142.11.204.248

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
142.11.204.54	attackspam	142.11.204.54 - - [22/Jan/2020:17:15:34 +0000] "POST /wp-login.php HTTP/1.1" 200 6409 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.11.204.54 - - [22/Jan/2020:17:15:35 +0000] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-01-23 13:41:36

Type

Details

Datetime

142.11.204.54

attackspam

142.11.204.54 - - [22/Jan/2020:17:15:34 +0000] "POST /wp-login.php HTTP/1.1" 200 6409 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
142.11.204.54 - - [22/Jan/2020:17:15:35 +0000] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
...

2020-01-23 13:41:36

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.11.204.248
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 46109
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;142.11.204.248.			IN	A

;; AUTHORITY SECTION:
.			244	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021702 1800 900 604800 86400

;; Query time: 61 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 12:18:49 CST 2022
;; MSG SIZE  rcvd: 107

Host info

248.204.11.142.in-addr.arpa domain name pointer client-142-11-204-248.hostwindsdns.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
248.204.11.142.in-addr.arpa	name = client-142-11-204-248.hostwindsdns.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
101.128.65.182	attackbotsspam	2020-06-25T10:53:57.047403ionos.janbro.de sshd[33439]: Failed password for invalid user kafka from 101.128.65.182 port 48357 ssh2 2020-06-25T10:57:39.540686ionos.janbro.de sshd[33446]: Invalid user scp from 101.128.65.182 port 42780 2020-06-25T10:57:39.602200ionos.janbro.de sshd[33446]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.128.65.182 2020-06-25T10:57:39.540686ionos.janbro.de sshd[33446]: Invalid user scp from 101.128.65.182 port 42780 2020-06-25T10:57:41.153166ionos.janbro.de sshd[33446]: Failed password for invalid user scp from 101.128.65.182 port 42780 ssh2 2020-06-25T11:01:23.200431ionos.janbro.de sshd[33474]: Invalid user gmodserver1 from 101.128.65.182 port 49017 2020-06-25T11:01:23.419635ionos.janbro.de sshd[33474]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.128.65.182 2020-06-25T11:01:23.200431ionos.janbro.de sshd[33474]: Invalid user gmodserver1 from 101.128.65.182 port 4901 ...	2020-06-25 19:07:03
223.71.167.165	attack	564/tcp 8378/tcp 3702/udp... [2020-04-24/06-25]4803pkt,394pt.(tcp),59pt.(udp)	2020-06-25 19:06:02
212.70.149.2	attack	Jun 25 13:13:18 srv3 postfix/smtpd\[44901\]: warning: unknown\[212.70.149.2\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 25 13:13:30 srv3 postfix/smtpd\[44898\]: warning: unknown\[212.70.149.2\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 25 13:13:56 srv3 postfix/smtpd\[44898\]: warning: unknown\[212.70.149.2\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-06-25 19:16:18
91.231.165.95	attackspam	Jun 25 11:36:54 ns3164893 sshd[21086]: Invalid user pi from 91.231.165.95 port 56678 Jun 25 11:36:54 ns3164893 sshd[21084]: Invalid user pi from 91.231.165.95 port 56674 ...	2020-06-25 19:38:43
73.16.9.177	attack	SSH_attack	2020-06-25 19:42:46
159.89.170.154	attackbots	Jun 25 12:55:49 zulu412 sshd\[23566\]: Invalid user ubuntu from 159.89.170.154 port 36798 Jun 25 12:55:49 zulu412 sshd\[23566\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.170.154 Jun 25 12:55:51 zulu412 sshd\[23566\]: Failed password for invalid user ubuntu from 159.89.170.154 port 36798 ssh2 ...	2020-06-25 19:09:50
168.63.150.222	attackbots	Jun 24 18:23:00 XXX sshd[1911]: Invalid user admin from 168.63.150.222 Jun 24 18:23:00 XXX sshd[1920]: Invalid user admin from 168.63.150.222 Jun 24 18:23:00 XXX sshd[1917]: Invalid user admin from 168.63.150.222 Jun 24 18:23:00 XXX sshd[1914]: Invalid user admin from 168.63.150.222 Jun 24 18:23:00 XXX sshd[1919]: Invalid user admin from 168.63.150.222 Jun 24 18:23:00 XXX sshd[1912]: Invalid user admin from 168.63.150.222 Jun 24 18:23:00 XXX sshd[1923]: Invalid user admin from 168.63.150.222 Jun 24 18:23:00 XXX sshd[1919]: Received disconnect from 168.63.150.222: 11: Client disconnecting normally [preauth] Jun 24 18:23:00 XXX sshd[1914]: Received disconnect from 168.63.150.222: 11: Client disconnecting normally [preauth] Jun 24 18:23:00 XXX sshd[1911]: Received disconnect from 168.63.150.222: 11: Client disconnecting normally [preauth] Jun 24 18:23:00 XXX sshd[1920]: Received disconnect from 168.63.150.222: 11: Client disconnecting normally [preauth] Jun 24 18:23:00 XXX........ -------------------------------	2020-06-25 19:29:34
