City: unknown
Region: unknown
Country: United States
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
| IP | Type | Details | Datetime |
|---|---|---|---|
| 104.248.80.221 | attackbots | Port scan: Attack repeated for 24 hours |
2020-09-20 23:59:38 |
| 104.248.80.221 | attackbotsspam | " " |
2020-09-20 15:52:56 |
| 104.248.80.221 | attack | " " |
2020-09-20 07:43:05 |
| 104.248.80.221 | attackbotsspam | firewall-block, port(s): 24699/tcp |
2020-08-27 14:51:34 |
| 104.248.80.221 | attackbots | [N10.H2.VM2] Port Scanner Detected Blocked by UFW |
2020-08-27 02:34:38 |
| 104.248.80.221 | attackspam | Port scan: Attack repeated for 24 hours |
2020-08-25 16:10:02 |
| 104.248.80.221 | attackspam | " " |
2020-08-02 13:43:40 |
| 104.248.80.221 | attackbotsspam | Port scan: Attack repeated for 24 hours |
2020-07-29 12:35:49 |
| 104.248.80.221 | attack | firewall-block, port(s): 20915/tcp |
2020-07-11 22:50:45 |
| 104.248.80.221 | attackbotsspam | firewall-block, port(s): 25955/tcp |
2020-05-20 15:07:42 |
| 104.248.80.221 | attackspam | Port scan(s) denied |
2020-05-10 17:17:12 |
| 104.248.80.221 | attackspam | firewall-block, port(s): 20473/tcp |
2020-05-09 05:43:20 |
| 104.248.80.221 | attack | " " |
2020-05-07 02:53:31 |
| 104.248.80.221 | attackbotsspam | scans once in preceeding hours on the ports (in chronological order) 1572 resulting in total of 13 scans from 104.248.0.0/16 block. |
2020-04-25 23:47:06 |
| 104.248.80.78 | attackspambots | 2019-09-23T04:30:02.967889abusebot-8.cloudsearch.cf sshd\[12401\]: Invalid user membership from 104.248.80.78 port 48970 |
2019-09-23 12:53:42 |
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.248.80.239
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18700
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;104.248.80.239. IN A
;; AUTHORITY SECTION:
. 410 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022091500 1800 900 604800 86400
;; Query time: 55 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Sep 16 00:24:20 CST 2022
;; MSG SIZE rcvd: 107
Host 239.80.248.104.in-addr.arpa. not found: 3(NXDOMAIN)
Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 239.80.248.104.in-addr.arpa: NXDOMAIN
| IP | Type | Details | Datetime |
|---|---|---|---|
| 218.153.159.198 | attack | Automatic report - Banned IP Access |
2019-09-05 11:00:43 |
| 185.176.27.106 | attack | 09/04/2019-23:11:48.068295 185.176.27.106 Protocol: 6 ET SCAN NMAP -sS window 1024 |
2019-09-05 11:19:35 |
| 137.74.119.50 | attackbots | 2019-09-05T03:22:19.505832abusebot-5.cloudsearch.cf sshd\[3093\]: Invalid user mysql from 137.74.119.50 port 44980 |
2019-09-05 11:26:18 |
| 104.128.69.146 | attackspambots | Sep 4 22:25:29 XXX sshd[18186]: Invalid user steam from 104.128.69.146 port 50874 |
2019-09-05 11:07:38 |
| 121.157.82.202 | attack | Sep 5 00:00:09 XXX sshd[54912]: Invalid user ofsaa from 121.157.82.202 port 56816 |
2019-09-05 11:11:58 |
| 192.42.116.18 | attackspambots | Sep 5 09:16:14 webhost01 sshd[4391]: Failed password for root from 192.42.116.18 port 56830 ssh2 Sep 5 09:16:28 webhost01 sshd[4391]: error: maximum authentication attempts exceeded for root from 192.42.116.18 port 56830 ssh2 [preauth] ... |
2019-09-05 11:03:59 |
| 89.189.190.163 | attackbots | $f2bV_matches |
2019-09-05 11:25:25 |
| 213.180.203.36 | attack | [Thu Sep 05 05:59:56.170571 2019] [:error] [pid 24065:tid 140015011010304] [client 213.180.203.36:53825] [client 213.180.203.36] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.1.1/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "792"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.1.1"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "XXBB7LrhcI2IXpA1kiUxHAAAABc"] ... |
2019-09-05 11:14:04 |
| 166.62.121.223 | attackbots | www.goldgier.de 166.62.121.223 \[05/Sep/2019:03:48:36 +0200\] "POST /wp-login.php HTTP/1.1" 200 8724 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" www.goldgier.de 166.62.121.223 \[05/Sep/2019:03:48:38 +0200\] "POST /wp-login.php HTTP/1.1" 200 8724 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" |
2019-09-05 10:55:21 |
| 68.183.234.12 | attack | 2019-09-05T03:39:55.647647abusebot-3.cloudsearch.cf sshd\[17680\]: Invalid user web1 from 68.183.234.12 port 44590 |
2019-09-05 11:47:06 |
| 186.4.224.171 | attackspam | Sep 5 05:21:24 OPSO sshd\[20882\]: Invalid user test from 186.4.224.171 port 51438 Sep 5 05:21:24 OPSO sshd\[20882\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.4.224.171 Sep 5 05:21:26 OPSO sshd\[20882\]: Failed password for invalid user test from 186.4.224.171 port 51438 ssh2 Sep 5 05:26:27 OPSO sshd\[22516\]: Invalid user azureuser from 186.4.224.171 port 37706 Sep 5 05:26:27 OPSO sshd\[22516\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.4.224.171 |
2019-09-05 11:39:17 |
| 87.123.102.106 | attack | 2019-09-04T22:59:30.925624abusebot-7.cloudsearch.cf sshd\[5017\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=i577b666a.versanet.de user=root |
2019-09-05 11:33:52 |
| 178.128.87.245 | attackbots | Sep 5 06:28:35 tuotantolaitos sshd[24530]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.87.245 Sep 5 06:28:37 tuotantolaitos sshd[24530]: Failed password for invalid user test from 178.128.87.245 port 56860 ssh2 ... |
2019-09-05 11:43:06 |
| 190.93.209.181 | attackspam | Fail2Ban - SMTP Bruteforce Attempt |
2019-09-05 11:36:11 |
| 218.166.24.110 | attackbotsspam | Telnet Server BruteForce Attack |
2019-09-05 11:28:46 |