104.248.20.42 - IPInfo

Basic Info

City: Frankfurt am Main

Region: Hessen

Country: Germany

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.248.205.67	spamattack	Phishing	2022-01-28 16:41:36
104.248.205.67	attackspambots	Oct 11 20:16:41 cho sshd[449424]: Failed password for invalid user mugihiko from 104.248.205.67 port 47586 ssh2 Oct 11 20:19:53 cho sshd[449593]: Invalid user chick from 104.248.205.67 port 51910 Oct 11 20:19:53 cho sshd[449593]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.205.67 Oct 11 20:19:53 cho sshd[449593]: Invalid user chick from 104.248.205.67 port 51910 Oct 11 20:19:55 cho sshd[449593]: Failed password for invalid user chick from 104.248.205.67 port 51910 ssh2 ...	2020-10-12 02:35:14
104.248.205.67	attackbots	TCP port : 3918	2020-10-11 18:26:20
104.248.205.67	attackspambots	srv02 Mass scanning activity detected Target: 24911 ..	2020-09-29 05:58:03
104.248.205.67	attack	Time: Mon Sep 28 03:11:10 2020 +0000 IP: 104.248.205.67 (NL/Netherlands/-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 28 02:52:35 14-2 sshd[20445]: Invalid user github from 104.248.205.67 port 55244 Sep 28 02:52:37 14-2 sshd[20445]: Failed password for invalid user github from 104.248.205.67 port 55244 ssh2 Sep 28 03:07:18 14-2 sshd[3025]: Invalid user mike from 104.248.205.67 port 40436 Sep 28 03:07:20 14-2 sshd[3025]: Failed password for invalid user mike from 104.248.205.67 port 40436 ssh2 Sep 28 03:11:08 14-2 sshd[15270]: Invalid user vnc from 104.248.205.67 port 47886	2020-09-28 22:22:42
104.248.205.67	attack	Port scan denied	2020-09-28 14:28:33
104.248.205.67	attackspam	Automatic report - Banned IP Access	2020-09-14 00:57:40
104.248.205.67	attackspam	Port scan denied	2020-09-13 16:47:38
104.248.205.24	attackspambots	web-1 [ssh] SSH Attack	2020-09-12 02:46:13
104.248.205.24	attackbotsspam	Sep 11 02:08:45 raspberrypi sshd[28751]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.205.24 user=root Sep 11 02:08:47 raspberrypi sshd[28751]: Failed password for invalid user root from 104.248.205.24 port 60612 ssh2 ...	2020-09-11 18:42:28
104.248.205.67	attackspam	SSH brute-force attempt	2020-09-08 03:00:10
104.248.205.67	attackbotsspam	TCP ports : 122 / 1347 / 11584 / 12561 / 20742 / 27793	2020-09-07 18:27:39
104.248.205.67	attack	ET CINS Active Threat Intelligence Poor Reputation IP group 96 - port: 122 proto: tcp cat: Misc Attackbytes: 60	2020-09-02 01:59:59
104.248.205.24	attackbots	Sep 1 14:32:17 vm0 sshd[11485]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.205.24 Sep 1 14:32:19 vm0 sshd[11485]: Failed password for invalid user jupyter from 104.248.205.24 port 54598 ssh2 ...	2020-09-01 23:24:29
104.248.205.24	attackbots	Scanned 3 times in the last 24 hours on port 22	2020-09-01 08:09:03

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.248.20.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17336
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.248.20.42.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025052401 1800 900 604800 86400

;; Query time: 13 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun May 25 04:30:10 CST 2025
;; MSG SIZE  rcvd: 106

