104.248.39.213

Basic Info

City: Frankfurt am Main

Region: Hesse

Country: Germany

Internet Service Provider: unknown

Hostname: unknown

Organization: DigitalOcean, LLC

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	104.248.39.213 - - [14/Apr/2019:21:20:52 +0800] "POST /GponForm/diag_Form?images/ HTTP/1.1" 400 182 "-" "Hello, World"	2019-04-14 21:21:51

Comments on same subnet:

IP	Type	Details	Datetime
104.248.39.14	attackspam	Lines containing failures of 104.248.39.14 Mar 9 23:05:46 shared10 sshd[10973]: Invalid user cpaneleximscanner from 104.248.39.14 port 60770 Mar 9 23:05:46 shared10 sshd[10973]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.39.14 Mar 9 23:05:48 shared10 sshd[10973]: Failed password for invalid user cpaneleximscanner from 104.248.39.14 port 60770 ssh2 Mar 9 23:05:48 shared10 sshd[10973]: Received disconnect from 104.248.39.14 port 60770:11: Bye Bye [preauth] Mar 9 23:05:48 shared10 sshd[10973]: Disconnected from invalid user cpaneleximscanner 104.248.39.14 port 60770 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=104.248.39.14	2020-03-10 07:29:19
104.248.39.234	attack	Jul 1 07:22:49 our-server-hostname postfix/smtpd[3562]: connect from unknown[104.248.39.234] Jul 1 07:22:50 our-server-hostname postfix/smtpd[3562]: NOQUEUE: reject: RCPT from unknown[104.248.39.234]: 504 5.5.2 : Helo command rejected: need fully-qualified hostname; from=x@x helo= Jul 1 07:22:51 our-server-hostname postfix/smtpd[3562]: lost connection after RCPT from unknown[104.248.39.234] Jul 1 07:22:51 our-server-hostname postfix/smtpd[3562]: disconnect from unknown[104.248.39.234] Jul 1 07:30:46 our-server-hostname postfix/smtpd[8511]: connect from unknown[104.248.39.234] Jul 1 07:30:47 our-server-hostname postfix/smtpd[8511]: NOQUEUE: reject: RCPT from unknown[104.248.39.234]: 504 5.5.2 : Helo command rejected: need fully-qualified hostname; from=x@x proto=ES .... truncated .... ect from unknown[104.248.39.234] Jul 1 08:22:35 our-server-hostname postfix/smtpd[30038]: connect from unknown[104.248.39.234] Jul 1 08:22:36 our-server-hostname p........ -------------------------------	2019-07-08 08:40:29

Type

Details

Datetime

104.248.39.14

attackspam

Lines containing failures of 104.248.39.14
Mar  9 23:05:46 shared10 sshd[10973]: Invalid user cpaneleximscanner from 104.248.39.14 port 60770
Mar  9 23:05:46 shared10 sshd[10973]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.39.14
Mar  9 23:05:48 shared10 sshd[10973]: Failed password for invalid user cpaneleximscanner from 104.248.39.14 port 60770 ssh2
Mar  9 23:05:48 shared10 sshd[10973]: Received disconnect from 104.248.39.14 port 60770:11: Bye Bye [preauth]
Mar  9 23:05:48 shared10 sshd[10973]: Disconnected from invalid user cpaneleximscanner 104.248.39.14 port 60770 [preauth]


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=104.248.39.14

2020-03-10 07:29:19

104.248.39.234

attack

Jul  1 07:22:49 our-server-hostname postfix/smtpd[3562]: connect from unknown[104.248.39.234]
Jul  1 07:22:50 our-server-hostname postfix/smtpd[3562]: NOQUEUE: reject: RCPT from unknown[104.248.39.234]: 504 5.5.2 : Helo command rejected: need fully-qualified hostname; from=x@x helo=
Jul  1 07:22:51 our-server-hostname postfix/smtpd[3562]: lost connection after RCPT from unknown[104.248.39.234]
Jul  1 07:22:51 our-server-hostname postfix/smtpd[3562]: disconnect from unknown[104.248.39.234]
Jul  1 07:30:46 our-server-hostname postfix/smtpd[8511]: connect from unknown[104.248.39.234]
Jul  1 07:30:47 our-server-hostname postfix/smtpd[8511]: NOQUEUE: reject: RCPT from unknown[104.248.39.234]: 504 5.5.2 : Helo command rejected: need fully-qualified hostname; from=x@x proto=ES
.... truncated .... 
ect from unknown[104.248.39.234]
Jul  1 08:22:35 our-server-hostname postfix/smtpd[30038]: connect from unknown[104.248.39.234]
Jul  1 08:22:36 our-server-hostname p........
-------------------------------

2019-07-08 08:40:29

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.248.39.213
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 41013
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.248.39.213.			IN	A

;; AUTHORITY SECTION:
.			2651	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019041300 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sun Apr 14 02:27:32 +08 2019
;; MSG SIZE  rcvd: 118

