104.248.142.223

Basic Info

City: unknown

Region: unknown

Country: Germany

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.248.142.140	attack	www.goldgier.de 104.248.142.140 [19/May/2020:08:27:16 +0200] "POST /wp-login.php HTTP/1.1" 200 8695 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" www.goldgier.de 104.248.142.140 [19/May/2020:08:27:16 +0200] "POST /wp-login.php HTTP/1.1" 200 8695 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-05-23 07:08:20
104.248.142.140	attackspam	104.248.142.140 - - [22/May/2020:13:48:35 +0200] "GET /wp-login.php HTTP/1.1" 200 5865 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.142.140 - - [22/May/2020:13:48:36 +0200] "POST /wp-login.php HTTP/1.1" 200 6116 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.142.140 - - [22/May/2020:13:48:36 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-05-23 03:02:36
104.248.142.61	attackspam	Wordpress Admin Login attack	2020-04-24 22:52:51
104.248.142.62	attackspambots	C2,DEF GET /w00tw00t.at.blackhats.romanian.anti-sec:) GET /phpMyAdmin/scripts/setup.php GET /phpmyadmin/scripts/setup.php GET /myadmin/scripts/setup.php GET /MyAdmin/scripts/setup.php	2020-04-07 13:19:45
104.248.142.140	attack	104.248.142.140 - - [06/Apr/2020:19:45:52 +0200] "GET /wp-login.php HTTP/1.1" 200 5821 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.142.140 - - [06/Apr/2020:19:45:52 +0200] "POST /wp-login.php HTTP/1.1" 200 6601 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.142.140 - - [06/Apr/2020:19:45:53 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-04-07 03:46:18
104.248.142.140	attackbots	CMS (WordPress or Joomla) login attempt.	2020-03-30 12:44:24
104.248.142.140	attackbots	104.248.142.140 - - [09/Mar/2020:14:06:11 +0000] "POST /wp-login.php HTTP/1.1" 200 6409 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.142.140 - - [09/Mar/2020:14:06:12 +0000] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-03-09 23:30:59
104.248.142.47	attackbots	C1,DEF GET /wp-login.php	2020-02-21 06:31:18
104.248.142.47	attack	Unauthorized connection attempt detected, IP banned.	2020-02-18 01:37:52
104.248.142.47	attack	SS5,WP GET /wp-login.php	2020-02-07 00:43:41
104.248.142.140	attackbots	104.248.142.140 - - [13/Jan/2020:08:27:02 +0100] "GET /wp-login.php HTTP/1.1" 404 4095 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.142.140 - - [13/Jan/2020:08:27:02 +0100] "GET /wp-login.php HTTP/1.1" 404 4095 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.142.140 - - [13/Jan/2020:08:27:03 +0100] "GET /wp-login.php HTTP/1.1" 404 4095 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-01-13 16:26:00
104.248.142.140	attack	104.248.142.140 - - \[03/Jan/2020:18:12:23 +0100\] "POST /wp-login.php HTTP/1.0" 200 7778 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 104.248.142.140 - - \[03/Jan/2020:18:12:24 +0100\] "POST /wp-login.php HTTP/1.0" 200 7592 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 104.248.142.140 - - \[03/Jan/2020:18:12:25 +0100\] "POST /wp-login.php HTTP/1.0" 200 7601 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-01-04 01:10:29
104.248.142.47	attack	Automatic report - XMLRPC Attack	2019-12-30 19:01:22
104.248.142.47	attackbots	WordPress login Brute force / Web App Attack on client site.	2019-12-22 21:27:29
104.248.142.47	attackspam	fail2ban honeypot	2019-12-06 14:59:58

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.248.142.223
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 15930
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.248.142.223.		IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025022001 1800 900 604800 86400

;; Query time: 15 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 21 03:32:56 CST 2025
;; MSG SIZE  rcvd: 108

