104.248.20.240

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.248.205.67	spamattack	Phishing	2022-01-28 16:41:36
104.248.205.67	attackspambots	Oct 11 20:16:41 cho sshd[449424]: Failed password for invalid user mugihiko from 104.248.205.67 port 47586 ssh2 Oct 11 20:19:53 cho sshd[449593]: Invalid user chick from 104.248.205.67 port 51910 Oct 11 20:19:53 cho sshd[449593]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.205.67 Oct 11 20:19:53 cho sshd[449593]: Invalid user chick from 104.248.205.67 port 51910 Oct 11 20:19:55 cho sshd[449593]: Failed password for invalid user chick from 104.248.205.67 port 51910 ssh2 ...	2020-10-12 02:35:14
104.248.205.67	attackbots	TCP port : 3918	2020-10-11 18:26:20
104.248.205.67	attackspambots	srv02 Mass scanning activity detected Target: 24911 ..	2020-09-29 05:58:03
104.248.205.67	attack	Time: Mon Sep 28 03:11:10 2020 +0000 IP: 104.248.205.67 (NL/Netherlands/-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 28 02:52:35 14-2 sshd[20445]: Invalid user github from 104.248.205.67 port 55244 Sep 28 02:52:37 14-2 sshd[20445]: Failed password for invalid user github from 104.248.205.67 port 55244 ssh2 Sep 28 03:07:18 14-2 sshd[3025]: Invalid user mike from 104.248.205.67 port 40436 Sep 28 03:07:20 14-2 sshd[3025]: Failed password for invalid user mike from 104.248.205.67 port 40436 ssh2 Sep 28 03:11:08 14-2 sshd[15270]: Invalid user vnc from 104.248.205.67 port 47886	2020-09-28 22:22:42
104.248.205.67	attack	Port scan denied	2020-09-28 14:28:33
104.248.205.67	attackspam	Automatic report - Banned IP Access	2020-09-14 00:57:40
104.248.205.67	attackspam	Port scan denied	2020-09-13 16:47:38
104.248.205.24	attackspambots	web-1 [ssh] SSH Attack	2020-09-12 02:46:13
104.248.205.24	attackbotsspam	Sep 11 02:08:45 raspberrypi sshd[28751]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.205.24 user=root Sep 11 02:08:47 raspberrypi sshd[28751]: Failed password for invalid user root from 104.248.205.24 port 60612 ssh2 ...	2020-09-11 18:42:28
104.248.205.67	attackspam	SSH brute-force attempt	2020-09-08 03:00:10
104.248.205.67	attackbotsspam	TCP ports : 122 / 1347 / 11584 / 12561 / 20742 / 27793	2020-09-07 18:27:39
104.248.205.67	attack	ET CINS Active Threat Intelligence Poor Reputation IP group 96 - port: 122 proto: tcp cat: Misc Attackbytes: 60	2020-09-02 01:59:59
104.248.205.24	attackbots	Sep 1 14:32:17 vm0 sshd[11485]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.205.24 Sep 1 14:32:19 vm0 sshd[11485]: Failed password for invalid user jupyter from 104.248.205.24 port 54598 ssh2 ...	2020-09-01 23:24:29
104.248.205.24	attackbots	Scanned 3 times in the last 24 hours on port 22	2020-09-01 08:09:03

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.248.20.240
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17741
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.248.20.240.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020701 1800 900 604800 86400

;; Query time: 20 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 08 02:48:15 CST 2022
;; MSG SIZE  rcvd: 107

