104.248.166.1 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: None

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.248.166.221	attackspam	20 attempts against mh-ssh on boat	2020-06-27 17:08:09
104.248.166.61	attackspam	This IP is associated with RDP abuse. It was found in a paste by https://twitter.com/RdpSnitch - https://pastebin.com/4Ddmuksx For more information, or to report interesting/incorrect findings, contact us - bot@tines.io	2020-04-26 21:48:53
104.248.166.70	attackspambots	104.248.166.70 - - [02/Jul/2019:16:05:55 +0200] "GET /wp-login.php HTTP/1.1" 200 4404 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.166.70 - - [02/Jul/2019:16:05:56 +0200] "POST /wp-login.php HTTP/1.1" 200 4404 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.166.70 - - [02/Jul/2019:16:05:56 +0200] "GET /wp-login.php HTTP/1.1" 200 4404 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.166.70 - - [02/Jul/2019:16:05:56 +0200] "POST /wp-login.php HTTP/1.1" 200 4404 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.166.70 - - [02/Jul/2019:16:05:56 +0200] "GET /wp-login.php HTTP/1.1" 200 4404 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.166.70 - - [02/Jul/2019:16:05:57 +0200] "POST /wp-login.php HTTP/1.1" 200 4404 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-07-02 22:24:35

Type

Details

Datetime

104.248.166.221

attackspam

20 attempts against mh-ssh on boat

2020-06-27 17:08:09

104.248.166.61

attackspam

This IP is associated with RDP abuse. It was found in a paste by https://twitter.com/RdpSnitch - https://pastebin.com/4Ddmuksx  
For more information, or to report interesting/incorrect findings, contact us - bot@tines.io

2020-04-26 21:48:53

104.248.166.70

attackspambots

104.248.166.70 - - [02/Jul/2019:16:05:55 +0200] "GET /wp-login.php HTTP/1.1" 200 4404 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
104.248.166.70 - - [02/Jul/2019:16:05:56 +0200] "POST /wp-login.php HTTP/1.1" 200 4404 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
104.248.166.70 - - [02/Jul/2019:16:05:56 +0200] "GET /wp-login.php HTTP/1.1" 200 4404 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
104.248.166.70 - - [02/Jul/2019:16:05:56 +0200] "POST /wp-login.php HTTP/1.1" 200 4404 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
104.248.166.70 - - [02/Jul/2019:16:05:56 +0200] "GET /wp-login.php HTTP/1.1" 200 4404 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
104.248.166.70 - - [02/Jul/2019:16:05:57 +0200] "POST /wp-login.php HTTP/1.1" 200 4404 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
...

2019-07-02 22:24:35

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.248.166.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 30821
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.248.166.1.			IN	A

;; AUTHORITY SECTION:
.			146	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022031701 1800 900 604800 86400

;; Query time: 28 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Mar 18 07:36:34 CST 2022
;; MSG SIZE  rcvd: 106

Host info

Host 1.166.248.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 1.166.248.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
146.66.244.118	attackspam	Automatic report - Port Scan Attack	2019-07-26 22:50:08
85.70.179.251	attackspambots	Automatic report - Port Scan Attack	2019-07-26 22:16:22
200.70.56.204	attack	Jul 26 16:23:51 meumeu sshd[10328]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.70.56.204 Jul 26 16:23:53 meumeu sshd[10328]: Failed password for invalid user francois from 200.70.56.204 port 41894 ssh2 Jul 26 16:30:08 meumeu sshd[11429]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.70.56.204 ...	2019-07-26 22:48:40
106.75.240.46	attack	2019-07-26T13:43:59.379518abusebot-6.cloudsearch.cf sshd\[22677\]: Invalid user test2 from 106.75.240.46 port 49698	2019-07-26 22:02:26
148.72.22.255	attack	WP_xmlrpc_attack	2019-07-26 21:58:14
106.51.50.206	attack	Jul 26 15:36:22 nextcloud sshd\[15231\]: Invalid user test_user from 106.51.50.206 Jul 26 15:36:22 nextcloud sshd\[15231\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.51.50.206 Jul 26 15:36:24 nextcloud sshd\[15231\]: Failed password for invalid user test_user from 106.51.50.206 port 42790 ssh2 ...	2019-07-26 22:34:04
132.232.52.35	attackspam	Jul 26 10:07:43 plusreed sshd[7654]: Invalid user phoebe from 132.232.52.35 ...	2019-07-26 22:21:53
153.36.242.143	attack	Jul 26 16:06:28 legacy sshd[18614]: Failed password for root from 153.36.242.143 port 34470 ssh2 Jul 26 16:06:37 legacy sshd[18618]: Failed password for root from 153.36.242.143 port 63207 ssh2 ...	2019-07-26 22:30:16
180.117.118.188	attackspam	20 attempts against mh-ssh on cell.magehost.pro	2019-07-26 22:27:34
110.47.218.84	attack	Jul 26 15:45:07 nextcloud sshd\[5731\]: Invalid user h from 110.47.218.84 Jul 26 15:45:07 nextcloud sshd\[5731\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.47.218.84 Jul 26 15:45:09 nextcloud sshd\[5731\]: Failed password for invalid user h from 110.47.218.84 port 44960 ssh2 ...	2019-07-26 22:44:26
185.173.35.57	attackspambots	Unauthorized connection attempt from IP address 185.173.35.57 on Port 143(IMAP)	2019-07-26 22:54:48
91.106.70.40	attackbots	2019-07-26 04:02:18 H=(loss.it) [91.106.70.40]:49998 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.11, 127.0.0.3, 127.0.0.4) (https://www.spamhaus.org/query/ip/91.106.70.40) 2019-07-26 04:02:19 H=(loss.it) [91.106.70.40]:49998 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.4, 127.0.0.3, 127.0.0.11) (https://www.spamhaus.org/query/ip/91.106.70.40) 2019-07-26 04:02:20 H=(loss.it) [91.106.70.40]:49998 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.4, 127.0.0.11, 127.0.0.3) (https://www.spamhaus.org/sbl/query/SBLCSS) ...	2019-07-26 22:00:29
185.244.25.204	attackspambots	scan z	2019-07-26 22:26:54
203.106.40.110	attack	Jul 26 17:32:26 yabzik sshd[1003]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.106.40.110 Jul 26 17:32:28 yabzik sshd[1003]: Failed password for invalid user zb from 203.106.40.110 port 60654 ssh2 Jul 26 17:37:57 yabzik sshd[2897]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.106.40.110	2019-07-26 22:48:02
180.126.130.47	attackspam	20 attempts against mh-ssh on comet.magehost.pro	2019-07-26 22:13:14

Recently Reported IPs

104.248.165.67	243.248.10.239	104.248.166.152	104.248.166.203
104.248.170.139	104.248.171.61	104.248.171.74	104.248.174.113
104.248.183.59	104.248.19.129	104.248.196.4	104.248.2.168
104.248.2.190	104.248.201.78	104.248.202.147	104.248.213.127
104.248.213.163	104.248.215.119	104.248.216.102	104.248.216.220