172.104.9.252 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
172.104.94.253	attackspambots	[N3.H3.VM3] Port Scanner Detected Blocked by UFW	2020-10-05 06:29:58
172.104.94.253	attack	TCP port : 81	2020-10-04 22:31:24
172.104.94.253	attackbotsspam	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-10-04 14:17:41
172.104.96.196	attack	Unauthorized connection attempt detected from IP address 172.104.96.196 to port 808 [T]	2020-08-29 22:16:49
172.104.99.217	attackspam	Unauthorized connection attempt detected from IP address 172.104.99.217 to port 8181 [T]	2020-08-29 20:39:14
172.104.97.129	attack	" "	2020-08-27 03:09:58
172.104.92.168	attackbots	scans once in preceeding hours on the ports (in chronological order) 4567 resulting in total of 2 scans from 172.104.0.0/15 block.	2020-08-27 00:13:26
172.104.94.121	attackspambots	1 Attack(s) Detected [DoS Attack: Ping Sweep] from source: 172.104.94.121, Tuesday, August 18, 2020 18:43:18	2020-08-20 18:39:46
172.104.94.253	attack	TCP (SYN) 172.104.94.253:47650 -> port 81, len 44	2020-08-05 08:39:06
172.104.95.221	attackbotsspam	UDP 172.104.95.221:45152 -> port 5353, len 74	2020-08-04 08:17:45
172.104.95.221	attackbots	Honeypot hit.	2020-08-03 20:29:34
172.104.92.168	attackbots	firewall-block, port(s): 4567/tcp	2020-07-20 22:18:34
172.104.90.62	attackspam	UDP 172.104.90.62:47623 -> port 389, len 81	2020-06-17 03:37:48
172.104.92.168	attack	TCP (SYN) 172.104.92.168:45258 -> port 4567, len 44	2020-06-14 23:50:32
172.104.94.253	attack	Jun 4 14:09:48 debian-2gb-nbg1-2 kernel: \[13531346.583678\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=172.104.94.253 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=54321 PROTO=TCP SPT=49345 DPT=81 WINDOW=65535 RES=0x00 SYN URGP=0	2020-06-04 20:30:19

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 172.104.9.252
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26959
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;172.104.9.252.			IN	A

;; AUTHORITY SECTION:
.			599	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021801 1800 900 604800 86400

;; Query time: 54 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Feb 19 03:45:23 CST 2022
;; MSG SIZE  rcvd: 106

