54.207.101.246

Basic Info

City: São Paulo

Region: Sao Paulo

Country: Brazil

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 54.207.101.246
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4377
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;54.207.101.246.			IN	A

;; AUTHORITY SECTION:
.			593	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022302 1800 900 604800 86400

;; Query time: 26 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Feb 24 08:41:09 CST 2022
;; MSG SIZE  rcvd: 107

Host info

246.101.207.54.in-addr.arpa domain name pointer ec2-54-207-101-246.sa-east-1.compute.amazonaws.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
246.101.207.54.in-addr.arpa	name = ec2-54-207-101-246.sa-east-1.compute.amazonaws.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
114.5.248.51	attackbots	SpamScore above: 10.0	2020-03-18 14:41:33
1.214.220.227	attackbots	pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.214.220.227 user=root Failed password for root from 1.214.220.227 port 37929 ssh2 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.214.220.227 user=root Failed password for root from 1.214.220.227 port 53251 ssh2 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.214.220.227 user=root	2020-03-18 15:01:10
14.252.102.155	attack	Automatic report - Port Scan Attack	2020-03-18 14:52:21
118.45.190.167	attackspambots	Invalid user user from 118.45.190.167 port 58348	2020-03-18 15:23:41
188.213.165.189	attackspam	Mar 18 12:57:02 webhost01 sshd[31504]: Failed password for daemon from 188.213.165.189 port 58062 ssh2 ...	2020-03-18 15:11:39
119.29.149.214	attack	Mar 18 01:39:13 firewall sshd[12843]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.149.214 Mar 18 01:39:13 firewall sshd[12843]: Invalid user pruebas from 119.29.149.214 Mar 18 01:39:15 firewall sshd[12843]: Failed password for invalid user pruebas from 119.29.149.214 port 42860 ssh2 ...	2020-03-18 14:51:30
151.14.6.9	attackbotsspam	SMB Server BruteForce Attack	2020-03-18 14:56:49
141.8.142.172	attackspambots	[Wed Mar 18 11:55:50.619904 2020] [:error] [pid 7238:tid 139937919776512] [client 141.8.142.172:54795] [client 141.8.142.172] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "XnGp1mRgp26zVn0yQ0hUowAAAOA"] ...	2020-03-18 14:58:10
78.189.176.86	attackbots	Unauthorized connection attempt detected from IP address 78.189.176.86 to port 23	2020-03-18 15:07:00
222.186.30.167	attack	Mar 18 07:30:50 legacy sshd[3358]: Failed password for root from 222.186.30.167 port 38486 ssh2 Mar 18 07:30:52 legacy sshd[3358]: Failed password for root from 222.186.30.167 port 38486 ssh2 Mar 18 07:30:54 legacy sshd[3358]: Failed password for root from 222.186.30.167 port 38486 ssh2 ...	2020-03-18 14:38:01
172.105.125.93	attackspambots	Unauthorized connection attempt detected from IP address 172.105.125.93 to port 3306	2020-03-18 15:06:30
223.205.243.72	attack	Unauthorized connection attempt detected from IP address 223.205.243.72 to port 445	2020-03-18 15:00:04
43.250.240.30	attack	43.250.240.30 - - \[17/Mar/2020:20:52:26 -0700\] "POST /index.php/admin/ HTTP/1.1" 404 2041143.250.240.30 - - \[17/Mar/2020:20:52:26 -0700\] "POST /index.php/admin/index/ HTTP/1.1" 404 2043543.250.240.30 - - \[17/Mar/2020:20:52:26 -0700\] "POST /index.php/admin HTTP/1.1" 404 20407 ...	2020-03-18 14:49:31
42.99.117.44	attack	Mar 18 07:56:31 www5 sshd\[47469\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.99.117.44 user=root Mar 18 07:56:34 www5 sshd\[47469\]: Failed password for root from 42.99.117.44 port 59178 ssh2 Mar 18 08:04:30 www5 sshd\[48784\]: Invalid user ubuntu from 42.99.117.44 ...	2020-03-18 14:39:40
218.4.163.146	attackbotsspam	Mar 18 04:51:32 odroid64 sshd\[12635\]: User root from 218.4.163.146 not allowed because not listed in AllowUsers Mar 18 04:51:32 odroid64 sshd\[12635\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.4.163.146 user=root ...	2020-03-18 15:25:33

Recently Reported IPs

1.1.146.43	1.1.146.46	1.1.146.59	1.1.146.63
1.1.146.99	1.1.147.102	1.1.147.13	1.1.147.140
1.1.147.144	1.1.147.149	1.1.147.16	1.1.147.167
1.1.147.185	1.1.147.188	1.1.147.195	30.121.72.14
1.1.147.201	1.1.147.212	1.1.147.24	1.1.147.33