104.248.14.149

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.248.143.177	attack	Oct 12 13:41:27 george sshd[8613]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.143.177 user=root Oct 12 13:41:29 george sshd[8613]: Failed password for root from 104.248.143.177 port 33790 ssh2 Oct 12 13:44:40 george sshd[8659]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.143.177 user=root Oct 12 13:44:43 george sshd[8659]: Failed password for root from 104.248.143.177 port 37382 ssh2 Oct 12 13:47:48 george sshd[8727]: Invalid user jking from 104.248.143.177 port 40892 ...	2020-10-13 01:58:15
104.248.141.235	attack	uvcm 104.248.141.235 [10/Oct/2020:23:55:42 "-" "POST /wp-login.php 200 5119 104.248.141.235 [12/Oct/2020:20:05:26 "-" "GET /wp-login.php 200 2615 104.248.141.235 [12/Oct/2020:20:05:26 "-" "POST /wp-login.php 200 2968	2020-10-13 00:38:25
104.248.147.78	attack	Automatic report - Banned IP Access	2020-10-12 22:28:53
104.248.143.177	attackspam	Oct 12 15:24:12 itv-usvr-01 sshd[17755]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.143.177 user=root Oct 12 15:24:14 itv-usvr-01 sshd[17755]: Failed password for root from 104.248.143.177 port 59180 ssh2	2020-10-12 17:22:11
104.248.141.235	attackbots	(PERMBLOCK) 104.248.141.235 (DE/Germany/wp2.antfx.com) has had more than 4 temp blocks in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_PERMBLOCK_COUNT; Logs:	2020-10-12 16:02:59
104.248.147.78	attackbotsspam	2020-10-11T23:16:32.135807morrigan.ad5gb.com sshd[507974]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.147.78 user=root 2020-10-11T23:16:33.829282morrigan.ad5gb.com sshd[507974]: Failed password for root from 104.248.147.78 port 49334 ssh2	2020-10-12 13:56:48
104.248.147.78	attack	Oct 11 20:48:43 scw-tender-jepsen sshd[13544]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.147.78 Oct 11 20:48:45 scw-tender-jepsen sshd[13544]: Failed password for invalid user reno from 104.248.147.78 port 49718 ssh2	2020-10-12 04:49:48
104.248.147.78	attack	2020-10-11T07:22:50.363081mail.broermann.family sshd[18309]: Invalid user rene from 104.248.147.78 port 37094 2020-10-11T07:22:50.371345mail.broermann.family sshd[18309]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.147.78 2020-10-11T07:22:50.363081mail.broermann.family sshd[18309]: Invalid user rene from 104.248.147.78 port 37094 2020-10-11T07:22:52.626989mail.broermann.family sshd[18309]: Failed password for invalid user rene from 104.248.147.78 port 37094 ssh2 2020-10-11T07:23:37.777799mail.broermann.family sshd[18381]: Invalid user ftpuser1 from 104.248.147.78 port 45758 ...	2020-10-11 20:54:08
104.248.147.78	attackspam	Bruteforce detected by fail2ban	2020-10-11 12:50:27
104.248.147.78	attack	Oct 11 00:09:13 cho sshd[395757]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.147.78 Oct 11 00:09:13 cho sshd[395757]: Invalid user ghost3 from 104.248.147.78 port 60928 Oct 11 00:09:15 cho sshd[395757]: Failed password for invalid user ghost3 from 104.248.147.78 port 60928 ssh2 Oct 11 00:12:57 cho sshd[395891]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.147.78 user=root Oct 11 00:12:59 cho sshd[395891]: Failed password for root from 104.248.147.78 port 38256 ssh2 ...	2020-10-11 06:13:14
104.248.141.235	attackbots	104.248.141.235 - - [08/Oct/2020:21:11:03 +0200] "GET /wp-login.php HTTP/1.1" 200 9184 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.141.235 - - [08/Oct/2020:21:11:04 +0200] "POST /wp-login.php HTTP/1.1" 200 9435 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.141.235 - - [08/Oct/2020:21:11:05 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-10-09 04:06:14
104.248.141.235	attack	CMS (WordPress or Joomla) login attempt.	2020-10-08 20:14:25
104.248.141.235	attackbots	[apache-noscript] Found 104.248.141.235	2020-10-08 12:10:58
104.248.141.235	attack	[apache-noscript] Found 104.248.141.235	2020-10-08 07:31:11
104.248.141.235	attackspambots	104.248.141.235 - - [02/Oct/2020:19:40:21 +0200] "GET /wp-login.php HTTP/1.1" 301 162 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.141.235 - - [02/Oct/2020:19:40:23 +0200] "GET /wp-login.php HTTP/1.1" 404 878 "http://mail.tuxlinux.eu/wp-login.php" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-10-03 06:25:08

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.248.14.149
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 20729
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.248.14.149.			IN	A

;; AUTHORITY SECTION:
.			308	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022500 1800 900 604800 86400

;; Query time: 60 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 25 20:23:35 CST 2022
;; MSG SIZE  rcvd: 107

