104.248.242.125

Basic Info

City: Frankfurt am Main

Region: Hesse

Country: Germany

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: DigitalOcean, LLC

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	2019-09-23T05:53:55.757147lon01.zurich-datacenter.net sshd\[9439\]: Invalid user arma2dm from 104.248.242.125 port 59644 2019-09-23T05:53:55.763996lon01.zurich-datacenter.net sshd\[9439\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.242.125 2019-09-23T05:53:57.312523lon01.zurich-datacenter.net sshd\[9439\]: Failed password for invalid user arma2dm from 104.248.242.125 port 59644 ssh2 2019-09-23T05:58:21.658836lon01.zurich-datacenter.net sshd\[9567\]: Invalid user debian from 104.248.242.125 port 44732 2019-09-23T05:58:21.663684lon01.zurich-datacenter.net sshd\[9567\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.242.125 ...	2019-09-23 12:27:55
attackspam	Invalid user wk from 104.248.242.125 port 45748	2019-09-20 17:11:02
attackbotsspam	$f2bV_matches	2019-09-16 08:44:12
attackspam	Sep 15 09:55:34 bouncer sshd\[3771\]: Invalid user yv from 104.248.242.125 port 51650 Sep 15 09:55:34 bouncer sshd\[3771\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.242.125 Sep 15 09:55:36 bouncer sshd\[3771\]: Failed password for invalid user yv from 104.248.242.125 port 51650 ssh2 ...	2019-09-15 20:21:46
attack	2019-09-10T05:42:24.064037abusebot-4.cloudsearch.cf sshd\[9329\]: Invalid user guest from 104.248.242.125 port 46608	2019-09-10 14:03:05
attackbotsspam	Sep 8 22:04:21 markkoudstaal sshd[2572]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.242.125 Sep 8 22:04:23 markkoudstaal sshd[2572]: Failed password for invalid user test from 104.248.242.125 port 38028 ssh2 Sep 8 22:08:43 markkoudstaal sshd[2950]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.242.125	2019-09-09 04:10:18
attackspambots	Aug 3 17:20:56 marvibiene sshd[27227]: Invalid user admin from 104.248.242.125 port 44804 Aug 3 17:20:56 marvibiene sshd[27227]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.242.125 Aug 3 17:20:56 marvibiene sshd[27227]: Invalid user admin from 104.248.242.125 port 44804 Aug 3 17:20:58 marvibiene sshd[27227]: Failed password for invalid user admin from 104.248.242.125 port 44804 ssh2 ...	2019-08-04 08:47:39
attackspam	Apr 21 04:18:53 ubuntu sshd[12827]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.242.125 Apr 21 04:18:55 ubuntu sshd[12827]: Failed password for invalid user ai from 104.248.242.125 port 43198 ssh2 Apr 21 04:21:18 ubuntu sshd[13181]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.242.125 Apr 21 04:21:19 ubuntu sshd[13181]: Failed password for invalid user pavel from 104.248.242.125 port 39790 ssh2	2019-07-31 18:08:24
attack	Jul 21 07:13:22 localhost sshd\[28348\]: Invalid user op from 104.248.242.125 port 43188 Jul 21 07:13:22 localhost sshd\[28348\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.242.125 ...	2019-07-21 14:30:34
attackbots	Invalid user fleurs from 104.248.242.125 port 46798	2019-06-28 21:23:39

Comments on same subnet:

IP	Type	Details	Datetime
104.248.242.175	attack	Attempt to hack Wordpress Login, XMLRPC or other login	2020-04-26 17:53:31
104.248.242.175	attack	104.248.242.175 - - [19/Apr/2020:05:52:01 +0200] "POST /wp-login.php HTTP/1.1" 200 3405 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.242.175 - - [19/Apr/2020:05:52:03 +0200] "POST /wp-login.php HTTP/1.1" 200 3383 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-04-19 16:20:55
104.248.242.175	attackbotsspam	104.248.242.175 - - [07/Apr/2020:08:16:07 +0200] "GET /wp-login.php HTTP/1.1" 200 5702 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.242.175 - - [07/Apr/2020:08:16:09 +0200] "POST /wp-login.php HTTP/1.1" 200 6601 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.242.175 - - [07/Apr/2020:08:16:10 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-04-07 14:38:18
104.248.242.175	attack	Apr 2 18:23:48 wordpress wordpress(www.ruhnke.cloud)[96381]: Blocked authentication attempt for admin from ::ffff:104.248.242.175	2020-04-03 02:10:41
104.248.242.11	attack	joshuajohannes.de 104.248.242.11 \[04/Jul/2019:16:52:54 +0200\] "POST /wp-login.php HTTP/1.1" 200 5606 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" joshuajohannes.de 104.248.242.11 \[04/Jul/2019:16:52:54 +0200\] "POST /wp-login.php HTTP/1.1" 200 5572 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-07-05 03:27:35
104.248.242.74	attackbotsspam	SSH User Authentication Brute Force Attempt, PTR: PTR record not found	2019-06-28 14:40:25

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.248.242.125
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 39956
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.248.242.125.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040501 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sat Apr 06 09:35:47 +08 2019
;; MSG SIZE  rcvd: 119

