104.130.2.252 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: None

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.130.229.34	attackspambots	$f2bV_matches	2020-08-25 02:49:45
104.130.28.210	attackbots	Aug 23 21:58:51 dhoomketu sshd[2605632]: Invalid user bx from 104.130.28.210 port 36548 Aug 23 21:58:51 dhoomketu sshd[2605632]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.130.28.210 Aug 23 21:58:51 dhoomketu sshd[2605632]: Invalid user bx from 104.130.28.210 port 36548 Aug 23 21:58:54 dhoomketu sshd[2605632]: Failed password for invalid user bx from 104.130.28.210 port 36548 ssh2 Aug 23 22:03:09 dhoomketu sshd[2605694]: Invalid user report from 104.130.28.210 port 45498 ...	2020-08-24 00:49:36
104.130.229.193	attack	B: ssh repeated attack for invalid user	2020-03-28 05:45:51
104.130.217.250	attackbots	Jul 27 23:18:09 vps65 sshd\[7051\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.130.217.250 user=root Jul 27 23:18:11 vps65 sshd\[7051\]: Failed password for root from 104.130.217.250 port 56610 ssh2 ...	2019-08-04 19:47:29
104.130.213.134	attackspambots	Aug 1 11:35:17 plesk sshd[31143]: Invalid user zimbra from 104.130.213.134 Aug 1 11:35:17 plesk sshd[31143]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.130.213.134 Aug 1 11:35:18 plesk sshd[31143]: Failed password for invalid user zimbra from 104.130.213.134 port 33796 ssh2 Aug 1 11:35:18 plesk sshd[31143]: Received disconnect from 104.130.213.134: 11: Bye Bye [preauth] Aug 1 11:42:59 plesk sshd[31348]: Invalid user denise from 104.130.213.134 Aug 1 11:42:59 plesk sshd[31348]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.130.213.134 Aug 1 11:43:01 plesk sshd[31348]: Failed password for invalid user denise from 104.130.213.134 port 41926 ssh2 Aug 1 11:43:01 plesk sshd[31348]: Received disconnect from 104.130.213.134: 11: Bye Bye [preauth] Aug 1 11:47:08 plesk sshd[31462]: Invalid user rr from 104.130.213.134 Aug 1 11:47:08 plesk sshd[31462]: pam_unix(sshd:auth): au........ -------------------------------	2019-08-02 06:45:55
104.130.252.138	attack	proto=tcp . spt=36524 . dpt=25 . (listed on Blocklist de Jul 02) (22)	2019-07-03 10:26:40

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.130.2.252
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 50318
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.130.2.252.			IN	A

;; AUTHORITY SECTION:
.			397	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022701 1800 900 604800 86400

;; Query time: 65 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 28 02:48:42 CST 2022
;; MSG SIZE  rcvd: 106

