104.248.80.221

Basic Info

City: unknown

Region: unknown

Country: Netherlands

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Port scan: Attack repeated for 24 hours	2020-09-20 23:59:38
attackbotsspam	" "	2020-09-20 15:52:56
attack	" "	2020-09-20 07:43:05
attackbotsspam	firewall-block, port(s): 24699/tcp	2020-08-27 14:51:34
attackbots	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-08-27 02:34:38
attackspam	Port scan: Attack repeated for 24 hours	2020-08-25 16:10:02
attackspam	" "	2020-08-02 13:43:40
attackbotsspam	Port scan: Attack repeated for 24 hours	2020-07-29 12:35:49
attack	firewall-block, port(s): 20915/tcp	2020-07-11 22:50:45
attackbotsspam	firewall-block, port(s): 25955/tcp	2020-05-20 15:07:42
attackspam	Port scan(s) denied	2020-05-10 17:17:12
attackspam	firewall-block, port(s): 20473/tcp	2020-05-09 05:43:20
attack	" "	2020-05-07 02:53:31
attackbotsspam	scans once in preceeding hours on the ports (in chronological order) 1572 resulting in total of 13 scans from 104.248.0.0/16 block.	2020-04-25 23:47:06

Comments on same subnet:

IP	Type	Details	Datetime
104.248.80.78	attackspambots	2019-09-23T04:30:02.967889abusebot-8.cloudsearch.cf sshd\[12401\]: Invalid user membership from 104.248.80.78 port 48970	2019-09-23 12:53:42
104.248.80.78	attack	Sep 21 07:08:36 vps647732 sshd[23630]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.80.78 Sep 21 07:08:38 vps647732 sshd[23630]: Failed password for invalid user ftpuser from 104.248.80.78 port 37918 ssh2 ...	2019-09-21 13:52:58
104.248.80.78	attackspambots	Sep 13 23:33:23 hcbb sshd\[27758\]: Invalid user dv from 104.248.80.78 Sep 13 23:33:23 hcbb sshd\[27758\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.80.78 Sep 13 23:33:25 hcbb sshd\[27758\]: Failed password for invalid user dv from 104.248.80.78 port 51206 ssh2 Sep 13 23:37:36 hcbb sshd\[28121\]: Invalid user ftpuser from 104.248.80.78 Sep 13 23:37:36 hcbb sshd\[28121\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.80.78	2019-09-14 17:42:17
104.248.80.78	attackbots	Sep 14 01:20:01 pornomens sshd\[19170\]: Invalid user htt from 104.248.80.78 port 39052 Sep 14 01:20:01 pornomens sshd\[19170\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.80.78 Sep 14 01:20:03 pornomens sshd\[19170\]: Failed password for invalid user htt from 104.248.80.78 port 39052 ssh2 ...	2019-09-14 08:25:35
104.248.80.78	attack	Sep 7 04:15:42 yabzik sshd[24525]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.80.78 Sep 7 04:15:45 yabzik sshd[24525]: Failed password for invalid user servers from 104.248.80.78 port 59698 ssh2 Sep 7 04:20:06 yabzik sshd[26032]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.80.78	2019-09-07 09:20:12
104.248.80.78	attackspambots	Aug 31 13:44:26 MK-Soft-VM3 sshd\[16203\]: Invalid user postgres from 104.248.80.78 port 41964 Aug 31 13:44:26 MK-Soft-VM3 sshd\[16203\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.80.78 Aug 31 13:44:28 MK-Soft-VM3 sshd\[16203\]: Failed password for invalid user postgres from 104.248.80.78 port 41964 ssh2 ...	2019-08-31 22:33:46
104.248.80.78	attack	Aug 18 21:04:10 vps647732 sshd[6548]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.80.78 Aug 18 21:04:12 vps647732 sshd[6548]: Failed password for invalid user flower from 104.248.80.78 port 54190 ssh2 ...	2019-08-19 04:37:11
104.248.80.78	attackspambots	Aug 13 14:23:27 yabzik sshd[2605]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.80.78 Aug 13 14:23:29 yabzik sshd[2605]: Failed password for invalid user looque from 104.248.80.78 port 43118 ssh2 Aug 13 14:28:08 yabzik sshd[4582]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.80.78	2019-08-13 19:41:17
104.248.80.78	attackbotsspam	$f2bV_matches	2019-08-10 14:50:23
104.248.80.78	attack	Aug 8 00:33:59 server sshd\[12329\]: Invalid user TEST from 104.248.80.78 port 34876 Aug 8 00:33:59 server sshd\[12329\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.80.78 Aug 8 00:34:01 server sshd\[12329\]: Failed password for invalid user TEST from 104.248.80.78 port 34876 ssh2 Aug 8 00:38:09 server sshd\[25832\]: Invalid user 123456 from 104.248.80.78 port 57594 Aug 8 00:38:09 server sshd\[25832\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.80.78	2019-08-08 05:42:54
104.248.80.78	attack	ssh failed login	2019-08-07 13:58:26
104.248.80.78	attack	Jul 7 06:35:35 dallas01 sshd[12745]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.80.78 Jul 7 06:35:37 dallas01 sshd[12745]: Failed password for invalid user com1 from 104.248.80.78 port 36430 ssh2 Jul 7 06:37:41 dallas01 sshd[12988]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.80.78 Jul 7 06:37:43 dallas01 sshd[12988]: Failed password for invalid user chao from 104.248.80.78 port 33438 ssh2	2019-07-31 16:25:17
104.248.80.78	attackbots	Invalid user administrateur from 104.248.80.78 port 57778	2019-07-28 06:44:09
104.248.80.163	attack	[portscan] tcp/22 [SSH] [scan/connect: 3 time(s)] *(RWIN=65535)(07221037)	2019-07-22 21:12:39
104.248.80.78	attackspambots	$f2bV_matches	2019-07-15 18:56:31

