72.204.21.254 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States of America (the)

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
72.204.21.192	attackspam	2020-02-18T14:13:15.816186shield sshd\[746\]: Invalid user lynda from 72.204.21.192 port 49128 2020-02-18T14:13:15.822044shield sshd\[746\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip72-204-21-192.fv.ks.cox.net 2020-02-18T14:13:17.648190shield sshd\[746\]: Failed password for invalid user lynda from 72.204.21.192 port 49128 ssh2 2020-02-18T14:17:44.174269shield sshd\[1064\]: Invalid user db2fenc1 from 72.204.21.192 port 59092 2020-02-18T14:17:44.178433shield sshd\[1064\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip72-204-21-192.fv.ks.cox.net	2020-02-18 22:52:45
72.204.21.192	attackspambots	2020-01-29T06:15:46.259567suse-nuc sshd[21142]: Invalid user maahir from 72.204.21.192 port 50190 ...	2020-02-18 09:57:21
72.204.21.192	attackbots	Automatic report - SSH Brute-Force Attack	2020-02-16 09:08:29
72.204.21.192	attack	" "	2019-12-31 19:19:04

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 72.204.21.254
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 19827
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;72.204.21.254.			IN	A

;; AUTHORITY SECTION:
.			29	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025012802 1800 900 604800 86400

;; Query time: 11 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jan 29 12:52:10 CST 2025
;; MSG SIZE  rcvd: 106

Host info

254.21.204.72.in-addr.arpa domain name pointer ip72-204-21-254.fv.ks.cox.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
254.21.204.72.in-addr.arpa	name = ip72-204-21-254.fv.ks.cox.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
89.255.231.253	attack	[Wed Apr 29 21:44:02 2020] - Syn Flood From IP: 89.255.231.253 Port: 32671	2020-04-30 04:39:34
14.239.32.159	attack	Unauthorized connection attempt from IP address 14.239.32.159 on Port 445(SMB)	2020-04-30 05:08:33
222.189.82.110	attackspambots	Port probing on unauthorized port 5555	2020-04-30 04:37:31
138.197.5.191	attackspam	Apr 29 22:59:41 meumeu sshd[18352]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.5.191 Apr 29 22:59:44 meumeu sshd[18352]: Failed password for invalid user dst from 138.197.5.191 port 39612 ssh2 Apr 29 23:03:56 meumeu sshd[18957]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.5.191 ...	2020-04-30 05:16:50
150.107.188.48	attackspam	Netgear DGN Device Remote Command Execution Vulnerability, PTR: PTR record not found	2020-04-30 04:37:50
49.233.173.136	attackbotsspam	Apr 29 20:09:47 vlre-nyc-1 sshd\[20900\]: Invalid user tnb from 49.233.173.136 Apr 29 20:09:47 vlre-nyc-1 sshd\[20900\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.173.136 Apr 29 20:09:49 vlre-nyc-1 sshd\[20900\]: Failed password for invalid user tnb from 49.233.173.136 port 51876 ssh2 Apr 29 20:15:16 vlre-nyc-1 sshd\[21084\]: Invalid user orhan from 49.233.173.136 Apr 29 20:15:16 vlre-nyc-1 sshd\[21084\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.173.136 ...	2020-04-30 05:01:31
178.128.90.9	attack	178.128.90.9 - - [29/Apr/2020:22:15:20 +0200] "GET /wp-login.php HTTP/1.1" 200 5686 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 178.128.90.9 - - [29/Apr/2020:22:15:27 +0200] "POST /wp-login.php HTTP/1.1" 200 5937 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 178.128.90.9 - - [29/Apr/2020:22:15:33 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-04-30 04:47:33
45.248.71.20	attackspambots	Apr 29 22:38:48 srv-ubuntu-dev3 sshd[70839]: Invalid user ftpuser from 45.248.71.20 Apr 29 22:38:48 srv-ubuntu-dev3 sshd[70839]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.248.71.20 Apr 29 22:38:48 srv-ubuntu-dev3 sshd[70839]: Invalid user ftpuser from 45.248.71.20 Apr 29 22:38:50 srv-ubuntu-dev3 sshd[70839]: Failed password for invalid user ftpuser from 45.248.71.20 port 41296 ssh2 Apr 29 22:42:43 srv-ubuntu-dev3 sshd[71464]: Invalid user eb from 45.248.71.20 Apr 29 22:42:43 srv-ubuntu-dev3 sshd[71464]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.248.71.20 Apr 29 22:42:43 srv-ubuntu-dev3 sshd[71464]: Invalid user eb from 45.248.71.20 Apr 29 22:42:45 srv-ubuntu-dev3 sshd[71464]: Failed password for invalid user eb from 45.248.71.20 port 52436 ssh2 Apr 29 22:46:27 srv-ubuntu-dev3 sshd[72073]: Invalid user test from 45.248.71.20 ...	2020-04-30 04:47:07
83.97.20.30	attack	(sshd) Failed SSH login from 83.97.20.30 (RO/Romania/30.20.97.83.ro.ovo.sc): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 29 22:22:04 ubnt-55d23 sshd[9049]: Did not receive identification string from 83.97.20.30 port 55589 Apr 29 22:32:09 ubnt-55d23 sshd[10633]: Did not receive identification string from 83.97.20.30 port 7921	2020-04-30 04:39:54
47.244.120.6	attack	WordPress brute force	2020-04-30 05:19:54
200.84.192.184	attackspambots	Unauthorized connection attempt from IP address 200.84.192.184 on Port 445(SMB)	2020-04-30 04:36:40
64.225.19.60	attackspam	WordPress brute force	2020-04-30 05:15:01
37.99.146.146	attackspambots	Unauthorized connection attempt from IP address 37.99.146.146 on Port 445(SMB)	2020-04-30 04:46:00
120.70.102.239	attackspam	Apr 29 23:12:39 ift sshd\[64845\]: Invalid user swetha from 120.70.102.239Apr 29 23:12:42 ift sshd\[64845\]: Failed password for invalid user swetha from 120.70.102.239 port 55435 ssh2Apr 29 23:17:21 ift sshd\[303\]: Invalid user deploy from 120.70.102.239Apr 29 23:17:23 ift sshd\[303\]: Failed password for invalid user deploy from 120.70.102.239 port 60582 ssh2Apr 29 23:22:14 ift sshd\[904\]: Invalid user pcmc from 120.70.102.239 ...	2020-04-30 04:47:56
54.76.105.162	attackbots	WordPress brute force	2020-04-30 05:16:05

Recently Reported IPs

165.101.74.101	148.223.176.164	241.138.251.10	204.75.152.219
101.239.118.11	255.15.249.171	63.50.34.189	132.225.73.139
235.230.126.109	50.113.98.198	46.148.109.231	79.173.172.33
67.46.14.42	189.245.114.255	149.149.249.24	150.149.211.95
76.117.98.93	83.209.126.129	207.75.121.96	34.202.184.251