172.104.94.253

Basic Info

City: Tokyo

Region: Tokyo

Country: Japan

Internet Service Provider: Linode

Hostname: unknown

Organization: Linode, LLC

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	[N3.H3.VM3] Port Scanner Detected Blocked by UFW	2020-10-05 06:29:58
attack	TCP port : 81	2020-10-04 22:31:24
attackbotsspam	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-10-04 14:17:41
attack	TCP (SYN) 172.104.94.253:47650 -> port 81, len 44	2020-08-05 08:39:06
attack	Jun 4 14:09:48 debian-2gb-nbg1-2 kernel: \[13531346.583678\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=172.104.94.253 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=54321 PROTO=TCP SPT=49345 DPT=81 WINDOW=65535 RES=0x00 SYN URGP=0	2020-06-04 20:30:19
attackspam	" "	2020-05-22 08:28:03
attackspam	trying to access non-authorized port	2020-04-30 23:21:26
attackspambots	Mar 4 19:17:08 debian-2gb-nbg1-2 kernel: \[5605001.243993\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=172.104.94.253 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=54321 PROTO=TCP SPT=54142 DPT=81 WINDOW=65535 RES=0x00 SYN URGP=0	2020-03-05 03:00:24
attackbots	Scanning random ports - tries to find possible vulnerable services	2020-02-22 07:17:57
attackbotsspam	[portscan] tcp/81 [alter-web/web-proxy] *(RWIN=65535)(11190859)	2019-11-19 17:33:16
attackspam	[portscan] tcp/81 [alter-web/web-proxy] *(RWIN=65535)(10161238)	2019-10-16 21:09:22
attackbots	" "	2019-09-11 21:53:02
attack	firewall-block, port(s): 81/tcp	2019-08-31 17:28:48
attackspam	1 attempts last 24 Hours	2019-08-28 23:39:17
attack	Splunk® : port scan detected: Aug 24 17:46:24 testbed kernel: Firewall: TCP_IN Blocked IN=eth0 OUT= MAC=82:c6:52:d1:6e:53:c0:42:d0:39:2c:30:08:00 SRC=172.104.94.253 DST=104.248.11.191 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=54321 PROTO=TCP SPT=57160 DPT=81 WINDOW=65535 RES=0x00 SYN URGP=0	2019-08-25 07:02:50
attack	Port scan attempt detected by AWS-CCS, CTS, India	2019-08-09 14:45:09

Comments on same subnet:

IP	Type	Details	Datetime
172.104.94.121	attackspambots	1 Attack(s) Detected [DoS Attack: Ping Sweep] from source: 172.104.94.121, Tuesday, August 18, 2020 18:43:18	2020-08-20 18:39:46
172.104.94.121	attack	CloudCIX Reconnaissance Scan Detected, PTR: scan-56.security.ipip.net.	2020-01-23 09:01:32
172.104.94.137	attack	172.104.94.137 was recorded 5 times by 3 hosts attempting to connect to the following ports: 443. Incident counter (4h, 24h, all-time): 5, 5, 5	2019-11-11 00:31:20

Type

Details

Datetime

172.104.94.121

attackspambots

1 Attack(s) Detected
[DoS Attack: Ping Sweep] from source: 172.104.94.121, Tuesday, August 18, 2020 18:43:18

2020-08-20 18:39:46

172.104.94.121

attack

CloudCIX Reconnaissance Scan Detected, PTR: scan-56.security.ipip.net.

2020-01-23 09:01:32

172.104.94.137

attack

172.104.94.137 was recorded 5 times by 3 hosts attempting to connect to the following ports: 443. Incident counter (4h, 24h, all-time): 5, 5, 5

2019-11-11 00:31:20

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 172.104.94.253
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 14299
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;172.104.94.253.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019041300 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sat Apr 13 20:49:33 +08 2019
;; MSG SIZE  rcvd: 118

Host info

253.94.104.172.in-addr.arpa domain name pointer scan-133.security.ipip.net.

