104.248.235.55

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	web-1 [ssh_2] SSH Attack	2020-06-23 19:53:28
attack	Invalid user x from 104.248.235.55 port 48788	2020-06-20 15:14:04
attackspambots	web-1 [ssh] SSH Attack	2020-06-20 07:23:54
attack	Jun 14 18:02:22 vps46666688 sshd[28444]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.235.55 Jun 14 18:02:24 vps46666688 sshd[28444]: Failed password for invalid user user from 104.248.235.55 port 33024 ssh2 ...	2020-06-15 05:22:17

Comments on same subnet:

IP	Type	Details	Datetime
104.248.235.138	attackbotsspam	Sep 28 16:51:19 scw-focused-cartwright sshd[23530]: Failed password for root from 104.248.235.138 port 34548 ssh2	2020-09-29 01:44:52
104.248.235.138	attackspam	Sep 28 11:45:30 sso sshd[11619]: Failed password for root from 104.248.235.138 port 50568 ssh2 ...	2020-09-28 17:49:49
104.248.235.138	attackbotsspam	Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2020-09-27T19:02:39Z and 2020-09-27T19:02:51Z	2020-09-28 03:14:28
104.248.235.138	attackbots	[AUTOMATIC REPORT] - 31 tries in total - SSH BRUTE FORCE - IP banned	2020-09-27 19:23:37
104.248.235.138	attack	2020-09-25T02:11:17.750971abusebot-7.cloudsearch.cf sshd[12129]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.235.138 user=root 2020-09-25T02:11:19.775507abusebot-7.cloudsearch.cf sshd[12129]: Failed password for root from 104.248.235.138 port 54256 ssh2 2020-09-25T02:11:20.001332abusebot-7.cloudsearch.cf sshd[12135]: Invalid user admin from 104.248.235.138 port 60836 2020-09-25T02:11:18.555536abusebot-7.cloudsearch.cf sshd[12131]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.235.138 user=root 2020-09-25T02:11:20.384463abusebot-7.cloudsearch.cf sshd[12131]: Failed password for root from 104.248.235.138 port 56636 ssh2 2020-09-25T02:11:20.662655abusebot-7.cloudsearch.cf sshd[12137]: Invalid user admin from 104.248.235.138 port 34438 ...	2020-09-25 10:13:50
104.248.235.174	attackbots	104.248.235.174 - - [24/Sep/2020:13:42:41 +0200] "GET /wp-login.php HTTP/1.1" 200 8796 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.235.174 - - [24/Sep/2020:13:42:43 +0200] "POST /wp-login.php HTTP/1.1" 200 9047 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.235.174 - - [24/Sep/2020:13:42:44 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-25 00:31:44
104.248.235.174	attackbots	Automatic report - XMLRPC Attack	2020-09-24 16:11:38
104.248.235.174	attack	104.248.235.174 - - [23/Sep/2020:23:45:24 +0100] "POST /wp-login.php HTTP/1.1" 200 2426 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.235.174 - - [23/Sep/2020:23:45:25 +0100] "POST /wp-login.php HTTP/1.1" 200 2407 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.235.174 - - [23/Sep/2020:23:45:26 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-24 07:36:22
104.248.235.16	attackspam	Sep 23 21:08:08 mx sshd[910121]: Failed password for root from 104.248.235.16 port 32872 ssh2 Sep 23 21:11:57 mx sshd[910322]: Invalid user user from 104.248.235.16 port 42560 Sep 23 21:11:57 mx sshd[910322]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.235.16 Sep 23 21:11:57 mx sshd[910322]: Invalid user user from 104.248.235.16 port 42560 Sep 23 21:11:59 mx sshd[910322]: Failed password for invalid user user from 104.248.235.16 port 42560 ssh2 ...	2020-09-24 00:35:47
104.248.235.16	attackspam	$f2bV_matches	2020-09-23 16:42:05
104.248.235.16	attack	Sep 23 00:59:34 nextcloud sshd\[2461\]: Invalid user ts3bot from 104.248.235.16 Sep 23 00:59:34 nextcloud sshd\[2461\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.235.16 Sep 23 00:59:37 nextcloud sshd\[2461\]: Failed password for invalid user ts3bot from 104.248.235.16 port 59288 ssh2	2020-09-23 08:40:22
104.248.235.6	attack	104.248.235.6 - - [03/Aug/2020:14:28:02 +0200] "POST /xmlrpc.php HTTP/1.1" 403 461 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.235.6 - - [03/Aug/2020:14:28:20 +0200] "POST /xmlrpc.php HTTP/1.1" 403 10519 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-03 20:54:01
104.248.235.6	attackspambots	104.248.235.6 - - [02/Aug/2020:22:23:40 +0200] "GET /wp-login.php HTTP/1.1" 200 1301 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.235.6 - - [02/Aug/2020:22:23:41 +0200] "POST /wp-login.php HTTP/1.1" 200 1704 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.235.6 - - [02/Aug/2020:22:23:41 +0200] "GET /wp-login.php HTTP/1.1" 200 1301 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.235.6 - - [02/Aug/2020:22:23:41 +0200] "POST /wp-login.php HTTP/1.1" 200 1684 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.235.6 - - [02/Aug/2020:22:23:41 +0200] "GET /wp-login.php HTTP/1.1" 200 1301 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.235.6 - - [02/Aug/2020:22:23:42 +0200] "POST /wp-login.php HTTP/1.1" 200 1688 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Fir ...	2020-08-03 06:19:17
104.248.235.6	attack	104.248.235.6 - - [20/Jul/2020:21:53:28 -0600] "GET /wp-login.php HTTP/1.1" 303 433 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-07-21 16:58:09
104.248.235.6	attackspam	Website hacking attempt: Wordpress admin access [wp-login.php]	2020-07-08 04:34:12

