104.248.145.242

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.248.145.254	attackbots	[N1.H1.VM1] Port Scanner Detected Blocked by UFW	2020-09-29 04:25:26
104.248.145.254	attack	[N3.H3.VM3] Port Scanner Detected Blocked by UFW	2020-09-28 20:40:54
104.248.145.254	attackspam	firewall-block, port(s): 4205/tcp	2020-09-28 12:47:46
104.248.145.254	attack	TCP (SYN) 104.248.145.254:59928 -> port 15830, len 44	2020-09-04 03:43:34
104.248.145.254	attackspam	TCP ports : 11182 / 15830	2020-09-03 19:19:07
104.248.145.254	attack	TCP (SYN) 104.248.145.254:51047 -> port 31845, len 44	2020-08-13 04:54:36
104.248.145.254	attackbots	" "	2020-08-07 07:34:25
104.248.145.254	attack	Aug 6 16:45:53 debian-2gb-nbg1-2 kernel: \[18983609.468139\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=104.248.145.254 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x40 TTL=242 ID=16833 PROTO=TCP SPT=43412 DPT=32345 WINDOW=1024 RES=0x00 SYN URGP=0	2020-08-07 03:27:55
104.248.145.254	attackbots	scans once in preceeding hours on the ports (in chronological order) 8748 resulting in total of 6 scans from 104.248.0.0/16 block.	2020-08-05 20:37:31
104.248.145.254	attackbotsspam	TCP (SYN) 104.248.145.254:48778 -> port 2378, len 44	2020-08-02 23:36:48
104.248.145.254	attack	Port scan denied	2020-07-28 02:07:35
104.248.145.254	attackbots	firewall-block, port(s): 8532/tcp	2020-07-18 19:01:14
104.248.145.254	attackspam	firewall-block, port(s): 29634/tcp	2020-07-07 00:13:46
104.248.145.163	attackspam	Invalid user acj from 104.248.145.163 port 60982	2020-02-12 02:45:08
104.248.145.163	attackbots	Jan 31 00:05:40 php1 sshd\[4148\]: Invalid user sumita from 104.248.145.163 Jan 31 00:05:40 php1 sshd\[4148\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.145.163 Jan 31 00:05:42 php1 sshd\[4148\]: Failed password for invalid user sumita from 104.248.145.163 port 49590 ssh2 Jan 31 00:09:03 php1 sshd\[4514\]: Invalid user ilavalagi from 104.248.145.163 Jan 31 00:09:03 php1 sshd\[4514\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.145.163	2020-01-31 18:14:00

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.248.145.242
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2621
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.248.145.242.		IN	A

;; AUTHORITY SECTION:
.			293	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022500 1800 900 604800 86400

;; Query time: 61 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 25 20:23:44 CST 2022
;; MSG SIZE  rcvd: 108

