104.248.144.195

Basic Info

City: Singapore

Region: unknown

Country: Singapore

Internet Service Provider: unknown

Hostname: unknown

Organization: DigitalOcean, LLC

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.248.144.94	attackbots	sshd jail - ssh hack attempt	2020-07-11 00:48:47
104.248.144.94	attackbotsspam	$f2bV_matches	2020-07-10 16:55:02
104.248.144.208	attack	104.248.144.208 - - [30/Jun/2020:13:44:09 +0100] "POST /wp-login.php HTTP/1.1" 200 1996 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.144.208 - - [30/Jun/2020:13:44:13 +0100] "POST /wp-login.php HTTP/1.1" 200 1924 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.144.208 - - [30/Jun/2020:13:44:15 +0100] "POST /xmlrpc.php HTTP/1.1" 200 247 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-07-01 00:47:22
104.248.144.208	attackspambots	104.248.144.208 - - [29/Jun/2020:04:58:23 +0100] "POST /wp/wp-login.php HTTP/1.1" 200 1865 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.144.208 - - [29/Jun/2020:04:58:26 +0100] "POST /wp/wp-login.php HTTP/1.1" 200 1857 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.144.208 - - [29/Jun/2020:04:58:27 +0100] "POST /wp/xmlrpc.php HTTP/1.1" 200 247 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-06-29 12:14:39
104.248.144.208	attackspam	Attempt to log in with non-existing username: admin	2020-06-04 14:33:13
104.248.144.208	attackbots	104.248.144.208 - - [01/Jun/2020:14:27:58 +0200] "GET /wp-login.php HTTP/1.1" 200 6364 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.144.208 - - [01/Jun/2020:14:28:00 +0200] "POST /wp-login.php HTTP/1.1" 200 6615 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.144.208 - - [01/Jun/2020:14:28:07 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-06-01 23:04:31
104.248.144.208	attackspambots	104.248.144.208 - - [28/May/2020:14:03:14 +0200] "GET /wp-login.php HTTP/1.1" 200 5865 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.144.208 - - [28/May/2020:14:03:17 +0200] "POST /wp-login.php HTTP/1.1" 200 6116 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.144.208 - - [28/May/2020:14:03:18 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-05-28 20:54:25
104.248.144.208	attack	abasicmove.de 104.248.144.208 [10/May/2020:15:30:29 +0200] "POST /wp-login.php HTTP/1.1" 200 6098 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" abasicmove.de 104.248.144.208 [10/May/2020:15:30:30 +0200] "POST /wp-login.php HTTP/1.1" 200 5957 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-05-16 19:13:49
104.248.144.208	attackspambots	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-05-15 08:20:54
104.248.144.208	attackbots	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-05-11 04:01:42
104.248.144.208	attackbotsspam	CMS (WordPress or Joomla) login attempt.	2020-03-26 03:27:09
104.248.144.147	attack	Mar 16 15:35:18 sshd\[11502\]: User root from 104.248.144.147 not allowed because not listed in AllowUsersMar 16 15:35:20 sshd\[11502\]: Failed password for invalid user root from 104.248.144.147 port 39346 ssh2 ...	2020-03-17 07:07:58
104.248.144.208	attackspam	CMS (WordPress or Joomla) login attempt.	2020-03-14 09:32:48
104.248.144.208	attackspam	xmlrpc attack	2020-02-19 21:43:52
104.248.144.208	attack	Automatic report - XMLRPC Attack	2020-02-03 14:06:18

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.248.144.195
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18784
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.248.144.195.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019062901 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Jun 30 07:23:37 CST 2019
;; MSG SIZE  rcvd: 119

