104.248.85.132

Basic Info

City: unknown

Region: unknown

Country: None

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.248.85.54	attack	Sep 9 15:21:49 localhost sshd\[340\]: Invalid user guest from 104.248.85.54 port 42604 Sep 9 15:21:49 localhost sshd\[340\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.85.54 Sep 9 15:21:51 localhost sshd\[340\]: Failed password for invalid user guest from 104.248.85.54 port 42604 ssh2 Sep 9 15:32:02 localhost sshd\[708\]: Invalid user ftp_test from 104.248.85.54 port 46362 Sep 9 15:32:02 localhost sshd\[708\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.85.54 ...	2019-09-10 01:52:11
104.248.85.54	attackbots	Sep 9 09:04:19 localhost sshd\[117470\]: Invalid user web5 from 104.248.85.54 port 53012 Sep 9 09:04:19 localhost sshd\[117470\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.85.54 Sep 9 09:04:21 localhost sshd\[117470\]: Failed password for invalid user web5 from 104.248.85.54 port 53012 ssh2 Sep 9 09:10:11 localhost sshd\[117727\]: Invalid user sammy from 104.248.85.54 port 56502 Sep 9 09:10:11 localhost sshd\[117727\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.85.54 ...	2019-09-09 17:23:34
104.248.85.54	attackbots	Sep 7 05:46:42 sachi sshd\[26126\]: Invalid user guest1 from 104.248.85.54 Sep 7 05:46:42 sachi sshd\[26126\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.85.54 Sep 7 05:46:44 sachi sshd\[26126\]: Failed password for invalid user guest1 from 104.248.85.54 port 50610 ssh2 Sep 7 05:51:34 sachi sshd\[26573\]: Invalid user musicbot from 104.248.85.54 Sep 7 05:51:34 sachi sshd\[26573\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.85.54	2019-09-08 02:29:16
104.248.85.54	attackbots	Aug 15 21:20:26 MK-Soft-VM3 sshd\[12473\]: Invalid user qhsupport from 104.248.85.54 port 42458 Aug 15 21:20:26 MK-Soft-VM3 sshd\[12473\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.85.54 Aug 15 21:20:28 MK-Soft-VM3 sshd\[12473\]: Failed password for invalid user qhsupport from 104.248.85.54 port 42458 ssh2 ...	2019-08-16 05:52:50
104.248.85.115	attackspam	Aug 14 01:28:22 XXX sshd[23842]: Invalid user lehranstalt from 104.248.85.115 port 17281	2019-08-14 09:03:51
104.248.85.54	attack	Aug 10 18:49:03 meumeu sshd[14078]: Failed password for invalid user diradmin from 104.248.85.54 port 38426 ssh2 Aug 10 18:53:08 meumeu sshd[14510]: Failed password for invalid user jacob123 from 104.248.85.54 port 33662 ssh2 ...	2019-08-11 01:06:24
104.248.85.54	attackbots	May 11 04:09:39 ubuntu sshd[24022]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.85.54 May 11 04:09:42 ubuntu sshd[24022]: Failed password for invalid user webadmin from 104.248.85.54 port 59184 ssh2 May 11 04:12:45 ubuntu sshd[24099]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.85.54 May 11 04:12:47 ubuntu sshd[24099]: Failed password for invalid user dreambaseftp from 104.248.85.54 port 32770 ssh2	2019-07-31 16:16:47
104.248.85.54	attackspambots	Jul 28 00:40:32 localhost sshd\[9136\]: Invalid user paddy from 104.248.85.54 Jul 28 00:40:32 localhost sshd\[9136\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.85.54 Jul 28 00:40:34 localhost sshd\[9136\]: Failed password for invalid user paddy from 104.248.85.54 port 36550 ssh2 Jul 28 00:44:25 localhost sshd\[9152\]: Invalid user maxided from 104.248.85.54 Jul 28 00:44:25 localhost sshd\[9152\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.85.54 ...	2019-07-28 08:42:01
104.248.85.105	attackbots	Splunk® : port scan detected: Jul 20 05:51:52 testbed kernel: Firewall: TCP_IN Blocked IN=eth0 OUT= MAC=82:c6:52:d1:6e:53:64:c3:d6:0b:ef:f0:08:00 SRC=104.248.85.105 DST=104.248.11.191 LEN=60 TOS=0x00 PREC=0x00 TTL=58 ID=5104 DF PROTO=TCP SPT=54036 DPT=8161 WINDOW=29200 RES=0x00 SYN URGP=0	2019-07-20 18:04:52
104.248.85.226	attack	DATE:2019-07-14 02:42:02, IP:104.248.85.226, PORT:telnet - Telnet brute force auth on a honeypot server (epe-dc)	2019-07-14 08:45:05
104.248.85.226	attackspam	TCP port 23 (Telnet) attempt blocked by firewall. [2019-07-12 02:01:19]	2019-07-12 11:11:46
104.248.85.226	attack	Caught in portsentry honeypot	2019-07-11 18:09:06
104.248.85.54	attackspam	ssh failed login	2019-07-07 09:16:14

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.248.85.132
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61645
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.248.85.132.			IN	A

;; AUTHORITY SECTION:
.			129	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022010801 1800 900 604800 86400

;; Query time: 18 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jan 09 10:47:57 CST 2022
;; MSG SIZE  rcvd: 107

