104.248.150.150

基本信息:

城市(city): Singapore

省份(region): Central Singapore Community Development Council

国家(country): Singapore

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): DigitalOcean, LLC

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	SSH Brute Force	2020-04-29 13:30:36
attackbotsspam	Feb 15 16:26:49 thevastnessof sshd[17084]: Failed password for root from 104.248.150.150 port 54700 ssh2 ...	2020-02-16 00:43:28
attackspambots	Automatic report - Banned IP Access	2020-01-31 23:15:13
attackspam	" "	2020-01-02 18:04:59
attack	Dec 5 15:36:22 sshd: Connection from 104.248.150.150 port 41721 Dec 5 15:37:10 sshd: Failed password for news from 104.248.150.150 port 41721 ssh2 Dec 5 15:37:12 sshd: Received disconnect from 104.248.150.150: 11: Bye Bye [preauth]	2019-12-06 04:06:48
attack	Automatic report - Banned IP Access	2019-12-01 21:12:15
attackbotsspam	SSH Brute Force	2019-11-01 12:02:39
attack	Oct 4 15:55:26 thevastnessof sshd[23519]: Failed password for root from 104.248.150.150 port 52067 ssh2 ...	2019-10-05 01:55:57
attackspam	Sep 8 01:13:06 bouncer sshd\[28484\]: Invalid user sdtdserver from 104.248.150.150 port 53258 Sep 8 01:13:06 bouncer sshd\[28484\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.150.150 Sep 8 01:13:08 bouncer sshd\[28484\]: Failed password for invalid user sdtdserver from 104.248.150.150 port 53258 ssh2 ...	2019-09-08 08:00:45
attackbotsspam	Sep 1 14:46:24 * sshd[7641]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.150.150 Sep 1 14:46:26 * sshd[7641]: Failed password for invalid user webuser from 104.248.150.150 port 38361 ssh2	2019-09-01 20:48:11
attack	Repeated brute force against a port	2019-08-15 12:23:40
attackspam	Aug 7 19:22:53 MK-Soft-VM5 sshd\[1684\]: Invalid user teacher from 104.248.150.150 port 56084 Aug 7 19:22:53 MK-Soft-VM5 sshd\[1684\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.150.150 Aug 7 19:22:55 MK-Soft-VM5 sshd\[1684\]: Failed password for invalid user teacher from 104.248.150.150 port 56084 ssh2 ...	2019-08-08 09:32:23
attack	Jul 12 11:47:39 core01 sshd\[18717\]: Invalid user emmanuel from 104.248.150.150 port 36740 Jul 12 11:47:39 core01 sshd\[18717\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.150.150 ...	2019-07-12 18:07:17
attackspambots	Jul 12 02:27:28 core01 sshd\[25766\]: Invalid user vmail from 104.248.150.150 port 51010 Jul 12 02:27:28 core01 sshd\[25766\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.150.150 ...	2019-07-12 08:28:01
attackbots	Jul 8 18:42:57 MK-Soft-VM4 sshd\[4234\]: Invalid user user from 104.248.150.150 port 44764 Jul 8 18:42:57 MK-Soft-VM4 sshd\[4234\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.150.150 Jul 8 18:42:59 MK-Soft-VM4 sshd\[4234\]: Failed password for invalid user user from 104.248.150.150 port 44764 ssh2 ...	2019-07-09 06:16:33
attack	2019-07-08T01:56:17.890202abusebot-4.cloudsearch.cf sshd\[21153\]: Invalid user testmail from 104.248.150.150 port 53478 2019-07-08T01:56:17.894293abusebot-4.cloudsearch.cf sshd\[21153\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=legolas.kodewave.com	2019-07-08 10:16:01
attackspam	Jun 22 06:29:42 jane sshd\[19176\]: Invalid user gui from 104.248.150.150 port 50025 Jun 22 06:29:42 jane sshd\[19176\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.150.150 Jun 22 06:29:44 jane sshd\[19176\]: Failed password for invalid user gui from 104.248.150.150 port 50025 ssh2 ...	2019-06-22 17:07:56

相同子网IP讨论:

IP	类型	评论内容	时间
104.248.150.143	attackspam	2020-08-30T06:16:00.198114linuxbox-skyline sshd[34850]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.150.143 user=root 2020-08-30T06:16:01.987366linuxbox-skyline sshd[34850]: Failed password for root from 104.248.150.143 port 10983 ssh2 ...	2020-08-30 20:59:56
104.248.150.143	attackspambots	2020-08-29T22:17:03.969103n23.at sshd[3032426]: Invalid user ali from 104.248.150.143 port 35280 2020-08-29T22:17:05.603190n23.at sshd[3032426]: Failed password for invalid user ali from 104.248.150.143 port 35280 ssh2 2020-08-29T22:27:36.085636n23.at sshd[3041262]: Invalid user ftpuser from 104.248.150.143 port 42616 ...	2020-08-30 05:24:32
104.248.150.143	attack	$f2bV_matches	2020-08-28 14:09:40
104.248.150.213	attack	xmlrpc attack	2020-06-24 12:31:02
104.248.150.206	attackbotsspam	(sshd) Failed SSH login from 104.248.150.206 (SG/Singapore/-): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jun 23 06:38:55 ubnt-55d23 sshd[8736]: Invalid user cristiano from 104.248.150.206 port 15216 Jun 23 06:38:57 ubnt-55d23 sshd[8736]: Failed password for invalid user cristiano from 104.248.150.206 port 15216 ssh2	2020-06-23 17:50:20
104.248.150.213	attackspam	Automatic report - XMLRPC Attack	2020-06-06 22:12:56
104.248.150.213	attack	104.248.150.213 - - [27/May/2020:12:12:38 +0200] "POST /wp-login.php HTTP/1.1" 200 3449 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.150.213 - - [27/May/2020:12:12:42 +0200] "POST /wp-login.php HTTP/1.1" 200 3411 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-05-27 18:35:32
104.248.150.63	attackbots	2020-04-20T10:21:53.198343homeassistant sshd[2825]: Invalid user ca from 104.248.150.63 port 43056 2020-04-20T10:21:53.212272homeassistant sshd[2825]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.150.63 ...	2020-04-20 18:46:16
104.248.150.63	attackbotsspam	Apr 19 03:45:09 lanister sshd[13211]: Failed password for invalid user test001 from 104.248.150.63 port 34992 ssh2 Apr 19 03:56:12 lanister sshd[13725]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.150.63 user=root Apr 19 03:56:15 lanister sshd[13725]: Failed password for root from 104.248.150.63 port 49488 ssh2 Apr 19 04:03:40 lanister sshd[13862]: Invalid user au from 104.248.150.63	2020-04-19 17:57:10
104.248.150.47	attackspambots	xmlrpc attack	2020-04-06 22:34:41
104.248.150.47	attackspambots	Automatic report - XMLRPC Attack	2020-03-18 16:03:31
104.248.150.47	attack	Automatic report - XMLRPC Attack	2020-03-11 11:59:25
104.248.150.47	attackspambots	$f2bV_matches	2020-02-28 14:11:34
104.248.150.47	attackbotsspam	$f2bV_matches	2020-02-10 19:23:37
104.248.150.69	attackspambots	Jan 27 13:52:30 MK-Soft-Root2 sshd[12344]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.150.69 Jan 27 13:52:32 MK-Soft-Root2 sshd[12344]: Failed password for invalid user tylor from 104.248.150.69 port 48398 ssh2 ...	2020-01-27 20:55:25

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.248.150.150
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 45976
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.248.150.150.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019033001 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sun Mar 31 10:29:09 +08 2019
;; MSG SIZE  rcvd: 119

HOST信息:

150.150.248.104.in-addr.arpa domain name pointer legolas.kodewave.com.