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.248.80.221
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38010
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.248.80.221.			IN	A

;; AUTHORITY SECTION:
.			296	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020042500 1800 900 604800 86400

;; Query time: 114 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Apr 25 23:47:00 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 221.80.248.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 221.80.248.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
35.187.3.199	attack	2019-09-14T18:16:04Z - RDP login failed multiple times. (35.187.3.199)	2019-09-15 07:17:45
157.245.104.124	attackbots	2019-09-14T20:57:43.015883vfs-server-01 sshd\[23630\]: Invalid user fake from 157.245.104.124 port 41642 2019-09-14T20:57:44.135388vfs-server-01 sshd\[23633\]: Invalid user ubnt from 157.245.104.124 port 43232 2019-09-14T20:57:46.394669vfs-server-01 sshd\[23638\]: Invalid user admin from 157.245.104.124 port 45768	2019-09-15 06:45:10
218.92.0.157	attack	Sep 14 20:45:03 *** sshd[22473]: User root from 218.92.0.157 not allowed because not listed in AllowUsers	2019-09-15 06:45:38
69.117.224.87	attackbotsspam	Sep 14 12:48:11 auw2 sshd\[2691\]: Invalid user howe from 69.117.224.87 Sep 14 12:48:11 auw2 sshd\[2691\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ool-4575e057.dyn.optonline.net Sep 14 12:48:14 auw2 sshd\[2691\]: Failed password for invalid user howe from 69.117.224.87 port 36872 ssh2 Sep 14 12:52:34 auw2 sshd\[3126\]: Invalid user lyc from 69.117.224.87 Sep 14 12:52:34 auw2 sshd\[3126\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ool-4575e057.dyn.optonline.net	2019-09-15 06:57:28
45.95.33.198	attackbotsspam	Postfix RBL failed	2019-09-15 06:52:34
101.226.175.133	attackbots	SMB Server BruteForce Attack	2019-09-15 06:51:33
201.151.239.34	attack	Sep 14 12:56:27 hpm sshd\[18118\]: Invalid user mysql_admin from 201.151.239.34 Sep 14 12:56:27 hpm sshd\[18118\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.151.239.34 Sep 14 12:56:29 hpm sshd\[18118\]: Failed password for invalid user mysql_admin from 201.151.239.34 port 36548 ssh2 Sep 14 13:00:30 hpm sshd\[18451\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.151.239.34 user=bin Sep 14 13:00:32 hpm sshd\[18451\]: Failed password for bin from 201.151.239.34 port 49482 ssh2	2019-09-15 07:10:08
207.99.102.202	attackspambots	Telnet Server BruteForce Attack	2019-09-15 07:06:42