Host info

Host 213.39.248.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 213.39.248.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
49.234.18.158	attackbotsspam	May 6 06:45:42 ift sshd\[12620\]: Failed password for invalid user admin from 49.234.18.158 port 60858 ssh2May 6 06:49:56 ift sshd\[13077\]: Invalid user rb from 49.234.18.158May 6 06:49:58 ift sshd\[13077\]: Failed password for invalid user rb from 49.234.18.158 port 32858 ssh2May 6 06:54:04 ift sshd\[13837\]: Invalid user marie from 49.234.18.158May 6 06:54:07 ift sshd\[13837\]: Failed password for invalid user marie from 49.234.18.158 port 33082 ssh2 ...	2020-05-06 14:46:02
119.28.194.81	attackspam	May 6 08:01:26 pve1 sshd[17246]: Failed password for root from 119.28.194.81 port 42546 ssh2 ...	2020-05-06 14:39:53
120.70.100.88	attack	2020-05-06T00:39:25.1213791495-001 sshd[8419]: Failed password for invalid user tomcat from 120.70.100.88 port 52633 ssh2 2020-05-06T00:42:28.4729961495-001 sshd[8538]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.70.100.88 user=root 2020-05-06T00:42:30.8966071495-001 sshd[8538]: Failed password for root from 120.70.100.88 port 39466 ssh2 2020-05-06T00:45:35.4475301495-001 sshd[8641]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.70.100.88 user=root 2020-05-06T00:45:37.8758331495-001 sshd[8641]: Failed password for root from 120.70.100.88 port 54517 ssh2 2020-05-06T00:48:54.8520271495-001 sshd[8722]: Invalid user devor from 120.70.100.88 port 41329 ...	2020-05-06 14:35:25
45.153.240.94	attackspam	May 6 10:53:48 webhost01 sshd[3057]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.153.240.94 May 6 10:53:50 webhost01 sshd[3057]: Failed password for invalid user cmsadmin from 45.153.240.94 port 57214 ssh2 ...	2020-05-06 14:56:43
77.52.207.139	attackspambots	May 6 05:53:48 nextcloud sshd\[12180\]: Invalid user masteroff from 77.52.207.139 May 6 05:53:48 nextcloud sshd\[12180\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=77.52.207.139 May 6 05:53:50 nextcloud sshd\[12180\]: Failed password for invalid user masteroff from 77.52.207.139 port 40713 ssh2	2020-05-06 14:55:51
106.12.120.207	attackspam	5x Failed Password	2020-05-06 14:40:33
193.112.141.32	attackbotsspam	May 6 05:52:32 ns381471 sshd[15374]: Failed password for root from 193.112.141.32 port 44520 ssh2	2020-05-06 14:28:51
106.13.164.136	attackbotsspam	May 6 08:59:38 lukav-desktop sshd\[28634\]: Invalid user larry from 106.13.164.136 May 6 08:59:38 lukav-desktop sshd\[28634\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.164.136 May 6 08:59:39 lukav-desktop sshd\[28634\]: Failed password for invalid user larry from 106.13.164.136 port 40414 ssh2 May 6 09:03:07 lukav-desktop sshd\[31850\]: Invalid user yasmina from 106.13.164.136 May 6 09:03:07 lukav-desktop sshd\[31850\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.164.136	2020-05-06 14:56:58
118.89.229.84	attackspam	May 6 11:26:43 webhost01 sshd[3758]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.89.229.84 May 6 11:26:45 webhost01 sshd[3758]: Failed password for invalid user zzq from 118.89.229.84 port 54824 ssh2 ...	2020-05-06 14:38:45
218.70.27.122	attack	May 6 09:34:59 gw1 sshd[16670]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.70.27.122 May 6 09:35:01 gw1 sshd[16670]: Failed password for invalid user adrian from 218.70.27.122 port 54682 ssh2 ...	2020-05-06 14:46:20
106.12.179.81	attackbotsspam	May 6 02:24:03 mail sshd\[29082\]: Invalid user cluster from 106.12.179.81 May 6 02:24:03 mail sshd\[29082\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.179.81 ...	2020-05-06 14:57:12
185.176.27.98	attack	05/06/2020-02:05:30.582606 185.176.27.98 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-05-06 14:47:12
34.92.46.76	attack	$f2bV_matches	2020-05-06 14:55:22
194.26.29.12	attackspam	May 6 08:51:25 debian-2gb-nbg1-2 kernel: \[11006776.826471\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=194.26.29.12 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=41012 PROTO=TCP SPT=58036 DPT=4334 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-06 14:51:31
106.13.65.207	attack	May 6 05:59:09 DAAP sshd[15549]: Invalid user hui from 106.13.65.207 port 55712 May 6 05:59:09 DAAP sshd[15549]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.65.207 May 6 05:59:09 DAAP sshd[15549]: Invalid user hui from 106.13.65.207 port 55712 May 6 05:59:10 DAAP sshd[15549]: Failed password for invalid user hui from 106.13.65.207 port 55712 ssh2 May 6 06:03:34 DAAP sshd[15683]: Invalid user git from 106.13.65.207 port 52020 ...	2020-05-06 14:48:34

Recently Reported IPs

92.241.87.43	218.15.205.69	49.213.3.154	177.85.142.200
115.236.100.114	211.181.237.74	125.227.90.19	36.91.166.170
81.168.15.116	94.191.68.224	37.6.222.206	121.61.157.107
196.240.255.4	61.173.121.238	183.14.215.107	203.133.169.52
131.72.68.221	96.11.92.220	87.223.177.180	183.99.237.148