178.248.239.54

Basic Info

City: unknown

Region: unknown

Country: Russian Federation

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 178.248.239.54
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 40561
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;178.248.239.54.			IN	A

;; AUTHORITY SECTION:
.			122	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021800 1800 900 604800 86400

;; Query time: 136 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 18:34:58 CST 2022
;; MSG SIZE  rcvd: 107

Host info

Host 54.239.248.178.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 54.239.248.178.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
101.81.69.127	attackspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/101.81.69.127/ CN - 1H : (411) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : CN NAME ASN : ASN4812 IP : 101.81.69.127 CIDR : 101.80.0.0/15 PREFIX COUNT : 543 UNIQUE IP COUNT : 8614144 ATTACKS DETECTED ASN4812 : 1H - 1 3H - 1 6H - 2 12H - 4 24H - 7 DateTime : 2019-10-21 05:42:21 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-10-21 19:24:51
81.43.54.220	attack	2019-10-21 x@x 2019-10-21 12:29:59 unexpected disconnection while reading SMTP command from 220.red-81-43-54.staticip.rima-tde.net [81.43.54.220]:29147 I=[10.100.18.25]:25 (error: Connection reset by peer) 2019-10-21 x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=81.43.54.220	2019-10-21 19:46:45
69.171.74.150	attack	Lines containing failures of 69.171.74.150 Oct 21 04:59:50 zabbix sshd[79640]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=69.171.74.150 user=r.r Oct 21 04:59:52 zabbix sshd[79640]: Failed password for r.r from 69.171.74.150 port 53940 ssh2 Oct 21 04:59:52 zabbix sshd[79640]: Received disconnect from 69.171.74.150 port 53940:11: Bye Bye [preauth] Oct 21 04:59:52 zabbix sshd[79640]: Disconnected from authenticating user r.r 69.171.74.150 port 53940 [preauth] Oct 21 05:20:26 zabbix sshd[80692]: Invalid user com from 69.171.74.150 port 46970 Oct 21 05:20:26 zabbix sshd[80692]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=69.171.74.150 Oct 21 05:20:29 zabbix sshd[80692]: Failed password for invalid user com from 69.171.74.150 port 46970 ssh2 Oct 21 05:20:29 zabbix sshd[80692]: Received disconnect from 69.171.74.150 port 46970:11: Bye Bye [preauth] Oct 21 05:20:29 zabbix sshd[80692]: Disco........ ------------------------------	2019-10-21 19:46:13
101.2.166.138	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/101.2.166.138/ BD - 1H : (13) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : BD NAME ASN : ASN38592 IP : 101.2.166.138 CIDR : 101.2.166.0/24 PREFIX COUNT : 34 UNIQUE IP COUNT : 8960 ATTACKS DETECTED ASN38592 : 1H - 1 3H - 1 6H - 1 12H - 2 24H - 2 DateTime : 2019-10-21 05:42:00 INFO : HACK ! - Looking for resource vulnerabilities Scan Detected and Blocked by ADMIN - data recovery	2019-10-21 19:36:45
110.74.177.198	attack	Oct 20 23:41:54 Tower sshd[44144]: Connection from 110.74.177.198 port 42910 on 192.168.10.220 port 22 Oct 20 23:41:56 Tower sshd[44144]: Invalid user cslab from 110.74.177.198 port 42910 Oct 20 23:41:56 Tower sshd[44144]: error: Could not get shadow information for NOUSER Oct 20 23:41:56 Tower sshd[44144]: Failed password for invalid user cslab from 110.74.177.198 port 42910 ssh2 Oct 20 23:41:56 Tower sshd[44144]: Received disconnect from 110.74.177.198 port 42910:11: Bye Bye [preauth] Oct 20 23:41:56 Tower sshd[44144]: Disconnected from invalid user cslab 110.74.177.198 port 42910 [preauth]	2019-10-21 19:33:47
