104.248.145.6 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.248.145.254	attackbots	[N1.H1.VM1] Port Scanner Detected Blocked by UFW	2020-09-29 04:25:26
104.248.145.254	attack	[N3.H3.VM3] Port Scanner Detected Blocked by UFW	2020-09-28 20:40:54
104.248.145.254	attackspam	firewall-block, port(s): 4205/tcp	2020-09-28 12:47:46
104.248.145.254	attack	TCP (SYN) 104.248.145.254:59928 -> port 15830, len 44	2020-09-04 03:43:34
104.248.145.254	attackspam	TCP ports : 11182 / 15830	2020-09-03 19:19:07
104.248.145.254	attack	TCP (SYN) 104.248.145.254:51047 -> port 31845, len 44	2020-08-13 04:54:36
104.248.145.254	attackbots	" "	2020-08-07 07:34:25
104.248.145.254	attack	Aug 6 16:45:53 debian-2gb-nbg1-2 kernel: \[18983609.468139\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=104.248.145.254 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x40 TTL=242 ID=16833 PROTO=TCP SPT=43412 DPT=32345 WINDOW=1024 RES=0x00 SYN URGP=0	2020-08-07 03:27:55
104.248.145.254	attackbots	scans once in preceeding hours on the ports (in chronological order) 8748 resulting in total of 6 scans from 104.248.0.0/16 block.	2020-08-05 20:37:31
104.248.145.254	attackbotsspam	TCP (SYN) 104.248.145.254:48778 -> port 2378, len 44	2020-08-02 23:36:48
104.248.145.254	attack	Port scan denied	2020-07-28 02:07:35
104.248.145.254	attackbots	firewall-block, port(s): 8532/tcp	2020-07-18 19:01:14
104.248.145.254	attackspam	firewall-block, port(s): 29634/tcp	2020-07-07 00:13:46
104.248.145.163	attackspam	Invalid user acj from 104.248.145.163 port 60982	2020-02-12 02:45:08
104.248.145.163	attackbots	Jan 31 00:05:40 php1 sshd\[4148\]: Invalid user sumita from 104.248.145.163 Jan 31 00:05:40 php1 sshd\[4148\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.145.163 Jan 31 00:05:42 php1 sshd\[4148\]: Failed password for invalid user sumita from 104.248.145.163 port 49590 ssh2 Jan 31 00:09:03 php1 sshd\[4514\]: Invalid user ilavalagi from 104.248.145.163 Jan 31 00:09:03 php1 sshd\[4514\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.145.163	2020-01-31 18:14:00

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.248.145.6
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 11813
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.248.145.6.			IN	A

;; AUTHORITY SECTION:
.			41	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022500 1800 900 604800 86400

;; Query time: 60 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 25 20:23:44 CST 2022
;; MSG SIZE  rcvd: 106

