106.248.41.245

Basic Info

City: unknown

Region: unknown

Country: Korea, Republic of

Internet Service Provider: LG Dacom Corporation

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Dec 23 05:42:33 sachi sshd\[1276\]: Invalid user lorber from 106.248.41.245 Dec 23 05:42:33 sachi sshd\[1276\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.248.41.245 Dec 23 05:42:35 sachi sshd\[1276\]: Failed password for invalid user lorber from 106.248.41.245 port 48230 ssh2 Dec 23 05:48:31 sachi sshd\[1809\]: Invalid user gorri from 106.248.41.245 Dec 23 05:48:31 sachi sshd\[1809\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.248.41.245	2019-12-24 04:42:29
attack	Dec 23 09:24:07 cp sshd[14840]: Failed password for root from 106.248.41.245 port 46774 ssh2 Dec 23 09:24:07 cp sshd[14840]: Failed password for root from 106.248.41.245 port 46774 ssh2	2019-12-23 18:00:16
attackspambots	Dec 15 18:32:47 * sshd[7842]: Failed password for root from 106.248.41.245 port 50812 ssh2	2019-12-16 01:39:23
attackbots	ssh failed login	2019-12-13 17:52:26
attack	Dec 12 19:44:22 php1 sshd\[31344\]: Invalid user wwwadmin from 106.248.41.245 Dec 12 19:44:22 php1 sshd\[31344\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.248.41.245 Dec 12 19:44:24 php1 sshd\[31344\]: Failed password for invalid user wwwadmin from 106.248.41.245 port 57380 ssh2 Dec 12 19:50:39 php1 sshd\[31942\]: Invalid user dens from 106.248.41.245 Dec 12 19:50:39 php1 sshd\[31942\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.248.41.245	2019-12-13 14:08:05
attack	Dec 11 09:06:45 sauna sshd[168678]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.248.41.245 Dec 11 09:06:47 sauna sshd[168678]: Failed password for invalid user botreau from 106.248.41.245 port 51292 ssh2 ...	2019-12-11 15:28:32
attackbotsspam	Dec 11 00:18:19 hcbbdb sshd\[8837\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.248.41.245 user=root Dec 11 00:18:22 hcbbdb sshd\[8837\]: Failed password for root from 106.248.41.245 port 46798 ssh2 Dec 11 00:24:18 hcbbdb sshd\[9480\]: Invalid user ftpuser from 106.248.41.245 Dec 11 00:24:18 hcbbdb sshd\[9480\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.248.41.245 Dec 11 00:24:20 hcbbdb sshd\[9480\]: Failed password for invalid user ftpuser from 106.248.41.245 port 55222 ssh2	2019-12-11 08:47:57
attack	Nov 14 15:41:34 dedicated sshd[32661]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.248.41.245 user=root Nov 14 15:41:36 dedicated sshd[32661]: Failed password for root from 106.248.41.245 port 39862 ssh2	2019-11-14 23:04:51
attackbots	$f2bV_matches	2019-11-14 18:50:54
attack	Nov 13 14:49:36 *** sshd[25580]: Invalid user home from 106.248.41.245	2019-11-14 01:01:15
attackspam	Nov 5 05:19:10 firewall sshd[9168]: Invalid user oe0bji5m from 106.248.41.245 Nov 5 05:19:11 firewall sshd[9168]: Failed password for invalid user oe0bji5m from 106.248.41.245 port 59524 ssh2 Nov 5 05:23:23 firewall sshd[9297]: Invalid user changeme from 106.248.41.245 ...	2019-11-05 19:19:38
attack	Oct 31 22:45:50 dallas01 sshd[28528]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.248.41.245 Oct 31 22:45:52 dallas01 sshd[28528]: Failed password for invalid user yt from 106.248.41.245 port 45544 ssh2 Oct 31 22:50:07 dallas01 sshd[29300]: Failed password for root from 106.248.41.245 port 56264 ssh2	2019-11-01 17:41:11