Host info

Host 242.145.248.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 242.145.248.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
125.70.78.85	attackbotsspam	Sep 10 20:23:18 eddieflores sshd\[25468\]: Invalid user usuario1 from 125.70.78.85 Sep 10 20:23:18 eddieflores sshd\[25468\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.70.78.85 Sep 10 20:23:21 eddieflores sshd\[25468\]: Failed password for invalid user usuario1 from 125.70.78.85 port 20298 ssh2 Sep 10 20:30:01 eddieflores sshd\[26102\]: Invalid user zabbix from 125.70.78.85 Sep 10 20:30:01 eddieflores sshd\[26102\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.70.78.85	2019-09-11 15:37:20
202.154.182.44	attackbotsspam	SMTP/25/465/587-993/995 Probe, Reject, BadAuth, Hack, SPAM -	2019-09-11 15:49:16
118.167.36.42	attackbots	port 23 attempt blocked	2019-09-11 15:11:16
118.166.122.93	attackbots	port 23 attempt blocked	2019-09-11 15:33:00
206.189.76.64	attackbotsspam	Sep 11 03:49:56 mout sshd[32039]: Invalid user webadm from 206.189.76.64 port 42770	2019-09-11 14:45:25
218.92.0.181	attack	(sshd) Failed SSH login from 218.92.0.181 (-): 5 in the last 3600 secs	2019-09-11 15:12:57
159.89.38.26	attack	Sep 10 20:21:24 lcdev sshd\[4631\]: Invalid user deploy from 159.89.38.26 Sep 10 20:21:24 lcdev sshd\[4631\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.38.26 Sep 10 20:21:26 lcdev sshd\[4631\]: Failed password for invalid user deploy from 159.89.38.26 port 48422 ssh2 Sep 10 20:29:49 lcdev sshd\[5385\]: Invalid user invoices from 159.89.38.26 Sep 10 20:29:49 lcdev sshd\[5385\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.38.26	2019-09-11 14:34:09
62.168.57.109	attackspam	SMTP/25/465/587-993/995 Probe, Reject, BadAuth, Hack, SPAM -	2019-09-11 15:09:09
122.4.241.6	attackbotsspam	Sep 11 05:40:47 ip-172-31-1-72 sshd\[12321\]: Invalid user ts3server from 122.4.241.6 Sep 11 05:40:47 ip-172-31-1-72 sshd\[12321\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.4.241.6 Sep 11 05:40:49 ip-172-31-1-72 sshd\[12321\]: Failed password for invalid user ts3server from 122.4.241.6 port 41261 ssh2 Sep 11 05:46:14 ip-172-31-1-72 sshd\[12459\]: Invalid user vncuser from 122.4.241.6 Sep 11 05:46:14 ip-172-31-1-72 sshd\[12459\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.4.241.6	2019-09-11 14:43:21
188.19.116.220	attackbots	Sep 11 02:00:40 Tower sshd[41776]: Connection from 188.19.116.220 port 59028 on 192.168.10.220 port 22 Sep 11 02:00:41 Tower sshd[41776]: Invalid user admin1 from 188.19.116.220 port 59028 Sep 11 02:00:41 Tower sshd[41776]: error: Could not get shadow information for NOUSER Sep 11 02:00:41 Tower sshd[41776]: Failed password for invalid user admin1 from 188.19.116.220 port 59028 ssh2 Sep 11 02:00:42 Tower sshd[41776]: Received disconnect from 188.19.116.220 port 59028:11: Bye Bye [preauth] Sep 11 02:00:42 Tower sshd[41776]: Disconnected from invalid user admin1 188.19.116.220 port 59028 [preauth]	2019-09-11 14:59:41
46.229.168.135	attackbots	46.229.168.135 - - \[10/Sep/2019:23:46:15 +0200\] "GET /resolu-advoicetcl-t-1019.html HTTP/1.1" 200 7728 "-" "Mozilla/5.0 \(compatible\; SemrushBot/6\~bl\; +http://www.semrush.com/bot.html\)" 46.229.168.135 - - \[10/Sep/2019:23:59:27 +0200\] "GET /showthread.php\?mode=threaded\&pid=6375\&tid=906 HTTP/1.1" 200 8009 "-" "Mozilla/5.0 \(compatible\; SemrushBot/6\~bl\; +http://www.semrush.com/bot.html\)"	2019-09-11 15:14:33
80.58.157.231	attackspam	Sep 11 06:39:15 MK-Soft-VM4 sshd\[2729\]: Invalid user alexk from 80.58.157.231 port 47781 Sep 11 06:39:15 MK-Soft-VM4 sshd\[2729\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.58.157.231 Sep 11 06:39:17 MK-Soft-VM4 sshd\[2729\]: Failed password for invalid user alexk from 80.58.157.231 port 47781 ssh2 ...	2019-09-11 15:11:53
202.53.169.14	attackbotsspam	SMTP/25/465/587-993/995 Probe, Reject, BadAuth, Hack, SPAM -	2019-09-11 15:46:30
187.194.217.227	attack	Automatic report - Port Scan Attack	2019-09-11 15:36:07
36.70.176.250	attackspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-09-10 17:48:58,345 INFO [amun_request_handler] PortScan Detected on Port: 445 (36.70.176.250)	2019-09-11 14:53:54

Recently Reported IPs

104.248.145.206	104.248.145.60	104.248.145.6	104.248.146.100
104.248.145.240	101.109.59.152	104.248.146.104	104.248.146.12
104.248.146.137	104.248.146.145	104.248.146.157	104.248.146.159
104.248.146.29	104.248.146.253	104.248.146.235	101.109.59.158
104.248.146.174	104.248.146.46	104.248.147.104	104.248.147.162