104.131.66.115

Basic Info

City: Clifton

Region: New Jersey

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.131.66.225	attack	104.131.66.225 - - [22/Apr/2020:22:57:21 +0200] "GET /wp-login.php HTTP/1.1" 200 5686 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.131.66.225 - - [22/Apr/2020:22:57:22 +0200] "POST /wp-login.php HTTP/1.1" 200 5997 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.131.66.225 - - [22/Apr/2020:22:57:23 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-04-23 06:10:25
104.131.66.225	attack	WordPress XMLRPC scan :: 104.131.66.225 0.272 - [30/Mar/2020:08:50:13 0000] www.[censored_1] "POST /xmlrpc.php HTTP/1.1" 200 236 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "HTTP/1.1"	2020-03-30 19:36:26
104.131.66.225	attackspam	WordPress login Brute force / Web App Attack on client site.	2020-03-10 17:01:34
104.131.66.8	attackbots	Chat Spam	2019-08-19 02:29:47

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.131.66.115
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2633
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.131.66.115.			IN	A

;; AUTHORITY SECTION:
.			496	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022032801 1800 900 604800 86400

;; Query time: 17 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Mar 29 12:05:56 CST 2022
;; MSG SIZE  rcvd: 107

Host info

Host 115.66.131.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 115.66.131.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
167.99.183.170	attack	Automatic report - XMLRPC Attack	2019-10-17 06:25:48
99.122.154.169	attack	Oct 16 21:24:43 MK-Soft-VM7 sshd[21254]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=99.122.154.169 Oct 16 21:24:45 MK-Soft-VM7 sshd[21254]: Failed password for invalid user P@55wOrd from 99.122.154.169 port 58044 ssh2 ...	2019-10-17 06:29:45
95.141.236.250	attackspambots	Oct 16 21:24:08 ncomp sshd[12044]: Invalid user clucarel from 95.141.236.250 Oct 16 21:24:08 ncomp sshd[12044]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.141.236.250 Oct 16 21:24:08 ncomp sshd[12044]: Invalid user clucarel from 95.141.236.250 Oct 16 21:24:10 ncomp sshd[12044]: Failed password for invalid user clucarel from 95.141.236.250 port 56778 ssh2	2019-10-17 06:51:55
49.234.224.245	attackbots	Oct 16 21:24:24 localhost sshd\[7296\]: Invalid user 12071207 from 49.234.224.245 port 33542 Oct 16 21:24:24 localhost sshd\[7296\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.224.245 Oct 16 21:24:26 localhost sshd\[7296\]: Failed password for invalid user 12071207 from 49.234.224.245 port 33542 ssh2	2019-10-17 06:45:09
63.216.156.61	attack	port scan and connect, tcp 80 (http)	2019-10-17 06:25:33
189.228.159.199	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/189.228.159.199/ MX - 1H : (66) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : MX NAME ASN : ASN8151 IP : 189.228.159.199 CIDR : 189.228.152.0/21 PREFIX COUNT : 6397 UNIQUE IP COUNT : 13800704 WYKRYTE ATAKI Z ASN8151 : 1H - 3 3H - 6 6H - 9 12H - 19 24H - 53 DateTime : 2019-10-16 21:23:58 INFO : Server 403 - Looking for resource vulnerabilities Detected and Blocked by ADMIN - data recovery	2019-10-17 06:58:52
190.18.169.124	attack	Looking for resource vulnerabilities	2019-10-17 06:31:00
37.187.54.45	attackspam	Oct 16 19:49:49 game-panel sshd[11477]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.187.54.45 Oct 16 19:49:51 game-panel sshd[11477]: Failed password for invalid user xfsy from 37.187.54.45 port 59496 ssh2 Oct 16 19:53:27 game-panel sshd[11594]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.187.54.45	2019-10-17 06:48:03
162.243.6.213	attackspambots	Oct 16 17:11:03 xtremcommunity sshd\[587003\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.6.213 user=root Oct 16 17:11:04 xtremcommunity sshd\[587003\]: Failed password for root from 162.243.6.213 port 36772 ssh2 Oct 16 17:16:07 xtremcommunity sshd\[587079\]: Invalid user com from 162.243.6.213 port 48792 Oct 16 17:16:07 xtremcommunity sshd\[587079\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.6.213 Oct 16 17:16:09 xtremcommunity sshd\[587079\]: Failed password for invalid user com from 162.243.6.213 port 48792 ssh2 ...	2019-10-17 06:42:03
183.88.16.206	attackspam	Oct 17 01:17:43 server sshd\[1158\]: Invalid user bmike from 183.88.16.206 port 56026 Oct 17 01:17:43 server sshd\[1158\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.88.16.206 Oct 17 01:17:44 server sshd\[1158\]: Failed password for invalid user bmike from 183.88.16.206 port 56026 ssh2 Oct 17 01:22:07 server sshd\[3953\]: User root from 183.88.16.206 not allowed because listed in DenyUsers Oct 17 01:22:07 server sshd\[3953\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.88.16.206 user=root	2019-10-17 06:42:56
134.209.83.191	attackbotsspam	Oct 15 06:43:28 h1637304 sshd[30079]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.83.191 user=r.r Oct 15 06:43:30 h1637304 sshd[30079]: Failed password for r.r from 134.209.83.191 port 55208 ssh2 Oct 15 06:43:30 h1637304 sshd[30079]: Received disconnect from 134.209.83.191: 11: Bye Bye [preauth] Oct 15 06:56:01 h1637304 sshd[27106]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.83.191 Oct 15 06:56:03 h1637304 sshd[27106]: Failed password for invalid user sysadmin from 134.209.83.191 port 60804 ssh2 Oct 15 06:56:03 h1637304 sshd[27106]: Received disconnect from 134.209.83.191: 11: Bye Bye [preauth] Oct 15 06:59:46 h1637304 sshd[27631]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.83.191 user=r.r Oct 15 06:59:48 h1637304 sshd[27631]: Failed password for r.r from 134.209.83.191 port 46066 ssh2 Oct 15 06:59:48 h1637304 s........ -------------------------------	2019-10-17 06:28:29
171.67.70.173	attackspambots	SSH Scan	2019-10-17 07:00:18
106.12.85.76	attack	Oct 16 18:26:36 xtremcommunity sshd\[588313\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.85.76 user=root Oct 16 18:26:39 xtremcommunity sshd\[588313\]: Failed password for root from 106.12.85.76 port 44134 ssh2 Oct 16 18:30:54 xtremcommunity sshd\[588371\]: Invalid user john from 106.12.85.76 port 57242 Oct 16 18:30:54 xtremcommunity sshd\[588371\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.85.76 Oct 16 18:30:56 xtremcommunity sshd\[588371\]: Failed password for invalid user john from 106.12.85.76 port 57242 ssh2 ...	2019-10-17 06:46:49
190.0.22.66	attackbots	Invalid user ix from 190.0.22.66 port 17257	2019-10-17 06:37:21
171.67.70.202	attack	SSH Scan	2019-10-17 06:26:49

Recently Reported IPs

104.131.63.229	104.131.83.133	104.140.108.236	104.140.12.194
104.140.159.49	104.140.63.170	104.143.45.4	104.144.105.194
104.144.125.2	104.144.128.142	104.144.129.214	104.144.139.55
104.16.201.246	104.16.201.94	104.16.203.216	104.16.215.17
104.16.216.17	104.16.225.63	104.16.226.63	104.16.241.123