104.248.34.166

Basic Info

City: unknown

Region: unknown

Country: None

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.248.34.219	attack	2020/06/30 14:47:45 [error] 20617#20617: 3577399 open() "/usr/share/nginx/html/wp-login.php" failed (2: No such file or directory), client: 104.248.34.219, server: _, request: "GET /wp-login.php HTTP/1.1", host: "1-2-dsl.net" 2020/06/30 14:47:45 [error] 20617#20617: 3577400 open() "/usr/share/nginx/html/wp-login.php" failed (2: No such file or directory), client: 104.248.34.219, server: _, request: "GET /wp-login.php HTTP/1.1", host: "1-2-dsl.org"	2020-07-01 21:38:38
104.248.34.219	attackbots	104.248.34.219 - - [14/Jun/2020:14:43:38 +0200] "POST /xmlrpc.php HTTP/1.1" 403 11040 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.34.219 - - [14/Jun/2020:14:47:37 +0200] "POST /xmlrpc.php HTTP/1.1" 403 9565 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-06-14 23:57:53
104.248.34.219	attackbotsspam	104.248.34.219 - - [14/May/2020:18:49:25 +0200] "GET /wp-login.php HTTP/1.1" 200 1900 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.34.219 - - [14/May/2020:18:49:25 +0200] "POST /wp-login.php HTTP/1.1" 200 2031 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.34.219 - - [14/May/2020:18:49:25 +0200] "GET /wp-login.php HTTP/1.1" 200 1900 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.34.219 - - [14/May/2020:18:49:25 +0200] "POST /wp-login.php HTTP/1.1" 200 2008 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.34.219 - - [14/May/2020:18:49:25 +0200] "GET /wp-login.php HTTP/1.1" 200 1900 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.34.219 - - [14/May/2020:18:49:25 +0200] "POST /wp-login.php HTTP/1.1" 200 2009 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/201001 ...	2020-05-15 04:04:32
104.248.34.192	attackbotsspam	Feb 9 08:59:09 MK-Soft-VM8 sshd[28974]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.34.192 Feb 9 08:59:11 MK-Soft-VM8 sshd[28974]: Failed password for invalid user phi from 104.248.34.192 port 45958 ssh2 ...	2020-02-09 16:23:24
104.248.34.192	attackbotsspam	Feb 9 00:22:32 game-panel sshd[7635]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.34.192 Feb 9 00:22:33 game-panel sshd[7635]: Failed password for invalid user zql from 104.248.34.192 port 38890 ssh2 Feb 9 00:25:22 game-panel sshd[7754]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.34.192	2020-02-09 08:33:10
104.248.34.192	attackspambots	Unauthorized connection attempt detected from IP address 104.248.34.192 to port 2220 [J]	2020-02-06 02:07:07
104.248.34.192	attackspam	Jan 27 08:35:41 ns381471 sshd[19625]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.34.192 Jan 27 08:35:44 ns381471 sshd[19625]: Failed password for invalid user es from 104.248.34.192 port 57222 ssh2	2020-01-27 17:10:59
104.248.34.192	attackspam	Unauthorized connection attempt detected from IP address 104.248.34.192 to port 2220 [J]	2020-01-22 00:53:16
104.248.34.192	attack	Brute SSH	2020-01-14 20:41:14
104.248.34.192	attackspambots	SSH-BruteForce	2020-01-07 08:47:43
104.248.34.192	attack	Dec 25 15:34:32 localhost sshd[34987]: Failed password for invalid user lexst from 104.248.34.192 port 40436 ssh2 Dec 25 15:52:01 localhost sshd[35954]: Failed password for invalid user petryna from 104.248.34.192 port 53592 ssh2 Dec 25 15:54:27 localhost sshd[36194]: Failed password for invalid user bagnato from 104.248.34.192 port 47490 ssh2	2019-12-26 01:05:58
104.248.34.192	attack	[ssh] SSH attack	2019-12-19 02:15:32
104.248.34.192	attack	Dec 17 11:46:50 php1 sshd\[24898\]: Invalid user roberts from 104.248.34.192 Dec 17 11:46:50 php1 sshd\[24898\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.34.192 Dec 17 11:46:52 php1 sshd\[24898\]: Failed password for invalid user roberts from 104.248.34.192 port 32942 ssh2 Dec 17 11:52:58 php1 sshd\[25510\]: Invalid user admin from 104.248.34.192 Dec 17 11:52:58 php1 sshd\[25510\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.34.192	2019-12-18 06:17:22
104.248.34.192	attackbots	Dec 13 05:50:10 localhost sshd\[1358\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.34.192 user=root Dec 13 05:50:12 localhost sshd\[1358\]: Failed password for root from 104.248.34.192 port 48630 ssh2 Dec 13 05:56:09 localhost sshd\[1995\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.34.192 user=root	2019-12-13 13:15:04
104.248.34.43	attackspambots	Port scan attempt detected by AWS-CCS, CTS, India	2019-07-15 18:04:26

