104.131.199.12

Basic Info

City: New York

Region: New York

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.131.199.240	attackbotsspam	#Blacklisted DigitalOcean Botnet Host Attacks WordPress Again: xmlrpc.php & wlwmanifest.xml #Blacklisted DigitalOcean Botnet UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36 Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.143 Safari/537.36 Mozilla Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; Trident/5.0)	2019-11-27 21:01:03

Type

Details

Datetime

104.131.199.240

attackbotsspam

#Blacklisted DigitalOcean Botnet Host Attacks WordPress Again: xmlrpc.php & wlwmanifest.xml  

#Blacklisted DigitalOcean Botnet UA: 
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36  
  
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.143 Safari/537.36
  
Mozilla 
 
Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; Trident/5.0)

2019-11-27 21:01:03

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.131.199.12
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3223
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.131.199.12.			IN	A

;; AUTHORITY SECTION:
.			184	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022052300 1800 900 604800 86400

;; Query time: 59 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue May 24 01:25:01 CST 2022
;; MSG SIZE  rcvd: 107

Host info

12.199.131.104.in-addr.arpa domain name pointer hosting2.investorsunderground.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
12.199.131.104.in-addr.arpa	name = hosting2.investorsunderground.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
196.188.178.220	attackspam	Sep 28 22:39:23 mxgate1 postfix/postscreen[28212]: CONNECT from [196.188.178.220]:36812 to [176.31.12.44]:25 Sep 28 22:39:23 mxgate1 postfix/dnsblog[28216]: addr 196.188.178.220 listed by domain bl.spamcop.net as 127.0.0.2 Sep 28 22:39:23 mxgate1 postfix/dnsblog[28233]: addr 196.188.178.220 listed by domain zen.spamhaus.org as 127.0.0.11 Sep 28 22:39:23 mxgate1 postfix/dnsblog[28233]: addr 196.188.178.220 listed by domain zen.spamhaus.org as 127.0.0.3 Sep 28 22:39:23 mxgate1 postfix/dnsblog[28233]: addr 196.188.178.220 listed by domain zen.spamhaus.org as 127.0.0.4 Sep 28 22:39:23 mxgate1 postfix/dnsblog[28214]: addr 196.188.178.220 listed by domain cbl.abuseat.org as 127.0.0.2 Sep 28 22:39:23 mxgate1 postfix/dnsblog[28213]: addr 196.188.178.220 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2 Sep 28 22:39:23 mxgate1 postfix/dnsblog[28215]: addr 196.188.178.220 listed by domain b.barracudacentral.org as 127.0.0.2 Sep 28 22:39:29 mxgate1 postfix/postscreen[28212]: DNSBL........ -------------------------------	2020-09-30 04:19:39
218.241.154.197	attackspam	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-09-30 04:36:52
182.69.177.207	attackspam	Sep 28 22:16:47 r.ca sshd[5105]: Failed password for invalid user solaris from 182.69.177.207 port 38376 ssh2	2020-09-30 04:17:56
61.96.244.193	attackspam	Portscan detected	2020-09-30 04:46:49
134.175.146.231	attackbotsspam	2020-09-29T11:28:07.907331morrigan.ad5gb.com sshd[354714]: Invalid user patrick from 134.175.146.231 port 59108	2020-09-30 04:38:09
185.153.196.226	attack	REQUESTED PAGE: /.git/config	2020-09-30 04:29:14
51.178.52.84	attack	WordPress XMLRPC scan :: 51.178.52.84 0.004 BYPASS [29/Sep/2020:20:03:04 0000] [censored_2] "POST /xmlrpc.php HTTP/2.0" 200 20 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-30 04:45:22
203.151.146.216	attackspambots	Invalid user pedro from 203.151.146.216 port 46324	2020-09-30 04:18:51
186.42.182.41	attack	firewall-block, port(s): 445/tcp	2020-09-30 04:47:29
85.209.0.101	attackbots	Failed password for root from 85.209.0.101 port 22648 ssh2 Failed password for root from 85.209.0.101 port 22574 ssh2	2020-09-30 04:20:12
222.186.42.213	attackspambots	Sep 29 20:37:37 game-panel sshd[15920]: Failed password for root from 222.186.42.213 port 23967 ssh2 Sep 29 20:37:45 game-panel sshd[15922]: Failed password for root from 222.186.42.213 port 10073 ssh2 Sep 29 20:37:47 game-panel sshd[15922]: Failed password for root from 222.186.42.213 port 10073 ssh2	2020-09-30 04:41:16
106.12.90.45	attackbotsspam	Sep 27 18:03:54 hidden sshd[25858]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.90.45 Sep 27 18:03:56 hidden sshd[25858]: Failed password for invalid user aaa from 106.12.90.45 port 33534 ssh2 Sep 27 18:05:12 hidden sshd[26077]: Invalid user ceph from 106.12.90.45 port 41844	2020-09-30 04:42:06
13.75.237.170	attackbotsspam	Sep 29 21:22:49 s1 postfix/smtps/smtpd\[20838\]: warning: unknown\[13.75.237.170\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 29 21:25:26 s1 postfix/smtps/smtpd\[21755\]: warning: unknown\[13.75.237.170\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 29 21:28:13 s1 postfix/smtps/smtpd\[21916\]: warning: unknown\[13.75.237.170\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 29 21:31:01 s1 postfix/smtps/smtpd\[22878\]: warning: unknown\[13.75.237.170\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 29 21:33:48 s1 postfix/smtps/smtpd\[22878\]: warning: unknown\[13.75.237.170\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 29 21:36:34 s1 postfix/smtps/smtpd\[22878\]: warning: unknown\[13.75.237.170\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 29 21:39:20 s1 postfix/smtps/smtpd\[23926\]: warning: unknown\[13.75.237.170\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 29 21:42:21 s1 postfix/smtps/smtpd\[23926\]: warning: unknown\[13.75.237.170\]: SASL LOGIN authenticati	2020-09-30 04:52:12
200.170.250.54	attackspam	Invalid user monitoring from 200.170.250.54 port 60844	2020-09-30 04:39:57
176.31.163.192	attackbotsspam	Sep 29 20:20:42 mavik sshd[9526]: Failed password for invalid user nagios from 176.31.163.192 port 43978 ssh2 Sep 29 20:22:41 mavik sshd[9560]: Invalid user mike from 176.31.163.192 Sep 29 20:22:41 mavik sshd[9560]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=vps-971b0d92.vps.ovh.net Sep 29 20:22:43 mavik sshd[9560]: Failed password for invalid user mike from 176.31.163.192 port 53130 ssh2 Sep 29 20:24:47 mavik sshd[9598]: Invalid user testuser1 from 176.31.163.192 ...	2020-09-30 04:31:51

Recently Reported IPs

104.131.191.158	104.131.21.11	104.131.214.7	104.131.25.176
104.131.27.158	104.131.36.247	104.131.55.39	104.131.56.122
104.131.56.147	104.131.6.187	104.131.73.239	104.131.8.148
104.131.84.147	104.131.86.223	104.131.87.232	104.131.88.155
104.131.88.73	104.131.91.135	104.131.92.171	104.131.92.222