104.131.66.115

Basic Info

City: Clifton

Region: New Jersey

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.131.66.225	attack	104.131.66.225 - - [22/Apr/2020:22:57:21 +0200] "GET /wp-login.php HTTP/1.1" 200 5686 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.131.66.225 - - [22/Apr/2020:22:57:22 +0200] "POST /wp-login.php HTTP/1.1" 200 5997 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.131.66.225 - - [22/Apr/2020:22:57:23 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-04-23 06:10:25
104.131.66.225	attack	WordPress XMLRPC scan :: 104.131.66.225 0.272 - [30/Mar/2020:08:50:13 0000] www.[censored_1] "POST /xmlrpc.php HTTP/1.1" 200 236 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "HTTP/1.1"	2020-03-30 19:36:26
104.131.66.225	attackspam	WordPress login Brute force / Web App Attack on client site.	2020-03-10 17:01:34
104.131.66.8	attackbots	Chat Spam	2019-08-19 02:29:47

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.131.66.115
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2633
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.131.66.115.			IN	A

;; AUTHORITY SECTION:
.			496	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022032801 1800 900 604800 86400

;; Query time: 17 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Mar 29 12:05:56 CST 2022
;; MSG SIZE  rcvd: 107

Host info

Host 115.66.131.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 115.66.131.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
185.153.199.144	attack	RDP brute forcing (r)	2020-01-08 03:42:23
178.238.30.50	attackspam	20/1/7@09:35:13: FAIL: Alarm-Network address from=178.238.30.50 ...	2020-01-08 03:49:25
46.165.9.172	attackspambots	1578401732 - 01/07/2020 13:55:32 Host: 46.165.9.172/46.165.9.172 Port: 445 TCP Blocked	2020-01-08 04:08:53
138.197.98.251	attack	Jan 7 20:43:09 MK-Soft-VM5 sshd[11850]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.98.251 Jan 7 20:43:11 MK-Soft-VM5 sshd[11850]: Failed password for invalid user das from 138.197.98.251 port 45530 ssh2 ...	2020-01-08 03:56:11
123.206.117.42	attackbots	Unauthorized connection attempt detected from IP address 123.206.117.42 to port 2220 [J]	2020-01-08 03:33:02
222.92.139.158	attackbots	Unauthorized connection attempt detected from IP address 222.92.139.158 to port 2220 [J]	2020-01-08 04:06:23
2.228.163.157	attack	Unauthorized connection attempt detected from IP address 2.228.163.157 to port 2220 [J]	2020-01-08 03:40:40
200.209.174.92	attackbots	Unauthorized connection attempt detected from IP address 200.209.174.92 to port 2220 [J]	2020-01-08 03:46:55
187.123.56.86	attack	Jan 7 13:55:33 grey postfix/smtpd\[20502\]: NOQUEUE: reject: RCPT from unknown\[187.123.56.86\]: 554 5.7.1 Service unavailable\; Client host \[187.123.56.86\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[187.123.56.86\]\; from=\ to=\ proto=ESMTP helo=\ ...	2020-01-08 04:07:29
185.86.164.110	attack	WordPress login Brute force / Web App Attack on client site.	2020-01-08 03:52:00
49.234.99.246	attackspambots	Unauthorized connection attempt detected from IP address 49.234.99.246 to port 2220 [J]	2020-01-08 03:35:33
66.98.79.181	attackspam	Jan 7 20:39:01 mail sshd\[15150\]: Invalid user admin from 66.98.79.181 Jan 7 20:39:01 mail sshd\[15150\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.98.79.181 Jan 7 20:39:03 mail sshd\[15150\]: Failed password for invalid user admin from 66.98.79.181 port 39790 ssh2 ...	2020-01-08 03:44:53
112.25.12.50	attackbotsspam	Port scan on 1 port(s): 53	2020-01-08 04:10:36
181.222.11.141	attack	Unauthorized connection attempt detected from IP address 181.222.11.141 to port 81 [J]	2020-01-08 03:42:45
137.59.162.169	attackbots	Unauthorized connection attempt detected from IP address 137.59.162.169 to port 2220 [J]	2020-01-08 04:05:47

Recently Reported IPs

104.131.63.229	104.131.83.133	104.140.108.236	104.140.12.194
104.140.159.49	104.140.63.170	104.143.45.4	104.144.105.194
104.144.125.2	104.144.128.142	104.144.129.214	104.144.139.55
104.16.201.246	104.16.201.94	104.16.203.216	104.16.215.17
104.16.216.17	104.16.225.63	104.16.226.63	104.16.241.123