104.248.49.155

Basic Info

City: North Bergen

Region: New Jersey

Country: United States

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	'Fail2Ban'	2020-05-09 07:09:53

Comments on same subnet:

IP	Type	Details	Datetime
104.248.49.171	attackspambots	SSH Brute Force	2020-04-29 13:27:14
104.248.49.55	attackbotsspam	Invalid user ftpuser1 from 104.248.49.55 port 33502	2020-04-21 15:46:13
104.248.49.55	attackbots	$f2bV_matches	2020-04-14 18:03:05
104.248.49.55	attackspambots	Apr 11 15:05:59 legacy sshd[16269]: Failed password for root from 104.248.49.55 port 49220 ssh2 Apr 11 15:09:57 legacy sshd[16388]: Failed password for root from 104.248.49.55 port 59046 ssh2 Apr 11 15:13:58 legacy sshd[16603]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.49.55 ...	2020-04-11 22:34:09
104.248.49.171	attackspambots	SSH Brute Force	2019-11-01 12:01:28
104.248.49.171	attackbotsspam	Sep 1 05:40:21 meumeu sshd[12185]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.49.171 Sep 1 05:40:24 meumeu sshd[12185]: Failed password for invalid user darian from 104.248.49.171 port 53712 ssh2 Sep 1 05:44:20 meumeu sshd[12609]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.49.171 ...	2019-09-01 11:55:27
104.248.49.171	attack	Invalid user bank from 104.248.49.171 port 37986	2019-08-28 16:55:03
104.248.49.171	attackspam	Aug 26 02:39:25 lcprod sshd\[20704\]: Invalid user user from 104.248.49.171 Aug 26 02:39:25 lcprod sshd\[20704\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.49.171 Aug 26 02:39:26 lcprod sshd\[20704\]: Failed password for invalid user user from 104.248.49.171 port 41734 ssh2 Aug 26 02:43:28 lcprod sshd\[21029\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.49.171 user=man Aug 26 02:43:30 lcprod sshd\[21029\]: Failed password for man from 104.248.49.171 port 49748 ssh2	2019-08-26 20:50:20
104.248.49.171	attack	Aug 22 12:46:34 yabzik sshd[9861]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.49.171 Aug 22 12:46:36 yabzik sshd[9861]: Failed password for invalid user amstest from 104.248.49.171 port 45852 ssh2 Aug 22 12:50:35 yabzik sshd[11312]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.49.171	2019-08-22 18:02:43
104.248.49.171	attack	$f2bV_matches	2019-08-22 08:55:00
104.248.49.171	attackspambots	Aug 21 01:51:28 srv-4 sshd\[7509\]: Invalid user test from 104.248.49.171 Aug 21 01:51:28 srv-4 sshd\[7509\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.49.171 Aug 21 01:51:29 srv-4 sshd\[7509\]: Failed password for invalid user test from 104.248.49.171 port 37412 ssh2 ...	2019-08-21 07:52:23
104.248.49.171	attackbotsspam	Invalid user gemma from 104.248.49.171 port 57412	2019-08-18 13:00:27
104.248.49.171	attack	Invalid user yd from 104.248.49.171 port 44470	2019-08-16 12:09:51
104.248.49.171	attack	Invalid user yd from 104.248.49.171 port 44470	2019-08-15 17:17:42
104.248.49.171	attackspam	kp-sea2-01 recorded 2 login violations from 104.248.49.171 and was blocked at 2019-08-04 02:05:03. 104.248.49.171 has been blocked on 0 previous occasions. 104.248.49.171's first attempt was recorded at 2019-08-04 02:05:03	2019-08-04 18:23:57

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.248.49.155
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 8743
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.248.49.155.			IN	A

;; AUTHORITY SECTION:
.			130	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020050801 1800 900 604800 86400

