104.244.72.239

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.244.72.38	attackbotsspam	xmlrpc attack	2020-10-10 22:15:36
104.244.72.38	attack	CMS (WordPress or Joomla) login attempt.	2020-10-10 14:08:50
104.244.72.115	attack	104.244.72.115 (US/United States/-), 7 distributed sshd attacks on account [admin] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 20 10:06:28 server2 sshd[15527]: Failed password for invalid user admin from 104.244.72.115 port 57964 ssh2 Sep 20 10:06:30 server2 sshd[15572]: Invalid user admin from 95.128.43.164 Sep 20 10:06:32 server2 sshd[15572]: Failed password for invalid user admin from 95.128.43.164 port 55602 ssh2 Sep 20 10:06:34 server2 sshd[15610]: Invalid user admin from 104.244.75.157 Sep 20 10:06:36 server2 sshd[15610]: Failed password for invalid user admin from 104.244.75.157 port 34573 ssh2 Sep 20 10:07:22 server2 sshd[16018]: Invalid user admin from 212.21.66.6 Sep 20 10:06:25 server2 sshd[15527]: Invalid user admin from 104.244.72.115 IP Addresses Blocked:	2020-09-20 23:32:54
104.244.72.115	attack	Sep 20 08:04:25 vpn01 sshd[9754]: Failed password for root from 104.244.72.115 port 47340 ssh2 Sep 20 08:04:36 vpn01 sshd[9754]: error: maximum authentication attempts exceeded for root from 104.244.72.115 port 47340 ssh2 [preauth] ...	2020-09-20 15:21:30
104.244.72.115	attackspambots	Sep 20 00:03:39 sigma sshd\[30820\]: Invalid user admin from 104.244.72.115Sep 20 00:03:40 sigma sshd\[30820\]: Failed password for invalid user admin from 104.244.72.115 port 45068 ssh2 ...	2020-09-20 07:17:51
104.244.72.203	attackbots	(mod_security) mod_security (id:980001) triggered by 104.244.72.203 (US/United States/-): 5 in the last 14400 secs; ID: rub	2020-09-16 20:20:32
104.244.72.203	attackspambots	(mod_security) mod_security (id:980001) triggered by 104.244.72.203 (US/United States/-): 5 in the last 14400 secs; ID: rub	2020-09-16 12:53:28
104.244.72.203	attack	(mod_security) mod_security (id:980001) triggered by 104.244.72.203 (US/United States/-): 5 in the last 14400 secs; ID: rub	2020-09-16 04:38:14
104.244.72.115	attackbotsspam	Jun 26 11:25:48 IngegnereFirenze sshd[15703]: User root from 104.244.72.115 not allowed because not listed in AllowUsers ...	2020-06-27 00:36:02
104.244.72.115	attackspam	srv02 SSH BruteForce Attacks 22 ..	2020-06-13 22:10:32
104.244.72.115	attackbotsspam	prod6 ...	2020-06-09 14:06:47
104.244.72.115	attackspam	US_FranTech BuyVM_<177>1585281315 [1:2522002:4013] ET TOR Known Tor Relay/Router (Not Exit) Node TCP Traffic group 3 [Classification: Misc Attack] [Priority: 2]: {TCP} 104.244.72.115:46840	2020-03-27 12:22:51
104.244.72.54	attack	scans 2 times in preceeding hours on the ports (in chronological order) 52869 52869	2020-02-27 00:56:43
104.244.72.115	attack	02/21/2020-14:20:55.747469 104.244.72.115 Protocol: 6 ET TOR Known Tor Exit Node Traffic group 2	2020-02-21 21:33:41
104.244.72.115	attack	xmlrpc attack	2020-02-10 07:35:28

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.244.72.239
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2463
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.244.72.239.			IN	A

;; AUTHORITY SECTION:
.			142	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020702 1800 900 604800 86400

;; Query time: 71 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 08 14:47:13 CST 2022
;; MSG SIZE  rcvd: 107

