104.248.9.4 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.248.90.77	attackspam	firewall-block, port(s): 31436/tcp	2020-10-08 01:16:13
104.248.90.77	attackbotsspam	Port scan denied	2020-10-07 17:24:38
104.248.90.77	attackbotsspam	Port scan: Attack repeated for 24 hours	2020-08-27 02:05:40
104.248.90.77	attack	Attempted to establish connection to non opened port 5869	2020-08-07 21:04:47
104.248.90.77	attackbots	TCP (SYN) 104.248.90.77:57960 -> port 7684, len 44	2020-07-07 00:15:06
104.248.90.77	attackbots	unauthorized connection attempt	2020-06-28 15:25:10
104.248.90.77	attack	Port scan denied	2020-06-14 15:18:45
104.248.92.124	attackbotsspam	Jun 11 10:20:19 eventyay sshd[9289]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.92.124 Jun 11 10:20:21 eventyay sshd[9289]: Failed password for invalid user xiaolong from 104.248.92.124 port 54618 ssh2 Jun 11 10:23:37 eventyay sshd[9498]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.92.124 ...	2020-06-11 16:35:08
104.248.92.124	attack	2020-06-10T20:52:35.956929shield sshd\[17338\]: Invalid user git from 104.248.92.124 port 56704 2020-06-10T20:52:35.962310shield sshd\[17338\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.92.124 2020-06-10T20:52:38.057980shield sshd\[17338\]: Failed password for invalid user git from 104.248.92.124 port 56704 ssh2 2020-06-10T20:55:26.089969shield sshd\[17848\]: Invalid user admin from 104.248.92.124 port 52958 2020-06-10T20:55:26.093645shield sshd\[17848\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.92.124	2020-06-11 05:19:54
104.248.92.124	attackbotsspam	Jun 9 12:53:33 vps sshd[920845]: Invalid user trajano from 104.248.92.124 port 40796 Jun 9 12:53:33 vps sshd[920845]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.92.124 Jun 9 12:53:35 vps sshd[920845]: Failed password for invalid user trajano from 104.248.92.124 port 40796 ssh2 Jun 9 12:56:16 vps sshd[934214]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.92.124 user=root Jun 9 12:56:18 vps sshd[934214]: Failed password for root from 104.248.92.124 port 38780 ssh2 ...	2020-06-09 19:08:44
104.248.92.124	attackbotsspam	Jun 6 10:36:37 firewall sshd[18760]: Failed password for root from 104.248.92.124 port 34124 ssh2 Jun 6 10:40:10 firewall sshd[18806]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.92.124 user=root Jun 6 10:40:12 firewall sshd[18806]: Failed password for root from 104.248.92.124 port 37692 ssh2 ...	2020-06-07 00:26:05
104.248.93.171	attackbots	" "	2020-06-05 21:18:03
104.248.92.124	attackbots	Jun 5 10:23:13 ncomp sshd[6289]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.92.124 user=root Jun 5 10:23:15 ncomp sshd[6289]: Failed password for root from 104.248.92.124 port 33752 ssh2 Jun 5 10:37:17 ncomp sshd[6830]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.92.124 user=root Jun 5 10:37:19 ncomp sshd[6830]: Failed password for root from 104.248.92.124 port 44582 ssh2	2020-06-05 16:45:35
104.248.92.124	attackbotsspam	Jun 4 11:04:39 gw1 sshd[26112]: Failed password for root from 104.248.92.124 port 54596 ssh2 ...	2020-06-04 17:04:39
104.248.92.124	attackbots	(sshd) Failed SSH login from 104.248.92.124 (NL/Netherlands/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jun 2 14:49:42 s1 sshd[26537]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.92.124 user=root Jun 2 14:49:44 s1 sshd[26537]: Failed password for root from 104.248.92.124 port 47676 ssh2 Jun 2 15:03:03 s1 sshd[27367]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.92.124 user=root Jun 2 15:03:05 s1 sshd[27367]: Failed password for root from 104.248.92.124 port 52280 ssh2 Jun 2 15:06:14 s1 sshd[27883]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.92.124 user=root	2020-06-02 22:57:52

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.248.9.4
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 37557
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.248.9.4.			IN	A

;; AUTHORITY SECTION:
.			599	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022801 1800 900 604800 86400

;; Query time: 17 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Mar 01 03:13:05 CST 2022
;; MSG SIZE  rcvd: 104

