104.248.142.28

Basic Info

City: Frankfurt am Main

Region: Hesse

Country: Germany

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.248.142.140	attack	www.goldgier.de 104.248.142.140 [19/May/2020:08:27:16 +0200] "POST /wp-login.php HTTP/1.1" 200 8695 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" www.goldgier.de 104.248.142.140 [19/May/2020:08:27:16 +0200] "POST /wp-login.php HTTP/1.1" 200 8695 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-05-23 07:08:20
104.248.142.140	attackspam	104.248.142.140 - - [22/May/2020:13:48:35 +0200] "GET /wp-login.php HTTP/1.1" 200 5865 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.142.140 - - [22/May/2020:13:48:36 +0200] "POST /wp-login.php HTTP/1.1" 200 6116 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.142.140 - - [22/May/2020:13:48:36 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-05-23 03:02:36
104.248.142.61	attackspam	Wordpress Admin Login attack	2020-04-24 22:52:51
104.248.142.62	attackspambots	C2,DEF GET /w00tw00t.at.blackhats.romanian.anti-sec:) GET /phpMyAdmin/scripts/setup.php GET /phpmyadmin/scripts/setup.php GET /myadmin/scripts/setup.php GET /MyAdmin/scripts/setup.php	2020-04-07 13:19:45
104.248.142.140	attack	104.248.142.140 - - [06/Apr/2020:19:45:52 +0200] "GET /wp-login.php HTTP/1.1" 200 5821 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.142.140 - - [06/Apr/2020:19:45:52 +0200] "POST /wp-login.php HTTP/1.1" 200 6601 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.142.140 - - [06/Apr/2020:19:45:53 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-04-07 03:46:18
104.248.142.140	attackbots	CMS (WordPress or Joomla) login attempt.	2020-03-30 12:44:24
104.248.142.140	attackbots	104.248.142.140 - - [09/Mar/2020:14:06:11 +0000] "POST /wp-login.php HTTP/1.1" 200 6409 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.142.140 - - [09/Mar/2020:14:06:12 +0000] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-03-09 23:30:59
104.248.142.47	attackbots	C1,DEF GET /wp-login.php	2020-02-21 06:31:18
104.248.142.47	attack	Unauthorized connection attempt detected, IP banned.	2020-02-18 01:37:52
104.248.142.47	attack	SS5,WP GET /wp-login.php	2020-02-07 00:43:41
104.248.142.140	attackbots	104.248.142.140 - - [13/Jan/2020:08:27:02 +0100] "GET /wp-login.php HTTP/1.1" 404 4095 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.142.140 - - [13/Jan/2020:08:27:02 +0100] "GET /wp-login.php HTTP/1.1" 404 4095 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.142.140 - - [13/Jan/2020:08:27:03 +0100] "GET /wp-login.php HTTP/1.1" 404 4095 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-01-13 16:26:00
104.248.142.140	attack	104.248.142.140 - - \[03/Jan/2020:18:12:23 +0100\] "POST /wp-login.php HTTP/1.0" 200 7778 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 104.248.142.140 - - \[03/Jan/2020:18:12:24 +0100\] "POST /wp-login.php HTTP/1.0" 200 7592 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 104.248.142.140 - - \[03/Jan/2020:18:12:25 +0100\] "POST /wp-login.php HTTP/1.0" 200 7601 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2020-01-04 01:10:29
104.248.142.47	attack	Automatic report - XMLRPC Attack	2019-12-30 19:01:22
104.248.142.47	attackbots	WordPress login Brute force / Web App Attack on client site.	2019-12-22 21:27:29
104.248.142.47	attackspam	fail2ban honeypot	2019-12-06 14:59:58

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.248.142.28
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 53051
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.248.142.28.			IN	A

;; AUTHORITY SECTION:
.			268	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022061901 1800 900 604800 86400

;; Query time: 17 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jun 20 15:26:42 CST 2022
;; MSG SIZE  rcvd: 107

