104.248.53.168

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	This IP is associated with RDP abuse. It was found in a paste by https://twitter.com/RdpSnitch - https://pastebin.com/4Ddmuksx For more information, or to report interesting/incorrect findings, contact us - bot@tines.io	2020-04-26 21:42:31

Type

Details

Datetime

attackspam

This IP is associated with RDP abuse. It was found in a paste by https://twitter.com/RdpSnitch - https://pastebin.com/4Ddmuksx  
For more information, or to report interesting/incorrect findings, contact us - bot@tines.io

2020-04-26 21:42:31

Comments on same subnet:

IP	Type	Details	Datetime
104.248.53.106	attackspam	8080/tcp 8080/tcp 8080/tcp [2019-07-10]3pkt	2019-07-11 02:05:40

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.248.53.168
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 34924
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.248.53.168.			IN	A

;; AUTHORITY SECTION:
.			497	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020042600 1800 900 604800 86400

;; Query time: 108 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Apr 26 21:42:27 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 168.53.248.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		100.100.2.138
Address:	100.100.2.138#53

** server can't find 168.53.248.104.in-addr.arpa.: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
221.194.137.28	attackspambots	Apr 17 17:12:53 Enigma sshd[22523]: Failed password for root from 221.194.137.28 port 38448 ssh2 Apr 17 17:15:24 Enigma sshd[23064]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.194.137.28 user=root Apr 17 17:15:27 Enigma sshd[23064]: Failed password for root from 221.194.137.28 port 56834 ssh2 Apr 17 17:18:01 Enigma sshd[23194]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.194.137.28 user=root Apr 17 17:18:03 Enigma sshd[23194]: Failed password for root from 221.194.137.28 port 46984 ssh2	2020-04-18 02:51:07
190.121.23.123	attackspambots	Telnet/23 MH Probe, Scan, BF, Hack -	2020-04-18 02:54:29
51.141.110.138	attackspam	Apr 17 01:22:17 db01 sshd[16823]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.141.110.138 user=r.r Apr 17 01:22:19 db01 sshd[16823]: Failed password for r.r from 51.141.110.138 port 53576 ssh2 Apr 17 01:22:19 db01 sshd[16823]: Received disconnect from 51.141.110.138: 11: Bye Bye [preauth] Apr 17 01:36:00 db01 sshd[18265]: Invalid user ubuntu from 51.141.110.138 Apr 17 01:36:00 db01 sshd[18265]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.141.110.138 Apr 17 01:36:02 db01 sshd[18265]: Failed password for invalid user ubuntu from 51.141.110.138 port 42810 ssh2 Apr 17 01:36:02 db01 sshd[18265]: Received disconnect from 51.141.110.138: 11: Bye Bye [preauth] Apr 17 01:40:03 db01 sshd[18768]: Invalid user hadoop from 51.141.110.138 Apr 17 01:40:03 db01 sshd[18768]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.141.110.138 Apr 17 01:40:04........ -------------------------------	2020-04-18 02:53:39
