104.248.166.55

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.248.166.221	attackspam	20 attempts against mh-ssh on boat	2020-06-27 17:08:09
104.248.166.61	attackspam	This IP is associated with RDP abuse. It was found in a paste by https://twitter.com/RdpSnitch - https://pastebin.com/4Ddmuksx For more information, or to report interesting/incorrect findings, contact us - bot@tines.io	2020-04-26 21:48:53
104.248.166.70	attackspambots	104.248.166.70 - - [02/Jul/2019:16:05:55 +0200] "GET /wp-login.php HTTP/1.1" 200 4404 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.166.70 - - [02/Jul/2019:16:05:56 +0200] "POST /wp-login.php HTTP/1.1" 200 4404 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.166.70 - - [02/Jul/2019:16:05:56 +0200] "GET /wp-login.php HTTP/1.1" 200 4404 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.166.70 - - [02/Jul/2019:16:05:56 +0200] "POST /wp-login.php HTTP/1.1" 200 4404 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.166.70 - - [02/Jul/2019:16:05:56 +0200] "GET /wp-login.php HTTP/1.1" 200 4404 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.166.70 - - [02/Jul/2019:16:05:57 +0200] "POST /wp-login.php HTTP/1.1" 200 4404 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-07-02 22:24:35

Type

Details

Datetime

104.248.166.221

attackspam

20 attempts against mh-ssh on boat

2020-06-27 17:08:09

104.248.166.61

attackspam

This IP is associated with RDP abuse. It was found in a paste by https://twitter.com/RdpSnitch - https://pastebin.com/4Ddmuksx  
For more information, or to report interesting/incorrect findings, contact us - bot@tines.io

2020-04-26 21:48:53

104.248.166.70

attackspambots

104.248.166.70 - - [02/Jul/2019:16:05:55 +0200] "GET /wp-login.php HTTP/1.1" 200 4404 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
104.248.166.70 - - [02/Jul/2019:16:05:56 +0200] "POST /wp-login.php HTTP/1.1" 200 4404 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
104.248.166.70 - - [02/Jul/2019:16:05:56 +0200] "GET /wp-login.php HTTP/1.1" 200 4404 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
104.248.166.70 - - [02/Jul/2019:16:05:56 +0200] "POST /wp-login.php HTTP/1.1" 200 4404 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
104.248.166.70 - - [02/Jul/2019:16:05:56 +0200] "GET /wp-login.php HTTP/1.1" 200 4404 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
104.248.166.70 - - [02/Jul/2019:16:05:57 +0200] "POST /wp-login.php HTTP/1.1" 200 4404 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
...

2019-07-02 22:24:35

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.248.166.55
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 47327
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.248.166.55.			IN	A

;; AUTHORITY SECTION:
.			509	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022801 1800 900 604800 86400

;; Query time: 26 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Mar 01 03:12:31 CST 2022
;; MSG SIZE  rcvd: 107

Host info

Host 55.166.248.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 55.166.248.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
202.98.248.123	attackspam	SSH/22 MH Probe, BF, Hack -	2020-04-09 23:26:16
51.15.170.133	attackspam	xmlrpc attack	2020-04-09 23:38:11
103.70.199.201	attack	Web Probe / Attack	2020-04-09 22:55:29
108.45.31.86	attack	/login?from=0.000000 IP: 108.45.31.86 Hostname: pool-108-45-31-86.washdc.fios.verizon.net	2020-04-09 23:15:23
99.67.165.139	attackspambots	Apr 9 14:40:14 srv01 sshd[29487]: Invalid user admin from 99.67.165.139 port 49740 Apr 9 14:40:14 srv01 sshd[29487]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=99.67.165.139 Apr 9 14:40:14 srv01 sshd[29487]: Invalid user admin from 99.67.165.139 port 49740 Apr 9 14:40:16 srv01 sshd[29487]: Failed password for invalid user admin from 99.67.165.139 port 49740 ssh2 Apr 9 14:40:14 srv01 sshd[29487]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=99.67.165.139 Apr 9 14:40:14 srv01 sshd[29487]: Invalid user admin from 99.67.165.139 port 49740 Apr 9 14:40:16 srv01 sshd[29487]: Failed password for invalid user admin from 99.67.165.139 port 49740 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=99.67.165.139	2020-04-09 23:01:50
35.185.145.238	attackspambots	Apr 9 16:39:41 taivassalofi sshd[86344]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.185.145.238 Apr 9 16:39:43 taivassalofi sshd[86344]: Failed password for invalid user ubuntu from 35.185.145.238 port 53100 ssh2 ...	2020-04-09 23:24:13
163.172.46.50	attackspam	firewall-block, port(s): 11211/udp	2020-04-09 23:03:42
47.52.61.206	attackbotsspam	Icarus honeypot on github	2020-04-09 23:15:59
116.196.82.80	attackspam	04/09/2020-09:16:22.012259 116.196.82.80 Protocol: 6 ET SCAN Potential SSH Scan	2020-04-09 23:04:03
112.21.191.252	attackbots	Apr 9 15:41:42 srv01 sshd[1009]: Invalid user rian from 112.21.191.252 port 52690 Apr 9 15:41:42 srv01 sshd[1009]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.21.191.252 Apr 9 15:41:42 srv01 sshd[1009]: Invalid user rian from 112.21.191.252 port 52690 Apr 9 15:41:43 srv01 sshd[1009]: Failed password for invalid user rian from 112.21.191.252 port 52690 ssh2 Apr 9 15:46:35 srv01 sshd[1410]: Invalid user ns2server from 112.21.191.252 port 44695 ...	2020-04-09 23:08:46
36.26.95.179	attackspam	Apr 9 05:57:14 pixelmemory sshd[29845]: Failed password for daemon from 36.26.95.179 port 37474 ssh2 Apr 9 06:02:51 pixelmemory sshd[30827]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.26.95.179 Apr 9 06:02:53 pixelmemory sshd[30827]: Failed password for invalid user solr from 36.26.95.179 port 23384 ssh2 ...	2020-04-09 22:42:34
100.65.80.129	spambotsattackproxynormal	Sent attack	2020-04-09 23:39:46
51.83.97.44	attackspam	Apr 9 15:22:52 haigwepa sshd[20523]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.97.44 Apr 9 15:22:54 haigwepa sshd[20523]: Failed password for invalid user db2inst1 from 51.83.97.44 port 35492 ssh2 ...	2020-04-09 22:29:21
51.158.23.10	attackspambots	Unauthorized access to SSH at 9/Apr/2020:13:02:56 +0000.	2020-04-09 22:37:19
185.56.153.229	attack	Apr 9 16:19:59 vps sshd[366022]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.56.153.229 user=root Apr 9 16:20:02 vps sshd[366022]: Failed password for root from 185.56.153.229 port 38232 ssh2 Apr 9 16:25:26 vps sshd[394879]: Invalid user deploy from 185.56.153.229 port 43144 Apr 9 16:25:26 vps sshd[394879]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.56.153.229 Apr 9 16:25:28 vps sshd[394879]: Failed password for invalid user deploy from 185.56.153.229 port 43144 ssh2 ...	2020-04-09 23:21:02

Recently Reported IPs

104.248.166.3	104.248.166.9	104.248.166.64	104.248.166.26
104.248.166.250	104.248.166.97	104.248.167.173	104.248.167.169
104.248.167.174	104.248.167.176	104.248.167.213	104.248.167.207
104.248.167.239	104.248.167.217	104.248.167.22	104.248.167.41
104.248.167.39	104.248.167.29	104.248.167.35	104.248.167.48