104.244.72.239

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.244.72.38	attackbotsspam	xmlrpc attack	2020-10-10 22:15:36
104.244.72.38	attack	CMS (WordPress or Joomla) login attempt.	2020-10-10 14:08:50
104.244.72.115	attack	104.244.72.115 (US/United States/-), 7 distributed sshd attacks on account [admin] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 20 10:06:28 server2 sshd[15527]: Failed password for invalid user admin from 104.244.72.115 port 57964 ssh2 Sep 20 10:06:30 server2 sshd[15572]: Invalid user admin from 95.128.43.164 Sep 20 10:06:32 server2 sshd[15572]: Failed password for invalid user admin from 95.128.43.164 port 55602 ssh2 Sep 20 10:06:34 server2 sshd[15610]: Invalid user admin from 104.244.75.157 Sep 20 10:06:36 server2 sshd[15610]: Failed password for invalid user admin from 104.244.75.157 port 34573 ssh2 Sep 20 10:07:22 server2 sshd[16018]: Invalid user admin from 212.21.66.6 Sep 20 10:06:25 server2 sshd[15527]: Invalid user admin from 104.244.72.115 IP Addresses Blocked:	2020-09-20 23:32:54
104.244.72.115	attack	Sep 20 08:04:25 vpn01 sshd[9754]: Failed password for root from 104.244.72.115 port 47340 ssh2 Sep 20 08:04:36 vpn01 sshd[9754]: error: maximum authentication attempts exceeded for root from 104.244.72.115 port 47340 ssh2 [preauth] ...	2020-09-20 15:21:30
104.244.72.115	attackspambots	Sep 20 00:03:39 sigma sshd\[30820\]: Invalid user admin from 104.244.72.115Sep 20 00:03:40 sigma sshd\[30820\]: Failed password for invalid user admin from 104.244.72.115 port 45068 ssh2 ...	2020-09-20 07:17:51
104.244.72.203	attackbots	(mod_security) mod_security (id:980001) triggered by 104.244.72.203 (US/United States/-): 5 in the last 14400 secs; ID: rub	2020-09-16 20:20:32
104.244.72.203	attackspambots	(mod_security) mod_security (id:980001) triggered by 104.244.72.203 (US/United States/-): 5 in the last 14400 secs; ID: rub	2020-09-16 12:53:28
104.244.72.203	attack	(mod_security) mod_security (id:980001) triggered by 104.244.72.203 (US/United States/-): 5 in the last 14400 secs; ID: rub	2020-09-16 04:38:14
104.244.72.115	attackbotsspam	Jun 26 11:25:48 IngegnereFirenze sshd[15703]: User root from 104.244.72.115 not allowed because not listed in AllowUsers ...	2020-06-27 00:36:02
104.244.72.115	attackspam	srv02 SSH BruteForce Attacks 22 ..	2020-06-13 22:10:32
104.244.72.115	attackbotsspam	prod6 ...	2020-06-09 14:06:47
104.244.72.115	attackspam	US_FranTech BuyVM_<177>1585281315 [1:2522002:4013] ET TOR Known Tor Relay/Router (Not Exit) Node TCP Traffic group 3 [Classification: Misc Attack] [Priority: 2]: {TCP} 104.244.72.115:46840	2020-03-27 12:22:51
104.244.72.54	attack	scans 2 times in preceeding hours on the ports (in chronological order) 52869 52869	2020-02-27 00:56:43
104.244.72.115	attack	02/21/2020-14:20:55.747469 104.244.72.115 Protocol: 6 ET TOR Known Tor Exit Node Traffic group 2	2020-02-21 21:33:41
104.244.72.115	attack	xmlrpc attack	2020-02-10 07:35:28

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.244.72.239
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2463
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.244.72.239.			IN	A

;; AUTHORITY SECTION:
.			142	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020702 1800 900 604800 86400

;; Query time: 71 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 08 14:47:13 CST 2022
;; MSG SIZE  rcvd: 107