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
150.150.248.104.in-addr.arpa	name = legolas.kodewave.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
106.12.178.62	attack	Sep 24 00:10:06 hosting sshd[28852]: Invalid user applmgr from 106.12.178.62 port 35302 ...	2019-09-24 06:44:46
70.89.88.3	attack	2019-09-24T05:14:35.436559enmeeting.mahidol.ac.th sshd\[20093\]: Invalid user user from 70.89.88.3 port 51915 2019-09-24T05:14:35.455070enmeeting.mahidol.ac.th sshd\[20093\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=70.89.88.3 2019-09-24T05:14:37.815144enmeeting.mahidol.ac.th sshd\[20093\]: Failed password for invalid user user from 70.89.88.3 port 51915 ssh2 ...	2019-09-24 06:48:36
198.108.67.83	attack	firewall-block, port(s): 7090/tcp	2019-09-24 06:19:08
148.72.65.10	attackbotsspam	Sep 23 23:10:25 MK-Soft-VM5 sshd[16532]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.72.65.10 Sep 23 23:10:27 MK-Soft-VM5 sshd[16532]: Failed password for invalid user dt from 148.72.65.10 port 52846 ssh2 ...	2019-09-24 06:28:14
173.161.242.217	attackbots	Sep 23 12:30:51 hpm sshd\[16495\]: Invalid user mdpi from 173.161.242.217 Sep 23 12:30:51 hpm sshd\[16495\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=173-161-242-217-philadelphia.hfc.comcastbusiness.net Sep 23 12:30:54 hpm sshd\[16495\]: Failed password for invalid user mdpi from 173.161.242.217 port 8300 ssh2 Sep 23 12:35:52 hpm sshd\[16910\]: Invalid user ts from 173.161.242.217 Sep 23 12:35:52 hpm sshd\[16910\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=173-161-242-217-philadelphia.hfc.comcastbusiness.net	2019-09-24 06:43:33
200.131.242.2	attack	Sep 23 21:58:34 web8 sshd\[15627\]: Invalid user inx from 200.131.242.2 Sep 23 21:58:34 web8 sshd\[15627\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.131.242.2 Sep 23 21:58:36 web8 sshd\[15627\]: Failed password for invalid user inx from 200.131.242.2 port 17409 ssh2 Sep 23 22:03:01 web8 sshd\[17852\]: Invalid user helpdesk from 200.131.242.2 Sep 23 22:03:01 web8 sshd\[17852\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.131.242.2	2019-09-24 06:17:51
106.13.36.73	attackspambots	Sep 23 13:35:45 web1 sshd[13511]: Invalid user cinstall from 106.13.36.73 Sep 23 13:35:45 web1 sshd[13511]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.36.73 Sep 23 13:35:47 web1 sshd[13511]: Failed password for invalid user cinstall from 106.13.36.73 port 57646 ssh2 Sep 23 13:35:47 web1 sshd[13511]: Received disconnect from 106.13.36.73: 11: Bye Bye [preauth] Sep 23 13:58:14 web1 sshd[15047]: Invalid user ghostnamelab from 106.13.36.73 Sep 23 13:58:14 web1 sshd[15047]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.36.73 Sep 23 13:58:16 web1 sshd[15047]: Failed password for invalid user ghostnamelab from 106.13.36.73 port 44998 ssh2 Sep 23 13:58:17 web1 sshd[15047]: Received disconnect from 106.13.36.73: 11: Bye Bye [preauth] Sep 23 14:04:09 web1 ss .... truncated .... Sep 23 13:35:45 web1 sshd[13511]: Invalid user cinstall from 106.13.36.73 Sep 23 13:35:45 web1 sshd[........ -------------------------------	2019-09-24 06:43:09
144.217.91.86	attack	$f2bV_matches	2019-09-24 06:22:03
123.59.38.6	attackbotsspam	Sep 24 00:25:44 legacy sshd[4203]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.59.38.6 Sep 24 00:25:46 legacy sshd[4203]: Failed password for invalid user nagios from 123.59.38.6 port 36212 ssh2 Sep 24 00:29:46 legacy sshd[4236]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.59.38.6 ...	2019-09-24 06:42:46
193.32.160.137	attack	Sep 23 23:10:33 webserver postfix/smtpd\[29053\]: NOQUEUE: reject: RCPT from unknown\[193.32.160.137\]: 454 4.7.1 \: Relay access denied\; from=\ to=\ proto=ESMTP helo=\<\[193.32.160.145\]\> Sep 23 23:10:33 webserver postfix/smtpd\[29053\]: NOQUEUE: reject: RCPT from unknown\[193.32.160.137\]: 454 4.7.1 \: Relay access denied\; from=\ to=\ proto=ESMTP helo=\<\[193.32.160.145\]\> Sep 23 23:10:33 webserver postfix/smtpd\[29053\]: NOQUEUE: reject: RCPT from unknown\[193.32.160.137\]: 454 4.7.1 \: Relay access denied\; from=\ to=\ proto=ESMTP helo=\<\[193.32.160.145\]\> Sep 23 23:10:33 webserver postfix/smtpd\[29053\]: NOQUEUE: reject: RCPT from unknown\[193.32.160.137\]: 454 4.7.1 \: Relay access denied\; from=\	2019-09-24 06:26:36
113.160.184.59	attackbotsspam	Chat Spam	2019-09-24 06:44:35
202.83.192.226	attackspambots	firewall-block, port(s): 445/tcp	2019-09-24 06:14:15
94.191.89.180	attack	Sep 24 00:26:16 lnxded64 sshd[4626]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.191.89.180	2019-09-24 06:39:01
157.245.140.255	attack	firewall-block, port(s): 53413/udp	2019-09-24 06:34:00
45.82.32.34	attackspambots	Autoban 45.82.32.34 AUTH/CONNECT	2019-09-24 06:41:07

最近上报的IP列表

87.98.171.226	14.231.87.27	87.197.7.25	193.169.39.254
86.247.169.12	84.118.144.115	77.241.66.92	66.7.149.135
83.99.26.199	54.38.192.96	164.132.42.32	51.38.90.195
174.21.149.122	211.159.152.252	177.144.136.133	94.102.56.252
82.100.63.189	222.122.202.35	162.252.156.95	114.113.144.104