104.194.11.72 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.194.11.173	attackbotsspam	Triggered: repeated knocking on closed ports.	2020-06-11 21:01:54
104.194.11.173	attackbotsspam	port	2020-06-07 02:14:59
104.194.11.204	attackspambots	Trying ports that it shouldn't be.	2020-06-05 06:36:22
104.194.11.180	attack	DATE:2020-05-15 22:49:47, IP:104.194.11.180, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2020-05-16 06:07:18
104.194.11.42	attackbots	May 7 15:51:30 debian-2gb-nbg1-2 kernel: \[11118375.210257\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=104.194.11.42 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=4112 PROTO=TCP SPT=57105 DPT=62034 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-07 22:54:21
104.194.11.42	attackspambots	May 7 13:18:53 debian-2gb-nbg1-2 kernel: \[11109219.070970\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=104.194.11.42 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=64586 PROTO=TCP SPT=57105 DPT=55120 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-07 19:28:35
104.194.11.42	attackbots	May 6 16:19:04 debian-2gb-nbg1-2 kernel: \[11033633.911454\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=104.194.11.42 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=33916 PROTO=TCP SPT=57105 DPT=61759 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-06 22:36:34
104.194.11.42	attackbotsspam	May 6 07:53:04 debian-2gb-nbg1-2 kernel: \[11003275.302584\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=104.194.11.42 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=28416 PROTO=TCP SPT=57105 DPT=55343 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-06 13:57:05
104.194.11.42	attackspambots	May 5 19:00:25 debian-2gb-nbg1-2 kernel: \[10956918.676732\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=104.194.11.42 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=56683 PROTO=TCP SPT=57041 DPT=47415 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-06 01:07:53
104.194.11.42	attackbotsspam	May 4 00:42:52 debian-2gb-nbg1-2 kernel: \[10804674.226420\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=104.194.11.42 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=58036 PROTO=TCP SPT=57041 DPT=46709 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-04 07:05:57
104.194.11.42	attack	May 3 06:33:32 debian-2gb-nbg1-2 kernel: \[10739317.117700\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=104.194.11.42 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=22171 PROTO=TCP SPT=57105 DPT=61013 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-03 12:38:21
104.194.11.42	attackbots	[MK-VM3] Blocked by UFW	2020-05-03 06:06:24
104.194.11.42	attack	May 2 11:23:08 [host] kernel: [5040300.661121] [U May 2 11:24:03 [host] kernel: [5040355.783353] [U May 2 11:25:23 [host] kernel: [5040436.085676] [U May 2 11:25:39 [host] kernel: [5040452.294599] [U May 2 11:28:45 [host] kernel: [5040638.154006] [U May 2 11:29:09 [host] kernel: [5040661.692723] [U	2020-05-02 17:47:29
104.194.11.244	attack	Mar 30 05:55:18 debian-2gb-nbg1-2 kernel: \[7799577.463955\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=104.194.11.244 DST=195.201.40.59 LEN=439 TOS=0x00 PREC=0x00 TTL=55 ID=6970 DF PROTO=UDP SPT=5276 DPT=5060 LEN=419	2020-03-30 13:56:03
104.194.11.244	attackbotsspam	Mar 28 20:14:27 debian-2gb-nbg1-2 kernel: \[7681932.165973\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=104.194.11.244 DST=195.201.40.59 LEN=438 TOS=0x00 PREC=0x00 TTL=55 ID=13353 DF PROTO=UDP SPT=5280 DPT=5060 LEN=418	2020-03-29 03:15:17

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.194.11.72
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 19084
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.194.11.72.			IN	A

;; AUTHORITY SECTION:
.			466	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022031100 1800 900 604800 86400

;; Query time: 18 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Mar 11 18:51:16 CST 2022
;; MSG SIZE  rcvd: 106