222.186.175.150	attack	Oct 21 13:28:20 dedicated sshd[10355]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.150 user=root Oct 21 13:28:22 dedicated sshd[10355]: Failed password for root from 222.186.175.150 port 9114 ssh2	2019-10-21 19:33:20
165.227.237.84	attack	Automatic report - Banned IP Access	2019-10-21 19:41:11
51.4.195.188	attackspam	Oct 21 12:05:27 bouncer sshd\[4954\]: Invalid user admin from 51.4.195.188 port 43082 Oct 21 12:05:27 bouncer sshd\[4954\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.4.195.188 Oct 21 12:05:30 bouncer sshd\[4954\]: Failed password for invalid user admin from 51.4.195.188 port 43082 ssh2 ...	2019-10-21 19:25:45
117.50.92.160	attackbots	$f2bV_matches	2019-10-21 19:32:50
222.186.173.201	attackbots	Oct 21 13:09:13 Ubuntu-1404-trusty-64-minimal sshd\[23687\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.201 user=root Oct 21 13:09:15 Ubuntu-1404-trusty-64-minimal sshd\[23687\]: Failed password for root from 222.186.173.201 port 25000 ssh2 Oct 21 13:09:44 Ubuntu-1404-trusty-64-minimal sshd\[24023\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.201 user=root Oct 21 13:09:46 Ubuntu-1404-trusty-64-minimal sshd\[24023\]: Failed password for root from 222.186.173.201 port 1990 ssh2 Oct 21 13:10:03 Ubuntu-1404-trusty-64-minimal sshd\[24023\]: Failed password for root from 222.186.173.201 port 1990 ssh2	2019-10-21 19:25:05
210.212.237.67	attackbots	Oct 21 12:50:09 [munged] sshd[19867]: Failed password for root from 210.212.237.67 port 36676 ssh2	2019-10-21 19:08:41
198.108.67.80	attackspam	SSH-bruteforce attempts	2019-10-21 19:44:32
218.78.15.235	attackbots	Oct 21 02:10:04 shadeyouvpn sshd[7537]: Address 218.78.15.235 maps to 235.15.78.218.dial.xw.sh.dynamic.163data.com.cn, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Oct 21 02:10:04 shadeyouvpn sshd[7537]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.78.15.235 user=r.r Oct 21 02:10:06 shadeyouvpn sshd[7537]: Failed password for r.r from 218.78.15.235 port 43486 ssh2 Oct 21 02:10:06 shadeyouvpn sshd[7537]: Received disconnect from 218.78.15.235: 11: Bye Bye [preauth] Oct 21 02:19:50 shadeyouvpn sshd[12805]: Address 218.78.15.235 maps to 235.15.78.218.dial.xw.sh.dynamic.163data.com.cn, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Oct 21 02:19:50 shadeyouvpn sshd[12805]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.78.15.235 user=r.r Oct 21 02:19:52 shadeyouvpn sshd[12805]: Failed password for r.r from 218.78.15.235 port 47026 ss........ -------------------------------	2019-10-21 19:30:54
81.22.45.190	attackbots	10/21/2019-13:12:05.692411 81.22.45.190 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-10-21 19:16:44
124.160.83.138	attackbots	Oct 21 11:02:23 marvibiene sshd[2065]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.160.83.138 user=root Oct 21 11:02:25 marvibiene sshd[2065]: Failed password for root from 124.160.83.138 port 54820 ssh2 Oct 21 11:23:58 marvibiene sshd[2364]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.160.83.138 user=root Oct 21 11:24:00 marvibiene sshd[2364]: Failed password for root from 124.160.83.138 port 60456 ssh2 ...	2019-10-21 19:44:58

Recently Reported IPs

178.248.242.99	178.248.243.139	178.248.39.164	178.248.242.125
178.249.102.9	178.248.85.154	178.249.16.4	178.249.16.25
178.249.208.182	178.249.214.103	178.249.8.132	178.249.8.92
178.250.0.187	178.250.10.251	178.250.14.181	178.249.69.111
178.250.15.161	178.250.14.88	178.250.14.40	178.249.68.19