104.248.145.250

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.248.145.254	attackbots	[N1.H1.VM1] Port Scanner Detected Blocked by UFW	2020-09-29 04:25:26
104.248.145.254	attack	[N3.H3.VM3] Port Scanner Detected Blocked by UFW	2020-09-28 20:40:54
104.248.145.254	attackspam	firewall-block, port(s): 4205/tcp	2020-09-28 12:47:46
104.248.145.254	attack	TCP (SYN) 104.248.145.254:59928 -> port 15830, len 44	2020-09-04 03:43:34
104.248.145.254	attackspam	TCP ports : 11182 / 15830	2020-09-03 19:19:07
104.248.145.254	attack	TCP (SYN) 104.248.145.254:51047 -> port 31845, len 44	2020-08-13 04:54:36
104.248.145.254	attackbots	" "	2020-08-07 07:34:25
104.248.145.254	attack	Aug 6 16:45:53 debian-2gb-nbg1-2 kernel: \[18983609.468139\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=104.248.145.254 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x40 TTL=242 ID=16833 PROTO=TCP SPT=43412 DPT=32345 WINDOW=1024 RES=0x00 SYN URGP=0	2020-08-07 03:27:55
104.248.145.254	attackbots	scans once in preceeding hours on the ports (in chronological order) 8748 resulting in total of 6 scans from 104.248.0.0/16 block.	2020-08-05 20:37:31
104.248.145.254	attackbotsspam	TCP (SYN) 104.248.145.254:48778 -> port 2378, len 44	2020-08-02 23:36:48
104.248.145.254	attack	Port scan denied	2020-07-28 02:07:35
104.248.145.254	attackbots	firewall-block, port(s): 8532/tcp	2020-07-18 19:01:14
104.248.145.254	attackspam	firewall-block, port(s): 29634/tcp	2020-07-07 00:13:46
104.248.145.163	attackspam	Invalid user acj from 104.248.145.163 port 60982	2020-02-12 02:45:08
104.248.145.163	attackbots	Jan 31 00:05:40 php1 sshd\[4148\]: Invalid user sumita from 104.248.145.163 Jan 31 00:05:40 php1 sshd\[4148\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.145.163 Jan 31 00:05:42 php1 sshd\[4148\]: Failed password for invalid user sumita from 104.248.145.163 port 49590 ssh2 Jan 31 00:09:03 php1 sshd\[4514\]: Invalid user ilavalagi from 104.248.145.163 Jan 31 00:09:03 php1 sshd\[4514\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.145.163	2020-01-31 18:14:00

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.248.145.250
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 64382
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.248.145.250.		IN	A

;; AUTHORITY SECTION:
.			290	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022500 1800 900 604800 86400

;; Query time: 18 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 25 20:23:44 CST 2022
;; MSG SIZE  rcvd: 108

