104.248.5.69 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Jul 27 15:28:29 124388 sshd[21579]: Invalid user daniel from 104.248.5.69 port 43874 Jul 27 15:28:29 124388 sshd[21579]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.5.69 Jul 27 15:28:29 124388 sshd[21579]: Invalid user daniel from 104.248.5.69 port 43874 Jul 27 15:28:32 124388 sshd[21579]: Failed password for invalid user daniel from 104.248.5.69 port 43874 ssh2 Jul 27 15:32:19 124388 sshd[21924]: Invalid user tkissftp from 104.248.5.69 port 55236	2020-07-27 23:44:00
attackspambots	Jul 19 23:37:23 IngegnereFirenze sshd[18834]: Failed password for invalid user tag from 104.248.5.69 port 51164 ssh2 ...	2020-07-20 07:44:10
attackbots	Banned for a week because repeated abuses, for example SSH, but not only	2020-07-17 22:58:02
attack	Jul 15 04:39:18 mout sshd[16613]: Invalid user oscar from 104.248.5.69 port 40294	2020-07-15 11:26:41
attack	Jul 7 15:24:30 vps687878 sshd\[29782\]: Failed password for invalid user hugo from 104.248.5.69 port 57088 ssh2 Jul 7 15:27:30 vps687878 sshd\[30091\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.5.69 user=root Jul 7 15:27:32 vps687878 sshd\[30091\]: Failed password for root from 104.248.5.69 port 54122 ssh2 Jul 7 15:30:38 vps687878 sshd\[30263\]: Invalid user kmk from 104.248.5.69 port 51154 Jul 7 15:30:38 vps687878 sshd\[30263\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.5.69 ...	2020-07-07 23:22:13
attackbotsspam	2020-07-06T16:56:18.817833vps751288.ovh.net sshd\[13656\]: Invalid user tiago from 104.248.5.69 port 38224 2020-07-06T16:56:18.826431vps751288.ovh.net sshd\[13656\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.5.69 2020-07-06T16:56:20.828689vps751288.ovh.net sshd\[13656\]: Failed password for invalid user tiago from 104.248.5.69 port 38224 ssh2 2020-07-06T16:57:18.630905vps751288.ovh.net sshd\[13662\]: Invalid user student1 from 104.248.5.69 port 50900 2020-07-06T16:57:18.639766vps751288.ovh.net sshd\[13662\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.5.69	2020-07-07 02:24:29
attack	Jun 30 18:47:24 NPSTNNYC01T sshd[27378]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.5.69 Jun 30 18:47:25 NPSTNNYC01T sshd[27378]: Failed password for invalid user pablo from 104.248.5.69 port 58994 ssh2 Jun 30 18:50:28 NPSTNNYC01T sshd[27596]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.5.69 ...	2020-07-02 04:14:42
attackbots	Jun 15 13:32:44 vmi404159 sshd[15340]: Failed password for root from 104.248.5.69 port 41278 ssh2 Jun 15 13:42:00 vmi404159 sshd[15377]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.5.69 ...	2020-06-16 08:32:03
attack	$f2bV_matches	2020-06-07 06:28:24
attackbotsspam	May 26 17:56:22 ajax sshd[13632]: Failed password for root from 104.248.5.69 port 48108 ssh2	2020-05-27 01:28:58
attack	May 26 02:47:04 srv-ubuntu-dev3 sshd[46093]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.5.69 user=root May 26 02:47:06 srv-ubuntu-dev3 sshd[46093]: Failed password for root from 104.248.5.69 port 45838 ssh2 May 26 02:50:17 srv-ubuntu-dev3 sshd[46592]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.5.69 user=root May 26 02:50:19 srv-ubuntu-dev3 sshd[46592]: Failed password for root from 104.248.5.69 port 50042 ssh2 May 26 02:53:36 srv-ubuntu-dev3 sshd[47092]: Invalid user bacciaglia from 104.248.5.69 May 26 02:53:36 srv-ubuntu-dev3 sshd[47092]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.5.69 May 26 02:53:36 srv-ubuntu-dev3 sshd[47092]: Invalid user bacciaglia from 104.248.5.69 May 26 02:53:39 srv-ubuntu-dev3 sshd[47092]: Failed password for invalid user bacciaglia from 104.248.5.69 port 54262 ssh2 May 26 02:56:53 srv-ubuntu-dev3 ssh ...	2020-05-26 13:10:21
attackspam	May 15 18:35:35 prox sshd[15057]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.5.69 May 15 18:35:37 prox sshd[15057]: Failed password for invalid user vnc from 104.248.5.69 port 51094 ssh2	2020-05-16 02:44:15
attackspambots	Invalid user bohemio from 104.248.5.69 port 57776	2020-05-14 06:21:09
attack	May 11 02:16:43 NPSTNNYC01T sshd[16928]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.5.69 May 11 02:16:44 NPSTNNYC01T sshd[16928]: Failed password for invalid user postgres from 104.248.5.69 port 57672 ssh2 May 11 02:20:39 NPSTNNYC01T sshd[17414]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.5.69 ...	2020-05-11 14:43:12
attackbotsspam	scans once in preceeding hours on the ports (in chronological order) 12751 resulting in total of 13 scans from 104.248.0.0/16 block.	2020-04-25 23:48:51

