104.248.149.100

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.248.149.43	attack	104.248.149.43 - - [30/Sep/2020:00:20:22 +0100] "POST /wp-login.php HTTP/1.1" 200 2224 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.149.43 - - [30/Sep/2020:00:20:23 +0100] "POST /xmlrpc.php HTTP/1.1" 200 247 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.149.43 - - [30/Sep/2020:00:33:45 +0100] "POST /wp/wp-login.php HTTP/1.1" 200 2480 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-30 09:40:37
104.248.149.43	attack	can 104.248.149.43 [29/Sep/2020:03:54:45 "-" "POST /wp-login.php 200 2021 104.248.149.43 [29/Sep/2020:20:52:24 "-" "GET /wp-login.php 200 4676 104.248.149.43 [29/Sep/2020:20:52:25 "-" "POST /wp-login.php 200 4676	2020-09-30 02:31:05
104.248.149.43	attackbotsspam	CMS (WordPress or Joomla) login attempt.	2020-09-29 18:33:58
104.248.149.130	attack	Invalid user student from 104.248.149.130 port 58998	2020-09-25 19:47:35
104.248.149.130	attack	$f2bV_matches	2020-09-19 01:01:39
104.248.149.130	attackbots	SSH Brute-Forcing (server2)	2020-09-18 17:03:26
104.248.149.130	attackspambots	SSH bruteforce	2020-09-18 07:18:38
104.248.149.130	attackbotsspam	SSH Login Bruteforce	2020-09-12 19:43:39
104.248.149.130	attackbotsspam	Sep 1 14:25:13 mail sshd\[21877\]: Invalid user hqy from 104.248.149.130 ...	2020-09-02 03:52:53
104.248.149.130	attackbots	Aug 21 09:20:58 pkdns2 sshd\[1477\]: Invalid user wup from 104.248.149.130Aug 21 09:21:00 pkdns2 sshd\[1477\]: Failed password for invalid user wup from 104.248.149.130 port 38152 ssh2Aug 21 09:25:09 pkdns2 sshd\[1683\]: Invalid user history from 104.248.149.130Aug 21 09:25:10 pkdns2 sshd\[1683\]: Failed password for invalid user history from 104.248.149.130 port 46970 ssh2Aug 21 09:29:33 pkdns2 sshd\[1836\]: Invalid user vladimir from 104.248.149.130Aug 21 09:29:35 pkdns2 sshd\[1836\]: Failed password for invalid user vladimir from 104.248.149.130 port 55920 ssh2 ...	2020-08-21 14:53:47
104.248.149.206	attackbotsspam	Aug 18 10:52:24 hidden sshd[10329]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.149.206 Aug 18 10:52:27 hidden sshd[10329]: Failed password for invalid user mc3 from 104.248.149.206 port 43999 ssh2 Aug 18 11:04:39 hidden sshd[12496]: Invalid user nodejs from 104.248.149.206 port 64195	2020-08-19 21:36:24
104.248.149.130	attackbotsspam	Aug 15 14:35:55 abendstille sshd\[3088\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.149.130 user=root Aug 15 14:35:56 abendstille sshd\[3088\]: Failed password for root from 104.248.149.130 port 35778 ssh2 Aug 15 14:38:32 abendstille sshd\[5588\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.149.130 user=root Aug 15 14:38:34 abendstille sshd\[5588\]: Failed password for root from 104.248.149.130 port 46666 ssh2 Aug 15 14:41:16 abendstille sshd\[8294\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.149.130 user=root ...	2020-08-15 20:46:41
104.248.149.130	attackspam	Aug 14 09:11:31 ws24vmsma01 sshd[75930]: Failed password for root from 104.248.149.130 port 57374 ssh2 ...	2020-08-14 23:44:00
104.248.149.130	attackspambots	Port Scan detected from 104.248.149.130 (SG/Singapore/-/Singapore (Pioneer)/-). 4 hits in the last 85 seconds	2020-08-13 13:42:08
104.248.149.130	attackbotsspam	$f2bV_matches	2020-08-09 16:37:32

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.248.149.100
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7850
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.248.149.100.		IN	A

;; AUTHORITY SECTION:
.			390	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022030800 1800 900 604800 86400

;; Query time: 68 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Mar 08 14:11:16 CST 2022
;; MSG SIZE  rcvd: 108

