104.248.45.204

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Invalid user nagios from 104.248.45.204 port 54714	2020-10-13 21:27:14
attack	(sshd) Failed SSH login from 104.248.45.204 (DE/Germany/-): 5 in the last 3600 secs	2020-10-13 12:54:21
attackspam	Oct 12 23:05:52 haigwepa sshd[18422]: Failed password for root from 104.248.45.204 port 33614 ssh2 ...	2020-10-13 05:41:29
attackbotsspam	s2.hscode.pl - SSH Attack	2020-10-12 06:58:06
attack	s2.hscode.pl - SSH Attack	2020-10-11 23:08:22
attack	[f2b] sshd bruteforce, retries: 1	2020-10-11 15:06:18
attackspambots	2020-10-10T20:57:19.098360shield sshd\[22351\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.45.204 user=root 2020-10-10T20:57:21.444169shield sshd\[22351\]: Failed password for root from 104.248.45.204 port 35988 ssh2 2020-10-10T21:00:46.182636shield sshd\[22818\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.45.204 user=root 2020-10-10T21:00:47.939900shield sshd\[22818\]: Failed password for root from 104.248.45.204 port 39988 ssh2 2020-10-10T21:04:18.365505shield sshd\[23277\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.45.204 user=root	2020-10-11 08:26:40
attackbotsspam	Sep 24 20:27:09 nextcloud sshd\[5266\]: Invalid user redhat from 104.248.45.204 Sep 24 20:27:09 nextcloud sshd\[5266\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.45.204 Sep 24 20:27:11 nextcloud sshd\[5266\]: Failed password for invalid user redhat from 104.248.45.204 port 34546 ssh2	2020-09-25 03:44:43
attack	$f2bV_matches	2020-09-24 19:30:58
attack	Invalid user monitoring from 104.248.45.204 port 36954	2020-09-15 21:51:45
attackspambots	$f2bV_matches	2020-09-15 13:49:01
attack	Invalid user monitoring from 104.248.45.204 port 36954	2020-09-15 06:00:30
attack	Sep 1 02:48:03 server sshd[27888]: Invalid user zhangshuai from 104.248.45.204 port 56320 Sep 1 02:48:05 server sshd[27888]: Failed password for invalid user zhangshuai from 104.248.45.204 port 56320 ssh2 Sep 1 02:48:03 server sshd[27888]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.45.204 Sep 1 02:48:03 server sshd[27888]: Invalid user zhangshuai from 104.248.45.204 port 56320 Sep 1 02:48:05 server sshd[27888]: Failed password for invalid user zhangshuai from 104.248.45.204 port 56320 ssh2 ...	2020-09-01 08:37:50
attack	SSH Brute Force	2020-08-28 21:16:55
attackspambots	web-1 [ssh_2] SSH Attack	2020-08-20 02:09:36
attackspambots	Jul 29 22:59:12 eventyay sshd[4830]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.45.204 Jul 29 22:59:14 eventyay sshd[4830]: Failed password for invalid user peiyun from 104.248.45.204 port 48104 ssh2 Jul 29 23:03:17 eventyay sshd[5056]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.45.204 ...	2020-07-30 05:12:17
attackspam	Invalid user receber from 104.248.45.204 port 54878	2020-07-26 17:02:17
attack	Invalid user e from 104.248.45.204 port 53838	2020-07-16 15:19:29
attackbotsspam	2020-07-13T23:53:43.194594sorsha.thespaminator.com sshd[27419]: Invalid user ra from 104.248.45.204 port 35852 2020-07-13T23:53:45.604097sorsha.thespaminator.com sshd[27419]: Failed password for invalid user ra from 104.248.45.204 port 35852 ssh2 ...	2020-07-14 14:45:45
attack	Jul 10 07:16:12 NPSTNNYC01T sshd[10623]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.45.204 Jul 10 07:16:14 NPSTNNYC01T sshd[10623]: Failed password for invalid user mythtv from 104.248.45.204 port 35916 ssh2 Jul 10 07:19:17 NPSTNNYC01T sshd[10921]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.45.204 ...	2020-07-10 19:32:02
attack	odoo8 ...	2020-06-29 00:04:33
attackbots	Brute-force attempt banned	2020-06-25 21:38:29
attack	DATE:2020-06-16 16:18:24, IP:104.248.45.204, PORT:ssh SSH brute force auth (docker-dc)	2020-06-17 00:35:17
attack	2020-06-14T06:10:01.274351shield sshd\[15746\]: Invalid user oracle from 104.248.45.204 port 46858 2020-06-14T06:10:01.278901shield sshd\[15746\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.45.204 2020-06-14T06:10:03.574371shield sshd\[15746\]: Failed password for invalid user oracle from 104.248.45.204 port 46858 ssh2 2020-06-14T06:13:33.314357shield sshd\[16506\]: Invalid user monitor from 104.248.45.204 port 49034 2020-06-14T06:13:33.319245shield sshd\[16506\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.45.204	2020-06-14 16:22:34
attackspam	2020-06-05T14:18:07.897327shield sshd\[1924\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.45.204 user=root 2020-06-05T14:18:10.379936shield sshd\[1924\]: Failed password for root from 104.248.45.204 port 33572 ssh2 2020-06-05T14:21:33.472748shield sshd\[2239\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.45.204 user=root 2020-06-05T14:21:35.568931shield sshd\[2239\]: Failed password for root from 104.248.45.204 port 35828 ssh2 2020-06-05T14:25:05.114659shield sshd\[2643\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.45.204 user=root	2020-06-06 03:23:12
attack	$f2bV_matches	2020-06-02 18:13:19
attackspam	Invalid user kaitlin from 104.248.45.204 port 39324	2020-05-28 03:36:32
attackspam	$f2bV_matches	2020-05-26 16:13:11
attackbots	May 22 08:38:03 ns382633 sshd\[3590\]: Invalid user kil from 104.248.45.204 port 60044 May 22 08:38:03 ns382633 sshd\[3590\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.45.204 May 22 08:38:05 ns382633 sshd\[3590\]: Failed password for invalid user kil from 104.248.45.204 port 60044 ssh2 May 22 08:44:31 ns382633 sshd\[4917\]: Invalid user igz from 104.248.45.204 port 57096 May 22 08:44:31 ns382633 sshd\[4917\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.45.204	2020-05-22 16:28:39
attackbots	May 16 19:36:32 pkdns2 sshd\[49692\]: Invalid user gerencia from 104.248.45.204May 16 19:36:35 pkdns2 sshd\[49692\]: Failed password for invalid user gerencia from 104.248.45.204 port 53526 ssh2May 16 19:40:12 pkdns2 sshd\[49915\]: Invalid user qlserver from 104.248.45.204May 16 19:40:14 pkdns2 sshd\[49915\]: Failed password for invalid user qlserver from 104.248.45.204 port 60616 ssh2May 16 19:43:53 pkdns2 sshd\[50111\]: Invalid user sccs from 104.248.45.204May 16 19:43:54 pkdns2 sshd\[50111\]: Failed password for invalid user sccs from 104.248.45.204 port 39474 ssh2 ...	2020-05-17 02:19:34