Host info

Host 195.144.248.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 195.144.248.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
185.36.81.16	attackbotsspam	Rude login attack (4 tries in 1d)	2019-09-10 12:05:34
78.85.239.10	attackspam	RDP Scan	2019-09-10 11:57:13
221.132.17.74	attackspambots	Apr 10 03:52:00 vtv3 sshd\[21615\]: Invalid user ttt from 221.132.17.74 port 36594 Apr 10 03:52:00 vtv3 sshd\[21615\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.132.17.74 Apr 10 03:52:02 vtv3 sshd\[21615\]: Failed password for invalid user ttt from 221.132.17.74 port 36594 ssh2 Apr 10 03:59:12 vtv3 sshd\[24298\]: Invalid user dragos from 221.132.17.74 port 44014 Apr 10 03:59:12 vtv3 sshd\[24298\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.132.17.74 Apr 15 09:06:02 vtv3 sshd\[23697\]: Invalid user asterisk from 221.132.17.74 port 57434 Apr 15 09:06:02 vtv3 sshd\[23697\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.132.17.74 Apr 15 09:06:03 vtv3 sshd\[23697\]: Failed password for invalid user asterisk from 221.132.17.74 port 57434 ssh2 Apr 15 09:12:03 vtv3 sshd\[26761\]: Invalid user info from 221.132.17.74 port 51680 Apr 15 09:12:03 vtv3 sshd\[26761\]: pam	2019-09-10 11:41:11
37.187.6.235	attack	Sep 9 23:45:59 ny01 sshd[14432]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.187.6.235 Sep 9 23:46:01 ny01 sshd[14432]: Failed password for invalid user odoo from 37.187.6.235 port 52162 ssh2 Sep 9 23:52:21 ny01 sshd[15524]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.187.6.235	2019-09-10 12:00:53
80.203.84.228	attackbots	2019-09-10T03:11:48.345464abusebot-2.cloudsearch.cf sshd\[16830\]: Invalid user ubuntu from 80.203.84.228 port 55274	2019-09-10 11:37:47
76.72.8.136	attackbotsspam	Sep 10 03:08:14 vps sshd[18402]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=76.72.8.136 Sep 10 03:08:16 vps sshd[18402]: Failed password for invalid user teamspeak3 from 76.72.8.136 port 51732 ssh2 Sep 10 03:21:59 vps sshd[19047]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=76.72.8.136 ...	2019-09-10 11:19:35
129.204.95.60	attackbotsspam	Sep 10 04:00:08 microserver sshd[41308]: Invalid user user4 from 129.204.95.60 port 56326 Sep 10 04:00:08 microserver sshd[41308]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.95.60 Sep 10 04:00:10 microserver sshd[41308]: Failed password for invalid user user4 from 129.204.95.60 port 56326 ssh2 Sep 10 04:06:48 microserver sshd[42396]: Invalid user deploy1234 from 129.204.95.60 port 33774 Sep 10 04:06:48 microserver sshd[42396]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.95.60 Sep 10 04:22:42 microserver sshd[44584]: Invalid user password from 129.204.95.60 port 45148 Sep 10 04:22:42 microserver sshd[44584]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.95.60 Sep 10 04:22:45 microserver sshd[44584]: Failed password for invalid user password from 129.204.95.60 port 45148 ssh2 Sep 10 04:30:55 microserver sshd[45866]: Invalid user znc-admin from 129.204.95.60 p	2019-09-10 11:52:56
46.101.77.58	attackbotsspam	Sep 9 17:17:12 lcprod sshd\[6648\]: Invalid user user3 from 46.101.77.58 Sep 9 17:17:12 lcprod sshd\[6648\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.77.58 Sep 9 17:17:14 lcprod sshd\[6648\]: Failed password for invalid user user3 from 46.101.77.58 port 49537 ssh2 Sep 9 17:25:05 lcprod sshd\[7329\]: Invalid user admin from 46.101.77.58 Sep 9 17:25:05 lcprod sshd\[7329\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.77.58	2019-09-10 11:27:12
