104.148.21.156

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.148.21.248	attack	Nov 19 13:47:22 mxgate1 postfix/postscreen[7608]: CONNECT from [104.148.21.248]:33592 to [176.31.12.44]:25 Nov 19 13:47:22 mxgate1 postfix/dnsblog[7610]: addr 104.148.21.248 listed by domain zen.spamhaus.org as 127.0.0.3 Nov 19 13:47:22 mxgate1 postfix/dnsblog[7609]: addr 104.148.21.248 listed by domain b.barracudacentral.org as 127.0.0.2 Nov 19 13:47:28 mxgate1 postfix/postscreen[7608]: DNSBL rank 3 for [104.148.21.248]:33592 Nov x@x Nov 19 13:47:29 mxgate1 postfix/postscreen[7608]: DISCONNECT [104.148.21.248]:33592 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=104.148.21.248	2019-11-19 22:51:50

Type

Details

Datetime

104.148.21.248

attack

Nov 19 13:47:22 mxgate1 postfix/postscreen[7608]: CONNECT from [104.148.21.248]:33592 to [176.31.12.44]:25
Nov 19 13:47:22 mxgate1 postfix/dnsblog[7610]: addr 104.148.21.248 listed by domain zen.spamhaus.org as 127.0.0.3
Nov 19 13:47:22 mxgate1 postfix/dnsblog[7609]: addr 104.148.21.248 listed by domain b.barracudacentral.org as 127.0.0.2
Nov 19 13:47:28 mxgate1 postfix/postscreen[7608]: DNSBL rank 3 for [104.148.21.248]:33592
Nov x@x
Nov 19 13:47:29 mxgate1 postfix/postscreen[7608]: DISCONNECT [104.148.21.248]:33592


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=104.148.21.248

2019-11-19 22:51:50

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.148.21.156
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 13067
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.148.21.156.			IN	A

;; AUTHORITY SECTION:
.			164	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022030302 1800 900 604800 86400

;; Query time: 16 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Mar 04 11:45:47 CST 2022
;; MSG SIZE  rcvd: 107