Comments on same subnet:

IP	Type	Details	Datetime
104.248.45.134	proxynormal	FRM:kendraj SUBJ:7zkwqj MSG: http://104.248.45.134 areconnected Mylea how to reconnect	2020-01-03 02:17:52
104.248.45.110	attackspam	Automatic report - Banned IP Access	2019-07-18 10:32:35
104.248.45.110	attackspambots	WP Authentication failure	2019-07-01 21:31:58
104.248.45.110	attack	Automatic report - Web App Attack	2019-06-30 03:18:21
104.248.45.110	attack	www.geburtshaus-fulda.de 104.248.45.110 \[29/Jun/2019:10:40:36 +0200\] "POST /wp-login.php HTTP/1.1" 200 5787 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" www.geburtshaus-fulda.de 104.248.45.110 \[29/Jun/2019:10:40:37 +0200\] "POST /wp-login.php HTTP/1.1" 200 5794 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-06-29 18:09:36
104.248.45.70	attack	Invalid user admin from 104.248.45.70 port 40252	2019-06-25 03:32:29
104.248.45.70	attackbotsspam	Invalid user admin from 104.248.45.70 port 40252	2019-06-24 13:23:51

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.248.45.204
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 49006
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.248.45.204.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019050501 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Mon May 06 05:42:10 +08 2019
;; MSG SIZE  rcvd: 118

