104.248.42.192

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.248.42.94	attack	Dec 11 07:28:44 herz-der-gamer sshd[26689]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.42.94 user=vmail Dec 11 07:28:46 herz-der-gamer sshd[26689]: Failed password for vmail from 104.248.42.94 port 56192 ssh2 ...	2019-12-11 16:53:11
104.248.42.94	attackspambots	Dec 9 05:56:06 v22018076622670303 sshd\[22485\]: Invalid user mobile from 104.248.42.94 port 52208 Dec 9 05:56:06 v22018076622670303 sshd\[22485\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.42.94 Dec 9 05:56:09 v22018076622670303 sshd\[22485\]: Failed password for invalid user mobile from 104.248.42.94 port 52208 ssh2 ...	2019-12-09 13:56:28
104.248.42.94	attackspam	2019-11-22T22:55:50.489874abusebot-4.cloudsearch.cf sshd\[5583\]: Invalid user admin from 104.248.42.94 port 39292	2019-11-23 07:32:31
104.248.42.94	attack	Nov 17 23:21:47 icinga sshd[4842]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.42.94 Nov 17 23:21:49 icinga sshd[4842]: Failed password for invalid user xbmc from 104.248.42.94 port 49854 ssh2 Nov 17 23:42:58 icinga sshd[24675]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.42.94 ...	2019-11-18 07:49:25
104.248.42.231	attackbotsspam	Wed 17 01:29:19 60001/tcp	2019-07-17 20:31:05
104.248.42.231	attackspambots	NAME : DO-13 CIDR : 104.248.0.0/16 SYN Flood DDoS Attack USA - New York - block certain countries :) IP: 104.248.42.231 Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery https://help-dysk.pl	2019-07-12 01:08:45
104.248.42.231	attackspambots	5500/tcp 5500/tcp [2019-07-08/10]2pkt	2019-07-10 21:10:55

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.248.42.192
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 43166
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.248.42.192.			IN	A

;; AUTHORITY SECTION:
.			351	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021702 1800 900 604800 86400

;; Query time: 19 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 10:26:14 CST 2022
;; MSG SIZE  rcvd: 107

Host info

192.42.248.104.in-addr.arpa domain name pointer spearance.ru.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
192.42.248.104.in-addr.arpa	name = spearance.ru.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
139.59.34.226	attackbotsspam	139.59.34.226 - - [25/Aug/2020:09:14:15 +0200] "POST /xmlrpc.php HTTP/1.1" 403 21861 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.34.226 - - [25/Aug/2020:09:16:54 +0200] "POST /xmlrpc.php HTTP/1.1" 403 613 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-25 16:48:46
89.237.85.23	attackbotsspam	Automatic report - Port Scan Attack	2020-08-25 16:51:48
159.203.176.82	attack	159.203.176.82 - - [25/Aug/2020:07:12:04 +0200] "POST /xmlrpc.php HTTP/1.1" 403 15309 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 159.203.176.82 - - [25/Aug/2020:07:26:41 +0200] "POST /xmlrpc.php HTTP/1.1" 403 79888 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-25 16:31:57
81.4.110.153	attackbotsspam	k+ssh-bruteforce	2020-08-25 16:54:33
209.212.198.8	attackspam	Automatic report - Port Scan Attack	2020-08-25 16:19:30
220.120.106.254	attackspambots	k+ssh-bruteforce	2020-08-25 16:22:40
213.217.0.7	attack	Multiple web server 500 error code (Internal Error).	2020-08-25 16:22:24
58.153.174.86	attack	Aug 25 10:23:13 pve1 sshd[16307]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.153.174.86 Aug 25 10:23:15 pve1 sshd[16307]: Failed password for invalid user sftptest from 58.153.174.86 port 51502 ssh2 ...	2020-08-25 16:27:42
178.62.252.206	attack	178.62.252.206 - - [25/Aug/2020:06:56:40 +0200] "GET /wp-login.php HTTP/1.1" 200 9040 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 178.62.252.206 - - [25/Aug/2020:06:56:41 +0200] "POST /wp-login.php HTTP/1.1" 200 9291 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 178.62.252.206 - - [25/Aug/2020:06:56:42 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-25 16:55:47
114.67.106.137	attackbots	Aug 25 08:34:54 ip106 sshd[14571]: Failed password for root from 114.67.106.137 port 51590 ssh2 ...	2020-08-25 16:41:44
188.163.109.153	attackspambots	0,27-03/28 [bc01/m27] PostRequest-Spammer scoring: zurich	2020-08-25 16:18:49
106.54.17.235	attackbots	Aug 25 08:43:47 eventyay sshd[32448]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.17.235 Aug 25 08:43:50 eventyay sshd[32448]: Failed password for invalid user timmy from 106.54.17.235 port 55786 ssh2 Aug 25 08:49:36 eventyay sshd[32608]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.17.235 ...	2020-08-25 16:42:56
106.12.52.98	attackspam	Port scan denied	2020-08-25 16:36:03
159.65.12.43	attackspam	(sshd) Failed SSH login from 159.65.12.43 (SG/Singapore/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Aug 25 10:46:49 srv sshd[24595]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.12.43 user=root Aug 25 10:46:50 srv sshd[24595]: Failed password for root from 159.65.12.43 port 51404 ssh2 Aug 25 10:55:17 srv sshd[24779]: Invalid user training from 159.65.12.43 port 39248 Aug 25 10:55:19 srv sshd[24779]: Failed password for invalid user training from 159.65.12.43 port 39248 ssh2 Aug 25 10:59:40 srv sshd[24866]: Invalid user ismael from 159.65.12.43 port 45448	2020-08-25 16:26:23
184.168.46.221	attack	184.168.46.221 - - [25/Aug/2020:05:53:47 +0200] "POST /xmlrpc.php HTTP/1.1" 403 31177 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36" 184.168.46.221 - - [25/Aug/2020:05:53:47 +0200] "POST /xmlrpc.php HTTP/1.1" 403 31178 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36" ...	2020-08-25 16:28:44

Recently Reported IPs

104.248.36.113	104.248.38.6	104.248.36.231	104.248.58.12
104.248.40.110	104.248.51.7	104.248.81.80	104.248.7.103
104.248.58.50	104.248.6.124	104.248.6.60	104.248.82.165
13.226.31.2	104.248.94.193	104.248.98.38	104.25.1.116
104.248.92.23	104.25.100.24	104.25.108.8	104.249.26.74