Host info

Host 42.20.248.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 42.20.248.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
13.82.228.197	attackspam	Dec 18 15:31:24 tux-35-217 sshd\[2613\]: Invalid user natale from 13.82.228.197 port 38215 Dec 18 15:31:24 tux-35-217 sshd\[2613\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.82.228.197 Dec 18 15:31:26 tux-35-217 sshd\[2613\]: Failed password for invalid user natale from 13.82.228.197 port 38215 ssh2 Dec 18 15:38:08 tux-35-217 sshd\[2639\]: Invalid user corsale from 13.82.228.197 port 42587 Dec 18 15:38:08 tux-35-217 sshd\[2639\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.82.228.197 ...	2019-12-18 22:52:09
175.158.50.1	attackbots	Dec 18 15:50:28 sso sshd[27184]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.158.50.1 Dec 18 15:50:30 sso sshd[27184]: Failed password for invalid user ikko from 175.158.50.1 port 38275 ssh2 ...	2019-12-18 22:59:35
137.135.73.223	attackspam	" "	2019-12-18 23:10:46
125.74.10.146	attackspambots	Dec 18 09:29:19 linuxvps sshd\[14405\]: Invalid user isaias from 125.74.10.146 Dec 18 09:29:19 linuxvps sshd\[14405\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.74.10.146 Dec 18 09:29:21 linuxvps sshd\[14405\]: Failed password for invalid user isaias from 125.74.10.146 port 53642 ssh2 Dec 18 09:37:58 linuxvps sshd\[19551\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.74.10.146 user=root Dec 18 09:38:00 linuxvps sshd\[19551\]: Failed password for root from 125.74.10.146 port 51785 ssh2	2019-12-18 23:00:25
202.175.46.170	attackspam	Dec 18 17:08:18 microserver sshd[40032]: Invalid user karnosh from 202.175.46.170 port 38504 Dec 18 17:08:18 microserver sshd[40032]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.175.46.170 Dec 18 17:08:20 microserver sshd[40032]: Failed password for invalid user karnosh from 202.175.46.170 port 38504 ssh2 Dec 18 17:15:35 microserver sshd[41462]: Invalid user ersil from 202.175.46.170 port 34110 Dec 18 17:15:35 microserver sshd[41462]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.175.46.170 Dec 18 17:26:22 microserver sshd[43164]: Invalid user web from 202.175.46.170 port 48632 Dec 18 17:26:22 microserver sshd[43164]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.175.46.170 Dec 18 17:26:24 microserver sshd[43164]: Failed password for invalid user web from 202.175.46.170 port 48632 ssh2 Dec 18 17:31:54 microserver sshd[44002]: pam_unix(sshd:auth): authentication failure; l	2019-12-18 22:43:23
77.16.211.157	attackbotsspam	Port scan	2019-12-18 23:04:17
49.88.112.74	attackspambots	Dec 18 15:57:27 MK-Soft-VM4 sshd[10161]: Failed password for root from 49.88.112.74 port 47033 ssh2 Dec 18 15:57:30 MK-Soft-VM4 sshd[10161]: Failed password for root from 49.88.112.74 port 47033 ssh2 ...	2019-12-18 22:58:08
82.221.131.71	attack	Dec 18 15:37:38 vpn01 sshd[28143]: Failed password for root from 82.221.131.71 port 45607 ssh2 Dec 18 15:37:53 vpn01 sshd[28143]: error: maximum authentication attempts exceeded for root from 82.221.131.71 port 45607 ssh2 [preauth] ...	2019-12-18 23:07:31
120.92.102.213	attackbotsspam	Dec 18 04:30:10 kapalua sshd\[20252\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.102.213 user=root Dec 18 04:30:12 kapalua sshd\[20252\]: Failed password for root from 120.92.102.213 port 49882 ssh2 Dec 18 04:38:13 kapalua sshd\[21071\]: Invalid user nfs from 120.92.102.213 Dec 18 04:38:13 kapalua sshd\[21071\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.102.213 Dec 18 04:38:15 kapalua sshd\[21071\]: Failed password for invalid user nfs from 120.92.102.213 port 45917 ssh2	2019-12-18 22:43:03
68.183.29.124	attackbotsspam	Dec 18 15:32:47 legacy sshd[21113]: Failed password for root from 68.183.29.124 port 49470 ssh2 Dec 18 15:38:07 legacy sshd[21334]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.29.124 Dec 18 15:38:10 legacy sshd[21334]: Failed password for invalid user rpm from 68.183.29.124 port 58820 ssh2 ...	2019-12-18 22:50:30
14.227.19.11	attack	Dec 18 15:38:09 grey postfix/smtpd\[23209\]: NOQUEUE: reject: RCPT from unknown\[14.227.19.11\]: 554 5.7.1 Service unavailable\; Client host \[14.227.19.11\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[14.227.19.11\]\; from=\ to=\ proto=ESMTP helo=\ ...	2019-12-18 22:51:36
51.91.8.222	attackspambots	Dec 18 05:03:50 php1 sshd\[6524\]: Invalid user nfs from 51.91.8.222 Dec 18 05:03:50 php1 sshd\[6524\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.91.8.222 Dec 18 05:03:51 php1 sshd\[6524\]: Failed password for invalid user nfs from 51.91.8.222 port 45338 ssh2 Dec 18 05:09:04 php1 sshd\[7175\]: Invalid user aDmin.123 from 51.91.8.222 Dec 18 05:09:04 php1 sshd\[7175\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.91.8.222	2019-12-18 23:09:43
212.220.204.25	attackspambots	Unauthorized connection attempt detected from IP address 212.220.204.25 to port 445	2019-12-18 23:05:06
193.56.28.244	attackbotsspam	SMTP AUTH LOGIN	2019-12-18 22:52:34
40.92.21.37	attack	Dec 18 17:38:04 debian-2gb-vpn-nbg1-1 kernel: [1058248.349343] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:38:96:44:d2:74:7f:6e:37:e3:08:00 SRC=40.92.21.37 DST=78.46.192.101 LEN=40 TOS=0x00 PREC=0x00 TTL=234 ID=35004 DF PROTO=TCP SPT=45995 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0	2019-12-18 22:58:49

Recently Reported IPs

113.215.189.43	147.185.132.117	113.215.189.35	36.9.21.129
43.159.145.149	39.69.91.49	39.146.42.74	221.13.134.6
185.218.84.7	123.11.185.5	118.72.103.60	117.62.119.70
117.172.172.79	115.53.102.190	112.238.91.178	110.245.188.36
9.235.133.160	185.218.86.52	57.141.2.7	64.62.156.87