attackbots	Oct 22 01:15:17 sauna sshd[121562]: Failed password for root from 106.248.41.245 port 49994 ssh2 ...	2019-10-22 06:25:24
attackbots	Oct 18 16:14:58 minden010 sshd[1425]: Failed password for root from 106.248.41.245 port 34518 ssh2 Oct 18 16:19:38 minden010 sshd[4959]: Failed password for root from 106.248.41.245 port 45742 ssh2 ...	2019-10-18 22:27:08
attackbots	Oct 15 11:58:57 hanapaa sshd\[6233\]: Invalid user 123 from 106.248.41.245 Oct 15 11:58:57 hanapaa sshd\[6233\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.248.41.245 Oct 15 11:58:59 hanapaa sshd\[6233\]: Failed password for invalid user 123 from 106.248.41.245 port 53592 ssh2 Oct 15 12:03:26 hanapaa sshd\[6614\]: Invalid user !Aa123654 from 106.248.41.245 Oct 15 12:03:26 hanapaa sshd\[6614\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.248.41.245	2019-10-16 06:06:16
attackspam	Oct 13 12:57:05 php1 sshd\[30701\]: Invalid user Comptable from 106.248.41.245 Oct 13 12:57:05 php1 sshd\[30701\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.248.41.245 Oct 13 12:57:07 php1 sshd\[30701\]: Failed password for invalid user Comptable from 106.248.41.245 port 42826 ssh2 Oct 13 13:01:52 php1 sshd\[31107\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.248.41.245 user=root Oct 13 13:01:54 php1 sshd\[31107\]: Failed password for root from 106.248.41.245 port 54872 ssh2	2019-10-14 07:09:44
attackspambots	Jul 7 04:03:24 vtv3 sshd\[3588\]: Invalid user yi from 106.248.41.245 port 33334 Jul 7 04:03:24 vtv3 sshd\[3588\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.248.41.245 Jul 7 04:03:26 vtv3 sshd\[3588\]: Failed password for invalid user yi from 106.248.41.245 port 33334 ssh2 Jul 7 04:06:50 vtv3 sshd\[5302\]: Invalid user nate from 106.248.41.245 port 39078 Jul 7 04:06:50 vtv3 sshd\[5302\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.248.41.245 Jul 7 04:19:16 vtv3 sshd\[10890\]: Invalid user yamada from 106.248.41.245 port 53222 Jul 7 04:19:16 vtv3 sshd\[10890\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.248.41.245 Jul 7 04:19:18 vtv3 sshd\[10890\]: Failed password for invalid user yamada from 106.248.41.245 port 53222 ssh2 Jul 7 04:21:50 vtv3 sshd\[12293\]: Invalid user jenkins from 106.248.41.245 port 50406 Jul 7 04:21:50 vtv3 sshd\[12293\]: pam_	2019-10-13 01:05:14
attack	Oct 8 03:10:42 TORMINT sshd\[7309\]: Invalid user QWER1234 from 106.248.41.245 Oct 8 03:10:42 TORMINT sshd\[7309\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.248.41.245 Oct 8 03:10:44 TORMINT sshd\[7309\]: Failed password for invalid user QWER1234 from 106.248.41.245 port 47598 ssh2 ...	2019-10-08 15:11:32
attackbotsspam	[ssh] SSH attack	2019-10-02 20:13:33
attack	Sep 27 19:33:43 debian sshd\[2916\]: Invalid user host from 106.248.41.245 port 60690 Sep 27 19:33:43 debian sshd\[2916\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.248.41.245 Sep 27 19:33:45 debian sshd\[2916\]: Failed password for invalid user host from 106.248.41.245 port 60690 ssh2 ...	2019-09-28 07:41:32
attackspam	Sep 26 07:03:11 www2 sshd\[22250\]: Invalid user verwalter from 106.248.41.245Sep 26 07:03:13 www2 sshd\[22250\]: Failed password for invalid user verwalter from 106.248.41.245 port 34230 ssh2Sep 26 07:08:19 www2 sshd\[22808\]: Invalid user kym from 106.248.41.245 ...	2019-09-26 19:09:32