Host info

Host 149.14.248.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 149.14.248.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
141.89.192.238	attackspam	Sep 27 13:14:24 www sshd\[121065\]: Invalid user sales from 141.89.192.238 Sep 27 13:14:24 www sshd\[121065\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.89.192.238 Sep 27 13:14:26 www sshd\[121065\]: Failed password for invalid user sales from 141.89.192.238 port 40320 ssh2 ...	2019-09-27 18:23:06
147.139.136.237	attack	Invalid user design from 147.139.136.237 port 55750	2019-09-27 18:26:51
108.58.41.139	attackbots	Sep 27 06:18:31 [host] sshd[16055]: Invalid user thomas from 108.58.41.139 Sep 27 06:18:31 [host] sshd[16055]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=108.58.41.139 Sep 27 06:18:34 [host] sshd[16055]: Failed password for invalid user thomas from 108.58.41.139 port 52714 ssh2	2019-09-27 18:34:22
181.198.86.24	attackbotsspam	Sep 27 09:00:14 nextcloud sshd\[17883\]: Invalid user IBM from 181.198.86.24 Sep 27 09:00:14 nextcloud sshd\[17883\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.198.86.24 Sep 27 09:00:16 nextcloud sshd\[17883\]: Failed password for invalid user IBM from 181.198.86.24 port 27350 ssh2 ...	2019-09-27 18:28:50
177.100.50.182	attack	Sep 26 20:08:19 tdfoods sshd\[29475\]: Invalid user upload from 177.100.50.182 Sep 26 20:08:19 tdfoods sshd\[29475\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.100.50.182 Sep 26 20:08:22 tdfoods sshd\[29475\]: Failed password for invalid user upload from 177.100.50.182 port 58326 ssh2 Sep 26 20:13:46 tdfoods sshd\[29994\]: Invalid user liaohu from 177.100.50.182 Sep 26 20:13:46 tdfoods sshd\[29994\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.100.50.182	2019-09-27 18:21:09
80.82.77.240	attackspambots	09/27/2019-03:33:52.613243 80.82.77.240 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 82	2019-09-27 18:21:59
181.55.188.187	attack	Sep 27 12:03:58 [host] sshd[22471]: Invalid user teamspeak3 from 181.55.188.187 Sep 27 12:03:58 [host] sshd[22471]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.55.188.187 Sep 27 12:04:00 [host] sshd[22471]: Failed password for invalid user teamspeak3 from 181.55.188.187 port 39462 ssh2	2019-09-27 18:22:13
85.202.194.226	attackspambots	4.632.550,33-03/02 [bc18/m54] concatform PostRequest-Spammer scoring: Durban02	2019-09-27 18:15:00
37.193.108.101	attackspam	2019-09-27T05:05:20.2693281495-001 sshd\[23762\]: Failed password for invalid user kiefer from 37.193.108.101 port 26664 ssh2 2019-09-27T05:18:22.3462351495-001 sshd\[24829\]: Invalid user changeme from 37.193.108.101 port 18768 2019-09-27T05:18:22.3561091495-001 sshd\[24829\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=l37-193-108-101.novotelecom.ru 2019-09-27T05:18:24.2489901495-001 sshd\[24829\]: Failed password for invalid user changeme from 37.193.108.101 port 18768 ssh2 2019-09-27T05:22:38.9889401495-001 sshd\[25191\]: Invalid user matt from 37.193.108.101 port 59140 2019-09-27T05:22:38.9974781495-001 sshd\[25191\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=l37-193-108-101.novotelecom.ru ...	2019-09-27 18:02:59
146.88.74.158	attack	Invalid user thursday from 146.88.74.158 port 51389	2019-09-27 18:34:06
106.12.12.7	attackbotsspam	Sep 27 05:38:18 apollo sshd\[6864\]: Invalid user tang from 106.12.12.7Sep 27 05:38:19 apollo sshd\[6864\]: Failed password for invalid user tang from 106.12.12.7 port 40622 ssh2Sep 27 05:48:14 apollo sshd\[6907\]: Invalid user cbrown from 106.12.12.7 ...	2019-09-27 17:59:46
222.186.175.167	attack	Sep 27 05:08:05 debian sshd[6358]: Unable to negotiate with 222.186.175.167 port 58084: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1 [preauth] Sep 27 06:01:51 debian sshd[8592]: Unable to negotiate with 222.186.175.167 port 9336: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1 [preauth] ...	2019-09-27 18:03:47
81.23.9.218	attackspambots	Sep 27 11:37:34 ns3110291 sshd\[18793\]: Invalid user uploader from 81.23.9.218 Sep 27 11:37:34 ns3110291 sshd\[18793\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.23.9.218 Sep 27 11:37:36 ns3110291 sshd\[18793\]: Failed password for invalid user uploader from 81.23.9.218 port 45145 ssh2 Sep 27 11:41:53 ns3110291 sshd\[18977\]: Invalid user testmail from 81.23.9.218 Sep 27 11:41:53 ns3110291 sshd\[18977\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.23.9.218 ...	2019-09-27 18:31:49
149.202.223.136	attackbots	\[2019-09-27 05:56:20\] NOTICE\[1948\] chan_sip.c: Registration from '\' failed for '149.202.223.136:62484' - Wrong password \[2019-09-27 05:56:20\] SECURITY\[2006\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-09-27T05:56:20.087-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="1006666666",SessionID="0x7f1e1c129868",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/149.202.223.136/62484",Challenge="2ea912eb",ReceivedChallenge="2ea912eb",ReceivedHash="bba59e95cea005af61920a6e2aff156e" \[2019-09-27 05:56:20\] NOTICE\[1948\] chan_sip.c: Registration from '\' failed for '149.202.223.136:50352' - Wrong password \[2019-09-27 05:56:20\] SECURITY\[2006\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-09-27T05:56:20.298-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="3452",SessionID="0x7f1e1c893b48",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/149.202.223	2019-09-27 18:04:08
80.82.77.139	attackspam	09/27/2019-05:29:07.107311 80.82.77.139 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 82	2019-09-27 18:31:18

Recently Reported IPs

104.248.139.141	104.248.136.158	104.248.14.158	104.248.14.156
104.248.14.255	104.248.14.162	104.248.14.74	104.248.141.139
104.248.141.121	104.248.141.142	101.109.59.146	104.248.141.164
104.248.141.211	104.248.14.87	104.248.142.102	104.248.14.241
104.248.141.49	104.248.141.226	104.248.141.92	104.248.142.156