City: Frankfurt am Main
Region: Hessen
Country: Germany
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
| IP | Type | Details | Datetime |
|---|---|---|---|
| 104.248.28.42 | attack | Aug 26 05:28:57 dignus sshd[22714]: Failed password for invalid user xyh from 104.248.28.42 port 59038 ssh2 Aug 26 05:32:22 dignus sshd[23181]: Invalid user sir from 104.248.28.42 port 38050 Aug 26 05:32:22 dignus sshd[23181]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.28.42 Aug 26 05:32:25 dignus sshd[23181]: Failed password for invalid user sir from 104.248.28.42 port 38050 ssh2 Aug 26 05:35:50 dignus sshd[23607]: Invalid user hansen from 104.248.28.42 port 45294 ... |
2020-08-26 23:01:12 |
| 104.248.28.42 | attack | Aug 26 01:08:33 vmd17057 sshd[3407]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.28.42 Aug 26 01:08:35 vmd17057 sshd[3407]: Failed password for invalid user tester from 104.248.28.42 port 44036 ssh2 ... |
2020-08-26 07:38:00 |
| 104.248.28.42 | attack | 2020-08-24 17:42:27.332626-0500 localhost sshd[39792]: Failed password for root from 104.248.28.42 port 58260 ssh2 |
2020-08-25 07:17:05 |
| 104.248.28.148 | attackbotsspam | DATE:2019-07-14_02:33:48, IP:104.248.28.148, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc) |
2019-07-14 14:03:50 |
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#
NetRange: 104.248.0.0 - 104.248.255.255
CIDR: 104.248.0.0/16
NetName: DIGITALOCEAN-104-248-0-0
NetHandle: NET-104-248-0-0-1
Parent: NET104 (NET-104-0-0-0-0)
NetType: Direct Allocation
OriginAS:
Organization: DigitalOcean, LLC (DO-13)
RegDate: 2018-08-06
Updated: 2020-04-03
Comment: Routing and Peering Policy can be found at https://www.as14061.net
Comment:
Comment: Please submit abuse reports at https://www.digitalocean.com/company/contact/#abuse
Ref: https://rdap.arin.net/registry/ip/104.248.0.0
OrgName: DigitalOcean, LLC
OrgId: DO-13
Address: 105 Edgeview Drive, Suite 425
City: Broomfield
StateProv: CO
PostalCode: 80021
Country: US
RegDate: 2012-05-14
Updated: 2025-04-11
Ref: https://rdap.arin.net/registry/entity/DO-13
OrgNOCHandle: NOC32014-ARIN
OrgNOCName: Network Operations Center
OrgNOCPhone: +1-646-827-4366
OrgNOCEmail: noc@digitalocean.com
OrgNOCRef: https://rdap.arin.net/registry/entity/NOC32014-ARIN
OrgAbuseHandle: DIGIT19-ARIN
OrgAbuseName: DigitalOcean Abuse
OrgAbusePhone: +1-646-827-4366
OrgAbuseEmail: abuse@digitalocean.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/DIGIT19-ARIN
OrgTechHandle: NOC32014-ARIN
OrgTechName: Network Operations Center
OrgTechPhone: +1-646-827-4366
OrgTechEmail: noc@digitalocean.com
OrgTechRef: https://rdap.arin.net/registry/entity/NOC32014-ARIN
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.248.28.14
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 27996
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;104.248.28.14. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2026042000 1800 900 604800 86400
;; Query time: 9 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Apr 20 19:00:04 CST 2026
;; MSG SIZE rcvd: 106Host 14.28.248.104.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 14.28.248.104.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 74.120.14.18 | attack | Multiport scan : 5 ports scanned 990 1883 5900 5901 8089 |
2020-09-25 07:50:42 |
| 104.131.85.190 | attackspambots | Lines containing failures of 104.131.85.190 Sep 24 04:26:06 vsrv sshd[3716]: Did not receive identification string from 104.131.85.190 port 43718 Sep 24 04:26:07 vsrv sshd[3717]: Received disconnect from 104.131.85.190 port 44090:11: Normal Shutdown, Thank you for playing [preauth] Sep 24 04:26:07 vsrv sshd[3717]: Disconnected from authenticating user r.r 104.131.85.190 port 44090 [preauth] Sep 24 04:26:08 vsrv sshd[3719]: Received disconnect from 104.131.85.190 port 46250:11: Normal Shutdown, Thank you for playing [preauth] Sep 24 04:26:08 vsrv sshd[3719]: Disconnected from authenticating user r.r 104.131.85.190 port 46250 [preauth] Sep 24 04:26:09 vsrv sshd[3721]: Received disconnect from 104.131.85.190 port 48436:11: Normal Shutdown, Thank you for playing [preauth] Sep 24 04:26:09 vsrv sshd[3721]: Disconnected from authenticating user r.r 104.131.85.190 port 48436 [preauth] Sep 24 04:26:09 vsrv sshd[3723]: Invalid user admin from 104.131.85.190 port 50602 Sep 24 04:26........ ------------------------------ |