52.169.136.28	attackbotsspam	Sep 10 03:03:00 game-panel sshd[27896]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.169.136.28 Sep 10 03:03:02 game-panel sshd[27896]: Failed password for invalid user mcserver from 52.169.136.28 port 42878 ssh2 Sep 10 03:08:49 game-panel sshd[28133]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.169.136.28	2019-09-10 11:19:58
77.247.110.149	attackbots	SIPVicious Scanner Detection, PTR: PTR record not found	2019-09-10 11:16:25
196.41.123.182	attackbotsspam	Sep 10 03:21:34 mailserver postfix/smtpd[93785]: connect from 196.41.123.182-colocation.cybersmart.co.za[196.41.123.182] Sep 10 03:21:34 mailserver postfix/smtpd[93785]: lost connection after AUTH from 196.41.123.182-colocation.cybersmart.co.za[196.41.123.182] Sep 10 03:21:34 mailserver postfix/smtpd[93785]: disconnect from 196.41.123.182-colocation.cybersmart.co.za[196.41.123.182] Sep 10 03:21:34 mailserver postfix/smtpd[93785]: connect from 196.41.123.182-colocation.cybersmart.co.za[196.41.123.182] Sep 10 03:21:35 mailserver postfix/smtpd[93785]: lost connection after AUTH from 196.41.123.182-colocation.cybersmart.co.za[196.41.123.182] Sep 10 03:21:35 mailserver postfix/smtpd[93785]: disconnect from 196.41.123.182-colocation.cybersmart.co.za[196.41.123.182] Sep 10 03:21:35 mailserver postfix/smtpd[93785]: connect from 196.41.123.182-colocation.cybersmart.co.za[196.41.123.182] Sep 10 03:21:35 mailserver postfix/smtpd[93785]: lost connection after AUTH from 196.41.123.182-colocation.cybersmart.co.za[196.41.12	2019-09-10 11:40:23
36.72.100.115	attackbots	2019-09-10T03:39:23.943019abusebot-2.cloudsearch.cf sshd\[16996\]: Invalid user minecraft from 36.72.100.115 port 41962	2019-09-10 12:01:43
49.234.180.159	attack	Sep 10 06:09:42 www2 sshd\[42142\]: Invalid user postgres from 49.234.180.159Sep 10 06:09:44 www2 sshd\[42142\]: Failed password for invalid user postgres from 49.234.180.159 port 51086 ssh2Sep 10 06:14:26 www2 sshd\[42737\]: Invalid user postgres from 49.234.180.159 ...	2019-09-10 11:26:21
165.22.53.23	attackspambots	Sep 9 17:52:53 tdfoods sshd\[6685\]: Invalid user test from 165.22.53.23 Sep 9 17:52:53 tdfoods sshd\[6685\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.53.23 Sep 9 17:52:55 tdfoods sshd\[6685\]: Failed password for invalid user test from 165.22.53.23 port 55846 ssh2 Sep 9 17:59:33 tdfoods sshd\[7308\]: Invalid user user1 from 165.22.53.23 Sep 9 17:59:33 tdfoods sshd\[7308\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.53.23	2019-09-10 11:59:50
139.59.41.154	attack	Sep 9 17:22:06 hiderm sshd\[24112\]: Invalid user server from 139.59.41.154 Sep 9 17:22:06 hiderm sshd\[24112\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.41.154 Sep 9 17:22:08 hiderm sshd\[24112\]: Failed password for invalid user server from 139.59.41.154 port 39718 ssh2 Sep 9 17:28:30 hiderm sshd\[24708\]: Invalid user chris from 139.59.41.154 Sep 9 17:28:30 hiderm sshd\[24708\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.41.154	2019-09-10 11:41:31

Recently Reported IPs

114.80.216.162	106.51.64.85	106.51.53.212	103.115.195.42
103.87.31.205	103.48.21.58	101.99.6.122	92.252.166.85
92.252.156.184	77.247.108.127	59.124.222.3	46.98.80.163
200.66.113.88	168.228.148.167	106.52.104.231	95.64.77.154
14.173.5.58	187.109.59.1	207.46.13.21	180.244.102.126