104.248.157.14

基本信息:

城市(city): Singapore

省份(region): Central Singapore Community Development Council

国家(country): Singapore

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): DigitalOcean, LLC

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Sep 26 20:02:00 tdfoods sshd\[28959\]: Invalid user autocad from 104.248.157.14 Sep 26 20:02:00 tdfoods sshd\[28959\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.157.14 Sep 26 20:02:02 tdfoods sshd\[28959\]: Failed password for invalid user autocad from 104.248.157.14 port 44764 ssh2 Sep 26 20:07:03 tdfoods sshd\[29343\]: Invalid user hdduser from 104.248.157.14 Sep 26 20:07:03 tdfoods sshd\[29343\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.157.14	2019-09-27 14:14:40
attack	2019-09-14T08:35:27.493417abusebot-2.cloudsearch.cf sshd\[11970\]: Invalid user xue from 104.248.157.14 port 44372	2019-09-14 16:55:35
attack	Aug 31 14:14:04 eddieflores sshd\[2898\]: Invalid user weblogic from 104.248.157.14 Aug 31 14:14:04 eddieflores sshd\[2898\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.157.14 Aug 31 14:14:06 eddieflores sshd\[2898\]: Failed password for invalid user weblogic from 104.248.157.14 port 56518 ssh2 Aug 31 14:18:47 eddieflores sshd\[3292\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.157.14 user=root Aug 31 14:18:49 eddieflores sshd\[3292\]: Failed password for root from 104.248.157.14 port 44610 ssh2	2019-09-01 08:32:10
attack	2019-08-29T09:57:58.837452abusebot.cloudsearch.cf sshd\[31640\]: Invalid user student from 104.248.157.14 port 42378	2019-08-29 22:35:45
attackspam	Aug 27 00:55:55 tdfoods sshd\[18527\]: Invalid user ya from 104.248.157.14 Aug 27 00:55:55 tdfoods sshd\[18527\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.157.14 Aug 27 00:55:57 tdfoods sshd\[18527\]: Failed password for invalid user ya from 104.248.157.14 port 58666 ssh2 Aug 27 01:00:37 tdfoods sshd\[18961\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.157.14 user=root Aug 27 01:00:39 tdfoods sshd\[18961\]: Failed password for root from 104.248.157.14 port 46598 ssh2	2019-08-28 01:42:09
attackspam	Aug 27 01:43:08 rpi sshd[8347]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.157.14 Aug 27 01:43:09 rpi sshd[8347]: Failed password for invalid user sruser from 104.248.157.14 port 49170 ssh2	2019-08-27 07:49:31
attackspambots	Aug 26 07:21:23 vps200512 sshd\[27814\]: Invalid user rosica from 104.248.157.14 Aug 26 07:21:23 vps200512 sshd\[27814\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.157.14 Aug 26 07:21:25 vps200512 sshd\[27814\]: Failed password for invalid user rosica from 104.248.157.14 port 43812 ssh2 Aug 26 07:25:55 vps200512 sshd\[27849\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.157.14 user=root Aug 26 07:25:57 vps200512 sshd\[27849\]: Failed password for root from 104.248.157.14 port 58726 ssh2	2019-08-26 19:37:42
attack	Aug 14 01:55:33 itv-usvr-01 sshd[14012]: Invalid user walesca from 104.248.157.14 Aug 14 01:55:33 itv-usvr-01 sshd[14012]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.157.14 Aug 14 01:55:33 itv-usvr-01 sshd[14012]: Invalid user walesca from 104.248.157.14 Aug 14 01:55:35 itv-usvr-01 sshd[14012]: Failed password for invalid user walesca from 104.248.157.14 port 41770 ssh2 Aug 14 02:02:18 itv-usvr-01 sshd[14276]: Invalid user ag from 104.248.157.14	2019-08-14 04:54:44
attack	Aug 12 04:46:55 MK-Soft-Root2 sshd\[9061\]: Invalid user pollo from 104.248.157.14 port 50850 Aug 12 04:46:55 MK-Soft-Root2 sshd\[9061\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.157.14 Aug 12 04:46:58 MK-Soft-Root2 sshd\[9061\]: Failed password for invalid user pollo from 104.248.157.14 port 50850 ssh2 ...	2019-08-12 11:25:54
attackspam	2019-08-05T06:34:01.423219abusebot-3.cloudsearch.cf sshd\[8559\]: Invalid user st from 104.248.157.14 port 45242	2019-08-05 16:42:33
attackspambots	Jul 23 11:06:26 MainVPS sshd[23307]: Invalid user cassandra from 104.248.157.14 port 53144 Jul 23 11:06:26 MainVPS sshd[23307]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.157.14 Jul 23 11:06:26 MainVPS sshd[23307]: Invalid user cassandra from 104.248.157.14 port 53144 Jul 23 11:06:28 MainVPS sshd[23307]: Failed password for invalid user cassandra from 104.248.157.14 port 53144 ssh2 Jul 23 11:11:41 MainVPS sshd[23756]: Invalid user exploit from 104.248.157.14 port 49022 ...	2019-07-24 01:21:03
attack	Jul 18 11:25:25 mail sshd\[718\]: Invalid user ec2-user from 104.248.157.14 port 57954 Jul 18 11:25:25 mail sshd\[718\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.157.14 Jul 18 11:25:27 mail sshd\[718\]: Failed password for invalid user ec2-user from 104.248.157.14 port 57954 ssh2 Jul 18 11:30:52 mail sshd\[818\]: Invalid user admin from 104.248.157.14 port 54860 Jul 18 11:30:52 mail sshd\[818\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.157.14 ...	2019-07-18 19:39:49
attackbotsspam	Jul 18 03:23:35 mail sshd\[26879\]: Invalid user hen from 104.248.157.14 port 46534 Jul 18 03:23:35 mail sshd\[26879\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.157.14 Jul 18 03:23:37 mail sshd\[26879\]: Failed password for invalid user hen from 104.248.157.14 port 46534 ssh2 Jul 18 03:29:02 mail sshd\[26928\]: Invalid user user from 104.248.157.14 port 43436 Jul 18 03:29:02 mail sshd\[26928\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.157.14 ...	2019-07-18 11:35:03