Host info

Host 28.142.248.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 28.142.248.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
95.216.224.183	attackbots	Automatic report - Banned IP Access	2019-08-11 04:11:44
64.32.11.102	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2019-08-11 04:20:06
80.211.116.102	attack	Aug 10 20:18:32 MK-Soft-VM6 sshd\[12259\]: Invalid user vic from 80.211.116.102 port 54502 Aug 10 20:18:32 MK-Soft-VM6 sshd\[12259\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.116.102 Aug 10 20:18:34 MK-Soft-VM6 sshd\[12259\]: Failed password for invalid user vic from 80.211.116.102 port 54502 ssh2 ...	2019-08-11 04:38:27
157.230.140.180	attackbots	SSH Bruteforce attempt	2019-08-11 04:44:39
74.129.23.72	attackspam	Aug 10 18:41:09 db sshd\[15169\]: Invalid user pi from 74.129.23.72 Aug 10 18:41:09 db sshd\[15171\]: Invalid user pi from 74.129.23.72 Aug 10 18:41:09 db sshd\[15169\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=cpe-74-129-23-72.kya.res.rr.com Aug 10 18:41:09 db sshd\[15171\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=cpe-74-129-23-72.kya.res.rr.com Aug 10 18:41:11 db sshd\[15169\]: Failed password for invalid user pi from 74.129.23.72 port 33912 ssh2 ...	2019-08-11 04:15:09
217.64.140.162	attackspam	[portscan] Port scan	2019-08-11 04:24:43
2001:41d0:303:22ca::	attackspambots	[munged]::443 2001:41d0:303:22ca:: - - [10/Aug/2019:14:11:14 +0200] "POST /[munged]: HTTP/1.1" 200 6980 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 2001:41d0:303:22ca:: - - [10/Aug/2019:14:11:19 +0200] "POST /[munged]: HTTP/1.1" 200 6980 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 2001:41d0:303:22ca:: - - [10/Aug/2019:14:11:22 +0200] "POST /[munged]: HTTP/1.1" 200 6960 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 2001:41d0:303:22ca:: - - [10/Aug/2019:14:11:26 +0200] "POST /[munged]: HTTP/1.1" 200 6981 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 2001:41d0:303:22ca:: - - [10/Aug/2019:14:11:29 +0200] "POST /[munged]: HTTP/1.1" 200 6975 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 2001:41d0:303:22ca:: - - [10/Aug/2019:14:11:33 +0200] "POST /[munged]: HTTP	2019-08-11 04:03:47
66.153.194.203	attackbots	SSH scan ::	2019-08-11 04:07:08
139.59.190.69	attackbotsspam	Aug 10 16:16:51 amit sshd\[16251\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.190.69 user=root Aug 10 16:16:52 amit sshd\[16251\]: Failed password for root from 139.59.190.69 port 55953 ssh2 Aug 10 16:23:08 amit sshd\[26724\]: Invalid user mdom from 139.59.190.69 Aug 10 16:23:08 amit sshd\[26724\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.190.69 ...	2019-08-11 04:23:44
153.36.236.35	attackspambots	2019-08-10T20:13:25.343069abusebot-4.cloudsearch.cf sshd\[20845\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=153.36.236.35 user=root	2019-08-11 04:35:07
182.120.45.191	attack	Fail2Ban - SSH Bruteforce Attempt	2019-08-11 04:26:20
139.59.180.53	attackbots	Mar 14 07:21:23 motanud sshd\[6620\]: Invalid user ftpuser from 139.59.180.53 port 52720 Mar 14 07:21:24 motanud sshd\[6620\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.180.53 Mar 14 07:21:26 motanud sshd\[6620\]: Failed password for invalid user ftpuser from 139.59.180.53 port 52720 ssh2 Apr 21 11:24:41 motanud sshd\[11192\]: Invalid user debian from 139.59.180.53 port 55220 Apr 21 11:24:41 motanud sshd\[11192\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.180.53 Apr 21 11:24:43 motanud sshd\[11192\]: Failed password for invalid user debian from 139.59.180.53 port 55220 ssh2	2019-08-11 04:33:09
104.37.0.102	attack	Unauthorised access (Aug 10) SRC=104.37.0.102 LEN=44 TTL=240 ID=25602 TCP DPT=139 WINDOW=1024 SYN Unauthorised access (Aug 8) SRC=104.37.0.102 LEN=44 TTL=240 ID=40766 TCP DPT=445 WINDOW=1024 SYN Unauthorised access (Aug 6) SRC=104.37.0.102 LEN=44 TTL=240 ID=34472 TCP DPT=139 WINDOW=1024 SYN	2019-08-11 04:35:29
111.231.121.20	attack	2019-08-10T14:54:36.866812abusebot-6.cloudsearch.cf sshd\[2328\]: Invalid user eternum from 111.231.121.20 port 34340	2019-08-11 04:06:10
189.32.147.41	attack	Aug 10 22:19:59 jupiter sshd\[17818\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.32.147.41 user=root Aug 10 22:20:02 jupiter sshd\[17818\]: Failed password for root from 189.32.147.41 port 37483 ssh2 Aug 10 22:20:13 jupiter sshd\[17818\]: error: maximum authentication attempts exceeded for root from 189.32.147.41 port 37483 ssh2 \[preauth\] ...	2019-08-11 04:22:50

Recently Reported IPs

194.61.30.2	201.20.104.134	110.78.152.63	36.92.25.98
213.14.31.123	113.122.235.11	137.184.51.111	188.68.36.53
46.174.43.18	51.222.146.133	5.189.179.173	79.143.187.168
170.238.79.2	1.179.220.207	120.24.222.21	46.105.124.74
103.102.153.163	34.145.226.144	51.178.34.17	45.135.165.136