192.99.34.142	attackspambots	192.99.34.142 - - \[17/Apr/2020:18:26:03 +0000\] "POST /wp-login.php HTTP/1.1" 200 3778 "-" "Mozilla/5.0 $Windows NT 10.0\; WOW64$ AppleWebKit/537.36 $KHTML, like Gecko$ Chrome/46.0.2490.80 Safari/537.36" "-"192.99.34.142 - - \[17/Apr/2020:18:26:48 +0000\] "POST /wp-login.php HTTP/1.1" 200 3778 "-" "Mozilla/5.0 $Windows NT 10.0\; WOW64$ AppleWebKit/537.36 $KHTML, like Gecko$ Chrome/46.0.2490.80 Safari/537.36" "-"192.99.34.142 - - \[17/Apr/2020:18:27:34 +0000\] "POST /wp-login.php HTTP/1.1" 200 3778 "-" "Mozilla/5.0 $Windows NT 10.0\; WOW64$ AppleWebKit/537.36 $KHTML, like Gecko$ Chrome/46.0.2490.80 Safari/537.36" "-"192.99.34.142 - - \[17/Apr/2020:18:28:18 +0000\] "POST /wp-login.php HTTP/1.1" 200 3778 "-" "Mozilla/5.0 $Windows NT 10.0\; WOW64$ AppleWebKit/537.36 $KHTML, like Gecko$ Chrome/46.0.2490.80 Safari/537.36" "-"192.99.34.142 - - \[17/Apr/2020:18:29:00 +0000\] "POST /wp-login.php HTTP/1.1" 200 3778 "-" "Mozilla/5.0 $Windows NT 10.0\; WOW64$ AppleWebKit/537.36 $KHTML, like Gecko$ Ch	2020-04-18 02:40:55
89.46.65.62	attackbots	Port Scan: Events[1] countPorts[1]: 22 ..	2020-04-18 03:13:38
35.225.173.184	attack	Apr 17 19:23:42 ns381471 sshd[22356]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.225.173.184 Apr 17 19:23:43 ns381471 sshd[22356]: Failed password for invalid user test4 from 35.225.173.184 port 49840 ssh2	2020-04-18 02:53:01
138.197.129.38	attack	(sshd) Failed SSH login from 138.197.129.38 (CA/Canada/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 17 19:47:22 s1 sshd[32274]: Invalid user ftpuser from 138.197.129.38 port 38198 Apr 17 19:47:24 s1 sshd[32274]: Failed password for invalid user ftpuser from 138.197.129.38 port 38198 ssh2 Apr 17 19:53:48 s1 sshd[32460]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.129.38 user=root Apr 17 19:53:50 s1 sshd[32460]: Failed password for root from 138.197.129.38 port 60862 ssh2 Apr 17 19:58:25 s1 sshd[32612]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.129.38 user=root	2020-04-18 03:12:49
125.119.32.186	attack	Brute force attempt	2020-04-18 03:11:59
51.255.9.160	attack	$f2bV_matches	2020-04-18 02:47:47
94.68.66.39	attackspam	Telnet/23 MH Probe, Scan, BF, Hack -	2020-04-18 02:41:59
176.105.100.54	attackspambots	Apr 17 18:47:05 debian-2gb-nbg1-2 kernel: \[9401000.409290\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=176.105.100.54 DST=195.201.40.59 LEN=44 TOS=0x00 PREC=0x40 TTL=244 ID=17593 PROTO=TCP SPT=44069 DPT=64849 WINDOW=1024 RES=0x00 SYN URGP=0	2020-04-18 02:57:29
210.5.85.150	attackbots	SSH Authentication Attempts Exceeded	2020-04-18 03:14:26
113.118.249.93	attackspambots	Lines containing failures of 113.118.249.93 Apr 17 15:41:56 expertgeeks postfix/smtpd[25069]: connect from unknown[113.118.249.93] Apr x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=113.118.249.93	2020-04-18 02:50:18
165.22.44.124	attackbotsspam	DigitalOcean BotNet attack - 10s of requests to non- pages - :443/app-ads.txt - typically bursts of 8 requests per second - undefined, XSS attacks UA removed	2020-04-18 02:57:54
182.61.184.155	attackbotsspam	Apr 17 12:13:15 *** sshd[13081]: Invalid user tester from 182.61.184.155	2020-04-18 02:43:31

Recently Reported IPs

94.41.208.52	48.70.199.28	73.194.26.218	224.104.83.104
91.134.159.96	86.227.201.225	153.227.113.252	0.134.199.209
187.212.93.157	236.28.107.201	49.191.182.120	26.129.39.134
135.201.7.197	221.241.38.42	52.60.205.170	33.110.114.241
26.31.153.190	132.151.38.12	37.81.115.198	250.84.105.5