104.248.34.43 - IPInfo

Basic Info

City: Frankfurt am Main

Region: Hesse

Country: Germany

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: DigitalOcean, LLC

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Port scan attempt detected by AWS-CCS, CTS, India	2019-07-15 18:04:26
attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2019-07-10 14:37:33
attackspam	Port scan attempt detected by AWS-CCS, CTS, India	2019-06-27 15:41:14

Comments on same subnet:

IP	Type	Details	Datetime
104.248.34.219	attack	2020/06/30 14:47:45 [error] 20617#20617: 3577399 open() "/usr/share/nginx/html/wp-login.php" failed (2: No such file or directory), client: 104.248.34.219, server: _, request: "GET /wp-login.php HTTP/1.1", host: "1-2-dsl.net" 2020/06/30 14:47:45 [error] 20617#20617: 3577400 open() "/usr/share/nginx/html/wp-login.php" failed (2: No such file or directory), client: 104.248.34.219, server: _, request: "GET /wp-login.php HTTP/1.1", host: "1-2-dsl.org"	2020-07-01 21:38:38
104.248.34.219	attackbots	104.248.34.219 - - [14/Jun/2020:14:43:38 +0200] "POST /xmlrpc.php HTTP/1.1" 403 11040 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.34.219 - - [14/Jun/2020:14:47:37 +0200] "POST /xmlrpc.php HTTP/1.1" 403 9565 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-06-14 23:57:53
104.248.34.219	attackbotsspam	104.248.34.219 - - [14/May/2020:18:49:25 +0200] "GET /wp-login.php HTTP/1.1" 200 1900 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.34.219 - - [14/May/2020:18:49:25 +0200] "POST /wp-login.php HTTP/1.1" 200 2031 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.34.219 - - [14/May/2020:18:49:25 +0200] "GET /wp-login.php HTTP/1.1" 200 1900 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.34.219 - - [14/May/2020:18:49:25 +0200] "POST /wp-login.php HTTP/1.1" 200 2008 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.34.219 - - [14/May/2020:18:49:25 +0200] "GET /wp-login.php HTTP/1.1" 200 1900 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.34.219 - - [14/May/2020:18:49:25 +0200] "POST /wp-login.php HTTP/1.1" 200 2009 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/201001 ...	2020-05-15 04:04:32
104.248.34.192	attackbotsspam	Feb 9 08:59:09 MK-Soft-VM8 sshd[28974]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.34.192 Feb 9 08:59:11 MK-Soft-VM8 sshd[28974]: Failed password for invalid user phi from 104.248.34.192 port 45958 ssh2 ...	2020-02-09 16:23:24
104.248.34.192	attackbotsspam	Feb 9 00:22:32 game-panel sshd[7635]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.34.192 Feb 9 00:22:33 game-panel sshd[7635]: Failed password for invalid user zql from 104.248.34.192 port 38890 ssh2 Feb 9 00:25:22 game-panel sshd[7754]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.34.192	2020-02-09 08:33:10
104.248.34.192	attackspambots	Unauthorized connection attempt detected from IP address 104.248.34.192 to port 2220 [J]	2020-02-06 02:07:07
104.248.34.192	attackspam	Jan 27 08:35:41 ns381471 sshd[19625]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.34.192 Jan 27 08:35:44 ns381471 sshd[19625]: Failed password for invalid user es from 104.248.34.192 port 57222 ssh2	2020-01-27 17:10:59
104.248.34.192	attackspam	Unauthorized connection attempt detected from IP address 104.248.34.192 to port 2220 [J]	2020-01-22 00:53:16
104.248.34.192	attack	Brute SSH	2020-01-14 20:41:14
104.248.34.192	attackspambots	SSH-BruteForce	2020-01-07 08:47:43
104.248.34.192	attack	Dec 25 15:34:32 localhost sshd[34987]: Failed password for invalid user lexst from 104.248.34.192 port 40436 ssh2 Dec 25 15:52:01 localhost sshd[35954]: Failed password for invalid user petryna from 104.248.34.192 port 53592 ssh2 Dec 25 15:54:27 localhost sshd[36194]: Failed password for invalid user bagnato from 104.248.34.192 port 47490 ssh2	2019-12-26 01:05:58
104.248.34.192	attack	[ssh] SSH attack	2019-12-19 02:15:32
104.248.34.192	attack	Dec 17 11:46:50 php1 sshd\[24898\]: Invalid user roberts from 104.248.34.192 Dec 17 11:46:50 php1 sshd\[24898\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.34.192 Dec 17 11:46:52 php1 sshd\[24898\]: Failed password for invalid user roberts from 104.248.34.192 port 32942 ssh2 Dec 17 11:52:58 php1 sshd\[25510\]: Invalid user admin from 104.248.34.192 Dec 17 11:52:58 php1 sshd\[25510\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.34.192	2019-12-18 06:17:22
104.248.34.192	attackbots	Dec 13 05:50:10 localhost sshd\[1358\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.34.192 user=root Dec 13 05:50:12 localhost sshd\[1358\]: Failed password for root from 104.248.34.192 port 48630 ssh2 Dec 13 05:56:09 localhost sshd\[1995\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.34.192 user=root	2019-12-13 13:15:04