Host info

Host 204.45.248.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 204.45.248.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
147.135.156.91	attackbots	Nov 26 00:06:59 TORMINT sshd\[20492\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.135.156.91 user=root Nov 26 00:07:02 TORMINT sshd\[20492\]: Failed password for root from 147.135.156.91 port 40776 ssh2 Nov 26 00:13:19 TORMINT sshd\[20802\]: Invalid user rudolsen from 147.135.156.91 Nov 26 00:13:19 TORMINT sshd\[20802\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.135.156.91 ...	2019-11-26 13:40:42
104.248.37.88	attackspam	2210/tcp 2209/tcp 2208/tcp...≡ [2177/tcp,2210/tcp] [2019-09-25/11-26]111pkt,34pt.(tcp)	2019-11-26 14:09:41
209.141.43.166	attackbotsspam	6100/tcp 7300/tcp 7800/tcp... [2019-11-09/25]76pkt,23pt.(tcp)	2019-11-26 13:58:11
188.254.0.183	attackspam	Nov 26 05:20:45 venus sshd\[10876\]: Invalid user tasanee from 188.254.0.183 port 41712 Nov 26 05:20:45 venus sshd\[10876\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.254.0.183 Nov 26 05:20:47 venus sshd\[10876\]: Failed password for invalid user tasanee from 188.254.0.183 port 41712 ssh2 ...	2019-11-26 13:36:41
114.112.58.134	attackbots	Invalid user krenz from 114.112.58.134 port 53704	2019-11-26 14:02:41
171.224.78.25	attack	Nov 26 05:41:08 mail postfix/smtpd[27061]: warning: unknown[171.224.78.25]: SASL PLAIN authentication failed: Nov 26 05:47:51 mail postfix/smtps/smtpd[25944]: warning: unknown[171.224.78.25]: SASL PLAIN authentication failed: Nov 26 05:49:45 mail postfix/smtps/smtpd[25952]: warning: unknown[171.224.78.25]: SASL PLAIN authentication failed:	2019-11-26 14:07:42
103.112.53.59	attackspam	Fail2Ban Ban Triggered	2019-11-26 13:45:24
123.21.143.21	attack	$f2bV_matches	2019-11-26 13:47:38
202.102.67.183	attackspambots	84/tcp 85/tcp 86/tcp... [2019-11-07/24]240pkt,56pt.(tcp)	2019-11-26 14:11:40
218.206.233.198	attackspambots	SMTP:25. Blocked 37 login attempts in 58.8 days.	2019-11-26 14:06:38
3.83.212.250	attackspambots	3.83.212.250 was recorded 64 times by 17 hosts attempting to connect to the following ports: 2376,4243,2375,2377. Incident counter (4h, 24h, all-time): 64, 71, 71	2019-11-26 13:56:43
112.85.42.189	attack	SSH authentication failure x 6 reported by Fail2Ban ...	2019-11-26 14:06:21
150.223.31.248	attack	Nov 24 04:29:31 vtv3 sshd[25543]: Failed password for invalid user p@$$word123 from 150.223.31.248 port 56843 ssh2 Nov 24 04:36:26 vtv3 sshd[29364]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.223.31.248 Nov 24 04:50:09 vtv3 sshd[3074]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.223.31.248 Nov 24 04:50:11 vtv3 sshd[3074]: Failed password for invalid user dokken from 150.223.31.248 port 45445 ssh2 Nov 24 04:57:11 vtv3 sshd[6182]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.223.31.248 Nov 26 03:16:25 vtv3 sshd[995]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.223.31.248 Nov 26 03:16:27 vtv3 sshd[995]: Failed password for invalid user vcsa from 150.223.31.248 port 58816 ssh2 Nov 26 03:23:42 vtv3 sshd[4050]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.223.31.248 Nov 26 03	2019-11-26 13:36:53
170.0.125.105	attack	Sent mail to target address hacked/leaked from abandonia in 2016	2019-11-26 14:00:18
63.88.23.246	attackspam	63.88.23.246 was recorded 15 times by 7 hosts attempting to connect to the following ports: 80. Incident counter (4h, 24h, all-time): 15, 65, 663	2019-11-26 13:40:21

Recently Reported IPs

45.112.125.138	201.43.181.186	181.123.12.204	192.200.215.90
196.120.5.253	83.10.178.242	125.31.29.114	142.93.245.174
103.229.200.1	167.99.238.88	216.155.75.42	169.197.108.171
128.14.209.244	193.112.72.126	203.129.254.50	18.140.245.54
121.132.17.79	118.131.102.157	45.227.253.101	213.55.81.241