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.248.235.55
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52639
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.248.235.55.			IN	A

;; AUTHORITY SECTION:
.			557	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020061401 1800 900 604800 86400

;; Query time: 99 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jun 15 05:22:14 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 55.235.248.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 55.235.248.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
109.94.175.210	attackbotsspam	B: Magento admin pass test (wrong country)	2020-01-10 15:10:50
182.253.60.98	attackspambots	1578632135 - 01/10/2020 05:55:35 Host: 182.253.60.98/182.253.60.98 Port: 445 TCP Blocked	2020-01-10 15:05:53
181.115.248.190	attackbotsspam	Jan 10 04:55:42 IngegnereFirenze sshd[19993]: Failed password for invalid user test from 181.115.248.190 port 5758 ssh2 ...	2020-01-10 14:59:47
103.42.216.202	attackbotsspam	Jan 10 05:54:25 exim[24310]: [1\45] 1ipmJT-0006K6-MP H=(103-42-216-202.fmgmyanmar.com) [103.42.216.202] F= rejected after DATA: This message scored 12.2 spam points.	2020-01-10 15:27:28
103.78.216.81	attackbots	Jan 10 05:55:33 grey postfix/smtpd\[32648\]: NOQUEUE: reject: RCPT from unknown\[103.78.216.81\]: 554 5.7.1 Service unavailable\; Client host \[103.78.216.81\] blocked using bl.spamcop.net\; Blocked - see https://www.spamcop.net/bl.shtml\?103.78.216.81\; from=\ to=\ proto=ESMTP helo=\<\[103.78.216.81\]\> ...	2020-01-10 15:07:07
112.78.160.176	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 10-01-2020 04:55:08.	2020-01-10 15:21:40
181.174.125.86	attack	Jan 10 04:55:37 unicornsoft sshd\[3097\]: Invalid user hdk from 181.174.125.86 Jan 10 04:55:37 unicornsoft sshd\[3097\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.174.125.86 Jan 10 04:55:38 unicornsoft sshd\[3097\]: Failed password for invalid user hdk from 181.174.125.86 port 40464 ssh2	2020-01-10 15:02:03
192.241.213.168	attackspambots	Jan 9 21:01:41 wbs sshd\[25502\]: Invalid user jb from 192.241.213.168 Jan 9 21:01:41 wbs sshd\[25502\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.241.213.168 Jan 9 21:01:43 wbs sshd\[25502\]: Failed password for invalid user jb from 192.241.213.168 port 37654 ssh2 Jan 9 21:04:43 wbs sshd\[25739\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.241.213.168 user=root Jan 9 21:04:45 wbs sshd\[25739\]: Failed password for root from 192.241.213.168 port 39712 ssh2	2020-01-10 15:25:57
193.112.54.36	attackspam	Jan 9 20:57:01 web9 sshd\[5083\]: Invalid user kunming from 193.112.54.36 Jan 9 20:57:01 web9 sshd\[5083\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.54.36 Jan 9 20:57:03 web9 sshd\[5083\]: Failed password for invalid user kunming from 193.112.54.36 port 54414 ssh2 Jan 9 20:59:38 web9 sshd\[5456\]: Invalid user 123@7x24 from 193.112.54.36 Jan 9 20:59:38 web9 sshd\[5456\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.54.36	2020-01-10 15:34:35
139.99.40.27	attack	Jan 9 20:39:08 web9 sshd\[2265\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.40.27 user=root Jan 9 20:39:10 web9 sshd\[2265\]: Failed password for root from 139.99.40.27 port 46998 ssh2 Jan 9 20:42:02 web9 sshd\[2670\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.40.27 user=root Jan 9 20:42:04 web9 sshd\[2670\]: Failed password for root from 139.99.40.27 port 44352 ssh2 Jan 9 20:45:01 web9 sshd\[3106\]: Invalid user ts3 from 139.99.40.27 Jan 9 20:45:01 web9 sshd\[3106\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.40.27	2020-01-10 15:03:09