相同子网IP讨论:

IP	类型	评论内容	时间
104.248.157.92	attack	Unauthorized connection attempt from IP address 104.248.157.92 on port 3389	2020-08-27 07:17:24
104.248.157.207	attackbotsspam	Invalid user test from 104.248.157.207 port 59114	2020-08-26 15:48:30
104.248.157.207	attackbots	Aug 25 06:59:17 PorscheCustomer sshd[16742]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.157.207 Aug 25 06:59:19 PorscheCustomer sshd[16742]: Failed password for invalid user andi from 104.248.157.207 port 48074 ssh2 Aug 25 07:03:48 PorscheCustomer sshd[16804]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.157.207 ...	2020-08-25 15:57:21
104.248.157.207	attack	20 attempts against mh-ssh on cloud	2020-08-23 06:36:53
104.248.157.118	attackbots	Aug 6 15:25:08 debian-2gb-nbg1-2 kernel: \[18978763.950285\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=104.248.157.118 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x40 TTL=242 ID=18267 PROTO=TCP SPT=58985 DPT=2693 WINDOW=1024 RES=0x00 SYN URGP=0	2020-08-06 23:14:03
104.248.157.118	attackbots	scans once in preceeding hours on the ports (in chronological order) 30651 resulting in total of 6 scans from 104.248.0.0/16 block.	2020-08-05 22:32:48
104.248.157.118	attack	Fail2Ban Ban Triggered	2020-07-17 12:41:52
104.248.157.118	attackspambots	TCP port : 9081	2020-06-26 21:24:59
104.248.157.118	attack	21580/tcp 25256/tcp 31693/tcp... [2020-04-22/06-22]182pkt,63pt.(tcp)	2020-06-23 18:38:13
104.248.157.118	attackspam	TCP (SYN) 104.248.157.118:56517 -> port 21580, len 44	2020-06-23 04:30:13
104.248.157.60	attack	2020-06-14T02:08:34.483278hz01.yumiweb.com sshd\[15483\]: Invalid user oracle from 104.248.157.60 port 56164 2020-06-14T02:08:54.774017hz01.yumiweb.com sshd\[15485\]: Invalid user hadoop from 104.248.157.60 port 58424 2020-06-14T02:09:14.577470hz01.yumiweb.com sshd\[15487\]: Invalid user hadoop from 104.248.157.60 port 60684 ...	2020-06-14 08:11:43
104.248.157.118	attack	firewall-block, port(s): 29533/tcp	2020-06-13 01:42:08
104.248.157.60	attack	[MK-Root1] SSH login failed	2020-06-04 06:15:03
104.248.157.118	attackbotsspam	May 23 22:14:25 debian-2gb-nbg1-2 kernel: \[12523676.581759\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=104.248.157.118 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x40 TTL=242 ID=38554 PROTO=TCP SPT=44296 DPT=24925 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-24 05:54:13
104.248.157.118	attack	May 8 14:12:48 debian-2gb-nbg1-2 kernel: \[11198849.577578\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=104.248.157.118 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x40 TTL=242 ID=18259 PROTO=TCP SPT=46298 DPT=30522 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-08 23:59:53