Host info

Host 100.149.248.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 100.149.248.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
95.182.129.243	attack	Aug 13 13:20:53 aat-srv002 sshd[19002]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.182.129.243 Aug 13 13:20:56 aat-srv002 sshd[19002]: Failed password for invalid user weblogic from 95.182.129.243 port 60418 ssh2 Aug 13 13:26:05 aat-srv002 sshd[19157]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.182.129.243 Aug 13 13:26:07 aat-srv002 sshd[19157]: Failed password for invalid user nigel from 95.182.129.243 port 9118 ssh2 ...	2019-08-14 04:25:29
203.152.219.70	attackbots	Aug 13 03:29:50 xb0 sshd[5145]: Failed password for invalid user samw from 203.152.219.70 port 35645 ssh2 Aug 13 03:29:50 xb0 sshd[5145]: Received disconnect from 203.152.219.70: 11: Bye Bye [preauth] Aug 13 03:33:58 xb0 sshd[3360]: Failed password for invalid user samw from 203.152.219.70 port 41213 ssh2 Aug 13 03:33:58 xb0 sshd[3360]: Received disconnect from 203.152.219.70: 11: Bye Bye [preauth] Aug 13 03:48:30 xb0 sshd[2975]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.152.219.70 user=r.r Aug 13 03:48:32 xb0 sshd[2975]: Failed password for r.r from 203.152.219.70 port 41926 ssh2 Aug 13 03:48:33 xb0 sshd[2975]: Received disconnect from 203.152.219.70: 11: Bye Bye [preauth] Aug 13 03:49:31 xb0 sshd[4187]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.152.219.70 user=r.r Aug 13 03:49:32 xb0 sshd[4187]: Failed password for r.r from 203.152.219.70 port 38158 ssh2 Aug 13 03:49:........ -------------------------------	2019-08-14 04:16:04
115.231.73.154	attackspam	Aug 13 21:34:45 mail sshd\[22981\]: Failed password for invalid user joanna from 115.231.73.154 port 59739 ssh2 Aug 13 21:38:34 mail sshd\[23410\]: Invalid user user from 115.231.73.154 port 51230 Aug 13 21:38:34 mail sshd\[23410\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.231.73.154 Aug 13 21:38:35 mail sshd\[23410\]: Failed password for invalid user user from 115.231.73.154 port 51230 ssh2 Aug 13 21:42:18 mail sshd\[24055\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.231.73.154 user=root	2019-08-14 03:56:09
201.182.223.59	attack	Aug 13 22:18:40 legacy sshd[23177]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.182.223.59 Aug 13 22:18:42 legacy sshd[23177]: Failed password for invalid user vds from 201.182.223.59 port 50838 ssh2 Aug 13 22:23:40 legacy sshd[23201]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.182.223.59 ...	2019-08-14 04:33:28
40.68.153.124	attack	2019-08-13T19:49:39.999375abusebot.cloudsearch.cf sshd\[7241\]: Invalid user ryan from 40.68.153.124 port 53642	2019-08-14 04:08:17
134.209.97.61	attackbots	frenzy	2019-08-14 04:29:01
164.68.108.60	attackbotsspam	miraniessen.de 164.68.108.60 \[13/Aug/2019:20:25:46 +0200\] "POST /wp-login.php HTTP/1.1" 200 5955 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" miraniessen.de 164.68.108.60 \[13/Aug/2019:20:25:46 +0200\] "POST /wp-login.php HTTP/1.1" 200 5967 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-08-14 04:39:09
106.13.48.157	attackspambots	$f2bV_matches	2019-08-14 04:19:45
189.109.247.150	attackspam	Aug 13 20:19:41 SilenceServices sshd[5672]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.109.247.150 Aug 13 20:19:43 SilenceServices sshd[5672]: Failed password for invalid user skynet from 189.109.247.150 port 21751 ssh2 Aug 13 20:25:52 SilenceServices sshd[10841]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.109.247.150	2019-08-14 04:35:11
103.206.209.238	attackspam	Mail sent to address hacked/leaked from Last.fm	2019-08-14 04:20:06
92.53.90.143	attackbots	08/13/2019-14:26:28.906889 92.53.90.143 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-08-14 04:13:23
117.204.61.215	attackbots	Automatic report - Port Scan Attack	2019-08-14 04:01:01
51.83.74.158	attackspambots	2019-08-14T03:09:25.304543enmeeting.mahidol.ac.th sshd\[31142\]: Invalid user inspur from 51.83.74.158 port 60517 2019-08-14T03:09:25.318529enmeeting.mahidol.ac.th sshd\[31142\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=158.ip-51-83-74.eu 2019-08-14T03:09:26.783058enmeeting.mahidol.ac.th sshd\[31142\]: Failed password for invalid user inspur from 51.83.74.158 port 60517 ssh2 ...	2019-08-14 04:22:15
191.53.250.224	attackspambots	Currently 7 failed/unauthorized logins attempts via SMTP/IMAP whostnameh 6 different usernames and wrong password: 2019-08-13T20:21:57+02:00 x@x 2019-08-12T10:38:45+02:00 x@x 2019-08-06T04:13:14+02:00 x@x 2019-07-26T03:06:10+02:00 x@x 2019-07-21T14:41:56+02:00 x@x 2019-07-20T17:39:42+02:00 x@x 2019-06-28T10:45:43+02:00 x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=191.53.250.224	2019-08-14 04:34:07
34.201.228.243	attack	Brute forcing RDP port 3389	2019-08-14 04:07:11

Recently Reported IPs

104.248.153.129	104.248.149.154	104.248.153.148	104.21.192.185
104.248.155.123	104.248.15.220	104.248.157.56	104.248.167.26
149.167.23.55	48.218.134.69	104.21.196.114	104.21.199.37
104.25.202.15	104.25.202.96	104.25.203.15	104.25.201.96
104.25.224.98	104.25.214.10	104.25.244.43	104.21.199.49