6 06:22:32 ns4 sshd[29859]: pam........ -------------------------------	2020-10-07 13:49:05
104.248.230.153	attackspam	(sshd) Failed SSH login from 104.248.230.153 (US/United States/-): 5 in the last 3600 secs	2020-10-07 05:24:27
104.248.230.153	attackspambots	Oct 6 15:02:03 xeon sshd[32516]: Failed password for root from 104.248.230.153 port 58082 ssh2	2020-10-06 21:33:55
104.248.230.153	attack	malicious Brute-Force reported by https://www.patrick-binder.de ...	2020-10-06 13:15:39
104.248.231.200	attack	Oct 4 20:50:32 electroncash sshd[3649]: Failed password for root from 104.248.231.200 port 34936 ssh2 Oct 4 20:51:37 electroncash sshd[4070]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.231.200 user=root Oct 4 20:51:38 electroncash sshd[4070]: Failed password for root from 104.248.231.200 port 54398 ssh2 Oct 4 20:52:42 electroncash sshd[4489]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.231.200 user=root Oct 4 20:52:45 electroncash sshd[4489]: Failed password for root from 104.248.231.200 port 45634 ssh2 ...	2020-10-05 05:43:15

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.248.2.196
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 14936
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.248.2.196.			IN	A

;; AUTHORITY SECTION:
.			445	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022091502 1800 900 604800 86400

;; Query time: 61 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Sep 16 05:42:15 CST 2022
;; MSG SIZE  rcvd: 106