Host info

6.145.248.104.in-addr.arpa domain name pointer newsletter.thnic.or.th.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
6.145.248.104.in-addr.arpa	name = newsletter.thnic.or.th.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
183.131.82.99	attack	Automated report - ssh fail2ban: Sep 14 20:40:25 wrong password, user=root, port=11754, ssh2 Sep 14 20:40:28 wrong password, user=root, port=11754, ssh2 Sep 14 20:40:30 wrong password, user=root, port=11754, ssh2	2019-09-15 03:17:46
49.88.112.90	attackbotsspam	Sep 15 01:48:30 webhost01 sshd[1312]: Failed password for root from 49.88.112.90 port 28533 ssh2 ...	2019-09-15 03:01:10
173.212.243.4	attack	Sep 14 20:23:28 [host] sshd[9264]: Invalid user squadserver from 173.212.243.4 Sep 14 20:23:28 [host] sshd[9264]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=173.212.243.4 Sep 14 20:23:30 [host] sshd[9264]: Failed password for invalid user squadserver from 173.212.243.4 port 46642 ssh2	2019-09-15 02:47:53
167.71.48.4	attack	167.71.48.4 - - [14/Sep/2019:20:22:34 +0200] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 167.71.48.4 - - [14/Sep/2019:20:22:34 +0200] "POST /wp-login.php HTTP/1.1" 200 1632 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 167.71.48.4 - - [14/Sep/2019:20:22:35 +0200] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 167.71.48.4 - - [14/Sep/2019:20:22:35 +0200] "POST /wp-login.php HTTP/1.1" 200 1607 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 167.71.48.4 - - [14/Sep/2019:20:22:35 +0200] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 167.71.48.4 - - [14/Sep/2019:20:22:35 +0200] "POST /wp-login.php HTTP/1.1" 200 1608 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-09-15 03:22:33
213.153.177.98	attackbotsspam	Brute force attempt	2019-09-15 03:11:27
79.173.249.15	attackspam	port scan and connect, tcp 81 (hosts2-ns)	2019-09-15 03:22:15
102.141.72.50	attackbotsspam	Sep 14 13:31:56 vtv3 sshd\[26153\]: Invalid user iz from 102.141.72.50 port 33338 Sep 14 13:31:56 vtv3 sshd\[26153\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=102.141.72.50 Sep 14 13:31:58 vtv3 sshd\[26153\]: Failed password for invalid user iz from 102.141.72.50 port 33338 ssh2 Sep 14 13:38:44 vtv3 sshd\[29529\]: Invalid user emp from 102.141.72.50 port 54605 Sep 14 13:38:44 vtv3 sshd\[29529\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=102.141.72.50 Sep 14 13:51:24 vtv3 sshd\[3670\]: Invalid user db1inst1 from 102.141.72.50 port 40674 Sep 14 13:51:24 vtv3 sshd\[3670\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=102.141.72.50 Sep 14 13:51:27 vtv3 sshd\[3670\]: Failed password for invalid user db1inst1 from 102.141.72.50 port 40674 ssh2 Sep 14 13:58:03 vtv3 sshd\[6777\]: Invalid user shun from 102.141.72.50 port 33704 Sep 14 13:58:03 vtv3 sshd\[6777\]: pam_unix\(ssh	2019-09-15 02:42:15
123.16.165.24	attackbots	Chat Spam	2019-09-15 03:24:19
195.223.54.18	attack	Sep 14 09:18:17 hcbb sshd\[16262\]: Invalid user noemi from 195.223.54.18 Sep 14 09:18:17 hcbb sshd\[16262\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=host18-54-static.223-195-b.business.telecomitalia.it Sep 14 09:18:19 hcbb sshd\[16262\]: Failed password for invalid user noemi from 195.223.54.18 port 36259 ssh2 Sep 14 09:25:22 hcbb sshd\[16879\]: Invalid user rechner from 195.223.54.18 Sep 14 09:25:22 hcbb sshd\[16879\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=host18-54-static.223-195-b.business.telecomitalia.it	2019-09-15 03:25:54
190.211.141.217	attackspambots	Sep 14 09:07:34 auw2 sshd\[12040\]: Invalid user chad from 190.211.141.217 Sep 14 09:07:34 auw2 sshd\[12040\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.211.141.217 Sep 14 09:07:36 auw2 sshd\[12040\]: Failed password for invalid user chad from 190.211.141.217 port 62910 ssh2 Sep 14 09:13:05 auw2 sshd\[12698\]: Invalid user empire from 190.211.141.217 Sep 14 09:13:05 auw2 sshd\[12698\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.211.141.217	2019-09-15 03:23:20
109.86.225.33	attack	Postfix SMTP rejection ...	2019-09-15 02:48:22
182.61.182.50	attackbots	Sep 14 20:54:17 core sshd[22531]: Invalid user coracaobobo from 182.61.182.50 port 43402 Sep 14 20:54:18 core sshd[22531]: Failed password for invalid user coracaobobo from 182.61.182.50 port 43402 ssh2 ...	2019-09-15 03:20:33
211.148.135.196	attack	Sep 14 21:07:59 eventyay sshd[993]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.148.135.196 Sep 14 21:08:01 eventyay sshd[993]: Failed password for invalid user alessandro from 211.148.135.196 port 57347 ssh2 Sep 14 21:13:33 eventyay sshd[1144]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.148.135.196 ...	2019-09-15 03:15:10
119.29.2.157	attack	Sep 14 08:52:43 php1 sshd\[27275\]: Invalid user flume from 119.29.2.157 Sep 14 08:52:43 php1 sshd\[27275\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.2.157 Sep 14 08:52:44 php1 sshd\[27275\]: Failed password for invalid user flume from 119.29.2.157 port 56964 ssh2 Sep 14 08:57:36 php1 sshd\[27790\]: Invalid user sinus from 119.29.2.157 Sep 14 08:57:36 php1 sshd\[27790\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.2.157	2019-09-15 03:15:39
51.68.46.156	attackbots	Sep 14 08:53:50 lcprod sshd\[20571\]: Invalid user bailey from 51.68.46.156 Sep 14 08:53:50 lcprod sshd\[20571\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=156.ip-51-68-46.eu Sep 14 08:53:52 lcprod sshd\[20571\]: Failed password for invalid user bailey from 51.68.46.156 port 57098 ssh2 Sep 14 08:58:19 lcprod sshd\[20921\]: Invalid user rustserver from 51.68.46.156 Sep 14 08:58:19 lcprod sshd\[20921\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=156.ip-51-68-46.eu	2019-09-15 03:14:41

Recently Reported IPs

104.248.145.60	104.248.146.100	104.248.145.240	101.109.59.152
104.248.146.104	104.248.146.12	104.248.146.137	104.248.146.145
104.248.146.157	104.248.146.159	104.248.146.29	104.248.146.253
104.248.146.235	101.109.59.158	104.248.146.174	104.248.146.46
104.248.147.104	104.248.147.162	104.248.147.15	104.248.147.196