Host info

Host 250.145.248.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 250.145.248.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
51.254.129.128	attack	Dec 4 03:51:02 gw1 sshd[20148]: Failed password for root from 51.254.129.128 port 56544 ssh2 ...	2019-12-04 08:27:03
164.163.236.9	attack	Attempted to connect 9 times to port 4504 TCP	2019-12-04 08:48:28
129.204.109.127	attackspam	Dec 4 01:45:24 localhost sshd\[9262\]: Invalid user zakary from 129.204.109.127 port 56300 Dec 4 01:45:24 localhost sshd\[9262\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.109.127 Dec 4 01:45:26 localhost sshd\[9262\]: Failed password for invalid user zakary from 129.204.109.127 port 56300 ssh2	2019-12-04 08:48:40
140.143.197.56	attackbotsspam	Dec 4 01:23:00 server sshd\[29609\]: Invalid user pi from 140.143.197.56 Dec 4 01:23:00 server sshd\[29609\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.197.56 Dec 4 01:23:02 server sshd\[29609\]: Failed password for invalid user pi from 140.143.197.56 port 54266 ssh2 Dec 4 01:30:25 server sshd\[32121\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.197.56 user=root Dec 4 01:30:27 server sshd\[32121\]: Failed password for root from 140.143.197.56 port 60698 ssh2 ...	2019-12-04 08:32:06
110.78.182.43	attack	Telnetd brute force attack detected by fail2ban	2019-12-04 08:25:35
130.204.133.111	attack	Unauthorized connection attempt from IP address 130.204.133.111 on Port 445(SMB)	2019-12-04 08:36:31
86.122.123.128	attackspam	8081/tcp 8080/tcp [2019-11-26/12-03]2pkt	2019-12-04 08:45:23
92.211.229.220	attackbots	firewall-block, port(s): 8080/tcp	2019-12-04 08:37:21
49.235.130.25	attackspam	Dec 3 14:15:10 web1 sshd\[24031\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.130.25 user=root Dec 3 14:15:12 web1 sshd\[24031\]: Failed password for root from 49.235.130.25 port 36548 ssh2 Dec 3 14:21:42 web1 sshd\[24655\]: Invalid user cnaaa from 49.235.130.25 Dec 3 14:21:42 web1 sshd\[24655\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.130.25 Dec 3 14:21:44 web1 sshd\[24655\]: Failed password for invalid user cnaaa from 49.235.130.25 port 38376 ssh2	2019-12-04 08:23:27
50.28.56.159	attack	Dec 3 13:50:06 hanapaa sshd\[9360\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=50.28.56.159 user=bin Dec 3 13:50:08 hanapaa sshd\[9360\]: Failed password for bin from 50.28.56.159 port 33762 ssh2 Dec 3 13:50:09 hanapaa sshd\[9379\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=50.28.56.159 user=bin Dec 3 13:50:11 hanapaa sshd\[9379\]: Failed password for bin from 50.28.56.159 port 34632 ssh2 Dec 3 13:50:11 hanapaa sshd\[9384\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=50.28.56.159 user=daemon	2019-12-04 08:33:22
105.73.80.253	attackbots	firewall-block, port(s): 1433/tcp	2019-12-04 08:30:36
69.30.243.252	spamproxy	THIS IS STRANGE IP TRYING TO HACK INTO MY EMAIL	2019-12-04 10:11:49
106.13.237.99	attack	Dec 4 00:44:21 fr01 sshd[2562]: Invalid user butt from 106.13.237.99 Dec 4 00:44:21 fr01 sshd[2562]: Invalid user butt from 106.13.237.99 Dec 4 00:44:21 fr01 sshd[2562]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.237.99 Dec 4 00:44:21 fr01 sshd[2562]: Invalid user butt from 106.13.237.99 Dec 4 00:44:23 fr01 sshd[2562]: Failed password for invalid user butt from 106.13.237.99 port 57680 ssh2 ...	2019-12-04 08:53:07
168.211.106.213	attackbotsspam	firewall-block, port(s): 5555/tcp	2019-12-04 08:25:06
49.88.112.55	attackspambots	Dec 4 02:38:26 server sshd\[7418\]: User root from 49.88.112.55 not allowed because listed in DenyUsers Dec 4 02:38:26 server sshd\[7418\]: Failed none for invalid user root from 49.88.112.55 port 29465 ssh2 Dec 4 02:38:27 server sshd\[7418\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.55 user=root Dec 4 02:38:28 server sshd\[7418\]: Failed password for invalid user root from 49.88.112.55 port 29465 ssh2 Dec 4 02:38:32 server sshd\[7418\]: Failed password for invalid user root from 49.88.112.55 port 29465 ssh2	2019-12-04 08:41:23

Recently Reported IPs

104.248.145.233	4.202.128.255	104.248.145.206	104.248.145.242
104.248.145.60	104.248.145.6	104.248.146.100	104.248.145.240
101.109.59.152	104.248.146.104	104.248.146.12	104.248.146.137
104.248.146.145	104.248.146.157	104.248.146.159	104.248.146.29
104.248.146.253	104.248.146.235	101.109.59.158	104.248.146.174