104.131.30.37 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: None

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.131.30.37
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21701
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.131.30.37.			IN	A

;; AUTHORITY SECTION:
.			597	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022701 1800 900 604800 86400

;; Query time: 57 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 28 02:48:55 CST 2022
;; MSG SIZE  rcvd: 106

Host info

37.30.131.104.in-addr.arpa domain name pointer tayferret.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
37.30.131.104.in-addr.arpa	name = tayferret.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
51.254.182.54	attack	srvr1: (mod_security) mod_security (id:942100) triggered by 51.254.182.54 (BE/-/-): 1 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/08/21 12:00:43 [error] 482759#0: 839997 [client 51.254.182.54] ModSecurity: Access denied with code 406 (phase 2). [file "/etc/modsecurity.d/REQUEST-942-APPLICATION-ATTACK-SQLI.conf"] [line "45"] [id "942100"] [rev ""] [msg ""] [redacted] [severity "0"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-sqli"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/152/248/66"] [tag "PCI/6.5.2"] [redacted] [uri "/forum/viewthread.php"] [unique_id "159801124392.780127"] [ref ""], client: 51.254.182.54, [redacted] request: "GET /forum/viewthread.php?thread_id=1122PROCEDURE+ANALYSE%28EXTRACTVALUE%288971%2CCONCAT%280x5c%2C0x524949743677%2C%28SELECT+%28ELT%282836%3D2836%2C1%29%29%29%2C0x524949743677%29%29%2C1%29--+pp4Y HTTP/1.1" [redacted]	2020-08-22 03:59:03
92.118.160.17	attackbots	Unauthorized connection attempt detected from IP address 92.118.160.17 to port 111 [T]	2020-08-22 03:48:16
45.115.4.210	attackbots	Unauthorized connection attempt from IP address 45.115.4.210 on Port 445(SMB)	2020-08-22 03:56:30
118.70.196.124	attackspambots	srvr1: (mod_security) mod_security (id:942100) triggered by 118.70.196.124 (VN/-/-): 1 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/08/21 12:00:44 [error] 482759#0: 839999 [client 118.70.196.124] ModSecurity: Access denied with code 406 (phase 2). [file "/etc/modsecurity.d/REQUEST-942-APPLICATION-ATTACK-SQLI.conf"] [line "45"] [id "942100"] [rev ""] [msg ""] [redacted] [severity "0"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-sqli"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/152/248/66"] [tag "PCI/6.5.2"] [redacted] [uri "/forum/viewthread.php"] [unique_id "15980112444.340527"] [ref ""], client: 118.70.196.124, [redacted] request: "GET /forum/viewthread.php?thread_id=1122%29PROCEDURE+ANALYSE%28EXTRACTVALUE%288971%2CCONCAT%280x5c%2C0x666d79664469%2C%28SELECT+%28ELT%282836%3D2836%2C1%29%29%29%2C0x666d79664469%29%29%2C1%29%23+f1pd HTTP/1.1" [redacted]	2020-08-22 03:57:45
1.202.77.210	attackspambots	Aug 21 18:20:48 mellenthin sshd[27080]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.202.77.210 Aug 21 18:20:50 mellenthin sshd[27080]: Failed password for invalid user root1 from 1.202.77.210 port 24560 ssh2	2020-08-22 03:56:43
113.130.126.212	attackspam	srvr1: (mod_security) mod_security (id:942100) triggered by 113.130.126.212 (KH/-/-): 1 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/08/21 12:01:05 [error] 482759#0: 840039 [client 113.130.126.212] ModSecurity: Access denied with code 406 (phase 2). [file "/etc/modsecurity.d/REQUEST-942-APPLICATION-ATTACK-SQLI.conf"] [line "45"] [id "942100"] [rev ""] [msg ""] [redacted] [severity "0"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-sqli"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/152/248/66"] [tag "PCI/6.5.2"] [redacted] [uri "/forum/viewthread.php"] [unique_id "159801126544.715423"] [ref ""], client: 113.130.126.212, [redacted] request: "GET /forum/viewthread.php?thread_id=1122+AND+EXP%28~%28SELECT+%2A+FROM+%28SELECT+CONCAT%280x4a5954754a6d%2C%28SELECT+%28ELT%282836%3D2836%2C1%29%29%29%2C0x4a5954754a6d%2C0x78%29%29x%29%29--+CqbC HTTP/1.1" [redacted]	2020-08-22 03:33:53
103.79.169.157	attackbots	Unauthorized connection attempt from IP address 103.79.169.157 on Port 445(SMB)	2020-08-22 03:31:56
40.134.163.161	attackspam	Unauthorized connection attempt from IP address 40.134.163.161 on Port 445(SMB)	2020-08-22 03:50:13
109.224.45.138	attack	srvr1: (mod_security) mod_security (id:942100) triggered by 109.224.45.138 (IQ/-/-): 1 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/08/21 12:00:51 [error] 482759#0: 840009 [client 109.224.45.138] ModSecurity: Access denied with code 406 (phase 2). [file "/etc/modsecurity.d/REQUEST-942-APPLICATION-ATTACK-SQLI.conf"] [line "45"] [id "942100"] [rev ""] [msg ""] [redacted] [severity "0"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-sqli"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/152/248/66"] [tag "PCI/6.5.2"] [redacted] [uri "/forum/viewthread.php"] [unique_id "159801125151.900127"] [ref ""], client: 109.224.45.138, [redacted] request: "GET /forum/viewthread.php?thread_id=1122+OR+UPDATEXML%285947%2CCONCAT%280x2e%2C0x36554448764a%2C%28SELECT+%28ELT%282836%3D2836%2C1%29%29%29%2C0x36554448764a%29%2C5431%29 HTTP/1.1" [redacted]	2020-08-22 03:51:23
50.2.251.213	attackbotsspam	Brute force attempt	2020-08-22 04:00:18
212.129.139.59	attackbots	2020-08-21T16:06:35.147759snf-827550 sshd[4330]: Invalid user mct from 212.129.139.59 port 45304 2020-08-21T16:06:36.665149snf-827550 sshd[4330]: Failed password for invalid user mct from 212.129.139.59 port 45304 ssh2 2020-08-21T16:12:47.103353snf-827550 sshd[4385]: Invalid user ba from 212.129.139.59 port 45002 ...	2020-08-22 03:33:21
111.198.61.150	attackspam	$f2bV_matches	2020-08-22 03:48:32
185.82.177.91	attackspam	Unauthorized connection attempt from IP address 185.82.177.91 on Port 445(SMB)	2020-08-22 03:41:11
49.49.245.40	attack	Unauthorized connection attempt from IP address 49.49.245.40 on Port 445(SMB)	2020-08-22 03:34:33
159.65.30.66	attack	2020-08-21T15:30:06+0000 Failed SSH Authentication/Brute Force Attack. (Server 6)	2020-08-22 03:45:58

Recently Reported IPs

104.131.252.237	104.131.30.97	104.131.35.207	104.131.43.134
104.131.40.57	104.152.108.152	104.152.108.214	104.152.108.40
104.151.238.214	104.152.108.90	104.152.109.116	104.152.108.92
104.152.109.135	104.152.109.225	104.149.88.194	104.149.9.203
104.149.91.30	104.152.109.62	104.152.109.237	104.152.109.57