104.248.115.214

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.248.115.254	attackbotsspam	104.248.115.254 - - [24/Jun/2020:13:08:03 +0100] "POST /wp-login.php HTTP/1.1" 200 2046 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.115.254 - - [24/Jun/2020:13:08:07 +0100] "POST /wp-login.php HTTP/1.1" 200 2040 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.115.254 - - [24/Jun/2020:13:08:12 +0100] "POST /wp-login.php HTTP/1.1" 200 2037 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-06-24 22:05:14
104.248.115.254	attack	timhelmke.de 104.248.115.254 [16/May/2020:23:26:45 +0200] "POST /wp-login.php HTTP/1.1" 200 5987 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" timhelmke.de 104.248.115.254 [16/May/2020:23:26:48 +0200] "POST /wp-login.php HTTP/1.1" 200 5941 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-05-23 06:28:11
104.248.115.231	attack	IP attempted unauthorised action	2019-11-12 01:10:46
104.248.115.231	attackspam	2019-11-05T14:41:17.380815abusebot.cloudsearch.cf sshd\[4884\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.115.231 user=root	2019-11-05 23:29:41
104.248.115.231	attackbotsspam	Oct 27 10:09:51 ncomp sshd[5359]: Invalid user zimbra from 104.248.115.231 Oct 27 10:09:51 ncomp sshd[5359]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.115.231 Oct 27 10:09:51 ncomp sshd[5359]: Invalid user zimbra from 104.248.115.231 Oct 27 10:09:52 ncomp sshd[5359]: Failed password for invalid user zimbra from 104.248.115.231 port 49030 ssh2	2019-10-27 17:21:51
104.248.115.231	attack	Invalid user usuario from 104.248.115.231 port 58726	2019-10-25 02:56:28
104.248.115.231	attackspam	SSH Brute-Force reported by Fail2Ban	2019-10-22 15:06:55
104.248.115.231	attackbotsspam	Oct 21 14:28:49 localhost sshd\[24454\]: Invalid user usuario from 104.248.115.231 port 41512 Oct 21 14:28:49 localhost sshd\[24454\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.115.231 Oct 21 14:28:51 localhost sshd\[24454\]: Failed password for invalid user usuario from 104.248.115.231 port 41512 ssh2	2019-10-21 22:07:14
104.248.115.231	attackbotsspam	" "	2019-10-17 02:49:08
104.248.115.231	attack	Oct 16 07:21:24 * sshd[29010]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.115.231 Oct 16 07:21:26 * sshd[29010]: Failed password for invalid user jboss from 104.248.115.231 port 38560 ssh2	2019-10-16 13:59:16
104.248.115.231	attack	Oct 15 09:43:54 vps01 sshd[8044]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.115.231 Oct 15 09:43:57 vps01 sshd[8044]: Failed password for invalid user admin from 104.248.115.231 port 38620 ssh2	2019-10-15 16:46:11
104.248.115.231	attackspam	Invalid user oracle from 104.248.115.231 port 43558	2019-10-11 21:19:42
104.248.115.231	attackspam	Oct 10 20:11:45 thevastnessof sshd[20890]: Failed password for root from 104.248.115.231 port 53192 ssh2 ...	2019-10-11 04:25:56
104.248.115.231	attack	Invalid user test from 104.248.115.231 port 46080	2019-10-11 03:26:29
104.248.115.231	attackspam	Oct 8 19:42:53 arianus sshd\[15019\]: Unable to negotiate with 104.248.115.231 port 44406: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 \[preauth\] ...	2019-10-09 02:19:18

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.248.115.214
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 12718
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.248.115.214.		IN	A

;; AUTHORITY SECTION:
.			293	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022701 1800 900 604800 86400

;; Query time: 39 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 28 14:08:07 CST 2022
;; MSG SIZE  rcvd: 108