Host info

Host 132.85.248.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 132.85.248.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
195.54.160.228	attack	Jun 6 20:48:04 debian kernel: [368244.902825] [UFW BLOCK] IN=eth0 OUT= MAC=52:54:00:be:e4:65:08:e8:4f:6e:48:0c:08:00 SRC=195.54.160.228 DST=89.252.131.35 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=2341 PROTO=TCP SPT=50060 DPT=33984 WINDOW=1024 RES=0x00 SYN URGP=0	2020-06-07 01:56:56
194.26.29.220	attackspambots	scans 47 times in preceeding hours on the ports (in chronological order) 7728 7379 7578 7360 7984 7856 7204 7198 7618 7227 7849 7660 7442 7654 7688 7902 7619 7669 7102 7968 7521 7632 7189 7949 7575 7931 7955 7532 7002 7910 7863 7630 7677 7442 7780 7514 7178 7011 7673 7435 7578 7627 7028 7707 7485 7771 7131 resulting in total of 612 scans from 194.26.29.0/24 block.	2020-06-07 02:17:22
114.156.3.186	attackbots	scans 19 times in preceeding hours on the ports (in chronological order) 1434 3938 5009 19302 3460 39593 3306 37512 5090 1777 4500 4567 1900 52869 3333 1741 1521 3999 5916	2020-06-07 02:14:16
180.76.167.221	attackbots	Jun 6 18:11:49 buvik sshd[22219]: Failed password for root from 180.76.167.221 port 57396 ssh2 Jun 6 18:15:32 buvik sshd[22676]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.167.221 user=root Jun 6 18:15:34 buvik sshd[22676]: Failed password for root from 180.76.167.221 port 52944 ssh2 ...	2020-06-07 02:04:40
86.193.149.7	attackspam	port scan and connect, tcp 80 (http)	2020-06-07 02:01:22
126.23.145.60	attack	scans 2 times in preceeding hours on the ports (in chronological order) 17621 17621	2020-06-07 02:09:43
106.12.129.167	attackspam	Lines containing failures of 106.12.129.167 Jun 5 23:14:30 newdogma sshd[32633]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.129.167 user=r.r Jun 5 23:14:32 newdogma sshd[32633]: Failed password for r.r from 106.12.129.167 port 37472 ssh2 Jun 5 23:14:33 newdogma sshd[32633]: Received disconnect from 106.12.129.167 port 37472:11: Bye Bye [preauth] Jun 5 23:14:33 newdogma sshd[32633]: Disconnected from authenticating user r.r 106.12.129.167 port 37472 [preauth] Jun 5 23:25:57 newdogma sshd[516]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.129.167 user=r.r Jun 5 23:25:59 newdogma sshd[516]: Failed password for r.r from 106.12.129.167 port 42458 ssh2 Jun 5 23:26:00 newdogma sshd[516]: Received disconnect from 106.12.129.167 port 42458:11: Bye Bye [preauth] Jun 5 23:26:00 newdogma sshd[516]: Disconnected from authenticating user r.r 106.12.129.167 port 42458 [preaut........ ------------------------------	2020-06-07 01:51:34
142.93.187.179	attackspam	scans 2 times in preceeding hours on the ports (in chronological order) 2251 2253	2020-06-07 02:05:43
58.188.221.13	attackbotsspam	scans 2 times in preceeding hours on the ports (in chronological order) 17621 17621	2020-06-07 02:22:49
183.136.225.45	attackspambots	TCP (SYN) 183.136.225.45:61831 -> port 9876, len 44	2020-06-07 02:03:58
223.99.126.67	attack	Jun 6 17:18:12 host sshd[374]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.99.126.67 user=root Jun 6 17:18:14 host sshd[374]: Failed password for root from 223.99.126.67 port 55632 ssh2 ...	2020-06-07 02:07:55
195.54.160.166	attack	TCP (SYN) 195.54.160.166:59238 -> port 14516, len 44	2020-06-07 01:57:49
183.17.229.136	attackbotsspam	scans 2 times in preceeding hours on the ports (in chronological order) 3522 18001	2020-06-07 02:04:22
195.54.160.12	attackspambots	Jun 6 19:39:57 debian-2gb-nbg1-2 kernel: \[13723944.722320\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=195.54.160.12 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=55395 PROTO=TCP SPT=41044 DPT=56347 WINDOW=1024 RES=0x00 SYN URGP=0	2020-06-07 01:58:45
222.186.173.154	attackspam	Jun 6 20:07:42 santamaria sshd\[24058\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.154 user=root Jun 6 20:07:44 santamaria sshd\[24058\]: Failed password for root from 222.186.173.154 port 3414 ssh2 Jun 6 20:07:54 santamaria sshd\[24058\]: Failed password for root from 222.186.173.154 port 3414 ssh2 ...	2020-06-07 02:08:22

Recently Reported IPs

69.156.52.137	99.226.12.42	110.90.165.76	14.101.57.92
224.42.162.236	219.142.131.153	232.8.125.86	158.253.212.229
59.11.250.1	145.239.81.115	148.225.125.158	67.199.220.27
141.193.177.5	19.220.243.80	158.62.202.198	80.235.88.236
110.130.73.5	220.241.182.221	212.62.89.204	217.93.200.87