Host info

Host 240.20.248.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 240.20.248.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
41.32.99.226	attack	10/07/2019-07:45:51.497945 41.32.99.226 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2019-10-07 22:07:00
45.160.171.141	attackspambots	Automatic report - Port Scan Attack	2019-10-07 21:48:10
46.218.7.227	attackspam	SSH brutforce	2019-10-07 22:11:35
182.108.7.162	attackbots	2019-10-07 x@x 2019-10-07 x@x 2019-10-07 x@x 2019-10-07 x@x 2019-10-07 x@x 2019-10-07 x@x 2019-10-07 x@x 2019-10-07 x@x 2019-10-07 x@x 2019-10-07 x@x 2019-10-07 x@x 2019-10-07 x@x 2019-10-07 x@x 2019-10-07 x@x 2019-10-07 x@x 2019-10-07 x@x 2019-10-07 x@x 2019-10-07 x@x 2019-10-07 x@x 2019-10-07 x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=182.108.7.162	2019-10-07 21:35:25
77.247.110.222	attackbots	10/07/2019-09:40:51.240453 77.247.110.222 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-10-07 22:08:44
94.231.120.189	attackbotsspam	Oct 7 03:27:43 php1 sshd\[2453\]: Invalid user Pa\$\$w0rd@111 from 94.231.120.189 Oct 7 03:27:43 php1 sshd\[2453\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.231.120.189 Oct 7 03:27:46 php1 sshd\[2453\]: Failed password for invalid user Pa\$\$w0rd@111 from 94.231.120.189 port 38279 ssh2 Oct 7 03:31:28 php1 sshd\[2970\]: Invalid user Joker2017 from 94.231.120.189 Oct 7 03:31:28 php1 sshd\[2970\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.231.120.189	2019-10-07 21:58:08
175.23.156.173	attackbots	Unauthorised access (Oct 7) SRC=175.23.156.173 LEN=40 TTL=49 ID=60556 TCP DPT=8080 WINDOW=60901 SYN Unauthorised access (Oct 7) SRC=175.23.156.173 LEN=40 TTL=49 ID=22803 TCP DPT=8080 WINDOW=34957 SYN	2019-10-07 21:51:28
182.151.214.104	attack	Oct 7 15:29:25 legacy sshd[26273]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.151.214.104 Oct 7 15:29:26 legacy sshd[26273]: Failed password for invalid user Hot@2017 from 182.151.214.104 port 47412 ssh2 Oct 7 15:33:57 legacy sshd[26428]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.151.214.104 ...	2019-10-07 21:44:45
201.26.150.31	attackspambots	php injection	2019-10-07 21:55:58
51.75.205.122	attackbotsspam	2019-10-07T09:22:40.6549971495-001 sshd\[34284\]: Invalid user Atlantique@123 from 51.75.205.122 port 45020 2019-10-07T09:22:40.6636321495-001 sshd\[34284\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.ip-51-75-205.eu 2019-10-07T09:22:42.4332751495-001 sshd\[34284\]: Failed password for invalid user Atlantique@123 from 51.75.205.122 port 45020 ssh2 2019-10-07T09:26:48.7062671495-001 sshd\[34631\]: Invalid user Test!@\#123 from 51.75.205.122 port 56868 2019-10-07T09:26:48.7096311495-001 sshd\[34631\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.ip-51-75-205.eu 2019-10-07T09:26:50.7543261495-001 sshd\[34631\]: Failed password for invalid user Test!@\#123 from 51.75.205.122 port 56868 ssh2 ...	2019-10-07 22:04:30
81.240.23.232	attack	Lines containing failures of 81.240.23.232 Oct 7 13:37:38 mellenthin sshd[5253]: Invalid user pi from 81.240.23.232 port 38508 Oct 7 13:37:38 mellenthin sshd[5253]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.240.23.232 Oct 7 13:37:39 mellenthin sshd[5255]: Invalid user pi from 81.240.23.232 port 38512 Oct 7 13:37:39 mellenthin sshd[5255]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.240.23.232 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=81.240.23.232	2019-10-07 21:51:10
201.81.25.191	attackspambots	" "	2019-10-07 21:54:49
137.59.162.169	attackspambots	2019-10-07T13:19:55.925255abusebot-5.cloudsearch.cf sshd\[22107\]: Invalid user waggoner from 137.59.162.169 port 58657	2019-10-07 21:55:07
176.231.4.113	attack	Oct 7 09:04:13 our-server-hostname postfix/smtpd[7878]: connect from unknown[176.231.4.113] Oct 7 09:04:16 our-server-hostname sqlgrey: grey: new: 176.231.4.113(176.231.4.113), x@x -> x@x Oct 7 09:04:17 our-server-hostname postfix/policy-spf[27114]: : Policy action=550 Please see hxxp://www.openspf.org/Why?s=mfrom;id=hoffmannd%40orac.net.au;ip=176.231.4.113;r=mx1.cbr.spam-filtering-appliance Oct x@x Oct 7 09:04:17 our-server-hostname postfix/smtpd[7878]: lost connection after DATA from unknown[176.231.4.113] Oct 7 09:04:17 our-server-hostname postfix/smtpd[7878]: disconnect from unknown[176.231.4.113] Oct 7 09:04:25 our-server-hostname postfix/smtpd[7878]: connect from unknown[176.231.4.113] Oct 7 09:04:25 our-server-hostname sqlgrey: grey: new: 176.231.4.113(176.231.4.113), x@x -> x@x Oct 7 09:04:25 our-server-hostname postfix/policy-spf[27114]: : Policy action=550 Please see hxxp://www.openspf.org/Why?s=mfrom;id=hoffyb%40orac.net.au;ip=176.231.4.113;r=mx1.cbr........ -------------------------------	2019-10-07 21:54:03
202.106.93.46	attackbots	2019-10-07T16:25:09.004331tmaserv sshd\[30357\]: Invalid user Centos2017 from 202.106.93.46 port 44488 2019-10-07T16:25:09.010084tmaserv sshd\[30357\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.106.93.46 2019-10-07T16:25:11.129970tmaserv sshd\[30357\]: Failed password for invalid user Centos2017 from 202.106.93.46 port 44488 ssh2 2019-10-07T16:30:18.853601tmaserv sshd\[30611\]: Invalid user 12345@Admin from 202.106.93.46 port 33470 2019-10-07T16:30:18.858279tmaserv sshd\[30611\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.106.93.46 2019-10-07T16:30:21.063751tmaserv sshd\[30611\]: Failed password for invalid user 12345@Admin from 202.106.93.46 port 33470 ssh2 ...	2019-10-07 21:45:47

Recently Reported IPs

196.44.182.74	213.27.38.5	107.189.11.228	43.132.102.233
176.51.235.94	194.5.175.215	107.150.4.239	171.226.227.253
123.13.96.25	14.55.40.123	223.101.209.125	78.206.137.160
188.22.165.67	86.149.50.149	131.196.188.1	178.128.69.112
157.230.114.212	116.176.22.158	181.169.46.169	185.103.181.43