Host info

Host 223.142.248.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 223.142.248.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
77.75.76.166	attack	Rule breaker	2020-04-10 19:49:35
165.22.134.111	attackbotsspam	Apr 10 13:24:03 host01 sshd[20992]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.134.111 Apr 10 13:24:06 host01 sshd[20992]: Failed password for invalid user test from 165.22.134.111 port 52214 ssh2 Apr 10 13:28:14 host01 sshd[21718]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.134.111 ...	2020-04-10 19:54:03
66.70.178.54	attack	detected by Fail2Ban	2020-04-10 19:48:19
139.199.98.175	attackspam	[ssh] SSH attack	2020-04-10 19:51:51
162.243.132.53	attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2020-04-10 20:03:21
203.245.41.96	attackbotsspam	$f2bV_matches	2020-04-10 19:45:06
103.26.40.145	attackbots	Apr 10 08:31:26 server sshd\[10076\]: Invalid user 34.214.11.248 from 103.26.40.145 Apr 10 08:31:26 server sshd\[10076\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.26.40.145 Apr 10 08:31:29 server sshd\[10076\]: Failed password for invalid user 34.214.11.248 from 103.26.40.145 port 56760 ssh2 Apr 10 08:42:17 server sshd\[12733\]: Invalid user 18.185.135.206 from 103.26.40.145 Apr 10 08:42:17 server sshd\[12733\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.26.40.145 ...	2020-04-10 19:48:44
195.223.211.242	attackspambots	DATE:2020-04-10 14:12:14, IP:195.223.211.242, PORT:ssh SSH brute force auth (docker-dc)	2020-04-10 20:12:19
181.16.54.125	attackspambots	5x Failed Password	2020-04-10 20:12:40
93.28.14.209	attackbotsspam	Apr 10 11:49:52 server sshd[2566]: Failed password for invalid user students from 93.28.14.209 port 33588 ssh2 Apr 10 11:53:48 server sshd[3913]: Failed password for invalid user resolve from 93.28.14.209 port 49148 ssh2 Apr 10 11:57:47 server sshd[5337]: Failed password for invalid user developer from 93.28.14.209 port 36458 ssh2	2020-04-10 20:04:47
218.145.211.119	attackbotsspam	port 23	2020-04-10 19:55:39
134.209.250.9	attack	Apr 10 02:07:29 web9 sshd\[26042\]: Invalid user panshan from 134.209.250.9 Apr 10 02:07:29 web9 sshd\[26042\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.250.9 Apr 10 02:07:32 web9 sshd\[26042\]: Failed password for invalid user panshan from 134.209.250.9 port 59006 ssh2 Apr 10 02:12:12 web9 sshd\[26657\]: Invalid user text from 134.209.250.9 Apr 10 02:12:12 web9 sshd\[26657\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.250.9	2020-04-10 20:13:06
139.198.17.31	attackspam	$f2bV_matches	2020-04-10 19:49:17
222.186.173.142	attackspam	Apr 10 14:01:47 pve sshd[14972]: Failed password for root from 222.186.173.142 port 41282 ssh2 Apr 10 14:01:52 pve sshd[14972]: Failed password for root from 222.186.173.142 port 41282 ssh2 Apr 10 14:01:57 pve sshd[14972]: Failed password for root from 222.186.173.142 port 41282 ssh2 Apr 10 14:02:02 pve sshd[14972]: Failed password for root from 222.186.173.142 port 41282 ssh2	2020-04-10 20:09:19
64.225.67.233	attackbotsspam	Apr 10 08:08:32 NPSTNNYC01T sshd[17111]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=64.225.67.233 Apr 10 08:08:34 NPSTNNYC01T sshd[17111]: Failed password for invalid user centos from 64.225.67.233 port 35462 ssh2 Apr 10 08:12:03 NPSTNNYC01T sshd[17278]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=64.225.67.233 ...	2020-04-10 20:19:15

Recently Reported IPs

223.58.56.178	30.2.13.251	27.171.50.63	175.113.60.227
223.39.169.105	156.62.79.122	145.222.186.51	233.81.246.184
141.1.99.4	219.91.204.22	54.110.157.54	39.137.136.121
141.44.232.7	85.176.151.158	210.218.151.82	137.38.40.149
43.219.179.148	49.55.181.128	87.155.64.194	153.1.143.90