104.168.148.166

Basic Info

City: unknown

Region: unknown

Country: None

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.168.148.42	attackspambots	Lines containing failures of 104.168.148.42 Apr 19 08:13:27 UTC__SANYALnet-Labs__cac12 sshd[19340]: Connection from 104.168.148.42 port 48714 on 45.62.253.138 port 22 Apr 19 08:13:28 UTC__SANYALnet-Labs__cac12 sshd[19340]: Invalid user ch from 104.168.148.42 port 48714 Apr 19 08:13:30 UTC__SANYALnet-Labs__cac12 sshd[19340]: Failed password for invalid user ch from 104.168.148.42 port 48714 ssh2 Apr 19 08:13:30 UTC__SANYALnet-Labs__cac12 sshd[19340]: Received disconnect from 104.168.148.42 port 48714:11: Bye Bye [preauth] Apr 19 08:13:30 UTC__SANYALnet-Labs__cac12 sshd[19340]: Disconnected from 104.168.148.42 port 48714 [preauth] Apr 19 08:24:40 UTC__SANYALnet-Labs__cac12 sshd[19617]: Connection from 104.168.148.42 port 49250 on 45.62.253.138 port 22 Apr 19 08:24:44 UTC__SANYALnet-Labs__cac12 sshd[19617]: Failed password for invalid user r.r from 104.168.148.42 port 49250 ssh2 Apr 19 08:24:44 UTC__SANYALnet-Labs__cac12 sshd[19617]: Received disconnect from 104.168.148.42 ........ ------------------------------	2020-04-19 20:48:20
104.168.148.189	attackbots	Fail2Ban Ban Triggered	2020-03-05 15:39:20

Type

Details

Datetime

104.168.148.42

attackspambots

Lines containing failures of 104.168.148.42
Apr 19 08:13:27 UTC__SANYALnet-Labs__cac12 sshd[19340]: Connection from 104.168.148.42 port 48714 on 45.62.253.138 port 22
Apr 19 08:13:28 UTC__SANYALnet-Labs__cac12 sshd[19340]: Invalid user ch from 104.168.148.42 port 48714
Apr 19 08:13:30 UTC__SANYALnet-Labs__cac12 sshd[19340]: Failed password for invalid user ch from 104.168.148.42 port 48714 ssh2
Apr 19 08:13:30 UTC__SANYALnet-Labs__cac12 sshd[19340]: Received disconnect from 104.168.148.42 port 48714:11: Bye Bye [preauth]
Apr 19 08:13:30 UTC__SANYALnet-Labs__cac12 sshd[19340]: Disconnected from 104.168.148.42 port 48714 [preauth]
Apr 19 08:24:40 UTC__SANYALnet-Labs__cac12 sshd[19617]: Connection from 104.168.148.42 port 49250 on 45.62.253.138 port 22
Apr 19 08:24:44 UTC__SANYALnet-Labs__cac12 sshd[19617]: Failed password for invalid user r.r from 104.168.148.42 port 49250 ssh2
Apr 19 08:24:44 UTC__SANYALnet-Labs__cac12 sshd[19617]: Received disconnect from 104.168.148.42 ........
------------------------------

2020-04-19 20:48:20

104.168.148.189

attackbots

Fail2Ban Ban Triggered

2020-03-05 15:39:20

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.168.148.166
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32758
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.168.148.166.		IN	A

;; AUTHORITY SECTION:
.			478	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022030501 1800 900 604800 86400

;; Query time: 69 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Mar 06 10:18:33 CST 2022
;; MSG SIZE  rcvd: 108

