104.248.141.164

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.248.141.235	attack	uvcm 104.248.141.235 [10/Oct/2020:23:55:42 "-" "POST /wp-login.php 200 5119 104.248.141.235 [12/Oct/2020:20:05:26 "-" "GET /wp-login.php 200 2615 104.248.141.235 [12/Oct/2020:20:05:26 "-" "POST /wp-login.php 200 2968	2020-10-13 00:38:25
104.248.141.235	attackbots	(PERMBLOCK) 104.248.141.235 (DE/Germany/wp2.antfx.com) has had more than 4 temp blocks in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_PERMBLOCK_COUNT; Logs:	2020-10-12 16:02:59
104.248.141.235	attackbots	104.248.141.235 - - [08/Oct/2020:21:11:03 +0200] "GET /wp-login.php HTTP/1.1" 200 9184 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.141.235 - - [08/Oct/2020:21:11:04 +0200] "POST /wp-login.php HTTP/1.1" 200 9435 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.141.235 - - [08/Oct/2020:21:11:05 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-10-09 04:06:14
104.248.141.235	attack	CMS (WordPress or Joomla) login attempt.	2020-10-08 20:14:25
104.248.141.235	attackbots	[apache-noscript] Found 104.248.141.235	2020-10-08 12:10:58
104.248.141.235	attack	[apache-noscript] Found 104.248.141.235	2020-10-08 07:31:11
104.248.141.235	attackspambots	104.248.141.235 - - [02/Oct/2020:19:40:21 +0200] "GET /wp-login.php HTTP/1.1" 301 162 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.141.235 - - [02/Oct/2020:19:40:23 +0200] "GET /wp-login.php HTTP/1.1" 404 878 "http://mail.tuxlinux.eu/wp-login.php" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-10-03 06:25:08
104.248.141.235	attack	104.248.141.235 - - [02/Oct/2020:19:40:21 +0200] "GET /wp-login.php HTTP/1.1" 301 162 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.141.235 - - [02/Oct/2020:19:40:23 +0200] "GET /wp-login.php HTTP/1.1" 404 878 "http://mail.tuxlinux.eu/wp-login.php" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-10-03 01:52:46
104.248.141.235	attackbotsspam	104.248.141.235 - - [02/Oct/2020:07:56:20 +0200] "GET /wp-login.php HTTP/1.1" 200 9061 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.141.235 - - [02/Oct/2020:07:56:20 +0200] "POST /wp-login.php HTTP/1.1" 200 9312 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.141.235 - - [02/Oct/2020:07:56:21 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-10-02 22:21:08
104.248.141.235	attack	104.248.141.235 - - [02/Oct/2020:07:56:20 +0200] "GET /wp-login.php HTTP/1.1" 200 9061 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.141.235 - - [02/Oct/2020:07:56:20 +0200] "POST /wp-login.php HTTP/1.1" 200 9312 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.141.235 - - [02/Oct/2020:07:56:21 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-10-02 18:53:28
104.248.141.235	attackbotsspam	104.248.141.235 - - [02/Oct/2020:07:56:20 +0200] "GET /wp-login.php HTTP/1.1" 200 9061 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.141.235 - - [02/Oct/2020:07:56:20 +0200] "POST /wp-login.php HTTP/1.1" 200 9312 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.141.235 - - [02/Oct/2020:07:56:21 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-10-02 15:28:00
104.248.141.235	attackbots	104.248.141.235 - - [29/Sep/2020:20:40:06 +0100] "POST /wp-login.php HTTP/1.1" 200 2426 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.141.235 - - [29/Sep/2020:20:40:06 +0100] "POST /wp-login.php HTTP/1.1" 200 2429 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.141.235 - - [29/Sep/2020:20:40:07 +0100] "POST /wp-login.php HTTP/1.1" 200 2441 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-30 04:27:23
104.248.141.235	attackbotsspam	104.248.141.235 - - [29/Sep/2020:13:23:08 +0200] "POST /wp-login.php HTTP/1.0" 200 4794 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-29 20:35:16
104.248.141.235	attackbots	104.248.141.235 - - [29/Sep/2020:04:30:29 +0100] "POST /wp-login.php HTTP/1.1" 200 2141 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.141.235 - - [29/Sep/2020:04:30:30 +0100] "POST /wp-login.php HTTP/1.1" 200 2173 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.141.235 - - [29/Sep/2020:04:30:30 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-29 12:44:02
104.248.141.235	attackbotsspam	104.248.141.235 - - [22/Sep/2020:06:42:52 +0200] "GET /wp-login.php HTTP/1.1" 200 9061 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.141.235 - - [22/Sep/2020:06:42:53 +0200] "POST /wp-login.php HTTP/1.1" 200 9312 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.141.235 - - [22/Sep/2020:06:42:53 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-22 21:12:59

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.248.141.164
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 47304
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.248.141.164.		IN	A

;; AUTHORITY SECTION:
.			305	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022500 1800 900 604800 86400

;; Query time: 56 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 25 20:23:38 CST 2022
;; MSG SIZE  rcvd: 108

