172.104.11.51 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
172.104.11.34	spambotsattack	Postfix attacker IP	2025-06-13 12:50:14
172.104.112.118	attackspambots	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-08-30 15:16:10
172.104.119.24	attackbotsspam	Unauthorized connection attempt detected from IP address 172.104.119.24 to port 8118 [T]	2020-08-29 21:29:58
172.104.113.6	attackspambots	Unauthorized connection attempt detected from IP address 172.104.113.6 to port 5060 [T]	2020-08-29 21:14:15
172.104.112.244	attackbots	scans once in preceeding hours on the ports (in chronological order) 1080 resulting in total of 8 scans from 172.104.0.0/15 block.	2020-08-23 02:28:46
172.104.119.24	attackspambots	Unauthorized connection attempt detected from IP address 172.104.119.24 to port 8118 [T]	2020-08-16 03:27:52
172.104.116.36	attackbotsspam	TCP (SYN) 172.104.116.36:41103 -> port 2121, len 44	2020-08-13 04:48:09
172.104.112.244	attackbots	TCP (SYN) 172.104.112.244:51430 -> port 1080, len 40	2020-08-13 02:18:11
172.104.113.6	attack	Unauthorized connection attempt detected from IP address 172.104.113.6 to port 5060	2020-07-25 20:30:36
172.104.112.228	attackbots	Jul 6 15:06:14 debian-2gb-nbg1-2 kernel: \[16299382.552893\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=172.104.112.228 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=35194 PROTO=TCP SPT=44423 DPT=815 WINDOW=1024 RES=0x00 SYN URGP=0	2020-07-06 23:53:54
172.104.112.228	attack	25589/tcp 19535/tcp 23835/tcp... [2020-06-22/07-06]48pkt,16pt.(tcp)	2020-07-06 20:04:37
172.104.112.228	attack	" "	2020-06-22 16:20:43
172.104.116.36	attackbots	Jun 10 14:03:01 debian kernel: [689536.513987] [UFW BLOCK] IN=eth0 OUT= MAC=52:54:00:be:e4:65:08:e8:4f:6e:48:0c:08:00 SRC=172.104.116.36 DST=89.252.131.35 LEN=40 TOS=0x00 PREC=0x00 TTL=239 ID=54321 PROTO=TCP SPT=58870 DPT=2121 WINDOW=65535 RES=0x00 SYN URGP=0	2020-06-10 19:14:53
172.104.112.244	attackbotsspam	" "	2020-06-10 16:18:07
172.104.116.36	attackbotsspam	scans once in preceeding hours on the ports (in chronological order) 2121 resulting in total of 4 scans from 172.104.0.0/15 block.	2020-05-07 02:11:38

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 172.104.11.51
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 20610
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;172.104.11.51.			IN	A

;; AUTHORITY SECTION:
.			382	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022091401 1800 900 604800 86400

;; Query time: 19 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Sep 15 04:36:40 CST 2022
;; MSG SIZE  rcvd: 106