Host info

239.72.244.104.in-addr.arpa domain name pointer LuxembourgTor16.lu.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
239.72.244.104.in-addr.arpa	name = LuxembourgTor16.lu.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
61.135.152.134	attackbotsspam	Port probing on unauthorized port 1433	2020-09-27 12:54:43
105.184.63.208	attack	SSH/22 MH Probe, BF, Hack -	2020-09-27 12:48:35
114.35.179.165	attackspambots	Auto Detect Rule! proto TCP (SYN), 114.35.179.165:22636->gjan.info:23, len 40	2020-09-27 12:36:29
51.104.16.192	attack	Sep 27 00:08:32 sip sshd[26584]: Failed password for root from 51.104.16.192 port 1353 ssh2 Sep 27 06:31:48 sip sshd[30988]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.104.16.192 Sep 27 06:31:50 sip sshd[30988]: Failed password for invalid user 138 from 51.104.16.192 port 12617 ssh2	2020-09-27 12:44:08
104.206.128.42	attackbots	5900/tcp 23/tcp 5060/tcp... [2020-07-29/09-26]40pkt,8pt.(tcp),1pt.(udp)	2020-09-27 12:58:06
91.237.239.108	attack	Sep 27 01:14:35 mail.srvfarm.net postfix/smtpd[831038]: warning: unknown[91.237.239.108]: SASL PLAIN authentication failed: Sep 27 01:14:35 mail.srvfarm.net postfix/smtpd[831038]: lost connection after AUTH from unknown[91.237.239.108] Sep 27 01:17:30 mail.srvfarm.net postfix/smtpd[831041]: warning: unknown[91.237.239.108]: SASL PLAIN authentication failed: Sep 27 01:17:30 mail.srvfarm.net postfix/smtpd[831041]: lost connection after AUTH from unknown[91.237.239.108] Sep 27 01:17:45 mail.srvfarm.net postfix/smtps/smtpd[817424]: warning: unknown[91.237.239.108]: SASL PLAIN authentication failed:	2020-09-27 13:01:28
104.140.188.6	attack	1433/tcp 3306/tcp 3389/tcp... [2020-07-27/09-26]32pkt,8pt.(tcp),1pt.(udp)	2020-09-27 13:03:33
124.156.136.112	attack	Found on Dark List de / proto=6 . srcport=47253 . dstport=13437 . (2686)	2020-09-27 12:35:56
120.92.11.9	attackbots	Sep 27 02:12:40 serwer sshd\[5993\]: Invalid user sysadmin from 120.92.11.9 port 59187 Sep 27 02:12:40 serwer sshd\[5993\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.11.9 Sep 27 02:12:42 serwer sshd\[5993\]: Failed password for invalid user sysadmin from 120.92.11.9 port 59187 ssh2 ...	2020-09-27 12:23:42
190.4.16.86	attackspambots	37215/tcp 9530/tcp... [2020-08-07/09-26]5pkt,2pt.(tcp)	2020-09-27 12:47:05
167.172.21.132	attack	TCP (SYN) 167.172.21.132:47714 -> port 22, len 44	2020-09-27 12:50:11
52.188.5.139	attackspam	Flask-IPban - exploit URL requested:/xmlrpc.php	2020-09-27 12:20:22
192.241.239.124	attack	9030/tcp 1723/tcp 1337/tcp... [2020-08-22/09-26]9pkt,9pt.(tcp)	2020-09-27 13:03:17
37.107.85.181	attackspambots	1601152772 - 09/26/2020 22:39:32 Host: 37.107.85.181/37.107.85.181 Port: 445 TCP Blocked	2020-09-27 12:55:20
85.109.182.70	attackspam	445/tcp 445/tcp 445/tcp... [2020-09-16/26]4pkt,1pt.(tcp)	2020-09-27 12:33:18

Recently Reported IPs

78.140.211.125	115.55.78.129	46.179.25.229	88.76.245.146
213.91.165.130	115.202.14.80	171.6.54.147	187.178.157.22
1.23.41.118	190.183.211.52	120.86.252.146	14.229.47.161
54.165.47.134	124.102.211.212	89.178.42.247	217.56.14.50
117.156.219.51	96.90.114.243	180.180.61.23	84.54.122.156