attack	Sep 25 20:49:07 ip-172-31-62-245 sshd\[25130\]: Invalid user ubnt from 106.248.41.245\ Sep 25 20:49:08 ip-172-31-62-245 sshd\[25130\]: Failed password for invalid user ubnt from 106.248.41.245 port 47596 ssh2\ Sep 25 20:54:00 ip-172-31-62-245 sshd\[25156\]: Invalid user nancys from 106.248.41.245\ Sep 25 20:54:02 ip-172-31-62-245 sshd\[25156\]: Failed password for invalid user nancys from 106.248.41.245 port 60544 ssh2\ Sep 25 20:58:58 ip-172-31-62-245 sshd\[25188\]: Invalid user saints1 from 106.248.41.245\	2019-09-26 05:42:35
attackbots	Sep 9 02:41:18 MK-Soft-VM7 sshd\[701\]: Invalid user oracle from 106.248.41.245 port 58850 Sep 9 02:41:18 MK-Soft-VM7 sshd\[701\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.248.41.245 Sep 9 02:41:20 MK-Soft-VM7 sshd\[701\]: Failed password for invalid user oracle from 106.248.41.245 port 58850 ssh2 ...	2019-09-09 10:44:21
attack	Aug 30 03:34:59 MK-Soft-Root2 sshd\[26291\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.248.41.245 user=root Aug 30 03:35:01 MK-Soft-Root2 sshd\[26291\]: Failed password for root from 106.248.41.245 port 49170 ssh2 Aug 30 03:39:36 MK-Soft-Root2 sshd\[26905\]: Invalid user user from 106.248.41.245 port 37516 Aug 30 03:39:36 MK-Soft-Root2 sshd\[26905\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.248.41.245 ...	2019-08-30 09:45:31
attackbots	Aug 28 19:43:17 XXX sshd[8061]: Invalid user testuser from 106.248.41.245 port 46684	2019-08-29 05:48:56
attackbots	Aug 27 09:57:11 hcbbdb sshd\[5928\]: Invalid user postgres from 106.248.41.245 Aug 27 09:57:11 hcbbdb sshd\[5928\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.248.41.245 Aug 27 09:57:13 hcbbdb sshd\[5928\]: Failed password for invalid user postgres from 106.248.41.245 port 47836 ssh2 Aug 27 10:01:59 hcbbdb sshd\[6578\]: Invalid user claudio from 106.248.41.245 Aug 27 10:01:59 hcbbdb sshd\[6578\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.248.41.245	2019-08-27 21:53:49
attackspambots	Aug 19 04:55:26 web1 sshd\[23832\]: Invalid user oracle from 106.248.41.245 Aug 19 04:55:26 web1 sshd\[23832\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.248.41.245 Aug 19 04:55:29 web1 sshd\[23832\]: Failed password for invalid user oracle from 106.248.41.245 port 56188 ssh2 Aug 19 05:00:28 web1 sshd\[24354\]: Invalid user flower from 106.248.41.245 Aug 19 05:00:28 web1 sshd\[24354\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.248.41.245	2019-08-19 23:10:57
attackspam	Jul 31 10:10:33 mout sshd[19383]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.248.41.245 user=root Jul 31 10:10:35 mout sshd[19383]: Failed password for root from 106.248.41.245 port 59026 ssh2	2019-07-31 16:38:05
attackspambots	Jul 31 00:44:16 lnxmail61 sshd[32396]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.248.41.245 Jul 31 00:44:16 lnxmail61 sshd[32396]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.248.41.245	2019-07-31 07:02:01
attackbots	Jul 26 17:11:49 yabzik sshd[26559]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.248.41.245 Jul 26 17:11:51 yabzik sshd[26559]: Failed password for invalid user postgres from 106.248.41.245 port 40488 ssh2 Jul 26 17:17:07 yabzik sshd[28278]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.248.41.245	2019-07-26 22:18:19

