145.249.104.47

Basic Info

City: unknown

Region: unknown

Country: Netherlands

Internet Service Provider: IP Broker Limited

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Brute force blocker - service: exim2 - aantal: 25 - Sun Aug 26 18:30:10 2018	2020-09-26 02:04:05
attackspam	Brute force blocker - service: exim2 - aantal: 25 - Sun Aug 26 18:30:10 2018	2020-09-25 17:44:44

Comments on same subnet:

IP	Type	Details	Datetime
145.249.104.45	attackbots	Mar 23 00:46:12 ns3042688 courier-pop3d: LOGIN FAILED, user=info@makita-dolmar.es, ip=\[::ffff:145.249.104.45\] ...	2020-03-23 08:33:19
145.249.104.232	attackspam	(PERMBLOCK) 145.249.104.232 (NL/Netherlands/-) has had more than 4 temp blocks in the last 86400 secs	2019-09-12 06:53:34
145.249.104.74	attackbots	2019-09-03 01:54:29 dovecot_login authenticator failed for $ADMIN$ \[145.249.104.74\]: 535 Incorrect authentication data $set_id=support@opso.it$ 2019-09-03 01:54:47 dovecot_login authenticator failed for $ADMIN$ \[145.249.104.74\]: 535 Incorrect authentication data $set_id=support@opso.it$ 2019-09-03 01:54:56 dovecot_login authenticator failed for $ADMIN$ \[145.249.104.74\]: 535 Incorrect authentication data $set_id=support@opso.it$ 2019-09-03 01:55:34 dovecot_login authenticator failed for $ADMIN$ \[145.249.104.74\]: 535 Incorrect authentication data $set_id=support@opso.it$ 2019-09-03 01:57:14 dovecot_login authenticator failed for $ADMIN$ \[145.249.104.74\]: 535 Incorrect authentication data $set_id=support@opso.it$	2019-09-03 08:34:54
145.249.104.203	attackspam	fire	2019-08-09 13:26:42
145.249.104.198	attackbots	CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2019-07-25 02:35:07
145.249.104.198	attack	2019-07-06T15:23:43.788780abusebot-7.cloudsearch.cf sshd\[12983\]: Invalid user admin from 145.249.104.198 port 56280	2019-07-07 00:44:42
145.249.104.198	attackspam	SSH invalid-user multiple login try	2019-06-30 05:52:58
145.249.104.198	attackspambots	Jun 29 08:01:49 XXX sshd[11038]: Invalid user admin from 145.249.104.198 port 33888	2019-06-29 17:00:49

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 145.249.104.47
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 43642
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;145.249.104.47.			IN	A

;; AUTHORITY SECTION:
.			243	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020092500 1800 900 604800 86400

;; Query time: 81 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Sep 25 17:44:40 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 47.104.249.145.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 47.104.249.145.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
31.210.211.114	attack	Unauthorized SSH login attempts	2020-01-01 13:57:43
41.63.0.133	attackspambots	Jan 1 05:57:19 * sshd[30174]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.63.0.133 Jan 1 05:57:21 * sshd[30174]: Failed password for invalid user cheolyong from 41.63.0.133 port 42422 ssh2	2020-01-01 13:49:34
129.204.105.244	attack	(sshd) Failed SSH login from 129.204.105.244 (CN/China/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Dec 31 23:57:32 host sshd[70824]: Invalid user tolar from 129.204.105.244 port 43538	2020-01-01 13:41:08
218.241.236.108	attackspam	Jan 1 06:40:09 vps691689 sshd[2615]: Failed password for root from 218.241.236.108 port 52879 ssh2 Jan 1 06:43:30 vps691689 sshd[2696]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.241.236.108 ...	2020-01-01 13:58:37
167.99.194.54	attackbotsspam	Dec 31 19:35:43 web9 sshd\[10417\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.194.54 user=root Dec 31 19:35:45 web9 sshd\[10417\]: Failed password for root from 167.99.194.54 port 60292 ssh2 Dec 31 19:38:26 web9 sshd\[10795\]: Invalid user 1@3 from 167.99.194.54 Dec 31 19:38:26 web9 sshd\[10795\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.194.54 Dec 31 19:38:28 web9 sshd\[10795\]: Failed password for invalid user 1@3 from 167.99.194.54 port 60056 ssh2	2020-01-01 13:52:42
186.151.18.213	attack	Invalid user hoehn from 186.151.18.213 port 38040	2020-01-01 14:18:48
80.82.70.239	attackspam	01/01/2020-00:28:01.572901 80.82.70.239 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-01-01 14:02:46
37.187.54.45	attack	Dec 31 21:05:58 server sshd\[1496\]: Failed password for invalid user ftpuser from 37.187.54.45 port 55250 ssh2 Jan 1 08:49:46 server sshd\[3607\]: Invalid user server from 37.187.54.45 Jan 1 08:49:46 server sshd\[3607\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.ip-37-187-54.eu Jan 1 08:49:48 server sshd\[3607\]: Failed password for invalid user server from 37.187.54.45 port 38754 ssh2 Jan 1 09:03:08 server sshd\[6781\]: Invalid user nathrah from 37.187.54.45 Jan 1 09:03:08 server sshd\[6781\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.ip-37-187-54.eu ...	2020-01-01 14:17:27
222.186.173.226	attackspam	SSH bruteforce (Triggered fail2ban)	2020-01-01 13:56:37
103.132.171.2	attackbots	$f2bV_matches	2020-01-01 14:06:42
54.39.138.246	attackbots	$f2bV_matches	2020-01-01 13:55:38
118.25.71.229	attack	10 attempts against mh-pma-try-ban on hill.magehost.pro	2020-01-01 14:17:50
185.211.245.170	attack	Jan 1 00:25:33 web1 postfix/smtpd[27364]: warning: unknown[185.211.245.170]: SASL LOGIN authentication failed: authentication failure ...	2020-01-01 14:10:33
117.34.72.236	attackspambots	117.34.72.236 - - [01/Jan/2020:05:57:03 +0100] "GET /test.php HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0" 117.34.72.236 - - [01/Jan/2020:05:57:05 +0100] "GET /webdav/ HTTP/1.1" 301 162 "-" "Mozilla/5.0" 117.34.72.236 - - [01/Jan/2020:05:57:05 +0100] "GET /help.php HTTP/1.1" 301 162 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)" ...	2020-01-01 13:56:00
148.255.191.57	attackspam	$f2bV_matches	2020-01-01 13:51:44

Recently Reported IPs

52.151.240.97	43.224.0.77	193.141.236.14	161.35.122.197
111.40.117.236	120.193.91.209	106.13.233.251	20.188.58.70
225.94.79.110	180.232.1.16	89.76.93.51	94.104.188.187
66.162.50.195	19.205.185.63	33.14.190.231	214.220.144.217
173.57.194.99	182.126.196.8	134.118.184.94	37.187.129.23