104.248.5.91 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: None

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.248.57.44	attack	123	2023-03-21 07:11:39
104.248.52.139	attackspam	" "	2020-10-06 07:58:35
104.248.52.139	attackspambots	TCP (SYN) 104.248.52.139:52595 -> port 22, len 40	2020-10-06 00:19:49
104.248.52.139	attackbots	TCP (SYN) 104.248.52.139:54796 -> port 22, len 44	2020-10-05 16:19:36
104.248.57.44	attack	$f2bV_matches	2020-10-04 03:25:15
104.248.57.44	attackbotsspam	(sshd) Failed SSH login from 104.248.57.44 (US/United States/-): 5 in the last 3600 secs	2020-10-03 19:19:48
104.248.57.44	attack	Sep 26 17:17:10 ns392434 sshd[31440]: Invalid user teacher from 104.248.57.44 port 45812 Sep 26 17:17:10 ns392434 sshd[31440]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.57.44 Sep 26 17:17:10 ns392434 sshd[31440]: Invalid user teacher from 104.248.57.44 port 45812 Sep 26 17:17:12 ns392434 sshd[31440]: Failed password for invalid user teacher from 104.248.57.44 port 45812 ssh2 Sep 26 17:24:42 ns392434 sshd[31569]: Invalid user cloud from 104.248.57.44 port 58364 Sep 26 17:24:42 ns392434 sshd[31569]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.57.44 Sep 26 17:24:42 ns392434 sshd[31569]: Invalid user cloud from 104.248.57.44 port 58364 Sep 26 17:24:44 ns392434 sshd[31569]: Failed password for invalid user cloud from 104.248.57.44 port 58364 ssh2 Sep 26 17:27:22 ns392434 sshd[31652]: Invalid user test1 from 104.248.57.44 port 45422	2020-09-27 01:36:49
104.248.57.44	attackspambots	k+ssh-bruteforce	2020-09-26 17:29:46
104.248.57.44	attack	SSH invalid-user multiple login try	2020-09-16 01:59:00
104.248.57.44	attackbots	$f2bV_matches	2020-09-15 17:52:21
104.248.57.44	attackspam	Invalid user elias from 104.248.57.44 port 44796	2020-09-14 21:16:02
104.248.57.44	attackspam	Invalid user elias from 104.248.57.44 port 44796	2020-09-14 13:09:14
104.248.57.44	attackbotsspam	B: Abusive ssh attack	2020-09-14 05:10:11
104.248.57.44	attackspam	Sep 9 08:48:05 root sshd[24202]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.57.44 Sep 9 08:48:07 root sshd[24202]: Failed password for invalid user confluence1 from 104.248.57.44 port 57582 ssh2 ...	2020-09-09 22:17:48
104.248.57.44	attack	Sep 9 08:48:05 root sshd[24202]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.57.44 Sep 9 08:48:07 root sshd[24202]: Failed password for invalid user confluence1 from 104.248.57.44 port 57582 ssh2 ...	2020-09-09 16:02:50

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.248.5.91
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52239
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.248.5.91.			IN	A

;; AUTHORITY SECTION:
.			406	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022001 1800 900 604800 86400

;; Query time: 55 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 21 05:28:26 CST 2022
;; MSG SIZE  rcvd: 105