Host info

Host 156.21.148.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 156.21.148.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
49.88.112.115	attackspambots	2020-05-04T07:42:52.189213vivaldi2.tree2.info sshd[31985]: refused connect from 49.88.112.115 (49.88.112.115) 2020-05-04T07:44:02.232114vivaldi2.tree2.info sshd[32011]: refused connect from 49.88.112.115 (49.88.112.115) 2020-05-04T07:45:11.396121vivaldi2.tree2.info sshd[32087]: refused connect from 49.88.112.115 (49.88.112.115) 2020-05-04T07:46:21.001975vivaldi2.tree2.info sshd[32127]: refused connect from 49.88.112.115 (49.88.112.115) 2020-05-04T07:47:28.467377vivaldi2.tree2.info sshd[32142]: refused connect from 49.88.112.115 (49.88.112.115) ...	2020-05-04 06:47:53
107.182.182.88	attackbots	2020-05-03T15:50:08.668629linuxbox-skyline sshd[149267]: Invalid user tester from 107.182.182.88 port 60502 ...	2020-05-04 07:17:03
106.54.44.202	attackbots	May 4 00:42:48 eventyay sshd[4626]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.44.202 May 4 00:42:51 eventyay sshd[4626]: Failed password for invalid user tunel from 106.54.44.202 port 37676 ssh2 May 4 00:45:52 eventyay sshd[4768]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.44.202 ...	2020-05-04 06:59:43
51.254.141.18	attackbots	2020-05-03T22:49:08.354944shield sshd\[15319\]: Invalid user dgv from 51.254.141.18 port 42040 2020-05-03T22:49:08.359308shield sshd\[15319\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=mail.smarteo.it 2020-05-03T22:49:10.637050shield sshd\[15319\]: Failed password for invalid user dgv from 51.254.141.18 port 42040 ssh2 2020-05-03T22:53:38.117449shield sshd\[16375\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=mail.smarteo.it user=root 2020-05-03T22:53:40.460647shield sshd\[16375\]: Failed password for root from 51.254.141.18 port 44524 ssh2	2020-05-04 06:56:54
45.143.223.125	attackbotsspam	May 3 20:38:14 nopemail postfix/smtps/smtpd[17414]: SSL_accept error from unknown[45.143.223.125]: lost connection ...	2020-05-04 06:43:39
172.81.243.232	attackspambots	(sshd) Failed SSH login from 172.81.243.232 (CN/China/-): 5 in the last 3600 secs	2020-05-04 06:50:53
129.204.63.231	attackspam	Brute-force attempt banned	2020-05-04 07:06:32
49.88.112.112	attackbotsspam	May 3 18:42:49 plusreed sshd[19158]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.112 user=root May 3 18:42:52 plusreed sshd[19158]: Failed password for root from 49.88.112.112 port 35633 ssh2 ...	2020-05-04 06:43:04
122.114.177.137	attack	Lines containing failures of 122.114.177.137 May 3 08:56:42 supported sshd[8268]: Invalid user drive from 122.114.177.137 port 56664 May 3 08:56:42 supported sshd[8268]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.114.177.137 May 3 08:56:44 supported sshd[8268]: Failed password for invalid user drive from 122.114.177.137 port 56664 ssh2 May 3 08:56:46 supported sshd[8268]: Received disconnect from 122.114.177.137 port 56664:11: Bye Bye [preauth] May 3 08:56:46 supported sshd[8268]: Disconnected from invalid user drive 122.114.177.137 port 56664 [preauth] May 3 09:11:40 supported sshd[10111]: Invalid user transfer from 122.114.177.137 port 35056 May 3 09:11:40 supported sshd[10111]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.114.177.137 May 3 09:11:42 supported sshd[10111]: Failed password for invalid user transfer from 122.114.177.137 port 35056 ssh2 May 3 09:11:45........ ------------------------------	2020-05-04 07:12:27
98.113.98.54	attackbotsspam	Lines containing failures of 98.113.98.54 (max 1000) May 3 10:51:24 mm sshd[14316]: Invalid user admin from 98.113.98.54 po= rt 35938 May 3 10:51:24 mm sshd[14316]: pam_unix(sshd:auth): authentication fai= lure; logname=3D uid=3D0 euid=3D0 tty=3Dssh ruser=3D rhost=3D98.113.98.= 54 May 3 10:51:26 mm sshd[14316]: Failed password for invalid user admin = from 98.113.98.54 port 35938 ssh2 May 3 10:51:26 mm sshd[14316]: Received disconnect from 98.113.98.54 p= ort 35938:11: Bye Bye [preauth] May 3 10:51:26 mm sshd[14316]: Disconnected from invalid user admin 98= .113.98.54 port 35938 [preauth] May 3 10:59:27 mm sshd[14470]: Invalid user brisa from 98.113.98.54 po= rt 39980 May 3 10:59:27 mm sshd[14470]: pam_unix(sshd:auth): authentication fai= lure; logname=3D uid=3D0 euid=3D0 tty=3Dssh ruser=3D rhost=3D98.113.98.= 54 May 3 10:59:29 mm sshd[14470]: Failed password for invalid user brisa = from 98.113.98.54 port 39980 ssh2 May 3 10:59:30 mm sshd[14470]: Received disco........ ------------------------------	2020-05-04 07:01:08
45.142.195.7	attackbotsspam	May 3 23:51:18 gospond postfix/smtpd[9786]: warning: unknown[45.142.195.7]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 3 23:52:09 gospond postfix/smtpd[9809]: warning: unknown[45.142.195.7]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 3 23:53:00 gospond postfix/smtpd[9808]: warning: unknown[45.142.195.7]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-05-04 06:54:29
118.70.216.153	attackspam	SSH brute-force attempt	2020-05-04 07:18:48
84.178.82.24	attack	nft/Honeypot/22/73e86	2020-05-04 06:45:09
123.21.109.83	attackspam	2020-05-0322:36:191jVLLW-0007Ni-H0\<=info@whatsup2013.chH=\(localhost\)[220.164.2.67]:54914P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3141id=2abd0b585378525ac6c375d93ecae0fc77137f@whatsup2013.chT="Youknow\,Isacrificedhappiness"formarcus.a.moses@gmail.commsakoto07@gmail.com2020-05-0322:33:191jVLIc-0007B1-Ih\<=info@whatsup2013.chH=\(localhost\)[123.21.109.83]:38577P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3089id=2ad86e3d361d373fa3a610bc5baf8599eca092@whatsup2013.chT="You'rehandsome"forchhetriraju967@gmail.commtchll_mckenzie@icloud.com2020-05-0322:37:531jVLN1-0007T0-Ke\<=info@whatsup2013.chH=\(localhost\)[183.88.243.82]:32796P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=2979id=a03e88dbd0fbd1d94540f65abd49637f991a31@whatsup2013.chT="Neednewfriend\?"forshimmyboy29@yahoo.comdamlogan69@gmail.com2020-05-0322:38:031jVLND-0007UW-5U\<=info@whatsup2013.chH=\(localhost\)[41.2	2020-05-04 06:51:24
190.2.22.49	attack	Unauthorised access (May 3) SRC=190.2.22.49 LEN=52 TTL=114 ID=8964 DF TCP DPT=445 WINDOW=8192 SYN Unauthorised access (Apr 29) SRC=190.2.22.49 LEN=52 TTL=114 ID=29317 DF TCP DPT=445 WINDOW=8192 SYN	2020-05-04 07:14:00

Recently Reported IPs

104.148.124.243	104.148.89.21	104.148.36.71	104.148.76.148
112.66.108.210	104.148.89.22	104.148.80.110	104.148.27.153
104.148.80.108	104.148.39.157	104.148.89.29	104.148.92.156
112.66.108.222	104.148.92.69	104.149.141.134	104.149.0.14
104.149.167.214	104.149.173.59	104.149.158.12	104.149.0.20