104.131.72.76 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.131.72.150	attackbotsspam	104.131.72.150 - - \[04/Aug/2020:11:21:30 +0200\] "GET / HTTP/1.0" 301 178 "-" "Mozilla/5.0 \(compatible\; NetcraftSurveyAgent/1.0\; +info@netcraft.com\)" ...	2020-08-04 23:43:35
104.131.72.149	attackbots	TCP src-port=50134 dst-port=25 dnsbl-sorbs abuseat-org barracuda (Project Honey Pot rated Suspicious) (117)	2019-08-24 19:00:46

Type

Details

Datetime

104.131.72.150

attackbotsspam

104.131.72.150 - - \[04/Aug/2020:11:21:30 +0200\] "GET / HTTP/1.0" 301 178 "-" "Mozilla/5.0 \(compatible\; NetcraftSurveyAgent/1.0\; +info@netcraft.com\)"
...

2020-08-04 23:43:35

104.131.72.149

attackbots

TCP src-port=50134   dst-port=25    dnsbl-sorbs abuseat-org barracuda       (Project Honey Pot rated Suspicious)   (117)

2019-08-24 19:00:46

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.131.72.76
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 20870
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.131.72.76.			IN	A

;; AUTHORITY SECTION:
.			55	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022401 1800 900 604800 86400

;; Query time: 59 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 25 12:02:33 CST 2022
;; MSG SIZE  rcvd: 106