Host info

51.11.104.172.in-addr.arpa domain name pointer 172-104-11-51.ip.linodeusercontent.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
51.11.104.172.in-addr.arpa	name = 172-104-11-51.ip.linodeusercontent.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
187.189.5.173	attack	Spam trapped	2019-12-15 16:45:41
178.134.136.82	attackspam	Trying to (more than 3 packets) bruteforce (not open) telnet port 23	2019-12-15 17:08:12
210.245.26.142	attack	Dec 15 09:23:35 mc1 kernel: \[557042.726772\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=210.245.26.142 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=63968 PROTO=TCP SPT=56123 DPT=6958 WINDOW=1024 RES=0x00 SYN URGP=0 Dec 15 09:27:10 mc1 kernel: \[557257.980477\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=210.245.26.142 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=47200 PROTO=TCP SPT=56123 DPT=6920 WINDOW=1024 RES=0x00 SYN URGP=0 Dec 15 09:28:56 mc1 kernel: \[557363.543392\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=210.245.26.142 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=3563 PROTO=TCP SPT=56123 DPT=7909 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-12-15 17:17:18
113.164.244.98	attack	$f2bV_matches	2019-12-15 17:19:35
39.106.248.149	attackbotsspam	39.106.248.149 - - [15/Dec/2019:08:09:10] "GET /TP/public/index.php HTTP/1.1" 403 135	2019-12-15 16:53:22
117.36.202.27	attackbots	Scanning	2019-12-15 17:18:03
128.199.185.42	attack	Dec 14 22:44:13 wbs sshd\[29747\]: Invalid user loretta from 128.199.185.42 Dec 14 22:44:13 wbs sshd\[29747\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.185.42 Dec 14 22:44:16 wbs sshd\[29747\]: Failed password for invalid user loretta from 128.199.185.42 port 39990 ssh2 Dec 14 22:51:02 wbs sshd\[30416\]: Invalid user yunIDC000!@\#\$% from 128.199.185.42 Dec 14 22:51:02 wbs sshd\[30416\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.185.42	2019-12-15 17:07:14
80.211.79.117	attack	Dec 15 09:47:23 markkoudstaal sshd[29139]: Failed password for root from 80.211.79.117 port 60662 ssh2 Dec 15 09:52:59 markkoudstaal sshd[30125]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.79.117 Dec 15 09:53:01 markkoudstaal sshd[30125]: Failed password for invalid user alard from 80.211.79.117 port 40006 ssh2	2019-12-15 17:09:06
203.190.55.203	attackspambots	2019-12-15T00:20:14.315184suse-nuc sshd[5956]: Invalid user squid from 203.190.55.203 port 38860 ...	2019-12-15 17:14:24
209.97.179.209	attackspambots	$f2bV_matches	2019-12-15 17:14:56
59.153.74.43	attackspam	Dec 14 21:42:15 sachi sshd\[25744\]: Invalid user gillot from 59.153.74.43 Dec 14 21:42:15 sachi sshd\[25744\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.153.74.43 Dec 14 21:42:18 sachi sshd\[25744\]: Failed password for invalid user gillot from 59.153.74.43 port 14788 ssh2 Dec 14 21:48:49 sachi sshd\[26319\]: Invalid user papageorgiou from 59.153.74.43 Dec 14 21:48:49 sachi sshd\[26319\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.153.74.43	2019-12-15 16:53:02
106.54.3.80	attackspambots	$f2bV_matches	2019-12-15 16:58:12
117.62.36.56	attackbots	Dec 15 07:28:10 grey postfix/smtpd\[15221\]: NOQUEUE: reject: RCPT from unknown\[117.62.36.56\]: 554 5.7.1 Service unavailable\; Client host \[117.62.36.56\] blocked using ix.dnsbl.manitu.net\; Your e-mail service was detected by mail.ixlab.de $NiX Spam$ as spamming at Sun, 15 Dec 2019 07:32:36 +0100. Your admin should visit http://www.dnsbl.manitu.net/lookup.php\?value=117.62.36.56\; from=\ to=\ proto=ESMTP helo=\ ...	2019-12-15 17:13:37
167.71.56.82	attackspam	Dec 15 09:17:00 mail sshd[21746]: Invalid user fmonsalve from 167.71.56.82 Dec 15 09:17:00 mail sshd[21746]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.56.82 Dec 15 09:17:00 mail sshd[21746]: Invalid user fmonsalve from 167.71.56.82 Dec 15 09:17:01 mail sshd[21746]: Failed password for invalid user fmonsalve from 167.71.56.82 port 43736 ssh2 ...	2019-12-15 17:06:24
188.166.8.178	attackbots	Dec 15 02:54:48 linuxvps sshd\[39775\]: Invalid user baroody from 188.166.8.178 Dec 15 02:54:48 linuxvps sshd\[39775\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.8.178 Dec 15 02:54:51 linuxvps sshd\[39775\]: Failed password for invalid user baroody from 188.166.8.178 port 41208 ssh2 Dec 15 03:00:10 linuxvps sshd\[43376\]: Invalid user ts3server from 188.166.8.178 Dec 15 03:00:10 linuxvps sshd\[43376\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.8.178	2019-12-15 16:52:17

Recently Reported IPs

103.21.76.210	179.126.121.150	5.189.135.149	112.238.51.32
59.30.245.157	103.45.97.171	103.27.227.188	103.27.227.121
41.74.137.59	185.104.186.2	193.142.59.196	43.153.8.45
43.153.13.230	181.78.20.85	159.203.114.242	45.157.150.166
52.232.62.54	71.12.248.253	221.150.117.187	31.163.186.201