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.248.34.43
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2047
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.248.34.43.			IN	A

;; AUTHORITY SECTION:
.			276	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019060200 1800 900 604800 86400

;; Query time: 62 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jun 02 19:41:53 CST 2019
;; MSG SIZE  rcvd: 117

Host info

43.34.248.104.in-addr.arpa has no PTR record

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 43.34.248.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
42.104.109.194	attackbots	$f2bV_matches	2020-07-24 20:50:11
106.12.38.114	attackbotsspam	Invalid user shoko from 106.12.38.114 port 57584	2020-07-24 21:11:38
122.155.223.58	attack	Jul 24 15:35:05 lunarastro sshd[23177]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.155.223.58 Jul 24 15:35:07 lunarastro sshd[23177]: Failed password for invalid user Admin from 122.155.223.58 port 35050 ssh2	2020-07-24 21:12:38
192.35.168.228	attackspambots	TCP (SYN) 192.35.168.228:8155 -> port 9537, len 44	2020-07-24 20:53:07
3.22.41.238	attackspambots	xmlrpc attack	2020-07-24 20:27:46
182.61.22.46	attackspam	Jul 24 12:41:13 gospond sshd[21728]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.22.46 Jul 24 12:41:13 gospond sshd[21728]: Invalid user qtx from 182.61.22.46 port 41936 Jul 24 12:41:14 gospond sshd[21728]: Failed password for invalid user qtx from 182.61.22.46 port 41936 ssh2 ...	2020-07-24 21:15:25
51.68.123.198	attack	SSH Brute Force	2020-07-24 21:02:03
60.12.155.216	attack	Jul 24 13:49:06 inter-technics sshd[12677]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.12.155.216 user=mysql Jul 24 13:49:08 inter-technics sshd[12677]: Failed password for mysql from 60.12.155.216 port 31827 ssh2 Jul 24 13:53:53 inter-technics sshd[12915]: Invalid user release from 60.12.155.216 port 22260 Jul 24 13:53:53 inter-technics sshd[12915]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.12.155.216 Jul 24 13:53:53 inter-technics sshd[12915]: Invalid user release from 60.12.155.216 port 22260 Jul 24 13:53:55 inter-technics sshd[12915]: Failed password for invalid user release from 60.12.155.216 port 22260 ssh2 ...	2020-07-24 21:00:23
107.170.135.29	attackbotsspam	Jul 24 14:10:51 sip sshd[1063486]: Invalid user zz from 107.170.135.29 port 36331 Jul 24 14:10:53 sip sshd[1063486]: Failed password for invalid user zz from 107.170.135.29 port 36331 ssh2 Jul 24 14:15:18 sip sshd[1063538]: Invalid user markc from 107.170.135.29 port 43065 ...	2020-07-24 21:14:26
175.145.200.68	attackbotsspam	Jul 24 13:55:18 mellenthin sshd[19970]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.145.200.68 Jul 24 13:55:20 mellenthin sshd[19970]: Failed password for invalid user alexandre from 175.145.200.68 port 53488 ssh2	2020-07-24 21:09:28
67.245.133.225	attackspambots	Unauthorized connection attempt detected from IP address 67.245.133.225 to port 23	2020-07-24 20:58:31
121.12.151.250	attackbotsspam	2020-07-24T11:48:41.593825vps-d63064a2 sshd[5029]: Invalid user oracle from 121.12.151.250 port 41194 2020-07-24T11:48:41.601598vps-d63064a2 sshd[5029]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.12.151.250 2020-07-24T11:48:41.593825vps-d63064a2 sshd[5029]: Invalid user oracle from 121.12.151.250 port 41194 2020-07-24T11:48:43.752949vps-d63064a2 sshd[5029]: Failed password for invalid user oracle from 121.12.151.250 port 41194 ssh2 ...	2020-07-24 21:15:45
58.30.33.133	attack	Port probing on unauthorized port 1433	2020-07-24 21:00:49
201.219.223.26	attackbots	Unauthorized connection attempt from IP address 201.219.223.26 on Port 445(SMB)	2020-07-24 20:45:23
119.28.32.60	attackspam	Automatic Fail2ban report - Trying login SSH	2020-07-24 20:34:17

Recently Reported IPs

105.163.205.231	93.219.188.78	185.183.243.6	203.26.148.124
66.178.220.198	85.254.49.235	202.24.167.238	1.205.39.36
144.65.117.73	58.112.49.54	152.40.213.162	159.247.28.59
183.193.136.99	105.158.30.87	198.142.53.245	61.59.172.142
103.3.220.108	183.212.127.220	135.196.65.159	78.238.90.184