204.48.20.138 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Mar 2 20:06:45 wbs sshd\[11529\]: Invalid user matt from 204.48.20.138 Mar 2 20:06:45 wbs sshd\[11529\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=204.48.20.138 Mar 2 20:06:46 wbs sshd\[11529\]: Failed password for invalid user matt from 204.48.20.138 port 57128 ssh2 Mar 2 20:16:11 wbs sshd\[12447\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=204.48.20.138 user=root Mar 2 20:16:13 wbs sshd\[12447\]: Failed password for root from 204.48.20.138 port 44116 ssh2	2020-03-03 19:10:56

Type

Details

Datetime

attackspambots

Mar  2 20:06:45 wbs sshd\[11529\]: Invalid user matt from 204.48.20.138
Mar  2 20:06:45 wbs sshd\[11529\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=204.48.20.138
Mar  2 20:06:46 wbs sshd\[11529\]: Failed password for invalid user matt from 204.48.20.138 port 57128 ssh2
Mar  2 20:16:11 wbs sshd\[12447\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=204.48.20.138  user=root
Mar  2 20:16:13 wbs sshd\[12447\]: Failed password for root from 204.48.20.138 port 44116 ssh2

2020-03-03 19:10:56

Comments on same subnet:

IP	Type	Details	Datetime
204.48.20.244	attackspam	Sep 26 18:21:29 pve1 sshd[27346]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=204.48.20.244 Sep 26 18:21:31 pve1 sshd[27346]: Failed password for invalid user jenkins from 204.48.20.244 port 37966 ssh2 ...	2020-09-27 01:30:41
204.48.20.244	attack	2020-09-26T08:28:53+0200 Failed SSH Authentication/Brute Force Attack.(Server 2)	2020-09-26 17:23:31
204.48.20.244	attackspam	Invalid user cssserver from 204.48.20.244 port 53126	2020-09-23 21:16:32
204.48.20.244	attackbots	Port scan denied	2020-09-23 13:35:40
204.48.20.244	attackbotsspam	Invalid user marco from 204.48.20.244 port 35994	2020-09-23 05:24:37
204.48.20.244	attackbots	Port Scan ...	2020-09-17 21:28:19
204.48.20.244	attackbotsspam	SSH login attempts.	2020-09-17 13:39:22
204.48.20.244	attackspambots	firewall-block, port(s): 26932/tcp	2020-09-17 04:45:11
204.48.20.244	attackbotsspam	Invalid user leon from 204.48.20.244 port 44680	2020-09-04 14:38:32
204.48.20.244	attack	Invalid user usuario from 204.48.20.244 port 43844	2020-09-04 07:03:13
204.48.20.244	attackbotsspam	Sep 1 04:56:43 ajax sshd[20735]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=204.48.20.244 Sep 1 04:56:45 ajax sshd[20735]: Failed password for invalid user xavier from 204.48.20.244 port 44102 ssh2	2020-09-01 12:04:25
204.48.20.244	attack	2020-08-17T23:30:19.8773051495-001 sshd[5032]: Failed password for invalid user ntpo from 204.48.20.244 port 47134 ssh2 2020-08-17T23:33:59.1501451495-001 sshd[5250]: Invalid user student2 from 204.48.20.244 port 56628 2020-08-17T23:33:59.1533011495-001 sshd[5250]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=204.48.20.244 2020-08-17T23:33:59.1501451495-001 sshd[5250]: Invalid user student2 from 204.48.20.244 port 56628 2020-08-17T23:34:00.8622461495-001 sshd[5250]: Failed password for invalid user student2 from 204.48.20.244 port 56628 ssh2 2020-08-17T23:37:29.4435431495-001 sshd[5419]: Invalid user Test from 204.48.20.244 port 37894 ...	2020-08-18 12:52:45
204.48.20.244	attackspambots	Aug 14 19:44:22 host sshd[31678]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=204.48.20.244 user=root Aug 14 19:44:24 host sshd[31678]: Failed password for root from 204.48.20.244 port 46810 ssh2 ...	2020-08-15 01:45:36
204.48.20.255	attackspam	$f2bV_matches	2020-02-13 06:31:46
204.48.20.229	attackspam	Oct 6 10:43:34 vtv3 sshd\[31133\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=204.48.20.229 user=root Oct 6 10:43:35 vtv3 sshd\[31133\]: Failed password for root from 204.48.20.229 port 35500 ssh2 Oct 6 10:47:23 vtv3 sshd\[635\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=204.48.20.229 user=root Oct 6 10:47:25 vtv3 sshd\[635\]: Failed password for root from 204.48.20.229 port 49870 ssh2 Oct 6 10:51:23 vtv3 sshd\[2835\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=204.48.20.229 user=root Oct 6 11:03:16 vtv3 sshd\[8521\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=204.48.20.229 user=root Oct 6 11:03:18 vtv3 sshd\[8521\]: Failed password for root from 204.48.20.229 port 50902 ssh2 Oct 6 11:07:25 vtv3 sshd\[10614\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=204.48.2	2019-10-06 20:37:51

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 204.48.20.138
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 11001
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;204.48.20.138.			IN	A

;; AUTHORITY SECTION:
.			397	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020030202 1800 900 604800 86400

