104.248.132.223

Basic Info

City: Frankfurt am Main

Region: Hesse

Country: Germany

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.248.132.216	attackspam	wordpress attack: ///wp-json/wp/v2/users/ ///?author=1	2020-09-15 22:23:22
104.248.132.216	attackspam	Automatic report - XMLRPC Attack	2020-09-15 14:20:37
104.248.132.216	attackspam	104.248.132.216 - - [14/Sep/2020:22:42:41 +0200] "POST /wp-login.php HTTP/1.0" 200 4794 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-15 06:29:58
104.248.132.216	attackspambots	104.248.132.216 - - [22/Aug/2020:05:47:34 +0200] "GET /wp-login.php HTTP/1.1" 200 8537 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.132.216 - - [22/Aug/2020:05:47:36 +0200] "POST /wp-login.php HTTP/1.1" 200 8788 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.132.216 - - [22/Aug/2020:05:47:37 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-22 18:31:25
104.248.132.216	attack	104.248.132.216 - - [20/Aug/2020:00:47:25 +0200] "GET /wp-login.php HTTP/1.1" 200 8537 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.132.216 - - [20/Aug/2020:00:47:27 +0200] "POST /wp-login.php HTTP/1.1" 200 8788 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.132.216 - - [20/Aug/2020:00:47:28 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-20 08:02:01
104.248.132.216	attack	104.248.132.216 - - [08/Aug/2020:22:07:22 +0100] "POST /wp-login.php HTTP/1.1" 200 1956 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.132.216 - - [08/Aug/2020:22:07:23 +0100] "POST /wp-login.php HTTP/1.1" 200 1953 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.132.216 - - [08/Aug/2020:22:07:23 +0100] "POST /xmlrpc.php HTTP/1.1" 200 247 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-09 05:25:38
104.248.132.216	attackbots	104.248.132.216 - - [06/Aug/2020:08:31:52 +0200] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.132.216 - - [06/Aug/2020:08:31:53 +0200] "POST /wp-login.php HTTP/1.1" 200 2031 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.132.216 - - [06/Aug/2020:08:31:53 +0200] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.132.216 - - [06/Aug/2020:08:31:53 +0200] "POST /wp-login.php HTTP/1.1" 200 2007 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.132.216 - - [06/Aug/2020:08:31:53 +0200] "GET /wp-login.php HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.132.216 - - [06/Aug/2020:08:31:53 +0200] "POST /wp-login.php HTTP/1.1" 200 2008 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/ ...	2020-08-06 15:19:48
104.248.132.216	attack	104.248.132.216 - - \[27/Jul/2020:16:03:04 +0200\] "POST /wp-login.php HTTP/1.1" 200 10019 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 104.248.132.216 - - \[27/Jul/2020:16:03:04 +0200\] "POST /wp-login.php HTTP/1.1" 200 9823 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" ...	2020-07-27 23:17:24
104.248.132.216	attackbotsspam	xmlrpc attack	2020-07-27 13:11:39
104.248.132.180	attackbotsspam	[Aegis] @ 2019-07-04 11:01:19 0100 -> Attempted Administrator Privilege Gain: ET SCAN LibSSH Based Frequent SSH Connections Likely BruteForce Attack	2020-04-29 14:56:07
104.248.132.55	attack	Port 22 Scan, PTR: None	2020-04-07 04:33:23
104.248.132.180	attackspam	Apr 26 12:02:30 ubuntu sshd[11732]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.132.180 Apr 26 12:02:32 ubuntu sshd[11732]: Failed password for invalid user zabbix from 104.248.132.180 port 57846 ssh2 Apr 26 12:04:49 ubuntu sshd[11770]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.132.180 Apr 26 12:04:52 ubuntu sshd[11770]: Failed password for invalid user monerodaemon from 104.248.132.180 port 54834 ssh2	2019-07-31 21:52:32
104.248.132.25	attack	SSH Bruteforce attack	2019-06-23 00:54:27
104.248.132.173	attackspambots	Jun 22 06:19:17 lnxmail61 sshd[6972]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.132.173 Jun 22 06:19:17 lnxmail61 sshd[6972]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.132.173	2019-06-22 20:19:31

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.248.132.223
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 48709
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.248.132.223.		IN	A

;; AUTHORITY SECTION:
.			404	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022041201 1800 900 604800 86400

;; Query time: 58 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Apr 13 11:00:16 CST 2022
;; MSG SIZE  rcvd: 108

