104.248.34.166

Basic Info

City: unknown

Region: unknown

Country: None

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.248.34.219	attack	2020/06/30 14:47:45 [error] 20617#20617: 3577399 open() "/usr/share/nginx/html/wp-login.php" failed (2: No such file or directory), client: 104.248.34.219, server: _, request: "GET /wp-login.php HTTP/1.1", host: "1-2-dsl.net" 2020/06/30 14:47:45 [error] 20617#20617: 3577400 open() "/usr/share/nginx/html/wp-login.php" failed (2: No such file or directory), client: 104.248.34.219, server: _, request: "GET /wp-login.php HTTP/1.1", host: "1-2-dsl.org"	2020-07-01 21:38:38
104.248.34.219	attackbots	104.248.34.219 - - [14/Jun/2020:14:43:38 +0200] "POST /xmlrpc.php HTTP/1.1" 403 11040 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.34.219 - - [14/Jun/2020:14:47:37 +0200] "POST /xmlrpc.php HTTP/1.1" 403 9565 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-06-14 23:57:53
104.248.34.219	attackbotsspam	104.248.34.219 - - [14/May/2020:18:49:25 +0200] "GET /wp-login.php HTTP/1.1" 200 1900 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.34.219 - - [14/May/2020:18:49:25 +0200] "POST /wp-login.php HTTP/1.1" 200 2031 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.34.219 - - [14/May/2020:18:49:25 +0200] "GET /wp-login.php HTTP/1.1" 200 1900 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.34.219 - - [14/May/2020:18:49:25 +0200] "POST /wp-login.php HTTP/1.1" 200 2008 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.34.219 - - [14/May/2020:18:49:25 +0200] "GET /wp-login.php HTTP/1.1" 200 1900 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.248.34.219 - - [14/May/2020:18:49:25 +0200] "POST /wp-login.php HTTP/1.1" 200 2009 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/201001 ...	2020-05-15 04:04:32
104.248.34.192	attackbotsspam	Feb 9 08:59:09 MK-Soft-VM8 sshd[28974]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.34.192 Feb 9 08:59:11 MK-Soft-VM8 sshd[28974]: Failed password for invalid user phi from 104.248.34.192 port 45958 ssh2 ...	2020-02-09 16:23:24
104.248.34.192	attackbotsspam	Feb 9 00:22:32 game-panel sshd[7635]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.34.192 Feb 9 00:22:33 game-panel sshd[7635]: Failed password for invalid user zql from 104.248.34.192 port 38890 ssh2 Feb 9 00:25:22 game-panel sshd[7754]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.34.192	2020-02-09 08:33:10
104.248.34.192	attackspambots	Unauthorized connection attempt detected from IP address 104.248.34.192 to port 2220 [J]	2020-02-06 02:07:07
104.248.34.192	attackspam	Jan 27 08:35:41 ns381471 sshd[19625]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.34.192 Jan 27 08:35:44 ns381471 sshd[19625]: Failed password for invalid user es from 104.248.34.192 port 57222 ssh2	2020-01-27 17:10:59
104.248.34.192	attackspam	Unauthorized connection attempt detected from IP address 104.248.34.192 to port 2220 [J]	2020-01-22 00:53:16
104.248.34.192	attack	Brute SSH	2020-01-14 20:41:14
104.248.34.192	attackspambots	SSH-BruteForce	2020-01-07 08:47:43
104.248.34.192	attack	Dec 25 15:34:32 localhost sshd[34987]: Failed password for invalid user lexst from 104.248.34.192 port 40436 ssh2 Dec 25 15:52:01 localhost sshd[35954]: Failed password for invalid user petryna from 104.248.34.192 port 53592 ssh2 Dec 25 15:54:27 localhost sshd[36194]: Failed password for invalid user bagnato from 104.248.34.192 port 47490 ssh2	2019-12-26 01:05:58
104.248.34.192	attack	[ssh] SSH attack	2019-12-19 02:15:32
104.248.34.192	attack	Dec 17 11:46:50 php1 sshd\[24898\]: Invalid user roberts from 104.248.34.192 Dec 17 11:46:50 php1 sshd\[24898\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.34.192 Dec 17 11:46:52 php1 sshd\[24898\]: Failed password for invalid user roberts from 104.248.34.192 port 32942 ssh2 Dec 17 11:52:58 php1 sshd\[25510\]: Invalid user admin from 104.248.34.192 Dec 17 11:52:58 php1 sshd\[25510\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.34.192	2019-12-18 06:17:22
104.248.34.192	attackbots	Dec 13 05:50:10 localhost sshd\[1358\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.34.192 user=root Dec 13 05:50:12 localhost sshd\[1358\]: Failed password for root from 104.248.34.192 port 48630 ssh2 Dec 13 05:56:09 localhost sshd\[1995\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.34.192 user=root	2019-12-13 13:15:04
104.248.34.43	attackspambots	Port scan attempt detected by AWS-CCS, CTS, India	2019-07-15 18:04:26