Host info

72.11.194.104.in-addr.arpa domain name pointer server4.mofficeserver.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
72.11.194.104.in-addr.arpa	name = server4.mofficeserver.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
222.186.175.202	attackbots	Jul 9 09:09:41 firewall sshd[18612]: Failed password for root from 222.186.175.202 port 4942 ssh2 Jul 9 09:09:45 firewall sshd[18612]: Failed password for root from 222.186.175.202 port 4942 ssh2 Jul 9 09:09:48 firewall sshd[18612]: Failed password for root from 222.186.175.202 port 4942 ssh2 ...	2020-07-09 20:10:51
218.78.48.37	attack	2020-07-09T06:49:04+0200 Failed SSH Authentication/Brute Force Attack. (Server 5)	2020-07-09 19:43:27
36.74.75.31	attack	Jul 9 06:06:50 server1 sshd\[8791\]: Failed password for invalid user kernel from 36.74.75.31 port 40918 ssh2 Jul 9 06:08:12 server1 sshd\[9240\]: Invalid user peter from 36.74.75.31 Jul 9 06:08:12 server1 sshd\[9240\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.74.75.31 Jul 9 06:08:13 server1 sshd\[9240\]: Failed password for invalid user peter from 36.74.75.31 port 44760 ssh2 Jul 9 06:09:41 server1 sshd\[9736\]: Invalid user taoli from 36.74.75.31 ...	2020-07-09 20:18:28
185.176.27.42	attackspambots	TCP (SYN) 185.176.27.42:58993 -> port 9000, len 44	2020-07-09 19:40:44
156.96.114.102	attackspambots	Multihost TCP and UDP portscan.	2020-07-09 19:45:19
156.96.128.152	attack	[2020-07-09 07:28:52] NOTICE[1150][C-000010af] chan_sip.c: Call from '' (156.96.128.152:58798) to extension '11361011442037692067' rejected because extension not found in context 'public'. [2020-07-09 07:28:52] SECURITY[1167] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-07-09T07:28:52.205-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="11361011442037692067",SessionID="0x7fcb4c0dfe08",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/156.96.128.152/58798",ACLName="no_extension_match" [2020-07-09 07:29:26] NOTICE[1150][C-000010b0] chan_sip.c: Call from '' (156.96.128.152:55504) to extension '11362011442037692067' rejected because extension not found in context 'public'. [2020-07-09 07:29:26] SECURITY[1167] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-07-09T07:29:26.757-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="11362011442037692067",SessionID="0x7fcb4c0dfe08",LocalAddress="IPV4/UDP/192.168.244.6/5060",R ...	2020-07-09 19:44:47
195.3.146.114	attack	TCP (SYN) 195.3.146.114:52623 -> port 1723, len 44	2020-07-09 19:42:45
124.206.0.228	attackspam	2020-07-09T07:05:41.882742abusebot-8.cloudsearch.cf sshd[17734]: Invalid user clerici from 124.206.0.228 port 2058 2020-07-09T07:05:41.889044abusebot-8.cloudsearch.cf sshd[17734]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.206.0.228 2020-07-09T07:05:41.882742abusebot-8.cloudsearch.cf sshd[17734]: Invalid user clerici from 124.206.0.228 port 2058 2020-07-09T07:05:43.753982abusebot-8.cloudsearch.cf sshd[17734]: Failed password for invalid user clerici from 124.206.0.228 port 2058 ssh2 2020-07-09T07:07:45.268716abusebot-8.cloudsearch.cf sshd[17786]: Invalid user user from 124.206.0.228 port 2319 2020-07-09T07:07:45.274650abusebot-8.cloudsearch.cf sshd[17786]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.206.0.228 2020-07-09T07:07:45.268716abusebot-8.cloudsearch.cf sshd[17786]: Invalid user user from 124.206.0.228 port 2319 2020-07-09T07:07:47.495872abusebot-8.cloudsearch.cf sshd[17786]: Failed ...	2020-07-09 20:01:24
5.63.151.108	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-07-09 20:03:23
213.32.78.219	attack	Jul 9 14:04:02 meumeu sshd[222514]: Invalid user dl from 213.32.78.219 port 56004 Jul 9 14:04:02 meumeu sshd[222514]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.32.78.219 Jul 9 14:04:02 meumeu sshd[222514]: Invalid user dl from 213.32.78.219 port 56004 Jul 9 14:04:04 meumeu sshd[222514]: Failed password for invalid user dl from 213.32.78.219 port 56004 ssh2 Jul 9 14:06:57 meumeu sshd[222710]: Invalid user alisha from 213.32.78.219 port 51634 Jul 9 14:06:57 meumeu sshd[222710]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.32.78.219 Jul 9 14:06:57 meumeu sshd[222710]: Invalid user alisha from 213.32.78.219 port 51634 Jul 9 14:06:59 meumeu sshd[222710]: Failed password for invalid user alisha from 213.32.78.219 port 51634 ssh2 Jul 9 14:09:49 meumeu sshd[222938]: Invalid user www from 213.32.78.219 port 47268 ...	2020-07-09 20:11:19
93.40.210.239	attackbots	postfix	2020-07-09 20:11:52
149.56.12.88	attack	Jul 9 17:06:57 dhoomketu sshd[1386447]: Failed password for list from 149.56.12.88 port 46308 ssh2 Jul 9 17:09:55 dhoomketu sshd[1386538]: Invalid user tenesha from 149.56.12.88 port 42836 Jul 9 17:09:55 dhoomketu sshd[1386538]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.12.88 Jul 9 17:09:55 dhoomketu sshd[1386538]: Invalid user tenesha from 149.56.12.88 port 42836 Jul 9 17:09:57 dhoomketu sshd[1386538]: Failed password for invalid user tenesha from 149.56.12.88 port 42836 ssh2 ...	2020-07-09 19:54:40
122.56.233.208	attackspam	REQUESTED PAGE: /hsvc_gallery/main.php?g2_view=core.DownloadItem&g2_itemId=3187&g2_serialNumber=2	2020-07-09 19:49:27
176.235.219.253	attackspambots	Honeypot attack, port: 445, PTR: PTR record not found	2020-07-09 20:04:14
103.136.40.88	attackspambots	Jul 9 11:42:13 vps647732 sshd[20314]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.136.40.88 Jul 9 11:42:16 vps647732 sshd[20314]: Failed password for invalid user karina from 103.136.40.88 port 32900 ssh2 ...	2020-07-09 20:07:43

Recently Reported IPs

104.194.10.95	104.194.65.135	104.194.8.14	104.195.35.157
104.195.59.195	104.195.61.238	104.195.69.214	104.196.103.199
104.196.104.120	104.198.102.24	104.198.103.139	104.198.110.124
104.198.12.213	104.198.129.240	104.198.13.145	104.198.138.181
104.198.139.239	104.198.14.199	104.198.144.206	104.198.144.48