104.211.6.248 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States of America (the)

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.211.60.181	attack	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2020-08-15 06:50:01
104.211.66.54	attack	Unauthorized connection attempt detected from IP address 104.211.66.54 to port 1433 [T]	2020-07-22 03:39:34
104.211.66.54	attackbotsspam	IP 104.211.66.54 attacked honeypot on port: 1433 at 7/20/2020 1:43:01 PM	2020-07-21 05:51:41
104.211.66.54	attackspambots	RDP Brute-Force (honeypot 8)	2020-07-08 03:16:45
104.211.67.143	attackspam	Jun 2 12:43:08 nbi-636 sshd[10603]: User r.r from 104.211.67.143 not allowed because not listed in AllowUsers Jun 2 12:43:08 nbi-636 sshd[10603]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.211.67.143 user=r.r Jun 2 12:43:10 nbi-636 sshd[10603]: Failed password for invalid user r.r from 104.211.67.143 port 1024 ssh2 Jun 2 12:43:12 nbi-636 sshd[10603]: Received disconnect from 104.211.67.143 port 1024:11: Bye Bye [preauth] Jun 2 12:43:12 nbi-636 sshd[10603]: Disconnected from invalid user r.r 104.211.67.143 port 1024 [preauth] Jun 2 12:46:40 nbi-636 sshd[12154]: User r.r from 104.211.67.143 not allowed because not listed in AllowUsers Jun 2 12:46:40 nbi-636 sshd[12154]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.211.67.143 user=r.r Jun 2 12:46:42 nbi-636 sshd[12154]: Failed password for invalid user r.r from 104.211.67.143 port 1024 ssh2 Jun 2 12:46:44 nbi-636 sshd........ -------------------------------	2020-06-07 19:20:29
104.211.67.143	attackbots	Jun 4 09:51:28 vmd48417 sshd[31737]: Failed password for root from 104.211.67.143 port 1024 ssh2	2020-06-04 16:52:48
104.211.60.179	attackspambots	Apr 19 19:00:40 itv-usvr-01 sshd[22451]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.211.60.179 user=root Apr 19 19:00:42 itv-usvr-01 sshd[22451]: Failed password for root from 104.211.60.179 port 59368 ssh2 Apr 19 19:04:54 itv-usvr-01 sshd[22612]: Invalid user yq from 104.211.60.179 Apr 19 19:04:54 itv-usvr-01 sshd[22612]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.211.60.179 Apr 19 19:04:54 itv-usvr-01 sshd[22612]: Invalid user yq from 104.211.60.179 Apr 19 19:04:56 itv-usvr-01 sshd[22612]: Failed password for invalid user yq from 104.211.60.179 port 51738 ssh2	2020-04-19 21:08:18
104.211.67.107	attackspam	11/06/2019-23:56:33.752362 104.211.67.107 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2019-11-07 13:29:47
104.211.67.107	attack	Fail2Ban Ban Triggered	2019-11-06 01:59:24
104.211.67.218	attackspam	23/tcp [2019-08-25]1pkt	2019-08-26 11:14:53
104.211.60.207	attackbotsspam	Invalid user support from 104.211.60.207 port 47212	2019-06-25 02:46:08
104.211.60.207	attack	Fail2Ban Ban Triggered	2019-06-24 13:45:33
104.211.60.207	attackbotsspam	Jun 24 06:14:20 ns41 sshd[22928]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.211.60.207 Jun 24 06:14:22 ns41 sshd[22928]: Failed password for invalid user cisco from 104.211.60.207 port 40700 ssh2 Jun 24 06:14:57 ns41 sshd[22937]: Failed password for root from 104.211.60.207 port 40006 ssh2	2019-06-24 12:16:11
104.211.60.207	attackbotsspam	Jun 23 18:12:53 MK-Soft-VM6 sshd\[26845\]: Invalid user support from 104.211.60.207 port 35760 Jun 23 18:12:54 MK-Soft-VM6 sshd\[26845\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.211.60.207 Jun 23 18:12:56 MK-Soft-VM6 sshd\[26845\]: Failed password for invalid user support from 104.211.60.207 port 35760 ssh2 ...	2019-06-24 02:16:40