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
253.94.104.172.in-addr.arpa	name = scan-133.security.ipip.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
218.92.0.168	attack	Jan 1 10:14:10 plusreed sshd[12573]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.168 user=root Jan 1 10:14:12 plusreed sshd[12573]: Failed password for root from 218.92.0.168 port 47489 ssh2 ...	2020-01-01 23:16:22
222.186.175.202	attackbotsspam	Jan 1 16:02:34 * sshd[6712]: Failed password for root from 222.186.175.202 port 57844 ssh2 Jan 1 16:02:49 * sshd[6712]: error: maximum authentication attempts exceeded for root from 222.186.175.202 port 57844 ssh2 [preauth]	2020-01-01 23:18:06
200.192.247.166	attackspambots	Automatic report - Banned IP Access	2020-01-01 23:21:52
71.6.167.142	attack	Unauthorized connection attempt detected from IP address 71.6.167.142 to port 119	2020-01-01 23:15:06
51.91.212.79	attackbotsspam	01/01/2020-15:54:06.289534 51.91.212.79 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 53	2020-01-01 23:23:16
5.39.88.60	attackbotsspam	Jan 1 15:53:45 mout sshd[2002]: Invalid user demented from 5.39.88.60 port 56950	2020-01-01 23:35:23
218.92.0.165	attackspambots	2020-01-01T15:25:15.616544abusebot-2.cloudsearch.cf sshd[28347]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.165 user=root 2020-01-01T15:25:17.501961abusebot-2.cloudsearch.cf sshd[28347]: Failed password for root from 218.92.0.165 port 53404 ssh2 2020-01-01T15:25:20.442821abusebot-2.cloudsearch.cf sshd[28347]: Failed password for root from 218.92.0.165 port 53404 ssh2 2020-01-01T15:25:15.616544abusebot-2.cloudsearch.cf sshd[28347]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.165 user=root 2020-01-01T15:25:17.501961abusebot-2.cloudsearch.cf sshd[28347]: Failed password for root from 218.92.0.165 port 53404 ssh2 2020-01-01T15:25:20.442821abusebot-2.cloudsearch.cf sshd[28347]: Failed password for root from 218.92.0.165 port 53404 ssh2 2020-01-01T15:25:15.616544abusebot-2.cloudsearch.cf sshd[28347]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rho ...	2020-01-01 23:40:36
45.136.109.122	attack	Triggered: repeated knocking on closed ports.	2020-01-01 23:30:28
170.0.60.214	attackspambots	Jan 1 14:50:40 game-panel sshd[25954]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=170.0.60.214 Jan 1 14:50:42 game-panel sshd[25954]: Failed password for invalid user simeon from 170.0.60.214 port 46238 ssh2 Jan 1 14:54:29 game-panel sshd[26091]: Failed password for news from 170.0.60.214 port 47702 ssh2	2020-01-01 23:12:08
150.109.113.127	attackbots	$f2bV_matches	2020-01-01 23:45:53
85.209.0.139	attackspam	Jan 1 15:57:25 srv01 sshd[13120]: Did not receive identification string from 85.209.0.139 port 40186 Jan 1 15:57:27 srv01 sshd[13121]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.209.0.139 user=root Jan 1 15:57:30 srv01 sshd[13121]: Failed password for root from 85.209.0.139 port 4276 ssh2 Jan 1 15:57:27 srv01 sshd[13121]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.209.0.139 user=root Jan 1 15:57:30 srv01 sshd[13121]: Failed password for root from 85.209.0.139 port 4276 ssh2 ...	2020-01-01 23:09:52
46.38.144.117	attackbots	Too many connections or unauthorized access detected from Yankee banned ip	2020-01-01 23:29:12
197.116.30.133	attackbotsspam	Jan 1 15:53:49 grey postfix/smtpd\[24668\]: NOQUEUE: reject: RCPT from unknown\[197.116.30.133\]: 554 5.7.1 Service unavailable\; Client host \[197.116.30.133\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[197.116.30.133\]\; from=\ to=\ proto=ESMTP helo=\<\[197.116.30.133\]\> ...	2020-01-01 23:32:08
94.21.243.204	attack	Jan 1 15:54:11 www sshd\[866\]: Invalid user apache from 94.21.243.204 port 46832 ...	2020-01-01 23:18:36
106.13.29.223	attackspambots	Jan 1 15:54:39 v22018086721571380 sshd[2291]: Failed password for invalid user hung from 106.13.29.223 port 45412 ssh2	2020-01-01 23:07:53

Recently Reported IPs

58.187.169.63	118.193.55.34	110.53.234.189	186.67.107.30
139.199.48.217	120.197.97.27	209.85.214.174	31.182.1.146
5.208.100.66	124.251.60.68	81.22.45.253	128.1.242.2
121.161.201.223	113.161.18.162	58.135.224.36	112.109.92.6
121.201.48.151	106.12.210.180	125.18.118.208	84.122.155.155