147.135.124.104

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: OVH US LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Aug 8 10:45:27 master sshd[2037]: Failed password for invalid user ubnt from 147.135.124.104 port 43084 ssh2	2019-08-08 20:28:53

Comments on same subnet:

IP	Type	Details	Datetime
147.135.124.110	attackspambots	Ubiquity Nanostation Remote Command Execution Vulnerability	2019-08-14 05:40:45

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 147.135.124.104
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3682
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;147.135.124.104.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080800 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Aug 08 20:28:45 CST 2019
;; MSG SIZE  rcvd: 119

Host info

104.124.135.147.in-addr.arpa domain name pointer ip104.ip-147-135-124.us.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
104.124.135.147.in-addr.arpa	name = ip104.ip-147-135-124.us.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
216.244.66.250	attack	Unauthorized access detected from banned ip	2019-12-29 15:10:23
124.251.110.147	attackbotsspam	Dec 29 07:02:45 vpn01 sshd[7152]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.251.110.147 Dec 29 07:02:46 vpn01 sshd[7152]: Failed password for invalid user thai from 124.251.110.147 port 38212 ssh2 ...	2019-12-29 14:23:30
90.200.231.149	attackbotsspam	Host Scan	2019-12-29 15:08:50
193.112.220.76	attackbotsspam	Dec 29 07:11:18 sd-53420 sshd\[26929\]: Invalid user gulfycz from 193.112.220.76 Dec 29 07:11:18 sd-53420 sshd\[26929\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.220.76 Dec 29 07:11:21 sd-53420 sshd\[26929\]: Failed password for invalid user gulfycz from 193.112.220.76 port 48078 ssh2 Dec 29 07:13:08 sd-53420 sshd\[27687\]: Invalid user mohan from 193.112.220.76 Dec 29 07:13:08 sd-53420 sshd\[27687\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.220.76 ...	2019-12-29 14:22:32
103.240.34.218	attackspam	SpamReport	2019-12-29 15:02:52
115.218.183.201	attackspambots	Dec 29 01:29:38 esmtp postfix/smtpd[30932]: lost connection after AUTH from unknown[115.218.183.201] Dec 29 01:29:43 esmtp postfix/smtpd[31042]: lost connection after AUTH from unknown[115.218.183.201] Dec 29 01:29:57 esmtp postfix/smtpd[31042]: lost connection after AUTH from unknown[115.218.183.201] Dec 29 01:30:01 esmtp postfix/smtpd[30932]: lost connection after AUTH from unknown[115.218.183.201] Dec 29 01:30:09 esmtp postfix/smtpd[31042]: lost connection after AUTH from unknown[115.218.183.201] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=115.218.183.201	2019-12-29 15:07:02
211.159.241.77	attack	Dec 29 04:30:26 ws12vmsma01 sshd[24951]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.159.241.77 Dec 29 04:30:26 ws12vmsma01 sshd[24951]: Invalid user akazukin from 211.159.241.77 Dec 29 04:30:28 ws12vmsma01 sshd[24951]: Failed password for invalid user akazukin from 211.159.241.77 port 33924 ssh2 ...	2019-12-29 14:42:20
95.8.65.149	attackspambots	19/12/29@01:30:05: FAIL: Alarm-Telnet address from=95.8.65.149 ...	2019-12-29 15:10:43