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.248.157.14
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 25929
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.248.157.14.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040500 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Fri Apr 05 19:33:11 +08 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 14.157.248.104.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 14.157.248.104.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
112.120.72.193	attackbotsspam	Aug 3 23:50:15 r.ca sshd[4160]: Failed password for admin from 112.120.72.193 port 46499 ssh2	2020-08-04 15:47:36
174.219.8.151	attackbotsspam	Brute forcing email accounts	2020-08-04 15:59:00
45.141.84.219	attack	[MK-VM1] Blocked by UFW	2020-08-04 16:04:59
8.211.45.4	attackspambots	Aug 4 08:37:16 marvibiene sshd[11844]: Failed password for root from 8.211.45.4 port 38728 ssh2	2020-08-04 16:04:30
142.93.60.53	attack	$f2bV_matches	2020-08-04 15:43:37
2604:2000:1343:8cb7:f007:9f79:bb4e:bed5	attackbots	Fail2Ban Ban Triggered	2020-08-04 16:04:00
183.12.243.253	attackbotsspam	Aug 4 05:43:02 mail.srvfarm.net postfix/smtpd[1212710]: NOQUEUE: reject: RCPT from unknown[183.12.243.253]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=SMTP helo= Aug 4 05:43:02 mail.srvfarm.net postfix/smtpd[1212710]: lost connection after RCPT from unknown[183.12.243.253] Aug 4 05:43:06 mail.srvfarm.net postfix/smtpd[1212444]: NOQUEUE: reject: RCPT from unknown[183.12.243.253]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=SMTP helo= Aug 4 05:43:06 mail.srvfarm.net postfix/smtpd[1212444]: lost connection after RCPT from unknown[183.12.243.253] Aug 4 05:43:12 mail.srvfarm.net postfix/smtpd[1214321]: NOQUEUE: reject: RCPT from unknown[183.12.243.253]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=SMTP helo=	2020-08-04 16:07:54
185.16.37.135	attackbotsspam	$f2bV_matches	2020-08-04 15:56:37
103.226.250.28	attackspambots	103.226.250.28 - - [04/Aug/2020:08:15:37 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 103.226.250.28 - - [04/Aug/2020:08:32:06 +0100] "POST /wp-login.php HTTP/1.1" 200 1836 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 103.226.250.28 - - [04/Aug/2020:08:32:07 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-04 16:00:15
91.139.196.141	attackbots	2020-08-04T10:48:04.448614snf-827550 sshd[21476]: Failed password for root from 91.139.196.141 port 48777 ssh2 2020-08-04T10:52:00.759120snf-827550 sshd[21512]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91-139-196-141.plvd.ddns.bulsat.com user=root 2020-08-04T10:52:03.066093snf-827550 sshd[21512]: Failed password for root from 91.139.196.141 port 54435 ssh2 ...	2020-08-04 16:00:39
103.80.36.34	attack	Aug 4 02:05:46 firewall sshd[2814]: Failed password for root from 103.80.36.34 port 34082 ssh2 Aug 4 02:10:25 firewall sshd[4906]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.80.36.34 user=root Aug 4 02:10:26 firewall sshd[4906]: Failed password for root from 103.80.36.34 port 46880 ssh2 ...	2020-08-04 15:28:06
112.85.42.189	attackbotsspam	2020-08-04T10:29:39.241131lavrinenko.info sshd[5765]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.189 user=root 2020-08-04T10:29:41.110600lavrinenko.info sshd[5765]: Failed password for root from 112.85.42.189 port 33221 ssh2 2020-08-04T10:29:39.241131lavrinenko.info sshd[5765]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.189 user=root 2020-08-04T10:29:41.110600lavrinenko.info sshd[5765]: Failed password for root from 112.85.42.189 port 33221 ssh2 2020-08-04T10:29:43.047715lavrinenko.info sshd[5765]: Failed password for root from 112.85.42.189 port 33221 ssh2 ...	2020-08-04 15:41:52
46.14.173.2	attack	Aug 4 03:38:52 ny01 sshd[9440]: Failed password for root from 46.14.173.2 port 41295 ssh2 Aug 4 03:41:53 ny01 sshd[9761]: Failed password for root from 46.14.173.2 port 38465 ssh2	2020-08-04 15:53:48
196.52.43.115	attack	Unauthorized connection attempt detected from IP address 196.52.43.115 to port 8531	2020-08-04 15:52:00
62.33.241.37	attackbots	Aug 4 05:53:49 debian-2gb-nbg1-2 kernel: \[18771697.504638\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=62.33.241.37 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=53 ID=58705 PROTO=TCP SPT=65535 DPT=23 WINDOW=49351 RES=0x00 SYN URGP=0	2020-08-04 15:51:25

最近上报的IP列表

105.110.53.43	84.93.153.9	17.253.67.208	14.239.2.186
202.72.242.138	182.254.135.14	154.118.126.166	62.28.75.191
198.108.67.83	90.151.94.235	58.33.104.50	202.79.4.52
184.7.130.216	121.54.174.195	67.205.177.0	190.117.201.2
58.182.42.96	198.211.110.97	186.235.86.120	74.82.47.29