172.104.242.185

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
172.104.242.173	botsattackproxy	: SSH Bot Scanner	2024-05-10 17:36:41
172.104.242.173	botsattack	hack	2024-03-06 18:39:29
172.104.242.173	attackbots	TCP (SYN) 172.104.242.173:40532 -> port 902, len 44	2020-10-13 00:17:28
172.104.242.173	attackbotsspam	[N3.H3.VM3] Port Scanner Detected Blocked by UFW	2020-10-12 15:40:14
172.104.242.173	attack	TCP (SYN) 172.104.242.173:59560 -> port 666, len 44	2020-10-11 00:40:48
172.104.242.173	attack	Found on Github Combined on 3 lists / proto=6 . srcport=41755 . dstport=20 FTP . (706)	2020-10-10 16:29:39
172.104.242.173	attack	SIP/5060 Probe, BF, Hack -	2020-09-08 00:16:01
172.104.242.173	attackbotsspam	[Tue Aug 11 13:06:33 2020] - DDoS Attack From IP: 172.104.242.173 Port: 56229	2020-09-07 15:48:16
172.104.242.173	attackbotsspam	Multiport scan : 4 ports scanned 8332 8333 9001 9090	2020-09-07 08:10:11
172.104.242.173	attack	TCP (SYN) 172.104.242.173:40807 -> port 5900, len 40	2020-09-04 02:59:24
172.104.242.173	attackspam	TCP ports : 4400 / 5000 / 5500 / 5722	2020-09-03 18:29:54
172.104.242.173	attackspambots	TCP (SYN) 172.104.242.173:40996 -> port 3000, len 44	2020-09-01 03:48:37
172.104.242.173	attack	firewall-block, port(s): 995/tcp	2020-08-26 06:18:27
172.104.242.173	attackspambots	Unauthorized connection attempt detected from IP address 172.104.242.173 to port 873 [T]	2020-08-24 23:16:37
172.104.242.173	attackbots	Multiport scan : 4 ports scanned 137 138 139 143	2020-08-23 05:59:27

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 172.104.242.185
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3121
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;172.104.242.185.		IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021800 1800 900 604800 86400

;; Query time: 60 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 15:13:04 CST 2022
;; MSG SIZE  rcvd: 108

Host info

185.242.104.172.in-addr.arpa domain name pointer li1819-185.members.linode.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
185.242.104.172.in-addr.arpa	name = li1819-185.members.linode.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
203.134.193.195	attack	Automatic report - Port Scan Attack	2020-02-12 05:56:19
77.42.86.85	attackspambots	Automatic report - Port Scan Attack	2020-02-12 06:10:55
54.37.69.251	attack	Feb 11 07:36:38 hpm sshd\[19408\]: Invalid user fdm from 54.37.69.251 Feb 11 07:36:38 hpm sshd\[19408\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=251.ip-54-37-69.eu Feb 11 07:36:40 hpm sshd\[19408\]: Failed password for invalid user fdm from 54.37.69.251 port 53790 ssh2 Feb 11 07:39:57 hpm sshd\[19951\]: Invalid user cyy from 54.37.69.251 Feb 11 07:39:57 hpm sshd\[19951\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=251.ip-54-37-69.eu	2020-02-12 06:02:16
106.12.222.209	attackspam	Feb 11 15:00:40 ingram sshd[30413]: Invalid user dew from 106.12.222.209 Feb 11 15:00:40 ingram sshd[30413]: Failed password for invalid user dew from 106.12.222.209 port 50378 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=106.12.222.209	2020-02-12 05:38:05
166.170.222.70	attackspam	Brute forcing email accounts	2020-02-12 06:05:54
80.211.190.224	attackspam	1581456455 - 02/11/2020 22:27:35 Host: 80.211.190.224/80.211.190.224 Port: 22 TCP Blocked	2020-02-12 05:40:49
213.14.112.92	attackbotsspam	Feb 11 16:37:34 v22018076590370373 sshd[7577]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.14.112.92 ...	2020-02-12 06:08:48
51.68.142.106	attackbots	Feb 11 19:06:59 xeon sshd[19125]: Failed password for invalid user ryann from 51.68.142.106 port 52924 ssh2	2020-02-12 06:08:07
77.70.71.205	attackbots	Feb 11 14:25:33 takio sshd[4042]: Invalid user zmz from 77.70.71.205 port 38428 Feb 11 14:25:54 takio sshd[4044]: Invalid user zmz from 77.70.71.205 port 39814 Feb 11 15:38:53 takio sshd[5121]: Invalid user jt from 77.70.71.205 port 58178	2020-02-12 06:19:35
116.42.196.251	attack	1581428338 - 02/11/2020 14:38:58 Host: 116.42.196.251/116.42.196.251 Port: 8080 TCP Blocked	2020-02-12 05:52:35
106.13.147.223	attackbotsspam	$f2bV_matches	2020-02-12 05:48:44
148.70.196.232	attack	Invalid user galileo from 148.70.196.232 port 52978	2020-02-12 06:06:52
189.59.84.155	attack	Port probing on unauthorized port 445	2020-02-12 05:57:04
113.204.147.26	attack	Brute force attempt	2020-02-12 06:17:23
39.108.123.4	attackspambots	Automatic report - XMLRPC Attack	2020-02-12 06:03:15

Recently Reported IPs

172.104.236.171	172.104.234.31	172.104.238.117	172.104.241.96
172.104.242.125	172.104.242.193	172.104.240.20	172.104.244.34
172.104.246.157	172.104.238.113	172.104.24.124	172.104.247.95
172.104.246.48	172.104.251.18	172.104.250.141	172.104.251.59
172.104.247.57	172.104.25.240	172.104.249.254	172.104.26.219