This IP address has been reported a total of
196
times from
142 distinct
sources.
43.245.248.2 was first reported on
, and the most recent report was
.
Recent Reports:
We have received reports of abusive activity from this IP address within the last week. It is
potentially still actively engaged in abusive activities.
Jun 29 20:51:27 NODE-1 sshd[3614122]: Disconnected from authenticating user root 43.245.248.2 port 3 ...
show moreJun 29 20:51:27 NODE-1 sshd[3614122]: Disconnected from authenticating user root 43.245.248.2 port 36962 [preauth]
Jun 29 20:53:21 NODE-1 sshd[3649528]: Disconnected from authenticating user root 43.245.248.2 port 36584 [preauth]
Jun 29 20:55:16 NODE-1 sshd[3685884]: Disconnected from authenticating user root 43.245.248.2 port 32856 [preauth]
Jun 29 20:57:09 NODE-1 sshd[3720989]: Disconnected from authenticating user root 43.245.248.2 port 44990 [preauth]
Jun 29 20:59:08 NODE-1 sshd[3758609]: Disconnected from authenticating user root 43.245.248.2 port 46500 [preauth]
...
show less
Jun 29 20:55:16 Debian-1202-bookworm-amd64-base sshd[1370982]: Failed password for root from 43.245. ...
show moreJun 29 20:55:16 Debian-1202-bookworm-amd64-base sshd[1370982]: Failed password for root from 43.245.248.2 port 40074 ssh2
Jun 29 20:57:07 Debian-1202-bookworm-amd64-base sshd[1441114]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.245.248.2 user=root
Jun 29 20:57:09 Debian-1202-bookworm-amd64-base sshd[1441114]: Failed password for root from 43.245.248.2 port 55072 ssh2
Jun 29 20:59:06 Debian-1202-bookworm-amd64-base sshd[1512809]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.245.248.2 user=root
Jun 29 20:59:08 Debian-1202-bookworm-amd64-base sshd[1512809]: Failed password for root from 43.245.248.2 port 53304 ssh2
...
show less
2026-06-29T19:57:40.377375+02:00 vm1386.de.snk.wtf sshd[782339]: Failed password for root from 43.24 ...
show more2026-06-29T19:57:40.377375+02:00 vm1386.de.snk.wtf sshd[782339]: Failed password for root from 43.245.248.2 port 50314 ssh2
2026-06-29T19:57:41.813394+02:00 vm1386.de.snk.wtf sshd[782339]: Disconnected from authenticating user root 43.245.248.2 port 50314 [preauth]
...
show less
Brute-Force
SSH
Anonymous
2026-06-29T16:43:52.387246 default-local sshd[103507]: Invalid user ftpdata from 43.245.248.2 port 5 ...
show more2026-06-29T16:43:52.387246 default-local sshd[103507]: Invalid user ftpdata from 43.245.248.2 port 52890
2026-06-29T16:47:03.246548 default-local sshd[103517]: User root from 43.245.248.2 not allowed because not listed in AllowUsers
2026-06-29T16:48:57.053815 default-local sshd[103523]: Invalid user ftpuser from 43.245.248.2 port 47542
2026-06-29T16:50:48.054956 default-local sshd[103530]: User root from 43.245.248.2 not allowed because not listed in AllowUsers
2026-06-29T16:52:40.747597 default-local sshd[103536]: User root from 43.245.248.2 not allowed because not listed in AllowUsers
...
show less
15 attempts since 29.06.2026 15:22:39 UTC - last one: 2026-06-29T17:49:28.320498+02:00 beta sshd-ses ...
show more15 attempts since 29.06.2026 15:22:39 UTC - last one: 2026-06-29T17:49:28.320498+02:00 beta sshd-session[1243264]: Disconnected from authenticating user root 43.245.248.2 port 53486 [preauth]
show less
Brute-Force
SSH
Showing 1 to
15
of 196 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