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.248.41.245
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 53109
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.248.41.245.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019070300 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Jul 03 17:48:48 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 245.41.248.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 245.41.248.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
163.172.192.210	attackspambots	\[2019-08-08 02:03:15\] SECURITY\[2326\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-08-08T02:03:15.573-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="20011972592277524",SessionID="0x7ff4d0160998",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/163.172.192.210/61694",ACLName="no_extension_match" \[2019-08-08 02:04:51\] SECURITY\[2326\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-08-08T02:04:51.037-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="30011972592277524",SessionID="0x7ff4d0160998",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/163.172.192.210/61709",ACLName="no_extension_match" \[2019-08-08 02:06:27\] SECURITY\[2326\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-08-08T02:06:27.713-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="40011972592277524",SessionID="0x7ff4d0348688",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/163.172.192.210/57405",ACL	2019-08-08 14:22:09
190.52.196.246	attack	19/8/7@22:19:42: FAIL: IoT-Telnet address from=190.52.196.246 ...	2019-08-08 15:03:58
197.247.24.45	attack	Lines containing failures of 197.247.24.45 (max 1000) Aug 7 23:34:29 localhost sshd[1473]: Invalid user wp from 197.247.24.45 port 34418 Aug 7 23:34:29 localhost sshd[1473]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.247.24.45 Aug 7 23:34:31 localhost sshd[1473]: Failed password for invalid user wp from 197.247.24.45 port 34418 ssh2 Aug 7 23:34:32 localhost sshd[1473]: Received disconnect from 197.247.24.45 port 34418:11: Bye Bye [preauth] Aug 7 23:34:32 localhost sshd[1473]: Disconnected from invalid user wp 197.247.24.45 port 34418 [preauth] Aug 7 23:56:25 localhost sshd[7371]: Invalid user tf2server from 197.247.24.45 port 43950 Aug 7 23:56:25 localhost sshd[7371]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.247.24.45 Aug 7 23:56:28 localhost sshd[7371]: Failed password for invalid user tf2server from 197.247.24.45 port 43950 ssh2 Aug 7 23:56:29 localhost sshd[7........ ------------------------------	2019-08-08 15:05:59
121.142.111.242	attackspambots	2019-08-08T03:32:58.316452abusebot-6.cloudsearch.cf sshd\[23780\]: Invalid user web from 121.142.111.242 port 49282	2019-08-08 14:55:37
177.128.144.229	attackspambots	Brute force attack to crack SMTP password (port 25 / 587)	2019-08-08 14:48:48
159.226.5.101	attack	Aug 8 08:19:37 pornomens sshd\[3245\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.226.5.101 user=root Aug 8 08:19:38 pornomens sshd\[3245\]: Failed password for root from 159.226.5.101 port 41156 ssh2 Aug 8 08:26:45 pornomens sshd\[3275\]: Invalid user zou from 159.226.5.101 port 57576 Aug 8 08:26:45 pornomens sshd\[3275\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.226.5.101 ...	2019-08-08 15:10:42
79.118.135.251	attack	RDP Bruteforce	2019-08-08 15:05:31
195.209.48.253	attack	[portscan] Port scan	2019-08-08 14:58:37
137.226.113.10	attackbots	" "	2019-08-08 14:41:58
187.188.169.123	attackbotsspam	Aug 8 08:37:16 localhost sshd\[12844\]: Invalid user cav from 187.188.169.123 port 49706 Aug 8 08:37:16 localhost sshd\[12844\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.188.169.123 Aug 8 08:37:18 localhost sshd\[12844\]: Failed password for invalid user cav from 187.188.169.123 port 49706 ssh2	2019-08-08 14:37:55
223.80.102.182	attackspam	Port 1433 Scan	2019-08-08 14:28:19
178.128.150.79	attackspambots	[ssh] SSH attack	2019-08-08 14:55:21
151.237.177.214	attack	Registration form abuse	2019-08-08 14:57:48
112.118.230.226	attackspambots	Aug 8 04:20:00 [munged] sshd[10732]: Failed password for root from 112.118.230.226 port 47560 ssh2	2019-08-08 14:55:54
35.240.217.103	attackspambots	Aug 8 04:20:29 ns41 sshd[11716]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.240.217.103 Aug 8 04:20:29 ns41 sshd[11716]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.240.217.103	2019-08-08 14:33:36

Recently Reported IPs

55.93.121.77	86.241.105.39	218.208.176.116	222.22.39.171
123.68.194.159	64.198.77.252	36.84.65.106	51.70.10.171
181.158.224.88	88.40.148.216	191.234.26.63	1.163.99.181
142.106.175.91	14.192.244.189	213.98.181.220	138.0.151.244
112.101.93.124	170.71.49.185	81.4.204.118	101.87.28.198