Host info

Host 223.132.248.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 223.132.248.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
202.51.74.189	attackspambots	Sep 14 08:59:21 MK-Soft-VM5 sshd\[29454\]: Invalid user lodwin from 202.51.74.189 port 32850 Sep 14 08:59:21 MK-Soft-VM5 sshd\[29454\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.51.74.189 Sep 14 08:59:22 MK-Soft-VM5 sshd\[29454\]: Failed password for invalid user lodwin from 202.51.74.189 port 32850 ssh2 ...	2019-09-14 17:15:13
43.230.107.61	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-09-14 05:27:58,910 INFO [amun_request_handler] PortScan Detected on Port: 445 (43.230.107.61)	2019-09-14 17:10:00
174.110.253.220	attackspambots	web-1 [ssh_2] SSH Attack	2019-09-14 17:07:39
51.38.179.179	attackspambots	Sep 13 23:16:00 tdfoods sshd\[6718\]: Invalid user user from 51.38.179.179 Sep 13 23:16:00 tdfoods sshd\[6718\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.ip-51-38-179.eu Sep 13 23:16:01 tdfoods sshd\[6718\]: Failed password for invalid user user from 51.38.179.179 port 53258 ssh2 Sep 13 23:20:18 tdfoods sshd\[7114\]: Invalid user osmc from 51.38.179.179 Sep 13 23:20:18 tdfoods sshd\[7114\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.ip-51-38-179.eu	2019-09-14 17:25:31
1.71.129.49	attackbots	Sep 14 09:54:31 saschabauer sshd[15746]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.71.129.49 Sep 14 09:54:34 saschabauer sshd[15746]: Failed password for invalid user bukkit from 1.71.129.49 port 48922 ssh2	2019-09-14 16:46:50
123.136.161.146	attackbotsspam	Sep 14 10:48:37 eventyay sshd[20562]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.136.161.146 Sep 14 10:48:39 eventyay sshd[20562]: Failed password for invalid user barman from 123.136.161.146 port 56288 ssh2 Sep 14 10:52:59 eventyay sshd[20628]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.136.161.146 ...	2019-09-14 17:10:32
206.81.25.181	attackspambots	Automated report - ssh fail2ban: Sep 14 10:58:21 authentication failure Sep 14 10:58:23 wrong password, user=bx, port=43626, ssh2 Sep 14 11:02:02 authentication failure	2019-09-14 17:08:44
45.82.34.126	attackbotsspam	Sep 14 08:52:07 server postfix/smtpd[11383]: NOQUEUE: reject: RCPT from tested.geomaticvista.com[45.82.34.126]: 554 5.7.1 Service unavailable; Client host [45.82.34.126] blocked using zen.spamhaus.org; https://www.spamhaus.org/sbl/query/SBLCSS; from= to= proto=ESMTP helo=	2019-09-14 16:47:56
106.13.107.106	attackbotsspam	Sep 14 10:11:58 nextcloud sshd\[18040\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.107.106 user=root Sep 14 10:12:00 nextcloud sshd\[18040\]: Failed password for root from 106.13.107.106 port 37584 ssh2 Sep 14 10:17:45 nextcloud sshd\[26242\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.107.106 user=root ...	2019-09-14 16:51:29
111.125.82.88	attackbotsspam	Unauthorized connection attempt from IP address 111.125.82.88 on Port 445(SMB)	2019-09-14 16:43:42
93.29.187.145	attackspam	Sep 14 08:54:52 web8 sshd\[23020\]: Invalid user administracion from 93.29.187.145 Sep 14 08:54:52 web8 sshd\[23020\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.29.187.145 Sep 14 08:54:54 web8 sshd\[23020\]: Failed password for invalid user administracion from 93.29.187.145 port 41850 ssh2 Sep 14 08:58:55 web8 sshd\[24845\]: Invalid user nas from 93.29.187.145 Sep 14 08:58:55 web8 sshd\[24845\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.29.187.145	2019-09-14 17:11:34
36.79.212.97	attackspambots	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-09-14 05:29:14,849 INFO [amun_request_handler] PortScan Detected on Port: 445 (36.79.212.97)	2019-09-14 16:56:50
111.75.149.221	attackbotsspam	Sep 14 09:03:36 vmanager6029 postfix/smtpd\[16503\]: warning: unknown\[111.75.149.221\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 14 09:03:45 vmanager6029 postfix/smtpd\[16503\]: warning: unknown\[111.75.149.221\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-09-14 17:03:37
114.236.113.189	attackbotsspam	Sep 14 08:51:29 vpn01 sshd\[1164\]: Invalid user usuario from 114.236.113.189 Sep 14 08:51:30 vpn01 sshd\[1164\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.236.113.189 Sep 14 08:51:32 vpn01 sshd\[1164\]: Failed password for invalid user usuario from 114.236.113.189 port 55140 ssh2	2019-09-14 17:18:56
195.58.123.109	attack	Sep 13 23:10:37 friendsofhawaii sshd\[17218\]: Invalid user phoenix1 from 195.58.123.109 Sep 13 23:10:37 friendsofhawaii sshd\[17218\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=host.195.58.123.109.bitcom.se Sep 13 23:10:39 friendsofhawaii sshd\[17218\]: Failed password for invalid user phoenix1 from 195.58.123.109 port 38984 ssh2 Sep 13 23:14:44 friendsofhawaii sshd\[17619\]: Invalid user wi123 from 195.58.123.109 Sep 13 23:14:44 friendsofhawaii sshd\[17619\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=host.195.58.123.109.bitcom.se	2019-09-14 17:24:59

Recently Reported IPs

104.248.127.114	104.248.139.94	104.248.140.128	104.248.140.225
104.248.141.0	104.248.141.97	104.248.142.133	104.248.143.150
104.248.148.213	104.248.148.39	104.248.150.100	104.248.155.199
104.248.155.61	104.248.158.103	104.248.16.174	104.248.162.181
104.248.163.79	104.248.172.192	104.248.178.136	104.248.200.144