Host info

Host 4.9.248.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 4.9.248.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
49.88.112.61	attackbots	Jan 3 05:23:09 php1 sshd\[8432\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.61 user=root Jan 3 05:23:11 php1 sshd\[8432\]: Failed password for root from 49.88.112.61 port 11559 ssh2 Jan 3 05:23:15 php1 sshd\[8432\]: Failed password for root from 49.88.112.61 port 11559 ssh2 Jan 3 05:23:29 php1 sshd\[8483\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.61 user=root Jan 3 05:23:32 php1 sshd\[8483\]: Failed password for root from 49.88.112.61 port 40972 ssh2	2020-01-03 23:27:46
49.149.101.148	attackbots	Attempt to attack host OS, exploiting network vulnerabilities, on 03-01-2020 13:05:21.	2020-01-03 23:33:17
129.28.166.212	attack	Jan 3 13:05:56 unicornsoft sshd\[31661\]: Invalid user support from 129.28.166.212 Jan 3 13:05:56 unicornsoft sshd\[31661\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.28.166.212 Jan 3 13:05:58 unicornsoft sshd\[31661\]: Failed password for invalid user support from 129.28.166.212 port 37240 ssh2	2020-01-03 23:05:01
5.196.110.170	attackspam	web-1 [ssh] SSH Attack	2020-01-03 22:58:54
49.37.140.21	attackbotsspam	Attempt to attack host OS, exploiting network vulnerabilities, on 03-01-2020 13:05:22.	2020-01-03 23:30:42
106.52.121.64	attackspam	Jan 3 03:04:14 web9 sshd\[19939\]: Invalid user loveture from 106.52.121.64 Jan 3 03:04:14 web9 sshd\[19939\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.121.64 Jan 3 03:04:16 web9 sshd\[19939\]: Failed password for invalid user loveture from 106.52.121.64 port 53642 ssh2 Jan 3 03:05:24 web9 sshd\[20141\]: Invalid user wildfly from 106.52.121.64 Jan 3 03:05:24 web9 sshd\[20141\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.121.64	2020-01-03 23:29:42
182.254.227.147	attackspambots	Jan 3 04:45:37 wbs sshd\[25480\]: Invalid user od from 182.254.227.147 Jan 3 04:45:37 wbs sshd\[25480\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.254.227.147 Jan 3 04:45:39 wbs sshd\[25480\]: Failed password for invalid user od from 182.254.227.147 port 20615 ssh2 Jan 3 04:48:57 wbs sshd\[25760\]: Invalid user ftptest from 182.254.227.147 Jan 3 04:48:57 wbs sshd\[25760\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.254.227.147	2020-01-03 23:18:08
213.33.246.82	attackspambots	Attempt to attack host OS, exploiting network vulnerabilities, on 03-01-2020 13:05:18.	2020-01-03 23:38:14
77.233.4.133	attackbotsspam	Jan 3 14:08:24 ip-172-31-62-245 sshd\[24791\]: Invalid user pian from 77.233.4.133\ Jan 3 14:08:25 ip-172-31-62-245 sshd\[24791\]: Failed password for invalid user pian from 77.233.4.133 port 59755 ssh2\ Jan 3 14:11:45 ip-172-31-62-245 sshd\[24919\]: Invalid user chaz from 77.233.4.133\ Jan 3 14:11:47 ip-172-31-62-245 sshd\[24919\]: Failed password for invalid user chaz from 77.233.4.133 port 46946 ssh2\ Jan 3 14:15:06 ip-172-31-62-245 sshd\[24985\]: Invalid user bzv from 77.233.4.133\	2020-01-03 23:13:19
49.88.112.59	attackspam	Jan 3 16:10:38 dcd-gentoo sshd[7250]: User root from 49.88.112.59 not allowed because none of user's groups are listed in AllowGroups Jan 3 16:10:42 dcd-gentoo sshd[7250]: error: PAM: Authentication failure for illegal user root from 49.88.112.59 Jan 3 16:10:38 dcd-gentoo sshd[7250]: User root from 49.88.112.59 not allowed because none of user's groups are listed in AllowGroups Jan 3 16:10:42 dcd-gentoo sshd[7250]: error: PAM: Authentication failure for illegal user root from 49.88.112.59 Jan 3 16:10:38 dcd-gentoo sshd[7250]: User root from 49.88.112.59 not allowed because none of user's groups are listed in AllowGroups Jan 3 16:10:42 dcd-gentoo sshd[7250]: error: PAM: Authentication failure for illegal user root from 49.88.112.59 Jan 3 16:10:42 dcd-gentoo sshd[7250]: Failed keyboard-interactive/pam for invalid user root from 49.88.112.59 port 43413 ssh2 ...	2020-01-03 23:11:49
89.248.169.95	attackspam	Jan 3 16:00:01 debian-2gb-nbg1-2 kernel: \[322928.783114\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=89.248.169.95 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=63116 PROTO=TCP SPT=42915 DPT=10019 WINDOW=1024 RES=0x00 SYN URGP=0	2020-01-03 23:03:34
216.218.206.102	attackbotsspam	Unauthorised access (Jan 3) SRC=216.218.206.102 LEN=40 TTL=242 ID=54321 TCP DPT=8080 WINDOW=65535 SYN	2020-01-03 23:24:51
203.195.235.135	attack	SSH brutforce	2020-01-03 23:11:11
152.204.130.86	attackbotsspam	20/1/3@08:06:08: FAIL: Alarm-Network address from=152.204.130.86 20/1/3@08:06:08: FAIL: Alarm-Network address from=152.204.130.86 ...	2020-01-03 22:59:59
46.244.11.14	attackspam	Jan 3 15:43:35 plex sshd[7761]: Invalid user rmn from 46.244.11.14 port 44806	2020-01-03 23:33:36

Recently Reported IPs

104.248.9.119	104.248.9.126	104.248.90.255	104.248.9.72
104.248.90.154	104.248.91.143	104.248.91.205	104.248.9.96
104.248.9.85	104.248.91.90	104.248.92.10	104.248.93.0
104.248.92.73	104.248.93.11	104.248.93.133	104.248.93.17
104.248.93.242	104.248.93.198	104.248.93.66	104.248.93.5