104.248.78.134

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	marleenrecords.breidenba.ch 104.248.78.134 \[12/Sep/2019:20:11:24 +0200\] "POST /wp-login.php HTTP/1.1" 200 5808 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" marleenrecords.breidenba.ch 104.248.78.134 \[12/Sep/2019:20:11:28 +0200\] "POST /wp-login.php HTTP/1.1" 200 5765 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-09-13 04:24:34

Type

Details

Datetime

attackbots

marleenrecords.breidenba.ch 104.248.78.134 \[12/Sep/2019:20:11:24 +0200\] "POST /wp-login.php HTTP/1.1" 200 5808 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
marleenrecords.breidenba.ch 104.248.78.134 \[12/Sep/2019:20:11:28 +0200\] "POST /wp-login.php HTTP/1.1" 200 5765 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"

2019-09-13 04:24:34

Comments on same subnet:

IP	Type	Details	Datetime
104.248.78.42	attackbotsspam	Aug 12 05:33:00 pkdns2 sshd\[48393\]: Invalid user test from 104.248.78.42Aug 12 05:33:03 pkdns2 sshd\[48393\]: Failed password for invalid user test from 104.248.78.42 port 49448 ssh2Aug 12 05:37:09 pkdns2 sshd\[48604\]: Invalid user mr from 104.248.78.42Aug 12 05:37:11 pkdns2 sshd\[48604\]: Failed password for invalid user mr from 104.248.78.42 port 41112 ssh2Aug 12 05:41:27 pkdns2 sshd\[48794\]: Invalid user uploader from 104.248.78.42Aug 12 05:41:28 pkdns2 sshd\[48794\]: Failed password for invalid user uploader from 104.248.78.42 port 32790 ssh2 ...	2019-08-12 13:56:14
104.248.78.42	attack	2019-08-02T23:11:40.830952abusebot-6.cloudsearch.cf sshd\[30397\]: Invalid user pendexter from 104.248.78.42 port 48694	2019-08-03 08:58:12
104.248.78.42	attackspambots	Jul 27 10:40:59 vibhu-HP-Z238-Microtower-Workstation sshd\[1530\]: Invalid user ourku from 104.248.78.42 Jul 27 10:40:59 vibhu-HP-Z238-Microtower-Workstation sshd\[1530\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.78.42 Jul 27 10:41:01 vibhu-HP-Z238-Microtower-Workstation sshd\[1530\]: Failed password for invalid user ourku from 104.248.78.42 port 51604 ssh2 Jul 27 10:45:19 vibhu-HP-Z238-Microtower-Workstation sshd\[1662\]: Invalid user xsw@zaq! from 104.248.78.42 Jul 27 10:45:19 vibhu-HP-Z238-Microtower-Workstation sshd\[1662\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.78.42 ...	2019-07-27 13:23:47
104.248.78.42	attackspam	Jul 20 03:38:06 plusreed sshd[32284]: Invalid user mou from 104.248.78.42 ...	2019-07-20 15:43:09
104.248.78.42	attackspambots	Jul 15 10:14:41 localhost sshd\[22881\]: Invalid user avorion from 104.248.78.42 port 59914 Jul 15 10:14:41 localhost sshd\[22881\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.78.42 Jul 15 10:14:43 localhost sshd\[22881\]: Failed password for invalid user avorion from 104.248.78.42 port 59914 ssh2	2019-07-15 22:19:40
104.248.78.42	attack	DATE:2019-07-13 17:12:50, IP:104.248.78.42, PORT:ssh brute force auth on SSH service (patata)	2019-07-14 02:40:14

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.248.78.134
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 41062
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.248.78.134.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019091201 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Sep 13 04:24:26 CST 2019
;; MSG SIZE  rcvd: 118

Host info

134.78.248.104.in-addr.arpa domain name pointer newtalkies.info.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
134.78.248.104.in-addr.arpa	name = newtalkies.info.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
85.138.240.40	attack	Oct 12 12:16:28 nopemail auth.info sshd[26733]: Invalid user pi from 85.138.240.40 port 41318 ...	2020-10-12 20:43:01
106.12.46.179	attack	$f2bV_matches	2020-10-12 20:31:12
51.254.120.159	attack	Oct 12 08:31:25 george sshd[15287]: Invalid user plotex from 51.254.120.159 port 50040 Oct 12 08:31:25 george sshd[15287]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.254.120.159 Oct 12 08:31:27 george sshd[15287]: Failed password for invalid user plotex from 51.254.120.159 port 50040 ssh2 Oct 12 08:34:52 george sshd[15314]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.254.120.159 user=root Oct 12 08:34:54 george sshd[15314]: Failed password for root from 51.254.120.159 port 51945 ssh2 ...	2020-10-12 20:43:48
195.67.36.18	attackspambots	Unauthorized connection attempt from IP address 195.67.36.18 on Port 445(SMB)	2020-10-12 20:36:10
27.106.121.147	attack	firewall-block, port(s): 445/tcp	2020-10-12 20:40:53
183.14.30.152	attackbots	Invalid user astrid from 183.14.30.152 port 25557	2020-10-12 20:17:19
128.199.12.141	attackbotsspam	Connection to SSH Honeypot - Detected by HoneypotDB	2020-10-12 20:13:55
41.218.199.140	attackspam	Tried sshing with brute force.	2020-10-12 20:24:51
218.245.5.248	attack	Oct 12 11:55:43 onepixel sshd[2449105]: Invalid user nm from 218.245.5.248 port 21388 Oct 12 11:55:43 onepixel sshd[2449105]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.245.5.248 Oct 12 11:55:43 onepixel sshd[2449105]: Invalid user nm from 218.245.5.248 port 21388 Oct 12 11:55:46 onepixel sshd[2449105]: Failed password for invalid user nm from 218.245.5.248 port 21388 ssh2 Oct 12 12:00:06 onepixel sshd[2449873]: Invalid user ronaldo from 218.245.5.248 port 18619	2020-10-12 20:22:10
51.210.182.187	attackbots	2020-10-11T22:12:07.332735kitsunetech sshd[32517]: Invalid user novel from 51.210.182.187 port 50150	2020-10-12 20:48:52
60.215.202.140	attackspam	Unauthorized connection attempt detected from IP address 60.215.202.140 to port 23 [T]	2020-10-12 20:23:15
36.94.169.115	attackbots	445/tcp 445/tcp [2020-10-11]2pkt	2020-10-12 20:48:04
119.28.90.103	attack	SSH brute-force attempt	2020-10-12 20:47:19
95.24.24.101	attack	445/tcp [2020-10-11]1pkt	2020-10-12 20:37:05
193.56.73.58	attack	SS5,Magento Bruteforce Login Attack POST /index.php/admin/	2020-10-12 20:10:39

Recently Reported IPs

0.155.184.251	31.146.83.173	21.91.192.25	50.4.246.232
224.35.48.230	77.213.95.97	179.42.186.222	121.226.59.241
67.231.23.99	167.198.158.111	114.41.193.184	68.186.52.215
39.89.97.206	158.177.220.43	23.215.225.14	63.204.147.217
117.178.5.128	181.225.179.201	222.179.126.11	185.93.245.216