;; Query time: 39 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Mar 03 19:10:53 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 138.20.48.204.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 138.20.48.204.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
206.189.171.204	attack	Oct 9 11:32:29 dignus sshd[28055]: Failed password for root from 206.189.171.204 port 40248 ssh2 Oct 9 11:36:08 dignus sshd[28152]: Invalid user majordomo from 206.189.171.204 port 45948 Oct 9 11:36:08 dignus sshd[28152]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.171.204 Oct 9 11:36:10 dignus sshd[28152]: Failed password for invalid user majordomo from 206.189.171.204 port 45948 ssh2 Oct 9 11:39:51 dignus sshd[28186]: Invalid user admin from 206.189.171.204 port 51684 ...	2020-10-09 23:20:39
106.52.29.132	attackspambots	Oct 9 17:40:26 vm0 sshd[22968]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.29.132 Oct 9 17:40:28 vm0 sshd[22968]: Failed password for invalid user test from 106.52.29.132 port 56140 ssh2 ...	2020-10-09 23:47:52
43.225.64.246	attackspam	[ssh] SSH attack	2020-10-09 23:30:45
140.143.136.89	attackbots	Oct 9 20:13:15 itv-usvr-02 sshd[26394]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.136.89 user=root Oct 9 20:13:17 itv-usvr-02 sshd[26394]: Failed password for root from 140.143.136.89 port 46160 ssh2 Oct 9 20:22:14 itv-usvr-02 sshd[26746]: Invalid user andrea from 140.143.136.89 port 50116 Oct 9 20:22:14 itv-usvr-02 sshd[26746]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.136.89 Oct 9 20:22:14 itv-usvr-02 sshd[26746]: Invalid user andrea from 140.143.136.89 port 50116 Oct 9 20:22:16 itv-usvr-02 sshd[26746]: Failed password for invalid user andrea from 140.143.136.89 port 50116 ssh2	2020-10-10 00:02:25
61.12.67.133	attackspam	Brute%20Force%20SSH	2020-10-09 23:32:14
183.82.96.113	attackspam	Unauthorized connection attempt from IP address 183.82.96.113 on Port 445(SMB)	2020-10-09 23:36:38
106.75.132.3	attackbots	2020-10-09T16:43:37.829414amanda2.illicoweb.com sshd\[12094\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.132.3 user=root 2020-10-09T16:43:39.800961amanda2.illicoweb.com sshd\[12094\]: Failed password for root from 106.75.132.3 port 34668 ssh2 2020-10-09T16:45:50.328788amanda2.illicoweb.com sshd\[12235\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.132.3 user=root 2020-10-09T16:45:52.225043amanda2.illicoweb.com sshd\[12235\]: Failed password for root from 106.75.132.3 port 58714 ssh2 2020-10-09T16:48:00.184111amanda2.illicoweb.com sshd\[12276\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.132.3 user=root ...	2020-10-09 23:46:05
216.196.93.90	attack	Brute forcing email accounts	2020-10-09 23:20:09
118.96.179.145	attackbotsspam	Cowrie Honeypot: Unauthorised SSH/Telnet login attempt with user "root" at 2020-10-08T20:45:56Z	2020-10-09 23:53:05
165.227.26.69	attackspam	Oct 9 16:53:00 lnxweb62 sshd[12718]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.26.69 Oct 9 16:53:01 lnxweb62 sshd[12718]: Failed password for invalid user vcsa from 165.227.26.69 port 43424 ssh2 Oct 9 16:56:30 lnxweb62 sshd[14247]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.26.69	2020-10-09 23:47:27
112.85.42.185	attackspambots	2020-10-09T06:50:38+0000 Failed SSH Authentication/Brute Force Attack. (Server 6)	2020-10-09 23:45:42
200.84.46.60	attack	Unauthorized connection attempt from IP address 200.84.46.60 on Port 445(SMB)	2020-10-09 23:30:26
13.66.38.127	attackspambots	Fail2Ban	2020-10-09 23:45:19
62.210.206.78	attack	Oct 9 13:16:15 ns382633 sshd\[20100\]: Invalid user w from 62.210.206.78 port 38816 Oct 9 13:16:15 ns382633 sshd\[20100\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.210.206.78 Oct 9 13:16:16 ns382633 sshd\[20100\]: Failed password for invalid user w from 62.210.206.78 port 38816 ssh2 Oct 9 13:20:22 ns382633 sshd\[20746\]: Invalid user git from 62.210.206.78 port 52138 Oct 9 13:20:22 ns382633 sshd\[20746\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.210.206.78	2020-10-09 23:37:48
128.199.76.76	attackbotsspam	2020-10-09T08:11:25.344757shield sshd\[16648\]: Invalid user Jessa from 128.199.76.76 port 2242 2020-10-09T08:11:25.354291shield sshd\[16648\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.76.76 2020-10-09T08:11:27.459332shield sshd\[16648\]: Failed password for invalid user Jessa from 128.199.76.76 port 2242 ssh2 2020-10-09T08:15:05.537047shield sshd\[16961\]: Invalid user Elgie from 128.199.76.76 port 43356 2020-10-09T08:15:05.545200shield sshd\[16961\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.76.76	2020-10-10 00:03:28

Recently Reported IPs

183.87.42.127	154.115.18.18	95.58.76.57	95.181.131.153
46.48.144.216	124.122.11.231	117.157.80.52	113.160.132.179
51.77.68.92	51.77.68.93	118.70.52.43	186.11.108.219
171.107.4.92	101.205.19.133	210.18.187.47	185.202.1.185
147.145.87.1	89.176.251.212	77.42.237.5	5.75.67.59