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.248.34.166
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 65
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.248.34.166.			IN	A

;; AUTHORITY SECTION:
.			560	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022030301 1800 900 604800 86400

;; Query time: 59 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Mar 04 02:02:18 CST 2022
;; MSG SIZE  rcvd: 107

Host info

Host 166.34.248.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 166.34.248.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
128.199.80.77	attackspam	WordPress login Brute force / Web App Attack on client site.	2019-09-08 11:32:24
103.249.100.48	attackbotsspam	Sep 8 03:01:45 saschabauer sshd[14813]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.249.100.48 Sep 8 03:01:47 saschabauer sshd[14813]: Failed password for invalid user alexalex from 103.249.100.48 port 36164 ssh2	2019-09-08 11:51:27
193.70.87.215	attack	Sep 8 07:00:08 www sshd\[24153\]: Invalid user 12345 from 193.70.87.215Sep 8 07:00:10 www sshd\[24153\]: Failed password for invalid user 12345 from 193.70.87.215 port 45836 ssh2Sep 8 07:03:59 www sshd\[24284\]: Invalid user luser from 193.70.87.215 ...	2019-09-08 12:06:33
195.84.49.20	attackspambots	Sep 8 01:49:38 rpi sshd[7667]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.84.49.20 Sep 8 01:49:40 rpi sshd[7667]: Failed password for invalid user admin from 195.84.49.20 port 58432 ssh2	2019-09-08 12:21:25
162.144.109.122	attackbots	Sep 8 02:10:08 herz-der-gamer sshd[19270]: Invalid user odoo from 162.144.109.122 port 47810 Sep 8 02:10:08 herz-der-gamer sshd[19270]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.144.109.122 Sep 8 02:10:08 herz-der-gamer sshd[19270]: Invalid user odoo from 162.144.109.122 port 47810 Sep 8 02:10:10 herz-der-gamer sshd[19270]: Failed password for invalid user odoo from 162.144.109.122 port 47810 ssh2 ...	2019-09-08 11:20:14
191.53.52.245	attack	Sep 7 16:45:49 mailman postfix/smtpd[4633]: warning: unknown[191.53.52.245]: SASL PLAIN authentication failed: authentication failure	2019-09-08 11:45:05
185.53.88.79	attack	07.09.2019 23:15:08 Connection to port 5060 blocked by firewall	2019-09-08 12:13:59
210.210.175.63	attackspam	Sep 8 01:52:52 ubuntu-2gb-nbg1-dc3-1 sshd[15551]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.210.175.63 Sep 8 01:52:54 ubuntu-2gb-nbg1-dc3-1 sshd[15551]: Failed password for invalid user tester from 210.210.175.63 port 46488 ssh2 ...	2019-09-08 12:08:30
51.38.112.45	attack	Sep 7 21:57:11 hb sshd\[26771\]: Invalid user user from 51.38.112.45 Sep 7 21:57:11 hb sshd\[26771\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.ip-51-38-112.eu Sep 7 21:57:13 hb sshd\[26771\]: Failed password for invalid user user from 51.38.112.45 port 35240 ssh2 Sep 7 22:01:10 hb sshd\[27165\]: Invalid user minecraft from 51.38.112.45 Sep 7 22:01:10 hb sshd\[27165\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.ip-51-38-112.eu	2019-09-08 12:22:57
5.135.182.84	attack	2019-09-08T03:50:06.372610abusebot-7.cloudsearch.cf sshd\[22856\]: Invalid user ts3 from 5.135.182.84 port 33012	2019-09-08 12:09:46