Host info

Host 91.5.248.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 91.5.248.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
138.68.212.180	attack	Honeypot hit.	2019-08-30 15:08:00
5.135.157.135	attackbotsspam	Aug 30 08:50:40 rpi sshd[30380]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.135.157.135 Aug 30 08:50:41 rpi sshd[30380]: Failed password for invalid user apidoc from 5.135.157.135 port 60940 ssh2	2019-08-30 15:27:31
61.250.138.125	attackbotsspam	Aug 30 09:56:35 tuxlinux sshd[12793]: Invalid user printer from 61.250.138.125 port 40960 Aug 30 09:56:35 tuxlinux sshd[12793]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.250.138.125 Aug 30 09:56:35 tuxlinux sshd[12793]: Invalid user printer from 61.250.138.125 port 40960 Aug 30 09:56:35 tuxlinux sshd[12793]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.250.138.125 Aug 30 09:56:35 tuxlinux sshd[12793]: Invalid user printer from 61.250.138.125 port 40960 Aug 30 09:56:35 tuxlinux sshd[12793]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.250.138.125 Aug 30 09:56:37 tuxlinux sshd[12793]: Failed password for invalid user printer from 61.250.138.125 port 40960 ssh2 ...	2019-08-30 15:56:54
159.93.73.12	attackbots	Aug 30 09:01:06 dedicated sshd[30052]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.93.73.12 user=root Aug 30 09:01:09 dedicated sshd[30052]: Failed password for root from 159.93.73.12 port 34028 ssh2	2019-08-30 15:20:25
128.199.143.163	attack	2019-08-30T07:26:42.700484abusebot-8.cloudsearch.cf sshd\[17466\]: Invalid user princess from 128.199.143.163 port 33986	2019-08-30 15:34:41
140.249.192.87	attack	Invalid user prog from 140.249.192.87 port 54472	2019-08-30 15:39:55
142.93.101.148	attackbotsspam	Aug 30 09:38:27 SilenceServices sshd[2593]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.101.148 Aug 30 09:38:30 SilenceServices sshd[2593]: Failed password for invalid user dwdev from 142.93.101.148 port 41296 ssh2 Aug 30 09:42:11 SilenceServices sshd[4039]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.101.148	2019-08-30 15:59:43
188.68.236.11	attack	Automatic report - SSH Brute-Force Attack	2019-08-30 15:58:21
122.228.19.80	attackbots	[portscan] tcp/113 [auth] [MySQL inject/portscan] tcp/3306 [scan/connect: 2 time(s)] *(RWIN=29200)(08301000)	2019-08-30 15:37:57
112.109.22.246	attackbotsspam	Lines containing failures of 112.109.22.246 Aug 30 07:17:53 shared02 sshd[17404]: Did not receive identification string from 112.109.22.246 port 51377 Aug 30 07:17:58 shared02 sshd[17408]: Invalid user adminixxxr from 112.109.22.246 port 59738 Aug 30 07:17:58 shared02 sshd[17408]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.109.22.246 Aug 30 07:18:00 shared02 sshd[17408]: Failed password for invalid user adminixxxr from 112.109.22.246 port 59738 ssh2 Aug 30 07:18:00 shared02 sshd[17408]: Connection closed by invalid user adminixxxr 112.109.22.246 port 59738 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=112.109.22.246	2019-08-30 15:24:22
179.25.100.137	attackbotsspam	Lines containing failures of 179.25.100.137 Aug 30 07:18:27 server01 postfix/smtpd[2626]: connect from r179-25-100-137.dialup.adsl.anteldata.net.uy[179.25.100.137] Aug x@x Aug x@x Aug 30 07:18:28 server01 postfix/policy-spf[2634]: : Policy action=PREPEND Received-SPF: none (beerbreasts.com: No applicable sender policy available) receiver=x@x Aug x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=179.25.100.137	2019-08-30 15:41:33
240e:f7:4f01:c::3	attackspam	14265/tcp 23456/tcp 1720/tcp... [2019-08-30]218pkt,17pt.(tcp)	2019-08-30 15:36:41
61.175.121.76	attackbotsspam	Aug 30 09:16:11 dedicated sshd[31805]: Invalid user taiga from 61.175.121.76 port 9981	2019-08-30 15:29:53
188.226.226.82	attackbotsspam	Aug 30 03:34:35 xtremcommunity sshd\[10386\]: Invalid user sftp from 188.226.226.82 port 38622 Aug 30 03:34:35 xtremcommunity sshd\[10386\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.226.226.82 Aug 30 03:34:37 xtremcommunity sshd\[10386\]: Failed password for invalid user sftp from 188.226.226.82 port 38622 ssh2 Aug 30 03:38:47 xtremcommunity sshd\[10551\]: Invalid user ben from 188.226.226.82 port 33233 Aug 30 03:38:47 xtremcommunity sshd\[10551\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.226.226.82 ...	2019-08-30 15:51:41
47.254.89.228	attackbotsspam	\[Fri Aug 30 07:48:32.997737 2019\] \[access_compat:error\] \[pid 5311:tid 140516674979584\] \[client 47.254.89.228:40252\] AH01797: client denied by server configuration: /var/www/lug/xmlrpc.php ...	2019-08-30 15:08:20

Recently Reported IPs

104.248.43.32	104.248.5.199	104.248.50.133	104.248.5.148
104.248.51.68	104.248.53.100	104.248.53.124	104.248.51.102
104.248.56.136	104.248.58.198	104.248.51.242	104.248.58.243
104.248.59.132	104.248.6.201	104.248.62.88	104.248.67.95
104.248.60.77	104.248.71.103	104.248.76.159	104.248.74.114