222.186.42.4	attackbotsspam	2020-01-10T06:59:48.534546shield sshd\[22141\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.4 user=root 2020-01-10T06:59:50.317701shield sshd\[22141\]: Failed password for root from 222.186.42.4 port 47526 ssh2 2020-01-10T06:59:53.418424shield sshd\[22141\]: Failed password for root from 222.186.42.4 port 47526 ssh2 2020-01-10T06:59:56.927769shield sshd\[22141\]: Failed password for root from 222.186.42.4 port 47526 ssh2 2020-01-10T06:59:59.987158shield sshd\[22141\]: Failed password for root from 222.186.42.4 port 47526 ssh2	2020-01-10 15:14:07
46.101.88.53	attackbotsspam	Jan 9 20:55:32 eddieflores sshd\[9764\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.88.53 user=root Jan 9 20:55:34 eddieflores sshd\[9764\]: Failed password for root from 46.101.88.53 port 55004 ssh2 Jan 9 21:00:03 eddieflores sshd\[10218\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.88.53 user=root Jan 9 21:00:05 eddieflores sshd\[10218\]: Failed password for root from 46.101.88.53 port 53278 ssh2 Jan 9 21:04:30 eddieflores sshd\[10595\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.88.53 user=root	2020-01-10 15:19:09
89.186.112.136	attack	Automatic report - Port Scan Attack	2020-01-10 15:04:27
46.38.144.146	attackspambots	Jan 10 06:45:46 blackbee postfix/smtpd\[19801\]: warning: unknown\[46.38.144.146\]: SASL LOGIN authentication failed: authentication failure Jan 10 06:46:10 blackbee postfix/smtpd\[19803\]: warning: unknown\[46.38.144.146\]: SASL LOGIN authentication failed: authentication failure Jan 10 06:47:03 blackbee postfix/smtpd\[19804\]: warning: unknown\[46.38.144.146\]: SASL LOGIN authentication failed: authentication failure Jan 10 06:47:24 blackbee postfix/smtpd\[19803\]: warning: unknown\[46.38.144.146\]: SASL LOGIN authentication failed: authentication failure Jan 10 06:48:21 blackbee postfix/smtpd\[19804\]: warning: unknown\[46.38.144.146\]: SASL LOGIN authentication failed: authentication failure ...	2020-01-10 15:00:14
222.186.180.17	attackbotsspam	2020-01-10T02:10:51.739854xentho-1 sshd[456466]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.17 user=root 2020-01-10T02:10:53.545816xentho-1 sshd[456466]: Failed password for root from 222.186.180.17 port 30040 ssh2 2020-01-10T02:10:58.302908xentho-1 sshd[456466]: Failed password for root from 222.186.180.17 port 30040 ssh2 2020-01-10T02:10:51.739854xentho-1 sshd[456466]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.17 user=root 2020-01-10T02:10:53.545816xentho-1 sshd[456466]: Failed password for root from 222.186.180.17 port 30040 ssh2 2020-01-10T02:10:58.302908xentho-1 sshd[456466]: Failed password for root from 222.186.180.17 port 30040 ssh2 2020-01-10T02:10:51.739854xentho-1 sshd[456466]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.17 user=root 2020-01-10T02:10:53.545816xentho-1 sshd[456466]: Failed password for ro ...	2020-01-10 15:13:03

Recently Reported IPs

66.152.179.119	13.77.204.243	157.245.48.44	43.226.26.147
212.129.13.7	182.56.231.6	201.122.212.15	49.230.85.179
216.205.24.123	182.23.79.146	167.60.120.84	107.179.18.6
177.63.242.113	51.210.70.97	37.57.227.141	14.162.50.44
216.127.172.126	40.117.97.218	37.187.162.114	95.92.244.157