Comments on same subnet:

IP	Type	Details	Datetime
104.248.57.44	attack	123	2023-03-21 07:11:39
104.248.52.139	attackspam	" "	2020-10-06 07:58:35
104.248.52.139	attackspambots	TCP (SYN) 104.248.52.139:52595 -> port 22, len 40	2020-10-06 00:19:49
104.248.52.139	attackbots	TCP (SYN) 104.248.52.139:54796 -> port 22, len 44	2020-10-05 16:19:36
104.248.57.44	attack	$f2bV_matches	2020-10-04 03:25:15
104.248.57.44	attackbotsspam	(sshd) Failed SSH login from 104.248.57.44 (US/United States/-): 5 in the last 3600 secs	2020-10-03 19:19:48
104.248.57.44	attack	Sep 26 17:17:10 ns392434 sshd[31440]: Invalid user teacher from 104.248.57.44 port 45812 Sep 26 17:17:10 ns392434 sshd[31440]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.57.44 Sep 26 17:17:10 ns392434 sshd[31440]: Invalid user teacher from 104.248.57.44 port 45812 Sep 26 17:17:12 ns392434 sshd[31440]: Failed password for invalid user teacher from 104.248.57.44 port 45812 ssh2 Sep 26 17:24:42 ns392434 sshd[31569]: Invalid user cloud from 104.248.57.44 port 58364 Sep 26 17:24:42 ns392434 sshd[31569]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.57.44 Sep 26 17:24:42 ns392434 sshd[31569]: Invalid user cloud from 104.248.57.44 port 58364 Sep 26 17:24:44 ns392434 sshd[31569]: Failed password for invalid user cloud from 104.248.57.44 port 58364 ssh2 Sep 26 17:27:22 ns392434 sshd[31652]: Invalid user test1 from 104.248.57.44 port 45422	2020-09-27 01:36:49
104.248.57.44	attackspambots	k+ssh-bruteforce	2020-09-26 17:29:46
104.248.57.44	attack	SSH invalid-user multiple login try	2020-09-16 01:59:00
104.248.57.44	attackbots	$f2bV_matches	2020-09-15 17:52:21
104.248.57.44	attackspam	Invalid user elias from 104.248.57.44 port 44796	2020-09-14 21:16:02
104.248.57.44	attackspam	Invalid user elias from 104.248.57.44 port 44796	2020-09-14 13:09:14
104.248.57.44	attackbotsspam	B: Abusive ssh attack	2020-09-14 05:10:11
104.248.57.44	attackspam	Sep 9 08:48:05 root sshd[24202]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.57.44 Sep 9 08:48:07 root sshd[24202]: Failed password for invalid user confluence1 from 104.248.57.44 port 57582 ssh2 ...	2020-09-09 22:17:48
104.248.57.44	attack	Sep 9 08:48:05 root sshd[24202]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.57.44 Sep 9 08:48:07 root sshd[24202]: Failed password for invalid user confluence1 from 104.248.57.44 port 57582 ssh2 ...	2020-09-09 16:02:50

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.248.5.69
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 13342
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.248.5.69.			IN	A

;; AUTHORITY SECTION:
.			169	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020042500 1800 900 604800 86400