123.206.23.106	attackbotsspam	Jun 24 19:46:29 hpm sshd\[17006\]: Invalid user wanghaoyu from 123.206.23.106 Jun 24 19:46:29 hpm sshd\[17006\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.206.23.106 Jun 24 19:46:30 hpm sshd\[17006\]: Failed password for invalid user wanghaoyu from 123.206.23.106 port 33254 ssh2 Jun 24 19:50:05 hpm sshd\[17320\]: Invalid user johnny from 123.206.23.106 Jun 24 19:50:05 hpm sshd\[17320\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.206.23.106	2020-06-25 19:15:00
137.117.13.132	attackspambots	Jun 25 09:54:01 web1 sshd[15801]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=137.117.13.132 user=root Jun 25 09:54:02 web1 sshd[15801]: Failed password for root from 137.117.13.132 port 34874 ssh2 Jun 25 09:54:01 web1 sshd[15806]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=137.117.13.132 user=root Jun 25 09:54:03 web1 sshd[15806]: Failed password for root from 137.117.13.132 port 35029 ssh2 Jun 25 10:02:31 web1 sshd[17945]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=137.117.13.132 user=root Jun 25 10:02:33 web1 sshd[17945]: Failed password for root from 137.117.13.132 port 46907 ssh2 Jun 25 10:02:32 web1 sshd[17950]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=137.117.13.132 user=root Jun 25 10:02:33 web1 sshd[17950]: Failed password for root from 137.117.13.132 port 47070 ssh2 Jun 25 20:57:54 web1 sshd[18 ...	2020-06-25 19:34:07
15.223.99.109	attack	21 attempts against mh-ssh on ice	2020-06-25 19:04:56
134.122.72.221	attackbots	firewall-block, port(s): 22419/tcp	2020-06-25 19:10:37
60.167.181.84	attack	Invalid user sompong from 60.167.181.84 port 51102	2020-06-25 19:35:55
58.213.116.170	attack	Jun 25 01:51:12 firewall sshd[32702]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.213.116.170 user=root Jun 25 01:51:14 firewall sshd[32702]: Failed password for root from 58.213.116.170 port 37880 ssh2 Jun 25 01:53:23 firewall sshd[340]: Invalid user bank from 58.213.116.170 ...	2020-06-25 19:31:01
34.89.102.127	attackspam	2020-06-25T08:42:19.473887dmca.cloudsearch.cf sshd[1460]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=127.102.89.34.bc.googleusercontent.com user=root 2020-06-25T08:42:20.984531dmca.cloudsearch.cf sshd[1460]: Failed password for root from 34.89.102.127 port 48358 ssh2 2020-06-25T08:48:46.786351dmca.cloudsearch.cf sshd[1539]: Invalid user sunrise from 34.89.102.127 port 51816 2020-06-25T08:48:46.791867dmca.cloudsearch.cf sshd[1539]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=127.102.89.34.bc.googleusercontent.com 2020-06-25T08:48:46.786351dmca.cloudsearch.cf sshd[1539]: Invalid user sunrise from 34.89.102.127 port 51816 2020-06-25T08:48:48.761351dmca.cloudsearch.cf sshd[1539]: Failed password for invalid user sunrise from 34.89.102.127 port 51816 ssh2 2020-06-25T08:51:58.288252dmca.cloudsearch.cf sshd[1588]: Invalid user blm from 34.89.102.127 port 52758 ...	2020-06-25 19:12:55
119.90.61.10	attackspambots	Jun 25 08:17:55 buvik sshd[2290]: Invalid user jtd from 119.90.61.10 Jun 25 08:17:55 buvik sshd[2290]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.90.61.10 Jun 25 08:17:56 buvik sshd[2290]: Failed password for invalid user jtd from 119.90.61.10 port 35288 ssh2 ...	2020-06-25 19:25:28

Recently Reported IPs

142.11.199.94	142.11.206.210	142.11.209.19	142.11.202.104
142.11.216.244	142.11.211.85	142.11.230.202	142.11.243.227
142.11.243.224	142.11.226.118	142.110.204.12	142.112.161.69
142.112.27.121	142.111.79.34	142.11.246.14	142.117.152.202
142.118.134.7	142.113.10.89	142.127.235.252	142.112.6.50