2020-09-25 08:08:33 |
| 50.236.62.30 | attackbots | Invalid user deploy from 50.236.62.30 port 60159 |
2020-09-25 07:46:50 |
| 118.25.108.201 | attackspambots | Sep 24 21:59:33 vps8769 sshd[23746]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.108.201 Sep 24 21:59:34 vps8769 sshd[23746]: Failed password for invalid user teamspeak from 118.25.108.201 port 39798 ssh2 ... |
2020-09-25 08:02:46 |
| 40.112.70.154 | attackbots | Sep 25 01:50:35 raspberrypi sshd[6069]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.112.70.154 user=root Sep 25 01:50:37 raspberrypi sshd[6069]: Failed password for invalid user root from 40.112.70.154 port 22877 ssh2 ... |
2020-09-25 07:58:56 |
| 13.77.179.19 | attack | Sep 25 01:46:53 theomazars sshd[19736]: Invalid user scripla from 13.77.179.19 port 19215 |
2020-09-25 07:55:47 |
| 69.28.234.130 | attackspambots | 5x Failed Password |
2020-09-25 08:02:21 |
| 13.93.176.207 | attackspam | "Unauthorized connection attempt on SSHD detected" |
2020-09-25 07:52:59 |
| 167.114.156.189 | attackspam | [2020-09-24 16:54:43] NOTICE[1159][C-00001438] chan_sip.c: Call from '' (167.114.156.189:49817) to extension '01197233741877' rejected because extension not found in context 'public'. [2020-09-24 16:54:43] SECURITY[1198] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-09-24T16:54:43.396-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="01197233741877",SessionID="0x7fcaa0022038",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/167.114.156.189/49817",ACLName="no_extension_match" [2020-09-24 16:57:10] NOTICE[1159][C-0000143b] chan_sip.c: Call from '' (167.114.156.189:56140) to extension '901197233741877' rejected because extension not found in context 'public'. [2020-09-24 16:57:10] SECURITY[1198] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-09-24T16:57:10.517-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="901197233741877",SessionID="0x7fcaa02091e8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/ ... |
2020-09-25 07:59:58 |
| 106.12.102.54 | attack | "Unauthorized connection attempt on SSHD detected" |
2020-09-25 08:09:21 |
| 181.44.6.160 | attackspam | Sep 25 01:38:50 buvik sshd[29730]: Invalid user ubuntu from 181.44.6.160 Sep 25 01:38:50 buvik sshd[29730]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.44.6.160 Sep 25 01:38:52 buvik sshd[29730]: Failed password for invalid user ubuntu from 181.44.6.160 port 57970 ssh2 ... |
2020-09-25 07:45:52 |
| 178.62.23.28 | attack | xmlrpc attack |
2020-09-25 07:51:49 |
| 119.45.207.216 | attackspam | Sep 25 01:21:49 nas sshd[7290]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.207.216 Sep 25 01:21:52 nas sshd[7290]: Failed password for invalid user tv from 119.45.207.216 port 37378 ssh2 Sep 25 01:27:10 nas sshd[7399]: Failed password for root from 119.45.207.216 port 33144 ssh2 ... |
2020-09-25 07:52:14 |
| 192.241.228.251 | attackbotsspam | SSH Invalid Login |
2020-09-25 08:12:01 |
| 61.83.210.246 | attack | 2020-09-25T03:48:23.864153paragon sshd[385388]: Invalid user user01 from 61.83.210.246 port 37022 2020-09-25T03:48:23.868170paragon sshd[385388]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.83.210.246 2020-09-25T03:48:23.864153paragon sshd[385388]: Invalid user user01 from 61.83.210.246 port 37022 2020-09-25T03:48:25.499244paragon sshd[385388]: Failed password for invalid user user01 from 61.83.210.246 port 37022 ssh2 2020-09-25T03:52:02.759230paragon sshd[385470]: Invalid user test from 61.83.210.246 port 37550 ... |
2020-09-25 08:04:07 |