Host info

76.72.131.104.in-addr.arpa domain name pointer lejardinier-houston.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
76.72.131.104.in-addr.arpa	name = lejardinier-houston.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
116.72.16.104	attackspambots	3389BruteforceFW23	2019-10-25 23:08:11
116.4.96.173	attackbots	Automatic report - Port Scan Attack	2019-10-25 23:01:25
106.2.208.42	attackspam	Oct 24 08:52:14 uapps sshd[29826]: User r.r from 106.2.208.42 not allowed because not listed in AllowUsers Oct 24 08:52:14 uapps sshd[29826]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.2.208.42 user=r.r Oct 24 08:52:16 uapps sshd[29826]: Failed password for invalid user r.r from 106.2.208.42 port 46055 ssh2 Oct 24 08:52:16 uapps sshd[29826]: Received disconnect from 106.2.208.42: 11: Bye Bye [preauth] Oct 24 09:24:33 uapps sshd[30087]: User r.r from 106.2.208.42 not allowed because not listed in AllowUsers Oct 24 09:24:33 uapps sshd[30087]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.2.208.42 user=r.r Oct 24 09:24:34 uapps sshd[30087]: Failed password for invalid user r.r from 106.2.208.42 port 52040 ssh2 Oct 24 09:24:35 uapps sshd[30087]: Received disconnect from 106.2.208.42: 11: Bye Bye [preauth] Oct 24 09:30:12 uapps sshd[30107]: User r.r from 106.2.208.42 not allowed ........ -------------------------------	2019-10-25 23:19:03
81.22.45.225	attackbotsspam	2019-10-25T16:15:57.116833+02:00 lumpi kernel: [1835355.194457] INPUT:DROP:SPAMHAUS_EDROP:IN=eth0 OUT= MAC=52:54:a2:01:a5:04:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.225 DST=172.31.1.100 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=6466 PROTO=TCP SPT=52807 DPT=44444 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-10-25 23:01:51
218.92.0.195	attackbots	Oct 25 15:55:04 dcd-gentoo sshd[2899]: User root from 218.92.0.195 not allowed because none of user's groups are listed in AllowGroups Oct 25 15:55:08 dcd-gentoo sshd[2899]: error: PAM: Authentication failure for illegal user root from 218.92.0.195 Oct 25 15:55:04 dcd-gentoo sshd[2899]: User root from 218.92.0.195 not allowed because none of user's groups are listed in AllowGroups Oct 25 15:55:08 dcd-gentoo sshd[2899]: error: PAM: Authentication failure for illegal user root from 218.92.0.195 Oct 25 15:55:04 dcd-gentoo sshd[2899]: User root from 218.92.0.195 not allowed because none of user's groups are listed in AllowGroups Oct 25 15:55:08 dcd-gentoo sshd[2899]: error: PAM: Authentication failure for illegal user root from 218.92.0.195 Oct 25 15:55:08 dcd-gentoo sshd[2899]: Failed keyboard-interactive/pam for invalid user root from 218.92.0.195 port 44699 ssh2 ...	2019-10-25 23:14:54
106.12.151.201	attack	Oct 24 19:57:50 plesk sshd[10674]: Invalid user teste from 106.12.151.201 Oct 24 19:57:50 plesk sshd[10674]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.151.201 Oct 24 19:57:52 plesk sshd[10674]: Failed password for invalid user teste from 106.12.151.201 port 38652 ssh2 Oct 24 19:57:52 plesk sshd[10674]: Received disconnect from 106.12.151.201: 11: Bye Bye [preauth] Oct 24 20:08:33 plesk sshd[11380]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.151.201 user=r.r Oct 24 20:08:34 plesk sshd[11380]: Failed password for r.r from 106.12.151.201 port 56452 ssh2 Oct 24 20:08:35 plesk sshd[11380]: Received disconnect from 106.12.151.201: 11: Bye Bye [preauth] Oct 24 20:12:30 plesk sshd[11716]: Invalid user lx from 106.12.151.201 Oct 24 20:12:30 plesk sshd[11716]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.151.201 Oct 24 20:12........ -------------------------------	2019-10-25 23:13:59
193.105.134.45	attackspambots	Oct 25 14:06:45 herz-der-gamer sshd[11074]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.105.134.45 user=root Oct 25 14:06:46 herz-der-gamer sshd[11074]: Failed password for root from 193.105.134.45 port 23708 ssh2 ...	2019-10-25 23:28:38
182.23.1.163	attack	2019-10-25T14:41:04.806575shield sshd\[32239\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.23.1.163 user=root 2019-10-25T14:41:06.790535shield sshd\[32239\]: Failed password for root from 182.23.1.163 port 48550 ssh2 2019-10-25T14:46:46.310458shield sshd\[1211\]: Invalid user maestro from 182.23.1.163 port 38166 2019-10-25T14:46:46.318554shield sshd\[1211\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.23.1.163 2019-10-25T14:46:48.252311shield sshd\[1211\]: Failed password for invalid user maestro from 182.23.1.163 port 38166 ssh2	2019-10-25 23:31:19
80.211.56.173	attack	Lines containing failures of 80.211.56.173 Oct 24 15:39:42 shared12 sshd[15832]: Invalid user gesi from 80.211.56.173 port 48722 Oct 24 15:39:42 shared12 sshd[15832]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.56.173 Oct 24 15:39:43 shared12 sshd[15832]: Failed password for invalid user gesi from 80.211.56.173 port 48722 ssh2 Oct 24 15:39:44 shared12 sshd[15832]: Received disconnect from 80.211.56.173 port 48722:11: Bye Bye [preauth] Oct 24 15:39:44 shared12 sshd[15832]: Disconnected from invalid user gesi 80.211.56.173 port 48722 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=80.211.56.173	2019-10-25 23:31:48
45.170.174.195	attackspam	Automatic report - Port Scan Attack	2019-10-25 23:09:45
94.177.254.67	attackbotsspam	Oct 23 11:45:36 zimbra sshd[17425]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.177.254.67 user=r.r Oct 23 11:45:37 zimbra sshd[17425]: Failed password for r.r from 94.177.254.67 port 34662 ssh2 Oct 23 11:45:37 zimbra sshd[17425]: Received disconnect from 94.177.254.67 port 34662:11: Bye Bye [preauth] Oct 23 11:45:37 zimbra sshd[17425]: Disconnected from 94.177.254.67 port 34662 [preauth] Oct 23 12:13:16 zimbra sshd[4781]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.177.254.67 user=r.r Oct 23 12:13:18 zimbra sshd[4781]: Failed password for r.r from 94.177.254.67 port 42266 ssh2 Oct 23 12:13:18 zimbra sshd[4781]: Received disconnect from 94.177.254.67 port 42266:11: Bye Bye [preauth] Oct 23 12:13:18 zimbra sshd[4781]: Disconnected from 94.177.254.67 port 42266 [preauth] Oct 23 12:17:12 zimbra sshd[7818]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ss........ -------------------------------	2019-10-25 23:29:41
116.7.237.134	attack	Invalid user mysql from 116.7.237.134 port 8998 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.7.237.134 Failed password for invalid user mysql from 116.7.237.134 port 8998 ssh2 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.7.237.134 user=root Failed password for root from 116.7.237.134 port 44234 ssh2	2019-10-25 23:18:33
106.120.173.148	attack	Automatic report - Banned IP Access	2019-10-25 23:10:40
197.248.205.53	attackspam	2019-10-25T13:10:07.195857abusebot-5.cloudsearch.cf sshd\[3333\]: Invalid user vonachen from 197.248.205.53 port 43200	2019-10-25 23:10:15
111.38.13.187	attack	Automatic report - Banned IP Access	2019-10-25 23:25:07

Recently Reported IPs

104.131.74.7	104.131.76.143	104.131.76.160	104.131.8.24
104.131.77.10	104.131.83.83	104.131.78.220	104.131.85.241
104.131.87.208	104.22.14.72	104.131.85.5	104.131.90.153
104.131.92.195	104.131.97.180	104.131.96.191	104.131.98.103
104.140.155.33	104.136.17.156	104.22.15.12	104.138.173.25