104.248.242.34

Basic Info

City: unknown

Region: unknown

Country: None

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.248.242.175	attack	Attempt to hack Wordpress Login, XMLRPC or other login	2020-04-26 17:53:31
104.248.242.175	attack	104.248.242.175 - - [19/Apr/2020:05:52:01 +0200] "POST /wp-login.php HTTP/1.1" 200 3405 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.242.175 - - [19/Apr/2020:05:52:03 +0200] "POST /wp-login.php HTTP/1.1" 200 3383 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-04-19 16:20:55
104.248.242.175	attackbotsspam	104.248.242.175 - - [07/Apr/2020:08:16:07 +0200] "GET /wp-login.php HTTP/1.1" 200 5702 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.242.175 - - [07/Apr/2020:08:16:09 +0200] "POST /wp-login.php HTTP/1.1" 200 6601 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.242.175 - - [07/Apr/2020:08:16:10 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-04-07 14:38:18
104.248.242.175	attack	Apr 2 18:23:48 wordpress wordpress(www.ruhnke.cloud)[96381]: Blocked authentication attempt for admin from ::ffff:104.248.242.175	2020-04-03 02:10:41
104.248.242.125	attack	2019-09-23T05:53:55.757147lon01.zurich-datacenter.net sshd\[9439\]: Invalid user arma2dm from 104.248.242.125 port 59644 2019-09-23T05:53:55.763996lon01.zurich-datacenter.net sshd\[9439\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.242.125 2019-09-23T05:53:57.312523lon01.zurich-datacenter.net sshd\[9439\]: Failed password for invalid user arma2dm from 104.248.242.125 port 59644 ssh2 2019-09-23T05:58:21.658836lon01.zurich-datacenter.net sshd\[9567\]: Invalid user debian from 104.248.242.125 port 44732 2019-09-23T05:58:21.663684lon01.zurich-datacenter.net sshd\[9567\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.242.125 ...	2019-09-23 12:27:55
104.248.242.125	attackspam	Invalid user wk from 104.248.242.125 port 45748	2019-09-20 17:11:02
104.248.242.125	attackbotsspam	$f2bV_matches	2019-09-16 08:44:12
104.248.242.125	attackspam	Sep 15 09:55:34 bouncer sshd\[3771\]: Invalid user yv from 104.248.242.125 port 51650 Sep 15 09:55:34 bouncer sshd\[3771\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.242.125 Sep 15 09:55:36 bouncer sshd\[3771\]: Failed password for invalid user yv from 104.248.242.125 port 51650 ssh2 ...	2019-09-15 20:21:46
104.248.242.125	attack	2019-09-10T05:42:24.064037abusebot-4.cloudsearch.cf sshd\[9329\]: Invalid user guest from 104.248.242.125 port 46608	2019-09-10 14:03:05
104.248.242.125	attackbotsspam	Sep 8 22:04:21 markkoudstaal sshd[2572]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.242.125 Sep 8 22:04:23 markkoudstaal sshd[2572]: Failed password for invalid user test from 104.248.242.125 port 38028 ssh2 Sep 8 22:08:43 markkoudstaal sshd[2950]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.242.125	2019-09-09 04:10:18
104.248.242.125	attackspambots	Aug 3 17:20:56 marvibiene sshd[27227]: Invalid user admin from 104.248.242.125 port 44804 Aug 3 17:20:56 marvibiene sshd[27227]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.242.125 Aug 3 17:20:56 marvibiene sshd[27227]: Invalid user admin from 104.248.242.125 port 44804 Aug 3 17:20:58 marvibiene sshd[27227]: Failed password for invalid user admin from 104.248.242.125 port 44804 ssh2 ...	2019-08-04 08:47:39
104.248.242.125	attackspam	Apr 21 04:18:53 ubuntu sshd[12827]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.242.125 Apr 21 04:18:55 ubuntu sshd[12827]: Failed password for invalid user ai from 104.248.242.125 port 43198 ssh2 Apr 21 04:21:18 ubuntu sshd[13181]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.242.125 Apr 21 04:21:19 ubuntu sshd[13181]: Failed password for invalid user pavel from 104.248.242.125 port 39790 ssh2	2019-07-31 18:08:24
104.248.242.125	attack	Jul 21 07:13:22 localhost sshd\[28348\]: Invalid user op from 104.248.242.125 port 43188 Jul 21 07:13:22 localhost sshd\[28348\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.242.125 ...	2019-07-21 14:30:34
104.248.242.11	attack	joshuajohannes.de 104.248.242.11 \[04/Jul/2019:16:52:54 +0200\] "POST /wp-login.php HTTP/1.1" 200 5606 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" joshuajohannes.de 104.248.242.11 \[04/Jul/2019:16:52:54 +0200\] "POST /wp-login.php HTTP/1.1" 200 5572 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-07-05 03:27:35
104.248.242.125	attackbots	Invalid user fleurs from 104.248.242.125 port 46798	2019-06-28 21:23:39

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.248.242.34
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32037
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.248.242.34.			IN	A

;; AUTHORITY SECTION:
.			398	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022031100 1800 900 604800 86400

;; Query time: 62 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Mar 11 19:46:24 CST 2022
;; MSG SIZE  rcvd: 107

