104.248.144.120

Basic Info

City: Singapore

Region: unknown

Country: Singapore

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.248.144.94	attackbots	sshd jail - ssh hack attempt	2020-07-11 00:48:47
104.248.144.94	attackbotsspam	$f2bV_matches	2020-07-10 16:55:02
104.248.144.208	attack	104.248.144.208 - - [30/Jun/2020:13:44:09 +0100] "POST /wp-login.php HTTP/1.1" 200 1996 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.144.208 - - [30/Jun/2020:13:44:13 +0100] "POST /wp-login.php HTTP/1.1" 200 1924 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.144.208 - - [30/Jun/2020:13:44:15 +0100] "POST /xmlrpc.php HTTP/1.1" 200 247 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-07-01 00:47:22
104.248.144.208	attackspambots	104.248.144.208 - - [29/Jun/2020:04:58:23 +0100] "POST /wp/wp-login.php HTTP/1.1" 200 1865 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.144.208 - - [29/Jun/2020:04:58:26 +0100] "POST /wp/wp-login.php HTTP/1.1" 200 1857 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.144.208 - - [29/Jun/2020:04:58:27 +0100] "POST /wp/xmlrpc.php HTTP/1.1" 200 247 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-06-29 12:14:39
104.248.144.208	attackspam	Attempt to log in with non-existing username: admin	2020-06-04 14:33:13
104.248.144.208	attackbots	104.248.144.208 - - [01/Jun/2020:14:27:58 +0200] "GET /wp-login.php HTTP/1.1" 200 6364 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.144.208 - - [01/Jun/2020:14:28:00 +0200] "POST /wp-login.php HTTP/1.1" 200 6615 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.144.208 - - [01/Jun/2020:14:28:07 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-06-01 23:04:31
104.248.144.208	attackspambots	104.248.144.208 - - [28/May/2020:14:03:14 +0200] "GET /wp-login.php HTTP/1.1" 200 5865 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.144.208 - - [28/May/2020:14:03:17 +0200] "POST /wp-login.php HTTP/1.1" 200 6116 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.144.208 - - [28/May/2020:14:03:18 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-05-28 20:54:25
104.248.144.208	attack	abasicmove.de 104.248.144.208 [10/May/2020:15:30:29 +0200] "POST /wp-login.php HTTP/1.1" 200 6098 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" abasicmove.de 104.248.144.208 [10/May/2020:15:30:30 +0200] "POST /wp-login.php HTTP/1.1" 200 5957 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-05-16 19:13:49
104.248.144.208	attackspambots	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-05-15 08:20:54
104.248.144.208	attackbots	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-05-11 04:01:42
104.248.144.208	attackbotsspam	CMS (WordPress or Joomla) login attempt.	2020-03-26 03:27:09
104.248.144.147	attack	Mar 16 15:35:18 sshd\[11502\]: User root from 104.248.144.147 not allowed because not listed in AllowUsersMar 16 15:35:20 sshd\[11502\]: Failed password for invalid user root from 104.248.144.147 port 39346 ssh2 ...	2020-03-17 07:07:58
104.248.144.208	attackspam	CMS (WordPress or Joomla) login attempt.	2020-03-14 09:32:48
104.248.144.208	attackspam	xmlrpc attack	2020-02-19 21:43:52
104.248.144.208	attack	Automatic report - XMLRPC Attack	2020-02-03 14:06:18

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.248.144.120
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 25323
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.248.144.120.		IN	A

;; AUTHORITY SECTION:
.			580	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021100 1800 900 604800 86400

;; Query time: 77 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 11 14:28:04 CST 2022
;; MSG SIZE  rcvd: 108

Host info

120.144.248.104.in-addr.arpa domain name pointer gsgweb-wasabierp.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
120.144.248.104.in-addr.arpa	name = gsgweb-wasabierp.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
218.92.0.249	attackspam	Sep 25 19:46:54 shivevps sshd[8712]: error: maximum authentication attempts exceeded for root from 218.92.0.249 port 45364 ssh2 [preauth] Sep 25 19:46:57 shivevps sshd[8714]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.249 user=root Sep 25 19:46:59 shivevps sshd[8714]: Failed password for root from 218.92.0.249 port 11046 ssh2 ...	2020-09-26 06:49:52
125.164.232.200	attackspambots	Brute force blocker - service: proftpd1, proftpd2 - aantal: 164 - Sun Sep 2 15:45:18 2018	2020-09-26 06:43:20
117.144.189.69	attackbots	Sep 25 23:07:13 [host] sshd[31718]: Invalid user h Sep 25 23:07:13 [host] sshd[31718]: pam_unix(sshd: Sep 25 23:07:15 [host] sshd[31718]: Failed passwor	2020-09-26 06:46:06
106.13.34.131	attackbotsspam	$f2bV_matches	2020-09-26 06:46:54
125.40.90.126	attack	Brute force blocker - service: proftpd1 - aantal: 155 - Tue Sep 4 13:50:14 2018	2020-09-26 06:28:55
117.81.59.153	attackspam	Brute force blocker - service: proftpd1 - aantal: 26 - Mon Sep 3 12:20:15 2018	2020-09-26 06:39:04
113.21.228.202	attackbotsspam	Brute force blocker - service: proftpd1 - aantal: 69 - Sun Sep 2 05:30:17 2018	2020-09-26 06:57:51
52.169.94.227	attack	52.169.94.227 - - [25/Sep/2020:12:56:14 +0100] "POST /wp-login.php HTTP/1.1" 200 4426 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 52.169.94.227 - - [25/Sep/2020:12:56:14 +0100] "POST /wp-login.php HTTP/1.1" 200 4426 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 52.169.94.227 - - [25/Sep/2020:12:56:15 +0100] "POST /wp-login.php HTTP/1.1" 200 4426 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-26 06:52:09
31.40.90.39	attackbots	445/tcp [2020-09-24]1pkt	2020-09-26 06:30:54
64.227.37.214	attackbots	(mod_security) mod_security (id:210492) triggered by 64.227.37.214 (GB/United Kingdom/sub-551661.example.com): 5 in the last 3600 secs	2020-09-26 06:38:11
103.141.46.154	attackbotsspam	Sep 25 11:42:04 marvibiene sshd[18702]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.141.46.154 Sep 25 11:42:07 marvibiene sshd[18702]: Failed password for invalid user snow from 103.141.46.154 port 59630 ssh2 Sep 25 11:54:44 marvibiene sshd[19650]: Failed password for root from 103.141.46.154 port 35078 ssh2	2020-09-26 06:37:01
37.59.37.69	attackspam	Invalid user app from 37.59.37.69 port 47793	2020-09-26 07:04:02
117.50.107.175	attackspam	SSH Invalid Login	2020-09-26 06:55:14
112.27.31.54	attackbotsspam	Brute force blocker - service: proftpd1 - aantal: 155 - Tue Sep 4 11:20:14 2018	2020-09-26 06:30:12
123.188.23.190	attack	Brute force blocker - service: proftpd1 - aantal: 43 - Tue Sep 4 12:30:16 2018	2020-09-26 06:29:25

Recently Reported IPs

104.227.222.104	104.248.134.0	104.237.151.242	104.227.76.78
104.248.93.33	104.248.204.49	104.227.133.209	104.46.124.66
104.236.47.175	106.12.128.168	105.235.201.234	106.12.146.97
104.243.26.5	106.12.174.132	104.248.18.206	106.12.134.182
106.13.114.84	106.13.171.45	106.13.231.159	106.13.26.81