Host info

Host 196.2.248.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 196.2.248.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
159.65.137.23	attackspam	2019-12-18T17:46:12.191958abusebot.cloudsearch.cf sshd\[29692\]: Invalid user sydney from 159.65.137.23 port 44722 2019-12-18T17:46:12.196974abusebot.cloudsearch.cf sshd\[29692\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.137.23 2019-12-18T17:46:14.069356abusebot.cloudsearch.cf sshd\[29692\]: Failed password for invalid user sydney from 159.65.137.23 port 44722 ssh2 2019-12-18T17:54:39.424090abusebot.cloudsearch.cf sshd\[29871\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.137.23 user=root	2019-12-19 04:58:56
132.232.32.228	attack	Dec 18 17:40:48 Ubuntu-1404-trusty-64-minimal sshd\[10021\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.32.228 user=root Dec 18 17:40:49 Ubuntu-1404-trusty-64-minimal sshd\[10021\]: Failed password for root from 132.232.32.228 port 45886 ssh2 Dec 18 17:58:46 Ubuntu-1404-trusty-64-minimal sshd\[22777\]: Invalid user scottt from 132.232.32.228 Dec 18 17:58:46 Ubuntu-1404-trusty-64-minimal sshd\[22777\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.32.228 Dec 18 17:58:48 Ubuntu-1404-trusty-64-minimal sshd\[22777\]: Failed password for invalid user scottt from 132.232.32.228 port 39378 ssh2	2019-12-19 05:06:23
217.219.221.166	attackbots	Unauthorised access (Dec 18) SRC=217.219.221.166 LEN=40 TTL=240 ID=28066 TCP DPT=1433 WINDOW=1024 SYN	2019-12-19 05:07:02
59.127.172.234	attackbots	Dec 18 10:47:11 linuxvps sshd\[63774\]: Invalid user ncs from 59.127.172.234 Dec 18 10:47:11 linuxvps sshd\[63774\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.127.172.234 Dec 18 10:47:14 linuxvps sshd\[63774\]: Failed password for invalid user ncs from 59.127.172.234 port 49458 ssh2 Dec 18 10:53:23 linuxvps sshd\[2916\]: Invalid user arkesteijn from 59.127.172.234 Dec 18 10:53:23 linuxvps sshd\[2916\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.127.172.234	2019-12-19 05:16:31
139.219.14.12	attackspam	Invalid user kissee from 139.219.14.12 port 57930	2019-12-19 04:48:33
186.179.106.36	attackspambots	Unauthorized connection attempt from IP address 186.179.106.36 on Port 445(SMB)	2019-12-19 05:18:54
177.106.61.239	attackspam	Dec 18 20:50:04 vtv3 sshd[417]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.106.61.239 Dec 18 20:50:05 vtv3 sshd[417]: Failed password for invalid user nicolina from 177.106.61.239 port 58104 ssh2 Dec 18 20:56:34 vtv3 sshd[3774]: Failed password for root from 177.106.61.239 port 39526 ssh2 Dec 18 21:09:59 vtv3 sshd[9632]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.106.61.239 Dec 18 21:10:00 vtv3 sshd[9632]: Failed password for invalid user nu from 177.106.61.239 port 59130 ssh2 Dec 18 21:16:53 vtv3 sshd[13460]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.106.61.239 Dec 18 21:30:30 vtv3 sshd[19893]: Failed password for root from 177.106.61.239 port 60242 ssh2 Dec 18 21:37:22 vtv3 sshd[23018]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.106.61.239 Dec 18 21:37:24 vtv3 sshd[23018]: Failed password for invalid user test	2019-12-19 04:56:54
178.204.13.14	attack	Unauthorized connection attempt from IP address 178.204.13.14 on Port 445(SMB)	2019-12-19 05:11:49
116.72.16.15	attackspam	Dec 18 10:46:14 Ubuntu-1404-trusty-64-minimal sshd\[18741\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.72.16.15 user=root Dec 18 10:46:16 Ubuntu-1404-trusty-64-minimal sshd\[18741\]: Failed password for root from 116.72.16.15 port 44816 ssh2 Dec 18 22:13:32 Ubuntu-1404-trusty-64-minimal sshd\[18019\]: Invalid user user4 from 116.72.16.15 Dec 18 22:13:32 Ubuntu-1404-trusty-64-minimal sshd\[18019\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.72.16.15 Dec 18 22:13:33 Ubuntu-1404-trusty-64-minimal sshd\[18019\]: Failed password for invalid user user4 from 116.72.16.15 port 46668 ssh2	2019-12-19 05:24:26
77.247.110.22	attackspambots	\[2019-12-18 15:34:39\] NOTICE\[2839\] chan_sip.c: Registration from '"3" \' failed for '77.247.110.22:5331' - Wrong password \[2019-12-18 15:34:39\] SECURITY\[2857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-12-18T15:34:39.457-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="3",SessionID="0x7f0fb4234468",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.247.110.22/5331",Challenge="2d5e25d1",ReceivedChallenge="2d5e25d1",ReceivedHash="428bb9fccb75c0af63039b762749b1ee" \[2019-12-18 15:34:39\] NOTICE\[2839\] chan_sip.c: Registration from '"3" \' failed for '77.247.110.22:5331' - Wrong password \[2019-12-18 15:34:39\] SECURITY\[2857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-12-18T15:34:39.514-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="3",SessionID="0x7f0fb447f838",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.247.110.22/53	2019-12-19 04:57:45
45.136.108.158	attack	Dec 18 20:30:16 h2177944 kernel: \[9572394.172575\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.108.158 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=47010 PROTO=TCP SPT=46722 DPT=4304 WINDOW=1024 RES=0x00 SYN URGP=0 Dec 18 21:00:53 h2177944 kernel: \[9574230.560647\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.108.158 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=44190 PROTO=TCP SPT=46722 DPT=5405 WINDOW=1024 RES=0x00 SYN URGP=0 Dec 18 21:10:54 h2177944 kernel: \[9574831.811183\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.108.158 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=18940 PROTO=TCP SPT=46722 DPT=4955 WINDOW=1024 RES=0x00 SYN URGP=0 Dec 18 21:19:35 h2177944 kernel: \[9575352.149455\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.108.158 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=53159 PROTO=TCP SPT=46722 DPT=4299 WINDOW=1024 RES=0x00 SYN URGP=0 Dec 18 21:28:16 h2177944 kernel: \[9575872.760519\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.108.158 DST=85.214.	2019-12-19 05:03:06
106.13.56.12	attackspambots	Dec 18 17:53:14 ArkNodeAT sshd\[1131\]: Invalid user guest from 106.13.56.12 Dec 18 17:53:14 ArkNodeAT sshd\[1131\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.56.12 Dec 18 17:53:15 ArkNodeAT sshd\[1131\]: Failed password for invalid user guest from 106.13.56.12 port 56476 ssh2	2019-12-19 05:14:15
86.61.66.59	attackspambots	Dec 18 17:44:27 l02a sshd[13584]: Invalid user aridi from 86.61.66.59 Dec 18 17:44:29 l02a sshd[13584]: Failed password for invalid user aridi from 86.61.66.59 port 50782 ssh2 Dec 18 17:44:27 l02a sshd[13584]: Invalid user aridi from 86.61.66.59 Dec 18 17:44:29 l02a sshd[13584]: Failed password for invalid user aridi from 86.61.66.59 port 50782 ssh2	2019-12-19 04:55:36
182.253.188.59	attack	12,41-02/01 [bc01/m68] PostRequest-Spammer scoring: maputo01_x2b	2019-12-19 05:13:16
139.199.88.93	attackbotsspam	Dec 18 10:53:12 linuxvps sshd\[2743\]: Invalid user raspberry from 139.199.88.93 Dec 18 10:53:12 linuxvps sshd\[2743\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.88.93 Dec 18 10:53:14 linuxvps sshd\[2743\]: Failed password for invalid user raspberry from 139.199.88.93 port 35070 ssh2 Dec 18 10:59:09 linuxvps sshd\[6925\]: Invalid user marjorie from 139.199.88.93 Dec 18 10:59:09 linuxvps sshd\[6925\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.88.93	2019-12-19 05:25:43

Recently Reported IPs

154.201.34.210	154.201.38.113	45.5.118.218	185.24.35.118
223.13.40.105	61.246.2.80	111.249.121.52	2.55.106.92
154.95.32.52	95.70.178.3	128.199.148.74	41.205.24.71
96.90.153.206	64.110.176.206	179.125.31.198	37.183.120.80
92.19.155.65	191.194.117.71	189.217.192.121	189.135.232.85