104.248.54.246

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.248.54.135	attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2020-04-06 01:19:10
104.248.54.135	attackbotsspam	04/01/2020-05:30:21.333035 104.248.54.135 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-04-01 17:53:06
104.248.54.135	attackbots	Fail2Ban Ban Triggered	2020-03-31 02:12:42
104.248.54.135	attackbotsspam	03/29/2020-11:24:57.291338 104.248.54.135 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-03-30 01:46:30
104.248.54.12	attackbotsspam	WordPress login Brute force / Web App Attack on client site.	2020-03-14 08:56:01

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.248.54.246
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 46679
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.248.54.246.			IN	A

;; AUTHORITY SECTION:
.			580	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022202 1800 900 604800 86400

;; Query time: 131 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Feb 23 04:22:15 CST 2022
;; MSG SIZE  rcvd: 107

Host info

246.54.248.104.in-addr.arpa domain name pointer vps.leedsalt.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
246.54.248.104.in-addr.arpa	name = vps.leedsalt.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
180.168.141.246	attackbots	detected by Fail2Ban	2020-04-07 20:19:26
87.101.169.188	attackspambots	Brute force attack against VPN service	2020-04-07 20:59:44
119.193.43.31	attack	Attempted connection to port 5555.	2020-04-07 20:43:38
51.91.255.147	attackspambots	Apr 7 14:42:32 ns382633 sshd\[7750\]: Invalid user mathew from 51.91.255.147 port 56626 Apr 7 14:42:32 ns382633 sshd\[7750\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.91.255.147 Apr 7 14:42:33 ns382633 sshd\[7750\]: Failed password for invalid user mathew from 51.91.255.147 port 56626 ssh2 Apr 7 14:51:29 ns382633 sshd\[9688\]: Invalid user www from 51.91.255.147 port 44854 Apr 7 14:51:29 ns382633 sshd\[9688\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.91.255.147	2020-04-07 20:53:48
91.121.84.172	attackspam	B: /wp-login.php attack	2020-04-07 21:00:51
159.203.82.101	attack	Apr 6 11:51:03 mail01 postfix/postscreen[16165]: CONNECT from [159.203.82.101]:49289 to [94.130.181.95]:25 Apr 6 11:51:09 mail01 postfix/postscreen[16165]: PASS NEW [159.203.82.101]:49289 Apr 6 11:51:10 mail01 postfix/smtpd[16169]: connect from metallurgymetalworking.com[159.203.82.101] Apr x@x Apr 6 11:51:11 mail01 postfix/smtpd[16169]: disconnect from metallurgymetalworking.com[159.203.82.101] ehlo=2 starttls=1 mail=1 rcpt=0/1 quhostname=1 commands=5/6 Apr 6 11:54:31 mail01 postfix/anvil[16170]: statistics: max connection rate 1/60s for (smtpd:159.203.82.101) at Apr 6 11:51:10 Apr 6 11:54:31 mail01 postfix/anvil[16170]: statistics: max connection count 1 for (smtpd:159.203.82.101) at Apr 6 11:51:10 Apr 6 12:07:35 mail01 postfix/postscreen[16272]: CONNECT from [159.203.82.101]:55923 to [94.130.181.95]:25 Apr 6 12:07:35 mail01 postfix/postscreen[16272]: PASS OLD [159.203.82.101]:55923 Apr 6 12:07:36 mail01 postfix/smtpd[16277]: connect from metallurgymetalwor........ -------------------------------	2020-04-07 20:21:37
106.12.199.143	attackbots	2020-04-07T05:45:55.125698 sshd[28627]: Invalid user cron from 106.12.199.143 port 50008 2020-04-07T05:45:55.140545 sshd[28627]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.199.143 2020-04-07T05:45:55.125698 sshd[28627]: Invalid user cron from 106.12.199.143 port 50008 2020-04-07T05:45:57.856548 sshd[28627]: Failed password for invalid user cron from 106.12.199.143 port 50008 ssh2 ...	2020-04-07 20:24:29
175.140.138.193	attackbotsspam	Apr 7 14:46:18 localhost sshd\[23617\]: Invalid user test from 175.140.138.193 Apr 7 14:46:18 localhost sshd\[23617\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.140.138.193 Apr 7 14:46:20 localhost sshd\[23617\]: Failed password for invalid user test from 175.140.138.193 port 26485 ssh2 Apr 7 14:51:30 localhost sshd\[23950\]: Invalid user app from 175.140.138.193 Apr 7 14:51:30 localhost sshd\[23950\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.140.138.193 ...	2020-04-07 20:53:18
49.234.70.67	attackbotsspam	Bruteforce detected by fail2ban	2020-04-07 20:30:51
117.4.32.63	attackspambots	Unauthorized connection attempt from IP address 117.4.32.63 on Port 445(SMB)	2020-04-07 20:44:38
194.113.234.64	attack	bruteforce detected	2020-04-07 20:45:40
209.159.157.72	attackbotsspam	2020/04/07 14:10:22 [error] 17205#17205: *110790 open() "/srv/automx/instance/cgi-bin/ViewLog.asp" failed (2: No such file or directory), client: 209.159.157.72, server: autoconfig.tuxlinux.eu, request: "POST /cgi-bin/ViewLog.asp HTTP/1.1", host: "127.0.0.1" ...	2020-04-07 20:20:32
149.56.132.202	attackbots	SSH login attempts.	2020-04-07 20:17:17
45.119.212.125	attackbotsspam	Fail2Ban Ban Triggered	2020-04-07 20:27:19
42.84.37.109	attackbotsspam	SSH Authentication Attempts Exceeded	2020-04-07 20:31:08

Recently Reported IPs

104.248.53.47	104.248.58.138	104.248.61.149	104.248.65.232
104.248.7.197	104.248.76.145	104.248.78.192	104.248.82.5
104.248.84.26	104.248.87.0	104.248.88.199	122.72.121.245
104.248.88.220	104.248.93.204	104.248.96.220	104.25.105.87
104.25.106.87	104.25.129.101	104.25.130.101	104.25.131.44