;; Query time: 92 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Apr 25 23:48:46 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 69.5.248.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 69.5.248.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
159.203.119.225	attackspambots	xmlrpc attack	2020-09-06 18:57:51
182.105.98.2	attackbots	[portscan] Port scan	2020-09-06 18:55:59
120.131.13.186	attackspam	Invalid user david from 120.131.13.186 port 60842	2020-09-06 18:56:58
84.17.48.6	attackspam	fell into ViewStateTrap:Dodoma	2020-09-06 18:33:31
138.204.27.200	attackspambots	Lines containing failures of 138.204.27.200 Sep 4 08:37:47 penfold sshd[21276]: Invalid user returnbikegate from 138.204.27.200 port 43170 Sep 4 08:37:47 penfold sshd[21276]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.204.27.200 Sep 4 08:37:49 penfold sshd[21276]: Failed password for invalid user returnbikegate from 138.204.27.200 port 43170 ssh2 Sep 4 08:37:52 penfold sshd[21276]: Received disconnect from 138.204.27.200 port 43170:11: Bye Bye [preauth] Sep 4 08:37:52 penfold sshd[21276]: Disconnected from invalid user returnbikegate 138.204.27.200 port 43170 [preauth] Sep 4 09:02:52 penfold sshd[23630]: Invalid user app from 138.204.27.200 port 48805 Sep 4 09:02:52 penfold sshd[23630]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.204.27.200 Sep 4 09:02:54 penfold sshd[23630]: Failed password for invalid user app from 138.204.27.200 port 48805 ssh2 Sep 4 09:02:55 pe........ ------------------------------	2020-09-06 18:26:06
153.193.197.215	attackspambots	...	2020-09-06 18:53:54
93.95.240.245	attackspam	$f2bV_matches	2020-09-06 18:40:03
106.12.84.33	attackspambots	$f2bV_matches	2020-09-06 18:26:32
179.104.47.200	attack	Icarus honeypot on github	2020-09-06 18:27:29
116.72.92.148	attack	TCP Port Scanning	2020-09-06 18:51:42
194.26.27.14	attackspambots	430 packets to ports 3346 3385 3386 3407 3408 3413 3470 3478 3489 3495 3501 3522 3524 3532 3533 3575 3584 3593 3603 3607 3611 3612 3636 3650 3655 3665 3672 3703 3706 3725 3754 3767 3777 3781 3798 3800 3803 3808 3817 3818 3837 3839 3847 3849 3873 3893 3900 3916, etc.	2020-09-06 18:31:24
195.158.28.62	attackbotsspam	20 attempts against mh-ssh on cloud	2020-09-06 18:35:46
5.188.84.95	attackspambots	Sent deactivated form without recaptcha response	2020-09-06 18:39:11
112.85.42.181	attackspam	Sep 6 12:30:06 vps639187 sshd\[8013\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.181 user=root Sep 6 12:30:08 vps639187 sshd\[8013\]: Failed password for root from 112.85.42.181 port 21414 ssh2 Sep 6 12:30:12 vps639187 sshd\[8013\]: Failed password for root from 112.85.42.181 port 21414 ssh2 ...	2020-09-06 18:41:33
106.12.33.78	attackbotsspam	Sep 6 08:02:22 sshgateway sshd\[26107\]: Invalid user admin from 106.12.33.78 Sep 6 08:02:22 sshgateway sshd\[26107\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.33.78 Sep 6 08:02:24 sshgateway sshd\[26107\]: Failed password for invalid user admin from 106.12.33.78 port 60808 ssh2 Sep 6 08:06:25 sshgateway sshd\[27582\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.33.78 user=root Sep 6 08:06:26 sshgateway sshd\[27582\]: Failed password for root from 106.12.33.78 port 34816 ssh2 Sep 6 08:12:32 sshgateway sshd\[29820\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.33.78 user=root Sep 6 08:12:34 sshgateway sshd\[29820\]: Failed password for root from 106.12.33.78 port 39268 ssh2 Sep 6 08:21:32 sshgateway sshd\[841\]: Invalid user dorian from 106.12.33.78 Sep 6 08:21:32 sshgateway sshd\[841\]: pam_unix$sshd:auth$: authentication failure\; lo	2020-09-06 18:47:48

Recently Reported IPs

94.155.83.146	227.214.93.122	200.1.215.243	151.103.87.50
175.201.58.23	229.93.59.235	1.121.217.185	68.183.138.140
221.179.104.45	42.210.190.153	33.152.123.242	167.162.24.237
63.127.204.182	179.18.190.205	34.203.27.15	117.18.32.239
195.186.174.42	65.237.54.156	28.239.107.85	64.227.120.58