172.104.242.239

Basic Info

City: unknown

Region: unknown

Country: None

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
172.104.242.173	botsattackproxy	: SSH Bot Scanner	2024-05-10 17:36:41
172.104.242.173	botsattack	hack	2024-03-06 18:39:29
172.104.242.173	attackbots	TCP (SYN) 172.104.242.173:40532 -> port 902, len 44	2020-10-13 00:17:28
172.104.242.173	attackbotsspam	[N3.H3.VM3] Port Scanner Detected Blocked by UFW	2020-10-12 15:40:14
172.104.242.173	attack	TCP (SYN) 172.104.242.173:59560 -> port 666, len 44	2020-10-11 00:40:48
172.104.242.173	attack	Found on Github Combined on 3 lists / proto=6 . srcport=41755 . dstport=20 FTP . (706)	2020-10-10 16:29:39
172.104.242.173	attack	SIP/5060 Probe, BF, Hack -	2020-09-08 00:16:01
172.104.242.173	attackbotsspam	[Tue Aug 11 13:06:33 2020] - DDoS Attack From IP: 172.104.242.173 Port: 56229	2020-09-07 15:48:16
172.104.242.173	attackbotsspam	Multiport scan : 4 ports scanned 8332 8333 9001 9090	2020-09-07 08:10:11
172.104.242.173	attack	TCP (SYN) 172.104.242.173:40807 -> port 5900, len 40	2020-09-04 02:59:24
172.104.242.173	attackspam	TCP ports : 4400 / 5000 / 5500 / 5722	2020-09-03 18:29:54
172.104.242.173	attackspambots	TCP (SYN) 172.104.242.173:40996 -> port 3000, len 44	2020-09-01 03:48:37
172.104.242.173	attack	firewall-block, port(s): 995/tcp	2020-08-26 06:18:27
172.104.242.173	attackspambots	Unauthorized connection attempt detected from IP address 172.104.242.173 to port 873 [T]	2020-08-24 23:16:37
172.104.242.173	attackbots	Multiport scan : 4 ports scanned 137 138 139 143	2020-08-23 05:59:27

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 172.104.242.239
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3366
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;172.104.242.239.		IN	A

;; AUTHORITY SECTION:
.			579	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022700 1800 900 604800 86400

;; Query time: 61 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 27 21:57:22 CST 2022
;; MSG SIZE  rcvd: 108

Host info

239.242.104.172.in-addr.arpa domain name pointer slaek-httpd.sandstein.de.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
239.242.104.172.in-addr.arpa	name = slaek-httpd.sandstein.de.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
192.144.141.127	attackspam	Aug 22 20:47:47 gw1 sshd[15479]: Failed password for root from 192.144.141.127 port 38346 ssh2 ...	2020-08-23 00:02:21
157.0.134.164	attackbots	Aug 22 17:34:04 lukav-desktop sshd\[5914\]: Invalid user simeon from 157.0.134.164 Aug 22 17:34:04 lukav-desktop sshd\[5914\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.0.134.164 Aug 22 17:34:06 lukav-desktop sshd\[5914\]: Failed password for invalid user simeon from 157.0.134.164 port 25671 ssh2 Aug 22 17:39:38 lukav-desktop sshd\[6063\]: Invalid user liu from 157.0.134.164 Aug 22 17:39:38 lukav-desktop sshd\[6063\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.0.134.164	2020-08-23 00:06:42
162.142.125.20	attack	TCP (SYN) 162.142.125.20:18390 -> port 143, len 44	2020-08-23 00:32:15
54.39.57.1	attackbotsspam	Aug 22 14:47:47 srv-ubuntu-dev3 sshd[99892]: Invalid user postgres from 54.39.57.1 Aug 22 14:47:47 srv-ubuntu-dev3 sshd[99892]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.57.1 Aug 22 14:47:47 srv-ubuntu-dev3 sshd[99892]: Invalid user postgres from 54.39.57.1 Aug 22 14:47:50 srv-ubuntu-dev3 sshd[99892]: Failed password for invalid user postgres from 54.39.57.1 port 53670 ssh2 Aug 22 14:51:39 srv-ubuntu-dev3 sshd[100357]: Invalid user wasadmin from 54.39.57.1 Aug 22 14:51:39 srv-ubuntu-dev3 sshd[100357]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.57.1 Aug 22 14:51:39 srv-ubuntu-dev3 sshd[100357]: Invalid user wasadmin from 54.39.57.1 Aug 22 14:51:41 srv-ubuntu-dev3 sshd[100357]: Failed password for invalid user wasadmin from 54.39.57.1 port 34304 ssh2 Aug 22 14:55:43 srv-ubuntu-dev3 sshd[100792]: Invalid user kanishk from 54.39.57.1 ...	2020-08-23 00:25:18
222.186.30.59	attackbots	Aug 22 16:48:15 rocket sshd[4319]: Failed password for root from 222.186.30.59 port 13798 ssh2 Aug 22 16:49:56 rocket sshd[4478]: Failed password for root from 222.186.30.59 port 48199 ssh2 ...	2020-08-23 00:16:00
49.234.78.175	attackspambots	$f2bV_matches	2020-08-23 00:33:40
42.2.19.26	attack	SSH login attempts.	2020-08-23 00:03:51
185.176.27.110	attack	[H1.VM8] Blocked by UFW	2020-08-23 00:34:06
222.186.173.142	attackspam	Aug 22 18:37:48 ns381471 sshd[3033]: Failed password for root from 222.186.173.142 port 13218 ssh2 Aug 22 18:37:52 ns381471 sshd[3033]: Failed password for root from 222.186.173.142 port 13218 ssh2	2020-08-23 00:39:03
177.134.160.47	attack	Unauthorised connection attempt detected at AUO MAIN. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-08-23 00:06:12
103.106.76.142	attack	Port Scan detected from 103.106.76.142 (ID/Indonesia/Jakarta/Jakarta/-). 4 hits in the last 90 seconds	2020-08-23 00:07:35
71.117.128.50	attackbots	Aug 22 06:43:54 propaganda sshd[28809]: Connection from 71.117.128.50 port 44986 on 10.0.0.161 port 22 rdomain "" Aug 22 06:43:55 propaganda sshd[28809]: Connection closed by 71.117.128.50 port 44986 [preauth]	2020-08-23 00:35:18
178.59.96.141	attackspam	Aug 22 17:03:38 mellenthin sshd[7288]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.59.96.141 Aug 22 17:03:40 mellenthin sshd[7288]: Failed password for invalid user emile from 178.59.96.141 port 40842 ssh2	2020-08-23 00:13:57
81.68.120.181	attack	Aug 22 14:05:17 server sshd[27478]: Failed password for invalid user user2 from 81.68.120.181 port 50816 ssh2 Aug 22 14:08:58 server sshd[29212]: Failed password for invalid user ganyi from 81.68.120.181 port 36860 ssh2 Aug 22 14:12:34 server sshd[30865]: Failed password for invalid user squid from 81.68.120.181 port 51132 ssh2	2020-08-23 00:22:19
221.156.126.1	attackspam	Bruteforce detected by fail2ban	2020-08-23 00:16:58

Recently Reported IPs

172.104.240.230	172.104.242.200	172.104.243.78	172.104.240.69
172.104.245.157	172.104.240.6	172.104.244.199	172.104.246.200
172.104.247.186	172.104.245.155	172.104.248.122	172.104.249.137
172.104.25.121	172.104.248.145	172.104.248.173	172.104.25.225
172.104.25.166	172.104.250.107	172.104.25.157	172.104.250.191