Host info

252.9.104.172.in-addr.arpa domain name pointer li1744-252.members.linode.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
252.9.104.172.in-addr.arpa	name = li1744-252.members.linode.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
114.118.91.32	attackbots	Sep 21 15:57:17 tux-35-217 sshd\[25900\]: Invalid user adm1n from 114.118.91.32 port 38176 Sep 21 15:57:17 tux-35-217 sshd\[25900\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.118.91.32 Sep 21 15:57:19 tux-35-217 sshd\[25900\]: Failed password for invalid user adm1n from 114.118.91.32 port 38176 ssh2 Sep 21 16:03:48 tux-35-217 sshd\[25962\]: Invalid user mona from 114.118.91.32 port 50990 Sep 21 16:03:48 tux-35-217 sshd\[25962\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.118.91.32 ...	2019-09-21 23:46:51
104.167.109.131	attackspam	Sep 21 10:10:08 xtremcommunity sshd\[322015\]: Invalid user test from 104.167.109.131 port 40226 Sep 21 10:10:08 xtremcommunity sshd\[322015\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.167.109.131 Sep 21 10:10:10 xtremcommunity sshd\[322015\]: Failed password for invalid user test from 104.167.109.131 port 40226 ssh2 Sep 21 10:15:01 xtremcommunity sshd\[322188\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.167.109.131 user=root Sep 21 10:15:03 xtremcommunity sshd\[322188\]: Failed password for root from 104.167.109.131 port 54242 ssh2 ...	2019-09-21 23:03:41
46.38.144.57	attack	Sep 21 17:41:02 webserver postfix/smtpd\[12788\]: warning: unknown\[46.38.144.57\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 21 17:42:19 webserver postfix/smtpd\[14583\]: warning: unknown\[46.38.144.57\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 21 17:43:36 webserver postfix/smtpd\[12788\]: warning: unknown\[46.38.144.57\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 21 17:44:52 webserver postfix/smtpd\[12788\]: warning: unknown\[46.38.144.57\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 21 17:46:09 webserver postfix/smtpd\[14457\]: warning: unknown\[46.38.144.57\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-09-21 23:47:13
119.63.133.86	attack	2019-09-21T12:56:55.137521abusebot-7.cloudsearch.cf sshd\[15891\]: Invalid user bartie from 119.63.133.86 port 57938	2019-09-21 23:10:00
80.82.65.60	attackbots	Sep 21 16:46:25 relay dovecot: pop3-login: Aborted login $auth failed, 1 attempts in 2 secs$: user=\, method=PLAIN, rip=80.82.65.60, lip=176.9.177.164, session=\ Sep 21 16:47:23 relay dovecot: pop3-login: Aborted login $auth failed, 1 attempts in 2 secs$: user=\, method=PLAIN, rip=80.82.65.60, lip=176.9.177.164, session=\ Sep 21 16:50:20 relay dovecot: pop3-login: Aborted login $auth failed, 1 attempts in 2 secs$: user=\, method=PLAIN, rip=80.82.65.60, lip=176.9.177.164, session=\<4vkmThGTnHpQUkE8\> Sep 21 16:51:38 relay dovecot: pop3-login: Aborted login $auth failed, 1 attempts in 2 secs$: user=\, method=PLAIN, rip=80.82.65.60, lip=176.9.177.164, session=\<89jRUhGT3K9QUkE8\> Sep 21 16:52:43 relay dovecot: pop3-login: Aborted login $auth failed, 1 attempts in 2 secs$: user=\, method=PLAIN, rip=80.82.65.60, lip=176.9.177.164, sessio ...	2019-09-21 23:17:48
185.45.13.11	attackbotsspam	Fail2Ban Ban Triggered	2019-09-21 23:49:33
121.184.64.15	attackbotsspam	Sep 21 04:43:28 wbs sshd\[9266\]: Invalid user 1 from 121.184.64.15 Sep 21 04:43:28 wbs sshd\[9266\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.184.64.15 Sep 21 04:43:30 wbs sshd\[9266\]: Failed password for invalid user 1 from 121.184.64.15 port 1680 ssh2 Sep 21 04:48:52 wbs sshd\[9718\]: Invalid user 123456 from 121.184.64.15 Sep 21 04:48:52 wbs sshd\[9718\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.184.64.15	2019-09-21 23:09:40
220.76.181.164	attack	Sep 21 04:27:34 php1 sshd\[16018\]: Invalid user calvin from 220.76.181.164 Sep 21 04:27:34 php1 sshd\[16018\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.76.181.164 Sep 21 04:27:36 php1 sshd\[16018\]: Failed password for invalid user calvin from 220.76.181.164 port 45877 ssh2 Sep 21 04:32:47 php1 sshd\[16489\]: Invalid user abc123\$\$\$ from 220.76.181.164 Sep 21 04:32:47 php1 sshd\[16489\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.76.181.164	2019-09-21 23:05:40
123.30.240.39	attackbotsspam	SSH Brute-Force attacks	2019-09-21 23:43:49
139.59.170.23	attackbots	Sep 21 05:27:37 hanapaa sshd\[5047\]: Invalid user phpmy from 139.59.170.23 Sep 21 05:27:37 hanapaa sshd\[5047\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.170.23 Sep 21 05:27:39 hanapaa sshd\[5047\]: Failed password for invalid user phpmy from 139.59.170.23 port 55088 ssh2 Sep 21 05:32:25 hanapaa sshd\[5466\]: Invalid user hf from 139.59.170.23 Sep 21 05:32:25 hanapaa sshd\[5466\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.170.23	2019-09-21 23:38:16
107.173.51.116	attackspam	Sep 21 17:32:43 rpi sshd[30220]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.173.51.116 Sep 21 17:32:45 rpi sshd[30220]: Failed password for invalid user zaq!xsw@ from 107.173.51.116 port 43888 ssh2	2019-09-21 23:41:49
176.193.119.237	attackspam	Sep 21 16:40:07 www sshd\[15379\]: Invalid user pi from 176.193.119.237 Sep 21 16:40:07 www sshd\[15379\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.193.119.237 Sep 21 16:40:09 www sshd\[15379\]: Failed password for invalid user pi from 176.193.119.237 port 33490 ssh2 ...	2019-09-21 23:08:31
49.88.112.78	attackspambots	2019-09-21T14:59:12.841678abusebot-6.cloudsearch.cf sshd\[19092\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.78 user=root	2019-09-21 23:19:37
139.99.37.130	attackbotsspam	2019-09-21T10:53:45.7558501495-001 sshd\[54107\]: Failed password for invalid user webmaster from 139.99.37.130 port 47988 ssh2 2019-09-21T11:08:09.6264081495-001 sshd\[55221\]: Invalid user gast2 from 139.99.37.130 port 37378 2019-09-21T11:08:09.6299091495-001 sshd\[55221\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip130.ip-139-99-37.net 2019-09-21T11:08:12.0932511495-001 sshd\[55221\]: Failed password for invalid user gast2 from 139.99.37.130 port 37378 ssh2 2019-09-21T11:12:57.7828871495-001 sshd\[55551\]: Invalid user mainville from 139.99.37.130 port 12518 2019-09-21T11:12:57.7860491495-001 sshd\[55551\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip130.ip-139-99-37.net ...	2019-09-21 23:22:46
49.88.112.69	attack	Sep 21 15:46:34 hcbbdb sshd\[18797\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.69 user=root Sep 21 15:46:37 hcbbdb sshd\[18797\]: Failed password for root from 49.88.112.69 port 44086 ssh2 Sep 21 15:47:18 hcbbdb sshd\[18870\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.69 user=root Sep 21 15:47:20 hcbbdb sshd\[18870\]: Failed password for root from 49.88.112.69 port 59815 ssh2 Sep 21 15:47:22 hcbbdb sshd\[18870\]: Failed password for root from 49.88.112.69 port 59815 ssh2	2019-09-21 23:48:21

Recently Reported IPs

172.104.99.7	172.105.109.77	172.105.115.26	172.105.116.131
172.105.114.12	172.105.119.114	172.105.119.97	172.105.14.40
172.105.119.168	172.105.134.233	172.105.161.142	172.105.246.84
172.105.55.60	172.105.253.84	172.105.82.254	172.121.142.101
172.105.84.109	172.111.1.83	172.232.7.48	172.110.64.35