218.98.40.149	attackbotsspam	Sep 8 04:10:05 localhost sshd\[30332\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.98.40.149 user=root Sep 8 04:10:08 localhost sshd\[30332\]: Failed password for root from 218.98.40.149 port 10551 ssh2 Sep 8 04:10:10 localhost sshd\[30332\]: Failed password for root from 218.98.40.149 port 10551 ssh2 ...	2019-09-08 12:10:51
46.229.213.130	attackbots	Malicious phishing, ISP Timeweb Ltd; repetitive redirects; blacklists; aggregate spam volume up to 5/day Unsolicited bulk spam - dominol.club, Timeweb Ltd - 92.53.119.43 Spam link batel-dollar.ddnsking.com = 5.23.54.120 (previously 176.57.208.216) Timeweb Ltd - blacklisted – REPETITIVE BLACKLISTED IP - URLSCAN.IO REDIRECT LIST: - Effective URL: https://todayinsidernews.net = 192.241.177.202 DigitalOcean - www.circlestraight.com = 185.117.118.51, Creanova - mgsse.swiftlink.company = 107.174.17.90, 118.184.32.7 Shanghai Anchnet Network - ddnsking.com = 8.23.224.108, Vitalwerks Internet Solutions - code.jquery.com = 205.185.208.52 Highwinds Network Group, Inc. Sender domain dominol.club = Timeweb Ltd 46.229.213.52, 46.229.212.250, 5.23.55.227, 162.255.119.8, 46.229.213.106, 46.229.213.65, 46.229.212.240, 46.229.213.130, 46.229.213.5, 46.229.212.228, 46.229.213.69, 46.229.213.118	2019-09-08 11:42:09
148.70.210.77	attackspambots	Sep 7 17:15:08 hpm sshd\[9877\]: Invalid user qwertyuiop from 148.70.210.77 Sep 7 17:15:08 hpm sshd\[9877\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.210.77 Sep 7 17:15:10 hpm sshd\[9877\]: Failed password for invalid user qwertyuiop from 148.70.210.77 port 41437 ssh2 Sep 7 17:20:54 hpm sshd\[10360\]: Invalid user 1q2w3e from 148.70.210.77 Sep 7 17:20:54 hpm sshd\[10360\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.210.77	2019-09-08 11:34:51
178.128.126.56	attackbotsspam	Sep 7 18:25:55 aat-srv002 sshd[24295]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.126.56 Sep 7 18:25:57 aat-srv002 sshd[24295]: Failed password for invalid user www from 178.128.126.56 port 59190 ssh2 Sep 7 18:31:15 aat-srv002 sshd[24448]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.126.56 Sep 7 18:31:17 aat-srv002 sshd[24448]: Failed password for invalid user ts from 178.128.126.56 port 48148 ssh2 ...	2019-09-08 12:03:59
104.248.134.17	attackspam	Sep 8 05:30:07 mail sshd\[5815\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.134.17 Sep 8 05:30:09 mail sshd\[5815\]: Failed password for invalid user test4 from 104.248.134.17 port 35884 ssh2 Sep 8 05:34:09 mail sshd\[6226\]: Invalid user arma3server from 104.248.134.17 port 50444 Sep 8 05:34:09 mail sshd\[6226\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.134.17 Sep 8 05:34:11 mail sshd\[6226\]: Failed password for invalid user arma3server from 104.248.134.17 port 50444 ssh2	2019-09-08 11:47:55

Recently Reported IPs

239.140.33.212	104.248.35.58	104.248.39.71	104.248.41.59
104.248.49.93	104.248.51.232	104.248.53.58	104.248.6.39
104.248.8.188	104.248.81.238	104.248.85.53	104.249.173.213
104.249.174.66	104.249.174.67	104.25.19.47	104.25.190.13
104.25.191.13	71.116.66.240	104.25.194.53	104.25.199.209