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.248.34.166
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 65
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.248.34.166.			IN	A

;; AUTHORITY SECTION:
.			560	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022030301 1800 900 604800 86400

;; Query time: 59 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Mar 04 02:02:18 CST 2022
;; MSG SIZE  rcvd: 107

Host info

Host 166.34.248.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 166.34.248.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
91.134.140.32	attackspambots	2019-10-17T16:26:32.020923abusebot-5.cloudsearch.cf sshd\[7004\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=32.ip-91-134-140.eu user=root	2019-10-18 00:55:39
200.58.110.12	attack	handydirektreparatur-fulda.de:80 200.58.110.12 - - \[17/Oct/2019:13:38:31 +0200\] "POST /xmlrpc.php HTTP/1.1" 301 465 "-" "Windows Live Writter" www.handydirektreparatur.de 200.58.110.12 \[17/Oct/2019:13:38:32 +0200\] "POST /xmlrpc.php HTTP/1.1" 200 4238 "-" "Windows Live Writter"	2019-10-18 01:11:55
27.213.80.93	attackbotsspam	Unauthorised access (Oct 17) SRC=27.213.80.93 LEN=40 TTL=49 ID=54059 TCP DPT=8080 WINDOW=35629 SYN Unauthorised access (Oct 15) SRC=27.213.80.93 LEN=40 TTL=49 ID=17143 TCP DPT=8080 WINDOW=62395 SYN Unauthorised access (Oct 14) SRC=27.213.80.93 LEN=40 TTL=49 ID=36631 TCP DPT=8080 WINDOW=39232 SYN	2019-10-18 00:55:19
213.149.103.132	attack	xmlrpc attack	2019-10-18 00:39:36
193.70.40.191	attackbotsspam	Oct 17 07:10:38 sachi sshd\[3502\]: Invalid user victor from 193.70.40.191 Oct 17 07:10:38 sachi sshd\[3502\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.ip-193-70-40.eu Oct 17 07:10:40 sachi sshd\[3502\]: Failed password for invalid user victor from 193.70.40.191 port 39926 ssh2 Oct 17 07:17:07 sachi sshd\[4038\]: Invalid user victor from 193.70.40.191 Oct 17 07:17:07 sachi sshd\[4038\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.ip-193-70-40.eu	2019-10-18 01:17:36
159.203.201.148	attackspam	[Thu Oct 17 10:51:12.653935 2019] [:error] [pid 242950] [client 159.203.201.148:48138] [client 159.203.201.148] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "91"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 8)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "200.132.59.212"] [uri "/"] [unique_id "Xahx0MG1GC8787RtLBIMgAAAAAM"] ...	2019-10-18 00:41:13
149.202.65.173	attackbots	Jan 2 00:14:49 odroid64 sshd\[10103\]: Invalid user dbadmin from 149.202.65.173 Jan 2 00:14:49 odroid64 sshd\[10103\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.202.65.173 Jan 2 00:14:50 odroid64 sshd\[10103\]: Failed password for invalid user dbadmin from 149.202.65.173 port 60824 ssh2 Jan 18 17:20:51 odroid64 sshd\[18044\]: Invalid user tiger from 149.202.65.173 Jan 18 17:20:51 odroid64 sshd\[18044\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.202.65.173 Jan 18 17:20:53 odroid64 sshd\[18044\]: Failed password for invalid user tiger from 149.202.65.173 port 52548 ssh2 Jan 29 07:38:23 odroid64 sshd\[13632\]: Invalid user suporte from 149.202.65.173 Jan 29 07:38:23 odroid64 sshd\[13632\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.202.65.173 Jan 29 07:38:24 odroid64 sshd\[13632\]: Failed password for invalid user suporte from 149 ...	2019-10-18 01:13:42
