148.245.172.242

Basic Info

City: unknown

Region: unknown

Country: None

Internet Service Provider: Universidad Politecnica del Valle de Mexico

Hostname: unknown

Organization: unknown

Usage Type: University/College/School

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Nov 28 21:17:07 XXX sshd[51542]: Invalid user backer from 148.245.172.242 port 56492	2019-11-29 05:27:22
attackbots	Oct 22 13:52:45 tuxlinux sshd[40736]: Invalid user telegraf from 148.245.172.242 port 47122 Oct 22 13:52:45 tuxlinux sshd[40736]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.245.172.242 Oct 22 13:52:45 tuxlinux sshd[40736]: Invalid user telegraf from 148.245.172.242 port 47122 Oct 22 13:52:45 tuxlinux sshd[40736]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.245.172.242 Oct 22 13:52:45 tuxlinux sshd[40736]: Invalid user telegraf from 148.245.172.242 port 47122 Oct 22 13:52:45 tuxlinux sshd[40736]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.245.172.242 Oct 22 13:52:47 tuxlinux sshd[40736]: Failed password for invalid user telegraf from 148.245.172.242 port 47122 ssh2 ...	2019-10-22 20:51:16
attack	$f2bV_matches	2019-10-17 22:50:57
attackspambots	Oct 5 17:49:46 amida sshd[147969]: Failed password for r.r from 148.245.172.242 port 50154 ssh2 Oct 5 17:49:46 amida sshd[147969]: Received disconnect from 148.245.172.242: 11: Bye Bye [preauth] Oct 5 17:55:07 amida sshd[150473]: Failed password for r.r from 148.245.172.242 port 55638 ssh2 Oct 5 17:55:07 amida sshd[150473]: Received disconnect from 148.245.172.242: 11: Bye Bye [preauth] Oct 5 18:00:07 amida sshd[152360]: Failed password for r.r from 148.245.172.242 port 58842 ssh2 Oct 5 18:00:07 amida sshd[152360]: Received disconnect from 148.245.172.242: 11: Bye Bye [preauth] Oct 5 18:05:15 amida sshd[154314]: Failed password for r.r from 148.245.172.242 port 33816 ssh2 Oct 5 18:05:15 amida sshd[154314]: Received disconnect from 148.245.172.242: 11: Bye Bye [preauth] Oct 5 18:08:35 amida sshd[155354]: Failed password for r.r from 148.245.172.242 port 37006 ssh2 Oct 5 18:21:17 amida sshd[160102]: Failed password for r.r from 148.245.172.242 port 46600 ssh2 Oc........ -------------------------------	2019-10-11 04:32:59

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 148.245.172.242
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26169
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;148.245.172.242.		IN	A

;; AUTHORITY SECTION:
.			230	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019101001 1800 900 604800 86400

;; Query time: 195 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Oct 11 04:32:56 CST 2019
;; MSG SIZE  rcvd: 119

Host info

242.172.245.148.in-addr.arpa domain name pointer na-172-242.static.avantel.net.mx.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
242.172.245.148.in-addr.arpa	name = na-172-242.static.avantel.net.mx.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
107.139.154.249	attack	Sep 19 13:35:04 vps sshd[2625]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.139.154.249 Sep 19 13:35:06 vps sshd[2625]: Failed password for invalid user test from 107.139.154.249 port 42048 ssh2 Sep 19 14:21:22 vps sshd[4968]: Failed password for root from 107.139.154.249 port 45854 ssh2 ...	2020-09-20 00:53:21
205.201.130.186	attackspam	SMTP Screen: 205.201.130.186 (United States): connected 11 times within 2 minutes	2020-09-20 01:19:04
59.126.108.47	attackspam	prod8 ...	2020-09-20 01:19:56
61.93.240.18	attackbotsspam	$f2bV_matches	2020-09-20 01:10:45
196.216.228.111	attackspambots	20 attempts against mh-ssh on pcx	2020-09-20 01:20:27
177.245.201.59	attackbotsspam	Sep 18 16:59:35 hermescis postfix/smtpd[11820]: NOQUEUE: reject: RCPT from unknown[177.245.201.59]: 550 5.1.1 : Recipient address rejected:* from= to= proto=ESMTP helo=	2020-09-20 01:20:45
177.159.111.228	attackbotsspam	SSH 2020-09-19 02:53:02 177.159.111.228 139.99.182.230 > POST balimandirabeachresort.indonesiaroom.com /wp-login.php HTTP/1.1 - - 2020-09-20 00:05:03 177.159.111.228 139.99.182.230 > GET whiterosehotelbali.indonesiaroom.com /wp-login.php HTTP/1.1 - - 2020-09-20 00:05:05 177.159.111.228 139.99.182.230 > POST whiterosehotelbali.indonesiaroom.com /wp-login.php HTTP/1.1 - -	2020-09-20 01:20:11
12.165.80.213	attackspam	RDP Bruteforce	2020-09-20 00:51:57
134.122.73.64	attack	Sep 19 16:16:27 mail.srvfarm.net postfix/smtpd[1505471]: warning: unknown[134.122.73.64]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 19 16:16:27 mail.srvfarm.net postfix/smtpd[1505471]: lost connection after AUTH from unknown[134.122.73.64] Sep 19 16:16:48 mail.srvfarm.net postfix/smtpd[1490388]: warning: unknown[134.122.73.64]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 19 16:16:48 mail.srvfarm.net postfix/smtpd[1490388]: lost connection after AUTH from unknown[134.122.73.64] Sep 19 16:17:57 mail.srvfarm.net postfix/smtpd[1490388]: warning: unknown[134.122.73.64]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 19 16:17:57 mail.srvfarm.net postfix/smtpd[1490388]: lost connection after AUTH from unknown[134.122.73.64]	2020-09-20 00:59:38
107.132.88.42	attack	Sep 19 18:12:13 vps333114 sshd[17822]: Failed password for root from 107.132.88.42 port 58984 ssh2 Sep 19 18:17:41 vps333114 sshd[17961]: Invalid user ts3bot from 107.132.88.42 ...	2020-09-20 01:28:15
178.239.148.136	attackspambots	Automatic report - Port Scan Attack	2020-09-20 00:54:37
106.12.90.45	attackbotsspam	$f2bV_matches	2020-09-20 01:26:08
68.183.52.2	attackbotsspam	Sep 19 07:59:30 ny01 sshd[13371]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.52.2 Sep 19 07:59:32 ny01 sshd[13371]: Failed password for invalid user oracle from 68.183.52.2 port 46028 ssh2 Sep 19 08:03:30 ny01 sshd[13908]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.52.2	2020-09-20 01:23:00
178.128.80.85	attackspam	2020-09-19T17:10:57.567196centos sshd[10011]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.80.85 2020-09-19T17:10:57.561346centos sshd[10011]: Invalid user ftp-user from 178.128.80.85 port 50048 2020-09-19T17:10:59.380262centos sshd[10011]: Failed password for invalid user ftp-user from 178.128.80.85 port 50048 ssh2 ...	2020-09-20 01:15:39
149.200.181.126	attackbotsspam	Telnet Server BruteForce Attack	2020-09-20 01:11:40

Recently Reported IPs

235.42.181.91	194.1.170.14	106.54.207.169	45.63.97.214
51.179.106.187	114.67.80.161	77.42.126.88	85.128.14.107
36.71.117.246	190.186.58.189	190.87.160.72	186.95.204.132
14.160.52.170	110.235.202.159	37.6.175.166	190.180.129.102
42.7.85.197	149.56.254.107	186.18.165.214	103.136.179.212