Host info

239.72.244.104.in-addr.arpa domain name pointer LuxembourgTor16.lu.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
239.72.244.104.in-addr.arpa	name = LuxembourgTor16.lu.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
74.101.130.157	attack	(sshd) Failed SSH login from 74.101.130.157 (US/United States/pool-74-101-130-157.nycmny.fios.verizon.net): 5 in the last 3600 secs	2020-06-14 03:16:52
46.101.103.207	attackspambots	Jun 13 16:07:16 meumeu sshd[409590]: Invalid user qmailq from 46.101.103.207 port 41760 Jun 13 16:07:16 meumeu sshd[409590]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.103.207 Jun 13 16:07:16 meumeu sshd[409590]: Invalid user qmailq from 46.101.103.207 port 41760 Jun 13 16:07:18 meumeu sshd[409590]: Failed password for invalid user qmailq from 46.101.103.207 port 41760 ssh2 Jun 13 16:10:45 meumeu sshd[409759]: Invalid user jmartin from 46.101.103.207 port 42982 Jun 13 16:10:45 meumeu sshd[409759]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.103.207 Jun 13 16:10:45 meumeu sshd[409759]: Invalid user jmartin from 46.101.103.207 port 42982 Jun 13 16:10:47 meumeu sshd[409759]: Failed password for invalid user jmartin from 46.101.103.207 port 42982 ssh2 Jun 13 16:14:07 meumeu sshd[410002]: Invalid user gpl from 46.101.103.207 port 44202 ...	2020-06-14 03:22:39
85.209.150.186	attackspam	pinterest spam	2020-06-14 03:16:20
167.172.175.9	attack	Jun 13 19:52:28 ArkNodeAT sshd\[6942\]: Invalid user kw from 167.172.175.9 Jun 13 19:52:28 ArkNodeAT sshd\[6942\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.172.175.9 Jun 13 19:52:31 ArkNodeAT sshd\[6942\]: Failed password for invalid user kw from 167.172.175.9 port 41718 ssh2	2020-06-14 03:04:30
188.170.13.225	attackspam	Jun 13 20:22:13 sshd\[29831\]: Invalid user longting from 188.170.13.225Jun 13 20:22:14 sshd\[29831\]: Failed password for invalid user longting from 188.170.13.225 port 53484 ssh2 ...	2020-06-14 03:23:36
59.13.125.142	attackspambots	Automatic report BANNED IP	2020-06-14 03:09:24
139.59.40.240	attackbotsspam	(sshd) Failed SSH login from 139.59.40.240 (IN/India/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jun 13 21:29:32 s1 sshd[24179]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.40.240 user=root Jun 13 21:29:34 s1 sshd[24179]: Failed password for root from 139.59.40.240 port 50998 ssh2 Jun 13 21:33:02 s1 sshd[24295]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.40.240 user=root Jun 13 21:33:04 s1 sshd[24295]: Failed password for root from 139.59.40.240 port 45372 ssh2 Jun 13 21:35:55 s1 sshd[24382]: Invalid user multimedia from 139.59.40.240 port 33808	2020-06-14 03:29:03
77.219.12.188	attackspam	[13/Jun/2020 15:08:31] Failed SMTP login from 77.219.12.188 whostnameh SASL method CRAM-MD5. [13/Jun/2020 15:08:36] Failed SMTP login from 77.219.12.188 whostnameh SASL method CRAM-MD5. [13/Jun/2020 15:08:42] Failed SMTP login from 77.219.12.188 whostnameh SASL method CRAM-MD5. ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=77.219.12.188	2020-06-14 03:31:47
51.222.29.24	attackbots	Banned for a week because repeated abuses, for example SSH, but not only	2020-06-14 03:07:58
43.225.194.75	attack	$f2bV_matches	2020-06-14 03:27:52
49.234.43.224	attack	Jun 14 01:43:17 webhost01 sshd[1706]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.43.224 Jun 14 01:43:19 webhost01 sshd[1706]: Failed password for invalid user production from 49.234.43.224 port 59592 ssh2 ...	2020-06-14 02:54:26
84.92.92.196	attack	Jun 13 19:38:38 ns382633 sshd\[16737\]: Invalid user admin from 84.92.92.196 port 50628 Jun 13 19:38:38 ns382633 sshd\[16737\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=84.92.92.196 Jun 13 19:38:39 ns382633 sshd\[16737\]: Failed password for invalid user admin from 84.92.92.196 port 50628 ssh2 Jun 13 19:43:05 ns382633 sshd\[17718\]: Invalid user guillermo from 84.92.92.196 port 63446 Jun 13 19:43:05 ns382633 sshd\[17718\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=84.92.92.196	2020-06-14 03:11:03
207.154.206.212	attackspambots	Jun 13 12:13:39 Host-KLAX-C sshd[31406]: Invalid user ircbot from 207.154.206.212 port 41448 ...	2020-06-14 03:21:47
103.201.138.178	attackbots	20/6/13@08:21:06: FAIL: Alarm-Network address from=103.201.138.178 ...	2020-06-14 03:25:25
45.140.207.121	attackbotsspam	Chat Spam	2020-06-14 03:26:53

Recently Reported IPs

78.140.211.125	115.55.78.129	46.179.25.229	88.76.245.146
213.91.165.130	115.202.14.80	171.6.54.147	187.178.157.22
1.23.41.118	190.183.211.52	120.86.252.146	14.229.47.161
54.165.47.134	124.102.211.212	89.178.42.247	217.56.14.50
117.156.219.51	96.90.114.243	180.180.61.23	84.54.122.156