58.246.187.102	attackbots	Sep 14 12:09:40 auw2 sshd\[31084\]: Invalid user sysadmin from 58.246.187.102 Sep 14 12:09:40 auw2 sshd\[31084\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.246.187.102 Sep 14 12:09:42 auw2 sshd\[31084\]: Failed password for invalid user sysadmin from 58.246.187.102 port 60992 ssh2 Sep 14 12:14:01 auw2 sshd\[31504\]: Invalid user volunteer from 58.246.187.102 Sep 14 12:14:01 auw2 sshd\[31504\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.246.187.102	2019-09-15 07:13:27
103.226.248.249	attack	Multiple failed RDP login attempts	2019-09-15 07:00:33
193.32.163.182	attack	Sep 15 00:18:58 XXX sshd[55377]: Invalid user admin from 193.32.163.182 port 46786	2019-09-15 07:08:12
122.117.114.23	attackbotsspam	Netgear DGN Device Remote Command Execution Vulnerability, PTR: 122-117-114-23.HINET-IP.hinet.net.	2019-09-15 07:21:07
69.114.249.69	attackbotsspam	2019-09-14T18:16:52.996864abusebot.cloudsearch.cf sshd\[16724\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ool-4572f945.dyn.optonline.net user=root	2019-09-15 06:48:59
125.22.76.76	attack	Sep 14 12:48:45 kapalua sshd\[14368\]: Invalid user raspberry from 125.22.76.76 Sep 14 12:48:45 kapalua sshd\[14368\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.22.76.76 Sep 14 12:48:47 kapalua sshd\[14368\]: Failed password for invalid user raspberry from 125.22.76.76 port 33630 ssh2 Sep 14 12:53:00 kapalua sshd\[14763\]: Invalid user manager from 125.22.76.76 Sep 14 12:53:00 kapalua sshd\[14763\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.22.76.76	2019-09-15 07:05:39
187.12.181.106	attackspam	Sep 15 00:04:09 microserver sshd[63472]: Invalid user orange123 from 187.12.181.106 port 40204 Sep 15 00:04:09 microserver sshd[63472]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.12.181.106 Sep 15 00:04:11 microserver sshd[63472]: Failed password for invalid user orange123 from 187.12.181.106 port 40204 ssh2 Sep 15 00:08:57 microserver sshd[65263]: Invalid user q1w2e3r4t5y6 from 187.12.181.106 port 53866 Sep 15 00:08:57 microserver sshd[65263]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.12.181.106 Sep 15 00:22:53 microserver sshd[2229]: Invalid user 123456 from 187.12.181.106 port 38374 Sep 15 00:22:53 microserver sshd[2229]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.12.181.106 Sep 15 00:22:55 microserver sshd[2229]: Failed password for invalid user 123456 from 187.12.181.106 port 38374 ssh2 Sep 15 00:27:36 microserver sshd[2965]: Invalid user 654321 from 187.12.1	2019-09-15 07:12:01

Recently Reported IPs

104.248.5.69	95.217.153.252	94.155.83.146	227.214.93.122
200.1.215.243	151.103.87.50	175.201.58.23	229.93.59.235
1.121.217.185	68.183.138.140	221.179.104.45	42.210.190.153
33.152.123.242	167.162.24.237	63.127.204.182	179.18.190.205
34.203.27.15	117.18.32.239	195.186.174.42	65.237.54.156