104.4.161.52 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.4.161.52
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 11207
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.4.161.52.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019082701 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Aug 28 12:00:48 CST 2019
;; MSG SIZE  rcvd: 116

Host info

52.161.4.104.in-addr.arpa domain name pointer 104-4-161-52.lightspeed.cicril.sbcglobal.net.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
52.161.4.104.in-addr.arpa	name = 104-4-161-52.lightspeed.cicril.sbcglobal.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
179.186.246.14	attackspam	DATE:2019-06-21_21:44:35, IP:179.186.246.14, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2019-06-22 05:59:00
110.172.170.142	attack	445/tcp [2019-06-21]1pkt	2019-06-22 06:00:47
31.47.144.49	attack	Request: "GET / HTTP/1.1"	2019-06-22 05:45:18
109.201.154.161	attackspam	Bad Bot Request: "HEAD / HTTP/1.1" Agent: "Mozilla/5.0 (compatible; Uptimebot/1.0; http://www.uptime.com/uptimebot)"	2019-06-22 05:25:51
190.11.225.59	attack	Request: "GET / HTTP/1.1"	2019-06-22 06:04:23
104.168.64.89	attackbots	Request: "GET / HTTP/1.0"	2019-06-22 06:06:15
45.82.153.2	attackbotsspam	Jun 21 22:46:29 h2177944 kernel: \[2493983.544470\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.82.153.2 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=58254 PROTO=TCP SPT=51439 DPT=3582 WINDOW=1024 RES=0x00 SYN URGP=0 Jun 21 22:51:50 h2177944 kernel: \[2494304.786041\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.82.153.2 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=23999 PROTO=TCP SPT=51416 DPT=519 WINDOW=1024 RES=0x00 SYN URGP=0 Jun 21 22:52:11 h2177944 kernel: \[2494325.638123\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.82.153.2 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=22197 PROTO=TCP SPT=51439 DPT=5133 WINDOW=1024 RES=0x00 SYN URGP=0 Jun 21 22:54:26 h2177944 kernel: \[2494460.469184\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.82.153.2 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=49162 PROTO=TCP SPT=51439 DPT=4989 WINDOW=1024 RES=0x00 SYN URGP=0 Jun 21 22:54:55 h2177944 kernel: \[2494489.791742\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.82.153.2 DST=85.214.117.9 LEN=40 TOS	2019-06-22 05:31:49
217.146.81.46	attackspambots	NAME : UK-HYDRACOM-20040421 CIDR : 217.146.80.0/20 \| STATUS : 200 ROBOT {Looking for resource vulnerabilities} DDoS Attack United Kingdom - block certain countries :) IP: 217.146.81.46 Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery https://help-dysk.pl	2019-06-22 05:42:52
139.208.70.160	attackbotsspam	5500/tcp [2019-06-21]1pkt	2019-06-22 05:43:22
159.138.56.188	attackspambots	Jun 21 12:36:00 Aberdeen-m4-Access auth.info sshd[11456]: Failed password for invalid user lue from 159.138.56.188 port 53182 ssh2 Jun 21 12:36:00 Aberdeen-m4-Access auth.info sshd[11456]: Received disconnect from 159.138.56.188 port 53182:11: Bye Bye [preauth] Jun 21 12:36:00 Aberdeen-m4-Access auth.info sshd[11456]: Disconnected from 159.138.56.188 port 53182 [preauth] Jun 21 12:36:17 Aberdeen-m4-Access auth.info sshd[11613]: Invalid user mm3 from 159.138.56.188 port 54954 Jun 21 12:36:17 Aberdeen-m4-Access auth.info sshd[11613]: Failed password for invalid user mm3 from 159.138.56.188 port 54954 ssh2 Jun 21 12:36:17 Aberdeen-m4-Access auth.info sshd[11613]: Received disconnect from 159.138.56.188 port 54954:11: Bye Bye [preauth] Jun 21 12:36:17 Aberdeen-m4-Access auth.info sshd[11613]: Disconnected from 159.138.56.188 port 54954 [preauth] Jun 21 12:36:46 Aberdeen-m4-Access auth.info sshd[11879]: Invalid user arma2 from 159.138.56.188 port 58498 Jun 21 12:36:46 Aberdee........ ------------------------------	2019-06-22 05:28:43
191.53.196.38	attackbots	SMTP-sasl brute force ...	2019-06-22 06:03:52
115.76.94.115	attackspam	445/tcp [2019-06-21]1pkt	2019-06-22 05:39:09
190.79.4.37	attackspambots	445/tcp 445/tcp [2019-06-21]2pkt	2019-06-22 05:31:28
165.227.31.181	attackbotsspam	Probing for vulnerable PHP code /usmm3hd7.php	2019-06-22 06:01:03
81.156.208.86	attackspambots	Bad Request: "GET / HTTP/1.1"	2019-06-22 05:58:07

Recently Reported IPs

24.24.57.204	206.81.19.96	13.52.88.101	118.163.113.85
198.12.216.107	137.93.194.24	143.197.107.155	95.81.223.66
47.161.58.219	167.71.64.224	201.25.58.33	24.87.186.98
178.27.201.2	157.117.245.183	101.69.186.62	150.75.248.212
63.150.93.243	80.87.199.21	97.14.49.191	143.81.132.38