Host info

Host 214.115.248.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 214.115.248.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
106.12.187.146	attackspambots	Nov 9 00:20:33 [host] sshd[25576]: Invalid user admin from 106.12.187.146 Nov 9 00:20:33 [host] sshd[25576]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.187.146 Nov 9 00:20:35 [host] sshd[25576]: Failed password for invalid user admin from 106.12.187.146 port 28168 ssh2	2019-11-09 08:09:47
111.253.2.21	attackspam	Telnet Server BruteForce Attack	2019-11-09 07:32:36
46.38.144.32	attackbots	2019-11-09T00:40:23.345430mail01 postfix/smtpd[12302]: warning: unknown[46.38.144.32]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-11-09T00:40:31.316572mail01 postfix/smtpd[32744]: warning: unknown[46.38.144.32]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-11-09T00:40:46.294301mail01 postfix/smtpd[32740]: warning: unknown[46.38.144.32]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-11-09 07:43:12
190.152.3.106	attack	Configuration snooping (/cgi-bin/ViewLog.asp): "POST 127.0.0.1:80/cgi-bin/ViewLog.asp"	2019-11-09 07:56:22
88.99.95.219	attackbotsspam	SSH invalid-user multiple login try	2019-11-09 08:03:43
46.105.29.160	attackbotsspam	Nov 8 22:34:47 *** sshd[18138]: User root from 46.105.29.160 not allowed because not listed in AllowUsers	2019-11-09 08:05:14
51.68.220.249	attackspam	Nov 9 00:13:26 mout sshd[22514]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.220.249 user=root Nov 9 00:13:28 mout sshd[22514]: Failed password for root from 51.68.220.249 port 34550 ssh2	2019-11-09 07:33:55
151.80.173.36	attackbotsspam	Nov 8 23:46:01 venus sshd\[25218\]: Invalid user user1 from 151.80.173.36 port 40713 Nov 8 23:46:01 venus sshd\[25218\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=151.80.173.36 Nov 8 23:46:04 venus sshd\[25218\]: Failed password for invalid user user1 from 151.80.173.36 port 40713 ssh2 ...	2019-11-09 07:52:51
222.186.175.215	attackspambots	SSH invalid-user multiple login attempts	2019-11-09 07:52:13
106.13.6.116	attack	pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.6.116 user=root Failed password for root from 106.13.6.116 port 58948 ssh2 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.6.116 user=root Failed password for root from 106.13.6.116 port 57876 ssh2 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.6.116 user=root	2019-11-09 07:45:55
15.164.210.57	attackspambots	Nov 9 00:31:43 dedicated sshd[31871]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=15.164.210.57 user=root Nov 9 00:31:45 dedicated sshd[31871]: Failed password for root from 15.164.210.57 port 59288 ssh2	2019-11-09 07:49:47
139.155.45.196	attack	Nov 9 00:02:43 eventyay sshd[32467]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.45.196 Nov 9 00:02:46 eventyay sshd[32467]: Failed password for invalid user nbalbi from 139.155.45.196 port 59318 ssh2 Nov 9 00:06:44 eventyay sshd[32490]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.45.196 ...	2019-11-09 07:47:14
34.68.136.212	attackbots	F2B jail: sshd. Time: 2019-11-09 00:52:04, Reported by: VKReport	2019-11-09 07:58:07
91.242.162.51	attackbotsspam	Unauthorized access detected from banned ip	2019-11-09 07:48:52
89.248.168.217	attack	11/09/2019-00:20:53.758741 89.248.168.217 Protocol: 17 ET DROP Dshield Block Listed Source group 1	2019-11-09 08:03:16

Recently Reported IPs

104.248.115.132	104.248.115.149	104.248.115.232	104.248.115.216
104.248.115.207	171.20.74.1	104.248.115.226	105.213.76.218
105.213.76.225	104.248.133.32	104.248.133.129	104.248.134.7
104.248.132.46	104.248.132.26	105.213.76.226	252.19.69.141
104.248.132.248	104.248.131.44	104.248.136.49	104.248.138.8