Host info

Host 164.141.248.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 164.141.248.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
27.155.83.174	attackspambots	May 5 15:19:37 saturn sshd[402033]: Invalid user test from 27.155.83.174 port 50488 May 5 15:19:39 saturn sshd[402033]: Failed password for invalid user test from 27.155.83.174 port 50488 ssh2 May 5 15:22:16 saturn sshd[402164]: Invalid user dian from 27.155.83.174 port 46226 ...	2020-05-06 01:37:45
117.92.120.60	attackbots	Honeypot attack, port: 5555, PTR: PTR record not found	2020-05-06 01:32:36
186.179.137.214	attack	2020-05-0511:14:461jVtf3-0003Hz-BO\<=info@whatsup2013.chH=\(localhost\)[14.186.34.51]:57168P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3082id=aa2b9dcec5eec4cc5055e34fa85c766aa8dfb9@whatsup2013.chT="Areyoureallylonely\?"formattcohenca@aol.comfernandope725@gmail.com2020-05-0511:14:361jVtet-0003Gp-S9\<=info@whatsup2013.chH=\(localhost\)[14.177.149.237]:36847P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3084id=826adc8f84af858d1114a20ee91d372b8bc586@whatsup2013.chT="Believeireallylikeyou"forslicknix.04@gmail.comozzyoso4u@gmail.com2020-05-0511:14:261jVteh-0003Cn-Io\<=info@whatsup2013.chH=\(localhost\)[113.172.32.50]:47923P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3066id=ade544171c37e2eec98c3a699d5a505c6f5f1d50@whatsup2013.chT="Angerlherelookingforwings."for450wiped@gmail.combucky_98@hotmail.com2020-05-0511:11:461jVtc9-00031n-OH\<=info@whatsup2013.chH=\(localhost\)[186.179	2020-05-06 01:14:12
165.22.251.121	attack	165.22.251.121 - - \[05/May/2020:17:44:54 +0200\] "POST /wp-login.php HTTP/1.0" 200 6718 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 165.22.251.121 - - \[05/May/2020:17:45:01 +0200\] "POST /wp-login.php HTTP/1.0" 200 6726 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 165.22.251.121 - - \[05/May/2020:17:45:05 +0200\] "POST /wp-login.php HTTP/1.0" 200 6714 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2020-05-06 01:48:24
139.199.36.50	attackspam	5x Failed Password	2020-05-06 01:50:17
200.73.129.85	attackbots	May 5 18:49:33 piServer sshd[21182]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.73.129.85 May 5 18:49:36 piServer sshd[21182]: Failed password for invalid user helpdesk from 200.73.129.85 port 34170 ssh2 May 5 18:54:38 piServer sshd[21543]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.73.129.85 ...	2020-05-06 01:08:16
182.61.175.36	attackbotsspam	May 5 16:20:24 pve1 sshd[12810]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.175.36 May 5 16:20:26 pve1 sshd[12810]: Failed password for invalid user matilde from 182.61.175.36 port 40146 ssh2 ...	2020-05-06 01:45:39
54.37.163.11	attack	May 5 18:39:19 v22019038103785759 sshd\[19520\]: Invalid user cloud from 54.37.163.11 port 36664 May 5 18:39:19 v22019038103785759 sshd\[19520\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.163.11 May 5 18:39:21 v22019038103785759 sshd\[19520\]: Failed password for invalid user cloud from 54.37.163.11 port 36664 ssh2 May 5 18:42:57 v22019038103785759 sshd\[19767\]: Invalid user admin from 54.37.163.11 port 46400 May 5 18:42:57 v22019038103785759 sshd\[19767\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.163.11 ...	2020-05-06 01:39:59
123.207.8.86	attackbots	May 5 19:42:05 legacy sshd[2733]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.8.86 May 5 19:42:07 legacy sshd[2733]: Failed password for invalid user etri from 123.207.8.86 port 53424 ssh2 May 5 19:43:16 legacy sshd[2788]: Failed password for root from 123.207.8.86 port 37040 ssh2 ...	2020-05-06 01:49:04
202.29.52.49	attackbots	2020-05-05T09:14:21.876572shield sshd\[4481\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.29.52.49 user=root 2020-05-05T09:14:24.242959shield sshd\[4481\]: Failed password for root from 202.29.52.49 port 60788 ssh2 2020-05-05T09:14:26.603742shield sshd\[4507\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.29.52.49 user=root 2020-05-05T09:14:28.322857shield sshd\[4507\]: Failed password for root from 202.29.52.49 port 32890 ssh2 2020-05-05T09:14:30.730372shield sshd\[4546\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.29.52.49 user=root	2020-05-06 01:36:02
122.51.243.78	attackbots	(sshd) Failed SSH login from 122.51.243.78 (CN/China/-): 5 in the last 3600 secs	2020-05-06 01:42:09
89.204.138.74	attack	Chat Spam	2020-05-06 01:09:52
106.222.73.244	attackbots	Honeypot attack, port: 445, PTR: PTR record not found	2020-05-06 01:35:38
185.151.242.185	attackbotsspam	srv02 Mass scanning activity detected Target: 6666 ..	2020-05-06 01:48:02
175.184.164.113	attack	Scanning	2020-05-06 01:31:40

Recently Reported IPs

101.109.59.146	104.248.141.211	104.248.14.87	104.248.142.102
104.248.14.241	104.248.141.49	104.248.141.226	104.248.141.92
104.248.142.156	104.248.142.172	104.248.142.165	104.248.142.152
101.109.59.149	104.248.142.241	104.248.142.178	104.248.143.13
104.248.144.235	104.248.144.52	104.248.145.100	104.248.145.161