49.14.121.81	attack	Dec 29 07:30:03 mail kernel: [2620745.948532] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3d:86:ee:00:08:e3:ff:fd:90:08:00 SRC=49.14.121.81 DST=91.205.173.180 LEN=52 TOS=0x08 PREC=0x00 TTL=51 ID=26183 DF PROTO=TCP SPT=58604 DPT=1433 WINDOW=8192 RES=0x00 SYN URGP=0 Dec 29 07:30:06 mail kernel: [2620748.935141] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3d:86:ee:00:08:e3:ff:fd:90:08:00 SRC=49.14.121.81 DST=91.205.173.180 LEN=52 TOS=0x08 PREC=0x00 TTL=51 ID=26907 DF PROTO=TCP SPT=58604 DPT=1433 WINDOW=8192 RES=0x00 SYN URGP=0 Dec 29 07:30:12 mail kernel: [2620754.896086] [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3d:86:ee:00:08:e3:ff:fd:90:08:00 SRC=49.14.121.81 DST=91.205.173.180 LEN=48 TOS=0x08 PREC=0x00 TTL=51 ID=28199 DF PROTO=TCP SPT=58604 DPT=1433 WINDOW=65535 RES=0x00 SYN URGP=0	2019-12-29 15:04:21
125.125.96.166	attackbotsspam	[Aegis] @ 2019-12-29 04:54:15 0000 -> Attempt to use mail server as relay (550: Requested action not taken).	2019-12-29 14:24:21
200.150.72.142	attackspambots	Dec 25 19:51:27 sanyalnet-cloud-vps4 sshd[20938]: Connection from 200.150.72.142 port 35432 on 64.137.160.124 port 22 Dec 25 19:51:27 sanyalnet-cloud-vps4 sshd[20938]: Did not receive identification string from 200.150.72.142 Dec 25 19:52:29 sanyalnet-cloud-vps4 sshd[20943]: Connection from 200.150.72.142 port 48354 on 64.137.160.124 port 22 Dec 25 19:52:31 sanyalnet-cloud-vps4 sshd[20943]: Invalid user vagrant from 200.150.72.142 Dec 25 19:52:33 sanyalnet-cloud-vps4 sshd[20943]: Failed password for invalid user vagrant from 200.150.72.142 port 48354 ssh2 Dec 25 19:52:33 sanyalnet-cloud-vps4 sshd[20943]: Received disconnect from 200.150.72.142: 11: Bye Bye [preauth] Dec 25 19:53:28 sanyalnet-cloud-vps4 sshd[21011]: Connection from 200.150.72.142 port 57602 on 64.137.160.124 port 22 Dec 25 19:53:29 sanyalnet-cloud-vps4 sshd[21011]: Invalid user webadmin from 200.150.72.142 Dec 25 19:53:31 sanyalnet-cloud-vps4 sshd[21011]: Failed password for invalid user webadmin from 20........ -------------------------------	2019-12-29 14:29:32
159.65.69.32	attack	Automatic report - XMLRPC Attack	2019-12-29 14:43:41
218.92.0.171	attackbotsspam	Dec 29 06:54:46 localhost sshd\[38331\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.171 user=root Dec 29 06:54:47 localhost sshd\[38331\]: Failed password for root from 218.92.0.171 port 40643 ssh2 Dec 29 06:54:51 localhost sshd\[38331\]: Failed password for root from 218.92.0.171 port 40643 ssh2 Dec 29 06:54:56 localhost sshd\[38331\]: Failed password for root from 218.92.0.171 port 40643 ssh2 Dec 29 06:54:58 localhost sshd\[38331\]: Failed password for root from 218.92.0.171 port 40643 ssh2 ...	2019-12-29 15:00:02
43.228.117.222	attack	Dec 29 05:54:17 host sshd[46063]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.228.117.222 user=root Dec 29 05:54:19 host sshd[46063]: Failed password for root from 43.228.117.222 port 40876 ssh2 ...	2019-12-29 14:28:29
196.29.168.34	attack	Unauthorized connection attempt detected from IP address 196.29.168.34 to port 445	2019-12-29 14:43:09

Recently Reported IPs

77.117.189.243	190.144.3.138	178.128.115.205	47.53.67.205
37.192.36.181	125.230.27.195	103.112.28.60	222.223.6.30
47.101.222.1	41.43.20.120	209.59.182.37	65.169.39.38
156.202.98.88	117.81.130.34	134.209.35.21	41.218.224.244
148.251.79.117	115.213.135.59	91.61.42.75	193.32.161.173