Host info

Host 125.242.248.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 125.242.248.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
104.131.71.105	attack	Jun 17 12:35:17 ny01 sshd[24719]: Failed password for root from 104.131.71.105 port 44122 ssh2 Jun 17 12:38:28 ny01 sshd[25113]: Failed password for root from 104.131.71.105 port 44118 ssh2	2020-06-18 00:44:48
109.162.243.41	attackbotsspam	DATE:2020-06-17 18:22:17, IP:109.162.243.41, PORT:5900 VNC brute force auth on honeypot server (epe-honey1-hq)	2020-06-18 00:54:05
122.165.132.5	attack	2020-06-17T18:19:30.269920vps773228.ovh.net sshd[29372]: Failed password for invalid user hah from 122.165.132.5 port 55820 ssh2 2020-06-17T18:22:12.413322vps773228.ovh.net sshd[29442]: Invalid user mongod from 122.165.132.5 port 51574 2020-06-17T18:22:12.425805vps773228.ovh.net sshd[29442]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.165.132.5 2020-06-17T18:22:12.413322vps773228.ovh.net sshd[29442]: Invalid user mongod from 122.165.132.5 port 51574 2020-06-17T18:22:14.891273vps773228.ovh.net sshd[29442]: Failed password for invalid user mongod from 122.165.132.5 port 51574 ssh2 ...	2020-06-18 00:59:26
37.211.60.215	attackbots	IP blocked	2020-06-18 00:39:34
1.165.208.205	attackspambots	1592410924 - 06/17/2020 18:22:04 Host: 1.165.208.205/1.165.208.205 Port: 445 TCP Blocked	2020-06-18 01:11:17
51.38.231.78	attackbots	2020-06-17T19:06:33+0200 Failed SSH Authentication/Brute Force Attack.(Server 2)	2020-06-18 01:13:37
87.251.74.211	attack	06/17/2020-12:22:32.993222 87.251.74.211 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-06-18 00:44:00
194.180.224.130	attack	Jun 17 16:39:15 localhost sshd[29302]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.180.224.130 user=root Jun 17 16:39:17 localhost sshd[29302]: Failed password for root from 194.180.224.130 port 33844 ssh2 Jun 17 16:39:37 localhost sshd[29344]: Invalid user admin from 194.180.224.130 port 37398 Jun 17 16:39:37 localhost sshd[29344]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.180.224.130 Jun 17 16:39:37 localhost sshd[29344]: Invalid user admin from 194.180.224.130 port 37398 Jun 17 16:39:40 localhost sshd[29344]: Failed password for invalid user admin from 194.180.224.130 port 37398 ssh2 ...	2020-06-18 00:48:08
45.169.33.156	attack	Dovecot Invalid User Login Attempt.	2020-06-18 00:57:52
106.52.8.171	attack	Jun 17 19:19:14 hosting sshd[3882]: Invalid user xl from 106.52.8.171 port 41746 Jun 17 19:19:14 hosting sshd[3882]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.8.171 Jun 17 19:19:14 hosting sshd[3882]: Invalid user xl from 106.52.8.171 port 41746 Jun 17 19:19:16 hosting sshd[3882]: Failed password for invalid user xl from 106.52.8.171 port 41746 ssh2 Jun 17 19:22:28 hosting sshd[4612]: Invalid user anil from 106.52.8.171 port 46850 ...	2020-06-18 00:50:18
2a00:d680:30:50::67	attackbots	xmlrpc attack	2020-06-18 01:06:30
198.12.248.27	attackspam	Fail2Ban Ban Triggered HTTP SQL Injection Attempt	2020-06-18 01:22:18
37.187.12.126	attackspambots	Jun 17 18:45:59 vps647732 sshd[3856]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.187.12.126 Jun 17 18:46:01 vps647732 sshd[3856]: Failed password for invalid user ftp from 37.187.12.126 port 41618 ssh2 ...	2020-06-18 00:51:31
182.61.138.221	attackbotsspam	2020-06-17T16:57:32.165369shield sshd\[15289\]: Invalid user sdi from 182.61.138.221 port 34060 2020-06-17T16:57:32.169501shield sshd\[15289\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.138.221 2020-06-17T16:57:34.007226shield sshd\[15289\]: Failed password for invalid user sdi from 182.61.138.221 port 34060 ssh2 2020-06-17T16:59:14.853354shield sshd\[15488\]: Invalid user jenkins from 182.61.138.221 port 47706 2020-06-17T16:59:14.857106shield sshd\[15488\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.138.221	2020-06-18 01:10:35
94.142.244.16	attackbotsspam	Jun 17 18:22:18 mellenthin sshd[27774]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.142.244.16 user=root Jun 17 18:22:20 mellenthin sshd[27774]: Failed password for invalid user root from 94.142.244.16 port 47696 ssh2	2020-06-18 00:55:18

Recently Reported IPs

41.189.166.19	125.43.173.58	187.162.208.39	110.232.78.221
202.191.123.213	148.70.108.254	175.117.95.62	103.245.1.50
103.233.110.173	38.93.235.209	181.143.94.58	121.140.35.111
103.233.110.178	103.133.109.217	46.98.91.58	190.119.195.71
184.105.247.194	104.131.82.75	103.123.45.47	94.177.246.250