104.131.100.72

Basic Info

City: Clifton

Region: New Jersey

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.131.100.24	attack	Aug 16 02:30:59 root sshd[6388]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.100.24 user=root Aug 16 02:31:01 root sshd[6388]: Failed password for root from 104.131.100.24 port 41508 ssh2 ...	2020-08-16 07:42:18
104.131.100.255	attackbotsspam	104.131.100.255 - - [07/Jun/2020:09:30:59 +0200] "POST /xmlrpc.php HTTP/1.1" 403 3837 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.131.100.255 - - [07/Jun/2020:09:58:57 +0200] "POST /xmlrpc.php HTTP/1.1" 403 613 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-06-07 18:42:50

Type

Details

Datetime

104.131.100.24

attack

Aug 16 02:30:59 root sshd[6388]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.100.24  user=root
Aug 16 02:31:01 root sshd[6388]: Failed password for root from 104.131.100.24 port 41508 ssh2
...

2020-08-16 07:42:18

104.131.100.255

attackbotsspam

104.131.100.255 - - [07/Jun/2020:09:30:59 +0200] "POST /xmlrpc.php HTTP/1.1" 403 3837 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
104.131.100.255 - - [07/Jun/2020:09:58:57 +0200] "POST /xmlrpc.php HTTP/1.1" 403 613 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
...

2020-06-07 18:42:50

Whois info:

Dig info:

b'
; <<>> DiG 9.11.3-1ubuntu1.15-Ubuntu <<>> 104.131.100.72
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 11281
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;104.131.100.72.			IN	A

;; Query time: 1 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Sat Jun 26 18:02:59 CST 2021
;; MSG SIZE  rcvd: 43

'

Host info

Host 72.100.131.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 72.100.131.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
106.222.229.161	attackspambots	Honeypot attack, port: 445, PTR: PTR record not found	2020-03-19 03:53:34
139.199.29.155	attackbots	Tried sshing with brute force.	2020-03-19 03:42:12
186.215.202.11	attackbots	Mar 18 14:03:43 ewelt sshd[10372]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.215.202.11 user=root Mar 18 14:03:44 ewelt sshd[10372]: Failed password for root from 186.215.202.11 port 44893 ssh2 Mar 18 14:06:55 ewelt sshd[10624]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.215.202.11 user=root Mar 18 14:06:58 ewelt sshd[10624]: Failed password for root from 186.215.202.11 port 64956 ssh2 ...	2020-03-19 03:46:57
128.0.21.33	attack	Unauthorized connection attempt detected from IP address 128.0.21.33 to port 445	2020-03-19 04:05:27
187.116.126.64	attack	$f2bV_matches	2020-03-19 04:00:37
182.155.229.211	attackbotsspam	20/3/18@09:06:48: FAIL: Alarm-Network address from=182.155.229.211 ...	2020-03-19 03:55:14
84.54.179.173	attack	Honeypot attack, port: 5555, PTR: vlan-179-173.nesebar-lan.net.	2020-03-19 03:32:57
159.89.114.40	attack	Mar 18 18:03:53 localhost sshd\[8185\]: Invalid user rstudio-server from 159.89.114.40 port 35318 Mar 18 18:03:53 localhost sshd\[8185\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.114.40 Mar 18 18:03:55 localhost sshd\[8185\]: Failed password for invalid user rstudio-server from 159.89.114.40 port 35318 ssh2 ...	2020-03-19 03:45:28
51.89.148.69	attack	2020-03-18T13:43:11.306365linuxbox-skyline sshd[46993]: Invalid user lvzhizhou from 51.89.148.69 port 37584 ...	2020-03-19 03:48:07
181.63.248.149	attackbots	-	2020-03-19 04:04:24
222.186.180.41	attackbotsspam	Mar 18 20:55:02 meumeu sshd[13722]: Failed password for root from 222.186.180.41 port 16944 ssh2 Mar 18 20:55:05 meumeu sshd[13722]: Failed password for root from 222.186.180.41 port 16944 ssh2 Mar 18 20:55:10 meumeu sshd[13722]: Failed password for root from 222.186.180.41 port 16944 ssh2 Mar 18 20:55:13 meumeu sshd[13722]: Failed password for root from 222.186.180.41 port 16944 ssh2 ...	2020-03-19 03:58:25
107.173.191.104	attack	Honeypot attack, port: 445, PTR: 107-173-191-104-host.colocrossing.com.	2020-03-19 03:37:43
182.74.25.246	attackspambots	Mar 19 00:48:36 areeb-Workstation sshd[31684]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.74.25.246 Mar 19 00:48:39 areeb-Workstation sshd[31684]: Failed password for invalid user 22 from 182.74.25.246 port 47500 ssh2 ...	2020-03-19 03:54:09
36.72.143.29	attackspambots	Honeypot attack, port: 445, PTR: PTR record not found	2020-03-19 03:44:44
117.34.74.252	attackspam	Unauthorised access (Mar 18) SRC=117.34.74.252 LEN=40 TTL=243 ID=56788 TCP DPT=445 WINDOW=1024 SYN	2020-03-19 04:02:47

Recently Reported IPs

125.182.0.0	190.120.10.219	185.252.103.106	118.163.217.9
157.51.91.91	194.5.53.94	93.177.73.35	196.242.131.48
197.249.5.86	198.187.29.243	183.82.2.81	14.248.159.150
223.191.52.45	109.26.194.190	153.63.253.9	187.24.141.105
177.107.35.109	174.253.161.119	2601:703:4281:2fa0:2827:f42c:a2f6:7b9b	62.98.18.242