Host info

166.148.168.104.in-addr.arpa domain name pointer hwsrv-711274.hostwindsdns.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
166.148.168.104.in-addr.arpa	name = hwsrv-711274.hostwindsdns.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
157.230.163.6	attackbotsspam	F2B jail: sshd. Time: 2019-11-29 09:03:50, Reported by: VKReport	2019-11-29 16:12:50
222.216.222.170	attackbots	[FriNov2907:27:59.1534132019][:error][pid5670:tid47933129930496][client222.216.222.170:5788][client222.216.222.170]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch"/wp-config.php"atREQUEST_FILENAME.[file"/etc/apache2/conf.d/modsec_rules/99_asl_jitp.conf"][line"3503"][id"381206"][rev"1"][msg"Atomicorp.comWAFRules-VirtualJustInTimePatch:AccesstoWordPressconfigurationfileblocked"][data"/wp-config.php"][severity"CRITICAL"][hostname"www.ilgiornaledelticino.ch"][uri"/wp-config.php.php"][unique_id"XeC6b1j0tPQ3RgHhjFmAhQAAAAY"][FriNov2907:28:00.0291582019][:error][pid5692:tid47933150942976][client222.216.222.170:5789][client222.216.222.170]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch"/wp-config.php"atREQUEST_FILENAME.[file"/etc/apache2/conf.d/modsec_rules/99_asl_jitp.conf"][line"3503"][id"381206"][rev"1"][msg"Atomicorp.comWAFRules-VirtualJustInTimePatch:AccesstoWordPressconfigurationfileblocked"][data"/wp-config.php"][severity"CRITICAL"][hostname"ilgiorna	2019-11-29 16:04:50
213.157.48.133	attackbots	Nov 29 07:27:57 vpn01 sshd[27411]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.157.48.133 Nov 29 07:27:59 vpn01 sshd[27411]: Failed password for invalid user ellermann from 213.157.48.133 port 59470 ssh2 ...	2019-11-29 16:16:56
138.36.204.234	attackspambots	Nov 29 08:13:38 OPSO sshd\[27857\]: Invalid user papiers from 138.36.204.234 port 53285 Nov 29 08:13:38 OPSO sshd\[27857\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.36.204.234 Nov 29 08:13:40 OPSO sshd\[27857\]: Failed password for invalid user papiers from 138.36.204.234 port 53285 ssh2 Nov 29 08:17:45 OPSO sshd\[28558\]: Invalid user couwenbergh from 138.36.204.234 port 15384 Nov 29 08:17:45 OPSO sshd\[28558\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.36.204.234	2019-11-29 15:58:06
195.9.32.22	attackbotsspam	2019-11-29T07:35:44.328757abusebot-8.cloudsearch.cf sshd\[14706\]: Invalid user bentivegna from 195.9.32.22 port 38447	2019-11-29 16:01:16
148.70.116.223	attack	Nov 29 02:49:08 ny01 sshd[14184]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.116.223 Nov 29 02:49:10 ny01 sshd[14184]: Failed password for invalid user jonatas from 148.70.116.223 port 39975 ssh2 Nov 29 02:53:10 ny01 sshd[14594]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.116.223	2019-11-29 15:54:21
144.217.163.139	attack	2019-11-29T01:23:17.179813ns547587 sshd\[14594\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.ip-144-217-163.net user=nobody 2019-11-29T01:23:19.143629ns547587 sshd\[14594\]: Failed password for nobody from 144.217.163.139 port 50946 ssh2 2019-11-29T01:28:27.321152ns547587 sshd\[16506\]: Invalid user art from 144.217.163.139 port 44330 2019-11-29T01:28:27.324312ns547587 sshd\[16506\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.ip-144-217-163.net ...	2019-11-29 15:59:34
69.70.67.146	attackspam	F2B jail: sshd. Time: 2019-11-29 08:58:56, Reported by: VKReport	2019-11-29 16:02:42
188.131.228.31	attack	Nov 29 08:23:13 ncomp sshd[23856]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.131.228.31 user=root Nov 29 08:23:16 ncomp sshd[23856]: Failed password for root from 188.131.228.31 port 50042 ssh2 Nov 29 08:28:48 ncomp sshd[23941]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.131.228.31 user=root Nov 29 08:28:50 ncomp sshd[23941]: Failed password for root from 188.131.228.31 port 35272 ssh2	2019-11-29 15:47:48
196.179.234.98	attackspam	Nov 28 21:44:59 hanapaa sshd\[27764\]: Invalid user hwwudi from 196.179.234.98 Nov 28 21:44:59 hanapaa sshd\[27764\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.179.234.98 Nov 28 21:45:01 hanapaa sshd\[27764\]: Failed password for invalid user hwwudi from 196.179.234.98 port 60662 ssh2 Nov 28 21:48:28 hanapaa sshd\[28026\]: Invalid user Password01 from 196.179.234.98 Nov 28 21:48:28 hanapaa sshd\[28026\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.179.234.98	2019-11-29 16:06:44
59.63.169.50	attack	Nov 29 07:47:05 zeus sshd[10182]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.63.169.50 Nov 29 07:47:07 zeus sshd[10182]: Failed password for invalid user jemmie from 59.63.169.50 port 52156 ssh2 Nov 29 07:51:41 zeus sshd[10254]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.63.169.50 Nov 29 07:51:44 zeus sshd[10254]: Failed password for invalid user 123456 from 59.63.169.50 port 33266 ssh2	2019-11-29 15:53:32
175.139.243.82	attackspambots	Invalid user morishima from 175.139.243.82 port 16480	2019-11-29 16:11:11
82.78.15.226	attackbots	Telnet Server BruteForce Attack	2019-11-29 15:38:33
118.24.114.205	attackspambots	Nov 28 21:33:26 tdfoods sshd\[16106\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.114.205 user=root Nov 28 21:33:28 tdfoods sshd\[16106\]: Failed password for root from 118.24.114.205 port 55854 ssh2 Nov 28 21:39:06 tdfoods sshd\[16586\]: Invalid user lohrmann from 118.24.114.205 Nov 28 21:39:06 tdfoods sshd\[16586\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.114.205 Nov 28 21:39:08 tdfoods sshd\[16586\]: Failed password for invalid user lohrmann from 118.24.114.205 port 58094 ssh2	2019-11-29 15:46:31
159.65.96.228	attack	Nov 29 08:25:27 server sshd\[19428\]: Invalid user 1234567 from 159.65.96.228 port 38252 Nov 29 08:25:27 server sshd\[19428\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.96.228 Nov 29 08:25:30 server sshd\[19428\]: Failed password for invalid user 1234567 from 159.65.96.228 port 38252 ssh2 Nov 29 08:28:41 server sshd\[27512\]: Invalid user odam from 159.65.96.228 port 46286 Nov 29 08:28:41 server sshd\[27512\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.96.228	2019-11-29 15:51:39

Recently Reported IPs

104.168.147.103	104.168.155.147	104.168.157.111	104.168.160.57
112.250.210.1	104.168.139.233	104.168.154.174	104.168.144.242
112.250.210.102	112.250.210.104	104.17.193.58	104.17.19.93
104.17.157.74	112.250.210.108	104.17.194.2	104.17.152.42
112.250.210.110	104.17.71.66	104.17.69.66	104.17.83.21