Host info

Host 252.2.130.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 252.2.130.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
208.109.53.185	attackspam	208.109.53.185 - - [19/Jul/2020:18:06:43 +0200] "GET /wp-login.php HTTP/1.1" 200 6310 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 208.109.53.185 - - [19/Jul/2020:18:06:50 +0200] "POST /wp-login.php HTTP/1.1" 200 6561 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 208.109.53.185 - - [19/Jul/2020:18:06:52 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-07-20 02:16:25
104.238.38.156	attackbots	[2020-07-19 13:40:45] NOTICE[1277][C-000011a2] chan_sip.c: Call from '' (104.238.38.156:56067) to extension '0011972595725668' rejected because extension not found in context 'public'. [2020-07-19 13:40:45] SECURITY[1295] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-07-19T13:40:45.105-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="0011972595725668",SessionID="0x7f17541b8598",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/104.238.38.156/56067",ACLName="no_extension_match" [2020-07-19 13:45:37] NOTICE[1277][C-000011a8] chan_sip.c: Call from '' (104.238.38.156:59287) to extension '8011972595725668' rejected because extension not found in context 'public'. [2020-07-19 13:45:37] SECURITY[1295] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-07-19T13:45:37.485-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="8011972595725668",SessionID="0x7f1754378da8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IP ...	2020-07-20 02:00:32
188.254.0.183	attackspam	Jul 19 18:48:12 vps sshd[251151]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.254.0.183 Jul 19 18:48:15 vps sshd[251151]: Failed password for invalid user tena from 188.254.0.183 port 41744 ssh2 Jul 19 18:54:08 vps sshd[278427]: Invalid user chenj from 188.254.0.183 port 54514 Jul 19 18:54:08 vps sshd[278427]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.254.0.183 Jul 19 18:54:09 vps sshd[278427]: Failed password for invalid user chenj from 188.254.0.183 port 54514 ssh2 ...	2020-07-20 02:25:52
162.243.129.42	attack	TCP (SYN) 162.243.129.42:44807 -> port 771, len 44	2020-07-20 02:29:45
111.229.226.212	attackbots	Jul 19 17:46:37 rush sshd[24446]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.226.212 Jul 19 17:46:39 rush sshd[24446]: Failed password for invalid user zwf from 111.229.226.212 port 58280 ssh2 Jul 19 17:50:44 rush sshd[24516]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.226.212 ...	2020-07-20 02:18:11
14.169.195.76	attack	xmlrpc attack	2020-07-20 01:56:51
118.27.9.23	attack	Jul 19 20:03:38 vps687878 sshd\[5022\]: Failed password for invalid user nancy from 118.27.9.23 port 36692 ssh2 Jul 19 20:07:29 vps687878 sshd\[5343\]: Invalid user lambda from 118.27.9.23 port 43668 Jul 19 20:07:29 vps687878 sshd\[5343\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.27.9.23 Jul 19 20:07:31 vps687878 sshd\[5343\]: Failed password for invalid user lambda from 118.27.9.23 port 43668 ssh2 Jul 19 20:11:26 vps687878 sshd\[5624\]: Invalid user wsd from 118.27.9.23 port 50644 Jul 19 20:11:26 vps687878 sshd\[5624\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.27.9.23 ...	2020-07-20 02:15:26
94.177.231.4	attack	Invalid user cbt from 94.177.231.4 port 37392	2020-07-20 02:29:09
185.143.72.16	attackbotsspam	2020-07-19 20:27:32 dovecot_login authenticator failed for $User$ \[185.143.72.16\]: 535 Incorrect authentication data $set_id=display@hosting1.no-server.de$ 2020-07-19 20:27:48 dovecot_login authenticator failed for $User$ \[185.143.72.16\]: 535 Incorrect authentication data $set_id=display@hosting1.no-server.de$ 2020-07-19 20:28:51 dovecot_login authenticator failed for $User$ \[185.143.72.16\]: 535 Incorrect authentication data $set_id=rti@hosting1.no-server.de$ 2020-07-19 20:29:01 dovecot_login authenticator failed for $User$ \[185.143.72.16\]: 535 Incorrect authentication data $set_id=rti@hosting1.no-server.de$ 2020-07-19 20:29:11 dovecot_login authenticator failed for $User$ \[185.143.72.16\]: 535 Incorrect authentication data $set_id=rti@hosting1.no-server.de$ ...	2020-07-20 02:33:15
193.27.228.221	attackbotsspam	Jul 19 19:55:32 debian-2gb-nbg1-2 kernel: \[17439876.320729\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=193.27.228.221 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=19252 PROTO=TCP SPT=44117 DPT=57985 WINDOW=1024 RES=0x00 SYN URGP=0	2020-07-20 02:23:34
34.92.22.121	attackbotsspam	HTTP/80/443/8080 Probe, Hack -	2020-07-20 02:13:42
213.104.196.30	attack	Connection to SSH Honeypot - Detected by HoneypotDB	2020-07-20 02:14:31
103.235.197.70	attackbots	Jul 20 00:08:55 webhost01 sshd[19774]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.235.197.70 Jul 20 00:08:57 webhost01 sshd[19774]: Failed password for invalid user multi3 from 103.235.197.70 port 39150 ssh2 ...	2020-07-20 02:25:02
45.143.220.18	attackspam	Jul 19 18:06:32 debian-2gb-nbg1-2 kernel: \[17433336.689551\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.143.220.18 DST=195.201.40.59 LEN=418 TOS=0x00 PREC=0x00 TTL=55 ID=20794 DF PROTO=UDP SPT=5205 DPT=5065 LEN=398	2020-07-20 02:31:18
217.182.140.117	attackbotsspam	217.182.140.117 - - [19/Jul/2020:17:06:56 +0100] "POST /wp-login.php HTTP/1.1" 200 2006 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 217.182.140.117 - - [19/Jul/2020:17:06:57 +0100] "POST /wp-login.php HTTP/1.1" 200 1937 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 217.182.140.117 - - [19/Jul/2020:17:06:57 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-07-20 02:15:01

Recently Reported IPs

104.130.205.106	104.130.201.157	104.130.216.18	104.130.239.50
104.130.255.55	104.130.253.245	104.130.35.216	104.130.9.219
104.130.41.52	104.130.73.44	104.130.70.30	104.131.104.0
104.130.66.220	104.130.6.162	104.131.115.18	104.131.115.61
104.131.120.190	104.131.125.200	104.131.12.47	104.131.126.88