;; Query time: 112 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat May 09 07:09:50 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 155.49.248.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 155.49.248.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
71.6.233.59	attackbotsspam	Hit honeypot r.	2020-09-11 19:26:55
54.39.215.32	attackspam	UDP ports : 17 / 389 / 5093 / 5353	2020-09-11 19:23:25
45.76.247.98	attackbotsspam	fail2ban - Attack against Apache (too many 404s)	2020-09-11 19:48:16
106.13.183.216	attack	...	2020-09-11 19:25:55
162.243.22.191	attack	2020-09-10T23:45:30.792493randservbullet-proofcloud-66.localdomain sshd[8760]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=srv02.ny.sv3.us user=root 2020-09-10T23:45:33.416974randservbullet-proofcloud-66.localdomain sshd[8760]: Failed password for root from 162.243.22.191 port 48432 ssh2 2020-09-11T00:04:13.814343randservbullet-proofcloud-66.localdomain sshd[8843]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=srv02.ny.sv3.us user=root 2020-09-11T00:04:16.272092randservbullet-proofcloud-66.localdomain sshd[8843]: Failed password for root from 162.243.22.191 port 34893 ssh2 ...	2020-09-11 19:40:59
218.92.0.165	attackspambots	Sep 11 11:23:13 localhost sshd[26731]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.165 user=root Sep 11 11:23:15 localhost sshd[26731]: Failed password for root from 218.92.0.165 port 16981 ssh2 Sep 11 11:23:18 localhost sshd[26731]: Failed password for root from 218.92.0.165 port 16981 ssh2 Sep 11 11:23:13 localhost sshd[26731]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.165 user=root Sep 11 11:23:15 localhost sshd[26731]: Failed password for root from 218.92.0.165 port 16981 ssh2 Sep 11 11:23:18 localhost sshd[26731]: Failed password for root from 218.92.0.165 port 16981 ssh2 Sep 11 11:23:13 localhost sshd[26731]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.165 user=root Sep 11 11:23:15 localhost sshd[26731]: Failed password for root from 218.92.0.165 port 16981 ssh2 Sep 11 11:23:18 localhost sshd[26731]: Failed password fo ...	2020-09-11 19:25:36
167.248.133.30	attack	81/tcp 8090/tcp 1521/tcp... [2020-09-01/11]63pkt,38pt.(tcp),4pt.(udp)	2020-09-11 19:25:12
185.78.69.45	attackspam	firewall-block, port(s): 1433/tcp	2020-09-11 19:39:11
192.241.227.136	attackspam	Port scan: Attack repeated for 24 hours	2020-09-11 19:38:38
112.47.57.81	attackbots	Sep 10 02:55:21 web01.agentur-b-2.de postfix/smtpd[91669]: lost connection after CONNECT from unknown[112.47.57.81] Sep 10 02:55:29 web01.agentur-b-2.de postfix/smtpd[92327]: warning: unknown[112.47.57.81]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 10 02:55:39 web01.agentur-b-2.de postfix/smtpd[91669]: warning: unknown[112.47.57.81]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 10 02:55:52 web01.agentur-b-2.de postfix/smtpd[92327]: warning: unknown[112.47.57.81]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 10 03:04:52 web01.agentur-b-2.de postfix/smtpd[95211]: lost connection after CONNECT from unknown[112.47.57.81]	2020-09-11 19:47:42
116.75.242.76	attack	firewall-block, port(s): 2323/tcp	2020-09-11 19:45:01
139.59.10.42	attack	ssh brute force	2020-09-11 20:03:30
94.102.56.238	attack	TCP ports : 3389 / 5900	2020-09-11 19:51:37
159.89.49.139	attack	Sep 11 13:17:19 vps sshd[4906]: Failed password for root from 159.89.49.139 port 55720 ssh2 Sep 11 13:25:33 vps sshd[5279]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.49.139 Sep 11 13:25:35 vps sshd[5279]: Failed password for invalid user 1andrewscudder from 159.89.49.139 port 55654 ssh2 ...	2020-09-11 20:00:11
162.241.222.41	attackbots	Sep 11 13:38:13 router sshd[26769]: Failed password for root from 162.241.222.41 port 54728 ssh2 Sep 11 13:42:13 router sshd[26799]: Failed password for root from 162.241.222.41 port 39806 ssh2 ...	2020-09-11 19:51:09

Recently Reported IPs

200.247.107.37	47.226.145.88	128.230.140.67	175.0.34.138
80.119.168.156	111.7.100.17	92.128.147.198	42.183.100.200
61.89.164.43	187.189.91.180	163.151.20.32	158.255.139.155
112.255.207.20	63.172.83.105	122.101.151.122	189.127.91.202
165.201.64.138	106.199.252.174	183.246.80.249	92.238.135.160