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.211.6.248
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 16025
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.211.6.248.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025012600 1800 900 604800 86400

;; Query time: 12 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jan 26 21:03:56 CST 2025
;; MSG SIZE  rcvd: 106

Host info

Host 248.6.211.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 248.6.211.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
123.207.185.54	attack	Jul 25 15:37:58 xtremcommunity sshd\[16808\]: Invalid user black from 123.207.185.54 port 57310 Jul 25 15:37:58 xtremcommunity sshd\[16808\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.185.54 Jul 25 15:38:00 xtremcommunity sshd\[16808\]: Failed password for invalid user black from 123.207.185.54 port 57310 ssh2 Jul 25 15:40:49 xtremcommunity sshd\[22397\]: Invalid user chloe from 123.207.185.54 port 58540 Jul 25 15:40:49 xtremcommunity sshd\[22397\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.185.54 ...	2019-07-26 05:34:25
217.150.43.129	attackbotsspam	[portscan] Port scan	2019-07-26 06:08:17
139.198.122.76	attack	Automatic report - Banned IP Access	2019-07-26 05:57:00
125.161.137.132	attackspambots	445/tcp [2019-07-25]1pkt	2019-07-26 05:59:50
107.148.101.20	attack	445/tcp [2019-07-25]1pkt	2019-07-26 06:08:03
37.59.99.243	attackspam	frenzy	2019-07-26 05:27:21
162.62.26.56	attack	7210/tcp 32757/udp 39/tcp... [2019-07-12/23]5pkt,3pt.(tcp),2pt.(udp)	2019-07-26 05:48:19
163.172.186.72	attackbotsspam	445/tcp [2019-07-25]1pkt	2019-07-26 06:08:32
117.0.35.153	attack	Jul 25 20:40:42 XXX sshd[13734]: Invalid user admin from 117.0.35.153 port 62341	2019-07-26 05:52:10
80.213.255.129	attackspam	Jul 25 23:23:05 eventyay sshd[416]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.213.255.129 Jul 25 23:23:06 eventyay sshd[416]: Failed password for invalid user unix from 80.213.255.129 port 42076 ssh2 Jul 25 23:27:41 eventyay sshd[1799]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.213.255.129 ...	2019-07-26 05:30:32
119.131.90.157	attackspambots	23/tcp 23/tcp [2019-07-23]2pkt	2019-07-26 05:36:37
192.99.55.200	attack	Automatic report	2019-07-26 05:43:16
182.74.190.198	attack	Jul 25 22:35:33 localhost sshd\[61832\]: Invalid user support from 182.74.190.198 port 40580 Jul 25 22:35:33 localhost sshd\[61832\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.74.190.198 ...	2019-07-26 05:49:36
185.143.221.58	attack	Jul 25 23:16:20 lumpi kernel: INPUT:DROP:SPAMHAUS_EDROP:IN=eth0 OUT= MAC=52:54:a2:01:a5:04:d2:74:7f:6e:37:e3:08:00 SRC=185.143.221.58 DST=172.31.1.100 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=27406 PROTO=TCP SPT=50581 DPT=5691 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-07-26 05:28:33
185.143.221.39	attack	TCP 3389 (RDP)	2019-07-26 05:38:06

Recently Reported IPs

211.144.190.214	241.60.111.222	70.45.183.188	230.214.84.228
193.64.72.152	184.51.235.161	200.215.123.215	118.81.184.149
8.163.73.68	15.77.253.5	150.22.106.76	76.193.132.23
176.231.216.51	241.129.77.203	51.45.213.113	160.180.30.77
6.118.235.158	222.188.188.69	74.106.159.50	231.80.65.138