Host info

34.242.248.104.in-addr.arpa domain name pointer bitcoinplus.org.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
34.242.248.104.in-addr.arpa	name = bitcoinplus.org.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
138.197.162.32	attackbotsspam	Reported by AbuseIPDB proxy server.	2019-09-21 02:08:05
162.241.178.219	attack	Sep 20 16:57:06 MK-Soft-VM4 sshd\[9111\]: Invalid user Langomatisch from 162.241.178.219 port 50076 Sep 20 16:57:06 MK-Soft-VM4 sshd\[9111\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.241.178.219 Sep 20 16:57:08 MK-Soft-VM4 sshd\[9111\]: Failed password for invalid user Langomatisch from 162.241.178.219 port 50076 ssh2 ...	2019-09-21 02:00:48
123.231.12.221	attack	Sep 20 20:37:22 tuotantolaitos sshd[2983]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.231.12.221 Sep 20 20:37:25 tuotantolaitos sshd[2983]: Failed password for invalid user aklilu from 123.231.12.221 port 46674 ssh2 ...	2019-09-21 01:43:18
79.1.77.236	attackspambots	Spam Timestamp : 20-Sep-19 09:32 BlockList Provider combined abuse (682)	2019-09-21 01:58:01
139.59.77.237	attackbotsspam	Sep 20 19:55:15 mail sshd\[22428\]: Invalid user cav from 139.59.77.237 port 39291 Sep 20 19:55:15 mail sshd\[22428\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.77.237 Sep 20 19:55:17 mail sshd\[22428\]: Failed password for invalid user cav from 139.59.77.237 port 39291 ssh2 Sep 20 19:59:33 mail sshd\[22865\]: Invalid user stefan from 139.59.77.237 port 59890 Sep 20 19:59:33 mail sshd\[22865\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.77.237	2019-09-21 02:09:30
81.1.242.70	attack	Sep 20 11:10:41 xeon cyrus/imap[18555]: badlogin: [81.1.242.70] plain [SASL(-13): authentication failure: Password verification failed]	2019-09-21 01:53:07
106.9.149.36	attack	Unauthorised access (Sep 20) SRC=106.9.149.36 LEN=40 TOS=0x10 PREC=0x40 TTL=49 ID=50158 TCP DPT=8080 WINDOW=62800 SYN Unauthorised access (Sep 20) SRC=106.9.149.36 LEN=40 TOS=0x10 PREC=0x40 TTL=49 ID=54624 TCP DPT=8080 WINDOW=3241 SYN	2019-09-21 02:02:00
216.230.117.128	attack	216.230.117.128 - - \[20/Sep/2019:18:34:18 +0200\] "POST /wp-login.php HTTP/1.1" 200 2111 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 216.230.117.128 - - \[20/Sep/2019:18:34:20 +0200\] "POST /wp-login.php HTTP/1.1" 200 2114 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" ...	2019-09-21 01:47:23
91.121.110.50	attackspambots	Sep 20 17:55:59 SilenceServices sshd[17281]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.121.110.50 Sep 20 17:56:01 SilenceServices sshd[17281]: Failed password for invalid user nj from 91.121.110.50 port 39996 ssh2 Sep 20 17:59:48 SilenceServices sshd[20032]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.121.110.50	2019-09-21 02:13:56
222.191.147.97	attackbotsspam	Sep 20 00:21:46 lcprod sshd\[29275\]: Invalid user admin from 222.191.147.97 Sep 20 00:21:46 lcprod sshd\[29275\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.191.147.97 Sep 20 00:21:47 lcprod sshd\[29275\]: Failed password for invalid user admin from 222.191.147.97 port 30316 ssh2 Sep 20 00:21:49 lcprod sshd\[29275\]: Failed password for invalid user admin from 222.191.147.97 port 30316 ssh2 Sep 20 00:21:51 lcprod sshd\[29275\]: Failed password for invalid user admin from 222.191.147.97 port 30316 ssh2	2019-09-21 02:07:18
186.202.62.113	attack	Honeypot attack, port: 445, PTR: cpro3990.publiccloud.com.br.	2019-09-21 01:59:59
222.165.146.122	attack	Spam Timestamp : 20-Sep-19 09:16 BlockList Provider combined abuse (680)	2019-09-21 01:59:40
111.230.73.133	attack	Sep 20 14:53:49 localhost sshd\[10579\]: Invalid user applmgr from 111.230.73.133 port 59750 Sep 20 14:53:49 localhost sshd\[10579\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.230.73.133 Sep 20 14:53:51 localhost sshd\[10579\]: Failed password for invalid user applmgr from 111.230.73.133 port 59750 ssh2	2019-09-21 02:12:16
94.196.165.9	attack	default 01:55:29.157089 -0700 trustd asynchronously fetching CRL (http://crl.apple.com/root.crl) for client (amfid[101])/hacking 123/0eaf.cardinalcommerce.com user is i.e. Mac links default 01:55:29.891869 -0700 symptomsd 0x7fbd3cd234b0 event: kNotificationNewConnectivityEpochWiFi, noi: NOI: v:0 type:Wifi, isAny:yes, isBuiltin:no, loi:-1, flags:1, fastpath, current elig: 0, new elig: 1 illegal net/also 101 links to BBC - tampered build/construction integrity questionable/epoch new one trying disguise with name associated with the other half works - physical networks hidden/during the build - all sorted by end of the season/mostly wandering opportunists -known locals cardinal commerce chosen for religious take on attack/any green blue font in your search engine/you have been hacked by these 123	2019-09-21 01:34:41
42.114.136.251	attackbotsspam	Spam Timestamp : 20-Sep-19 10:04 BlockList Provider combined abuse (688)	2019-09-21 01:51:14

Recently Reported IPs

104.248.242.138	104.248.242.89	104.248.244.230	104.248.245.157
198.59.71.172	104.248.245.158	215.97.221.169	104.248.245.245
104.248.246.106	104.248.246.5	104.248.248.35	104.248.249.136
104.248.249.89	104.248.25.207	104.248.28.19	104.248.28.7
13.121.229.171	104.248.3.206	104.248.30.115	104.248.30.53