176.9.172.202	attack	2019-10-17T11:38:42Z - RDP login failed multiple times. (176.9.172.202)	2019-10-18 01:02:41
51.83.32.232	attackbots	Oct 17 18:29:59 eventyay sshd[15634]: Failed password for root from 51.83.32.232 port 44166 ssh2 Oct 17 18:33:51 eventyay sshd[15666]: Failed password for root from 51.83.32.232 port 37262 ssh2 ...	2019-10-18 00:41:46
91.134.240.73	attackbotsspam	$f2bV_matches_ltvn	2019-10-18 01:16:15
177.21.13.206	attackbotsspam	Spam	2019-10-18 01:10:27
5.196.75.178	attack	Oct 17 06:18:42 sachi sshd\[30471\]: Invalid user 111111 from 5.196.75.178 Oct 17 06:18:42 sachi sshd\[30471\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=0007.seedbox.com.ar Oct 17 06:18:44 sachi sshd\[30471\]: Failed password for invalid user 111111 from 5.196.75.178 port 44570 ssh2 Oct 17 06:26:07 sachi sshd\[31943\]: Invalid user ammelie123 from 5.196.75.178 Oct 17 06:26:07 sachi sshd\[31943\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=0007.seedbox.com.ar	2019-10-18 00:53:39
176.109.250.118	attackbotsspam	" "	2019-10-18 00:44:03
128.199.52.45	attackbotsspam	Jan 31 12:27:53 odroid64 sshd\[22658\]: Invalid user miqueas from 128.199.52.45 Jan 31 12:27:53 odroid64 sshd\[22658\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.52.45 Jan 31 12:27:54 odroid64 sshd\[22658\]: Failed password for invalid user miqueas from 128.199.52.45 port 51210 ssh2 Mar 10 18:14:32 odroid64 sshd\[3393\]: Invalid user admin from 128.199.52.45 Mar 10 18:14:32 odroid64 sshd\[3393\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.52.45 Mar 10 18:14:34 odroid64 sshd\[3393\]: Failed password for invalid user admin from 128.199.52.45 port 33630 ssh2 Mar 15 20:42:35 odroid64 sshd\[24596\]: Invalid user sd from 128.199.52.45 Mar 15 20:42:35 odroid64 sshd\[24596\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.52.45 Mar 15 20:42:37 odroid64 sshd\[24596\]: Failed password for invalid user sd from 128.199.52.45 port 57272 ...	2019-10-18 00:58:09
121.151.153.108	attack	Oct 17 18:23:04 nextcloud sshd\[24333\]: Invalid user cinema from 121.151.153.108 Oct 17 18:23:04 nextcloud sshd\[24333\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.151.153.108 Oct 17 18:23:06 nextcloud sshd\[24333\]: Failed password for invalid user cinema from 121.151.153.108 port 58848 ssh2 ...	2019-10-18 00:59:55

Recently Reported IPs

239.140.33.212	104.248.35.58	104.248.39.71	104.248.41.59
104.248.49.93	104.248.51.232	104.248.53.58	104.248.6.39
104.248.8.188	104.248.81.238	104.248.85.53	104.249.173.213
104.249.174.66	104.249.174.67	104.25.19.47	104.25.190.13
104.25.191.13	71.116.66.240	104.25.194.53	104.25.199.209