104.131.66.12 - IPInfo

Basic Info

City: Clifton

Region: New Jersey

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.131.66.225	attack	104.131.66.225 - - [22/Apr/2020:22:57:21 +0200] "GET /wp-login.php HTTP/1.1" 200 5686 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.131.66.225 - - [22/Apr/2020:22:57:22 +0200] "POST /wp-login.php HTTP/1.1" 200 5997 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.131.66.225 - - [22/Apr/2020:22:57:23 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-04-23 06:10:25
104.131.66.225	attack	WordPress XMLRPC scan :: 104.131.66.225 0.272 - [30/Mar/2020:08:50:13 0000] www.[censored_1] "POST /xmlrpc.php HTTP/1.1" 200 236 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "HTTP/1.1"	2020-03-30 19:36:26
104.131.66.225	attackspam	WordPress login Brute force / Web App Attack on client site.	2020-03-10 17:01:34
104.131.66.8	attackbots	Chat Spam	2019-08-19 02:29:47

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.131.66.12
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 5609
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.131.66.12.			IN	A

;; AUTHORITY SECTION:
.			301	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022032602 1800 900 604800 86400

;; Query time: 96 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Mar 27 08:44:24 CST 2022
;; MSG SIZE  rcvd: 106

Host info

Host 12.66.131.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 12.66.131.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
174.138.21.27	attackspam	Aug 31 19:32:49 vps691689 sshd[24868]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.21.27 Aug 31 19:32:51 vps691689 sshd[24868]: Failed password for invalid user lq from 174.138.21.27 port 50324 ssh2 ...	2019-09-01 05:20:40
14.207.214.201	attackbotsspam	Unauthorized connection attempt from IP address 14.207.214.201 on Port 445(SMB)	2019-09-01 05:26:32
117.200.17.169	attack	Unauthorized connection attempt from IP address 117.200.17.169 on Port 445(SMB)	2019-09-01 05:50:24
190.186.170.83	attack	Aug 31 12:34:52 MK-Soft-VM6 sshd\[3488\]: Invalid user mailer from 190.186.170.83 port 51222 Aug 31 12:34:52 MK-Soft-VM6 sshd\[3488\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.186.170.83 Aug 31 12:34:54 MK-Soft-VM6 sshd\[3488\]: Failed password for invalid user mailer from 190.186.170.83 port 51222 ssh2 ...	2019-09-01 05:23:53
95.0.208.130	attack	Unauthorized connection attempt from IP address 95.0.208.130 on Port 445(SMB)	2019-09-01 05:43:39
103.91.91.194	attackbotsspam	Unauthorized connection attempt from IP address 103.91.91.194 on Port 445(SMB)	2019-09-01 05:15:26
45.122.220.157	attackbotsspam	Automatic report - Banned IP Access	2019-09-01 05:18:23
35.202.27.205	attackspambots	$f2bV_matches	2019-09-01 05:14:38
164.132.62.239	attack	Aug 27 10:00:28 v22019016889681227 sshd[4622]: Failed password for invalid user koraseru from 164.132.62.233 port 40424 ssh2 Aug 27 10:14:10 v22019016889681227 sshd[4807]: Failed password for invalid user spencer from 164.132.62.233 port 55188 ssh2 Aug 27 10:17:54 v22019016889681227 sshd[4851]: Failed password for games from 164.132.62.233 port 42754 ssh2 Aug 27 10:21:25 v22019016889681227 sshd[4907]: Failed password for invalid user elastic from 164.132.62.233 port 58552 ssh2 Aug 27 10:24:57 v22019016889681227 sshd[4949]: Failed password for invalid user wq from 164.132.62.233 port 46130 ssh2 Aug 27 10:28:43 v22019016889681227 sshd[4992]: Failed password for invalid user zc from 164.132.62.233 port 33704 ssh2 Aug 27 10:32:26 v22019016889681227 sshd[5038]: Failed password for invalid user bsmith from 164.132.62.233 port 49514 ssh2 Aug 27 10:36:01 v22019016889681227 sshd[5067]: Accepted password for ftpuser from 164.132.62.233 port 37078 ssh2 Aug 27 10:36:03 v22019016889681227 sshd[5070]: Failed password for invalid user nproc from 164.132.62.233 port 37092 ssh2 Aug 27 10:36:27 v22019016889681227 sshd[5155]: Failed password for ftpuser from 164.132.62.233 port 42172 ssh2	2019-09-01 05:19:24
123.201.36.4	attackbotsspam	Lines containing failures of 123.201.36.4 auth.log:Aug 31 13:23:38 omfg sshd[30275]: Connection from 123.201.36.4 port 52584 on 78.46.60.41 port 22 auth.log:Aug 31 13:23:38 omfg sshd[30275]: Did not receive identification string from 123.201.36.4 auth.log:Aug 31 13:23:38 omfg sshd[30276]: Connection from 123.201.36.4 port 52646 on 78.46.60.50 port 22 auth.log:Aug 31 13:23:38 omfg sshd[30276]: Did not receive identification string from 123.201.36.4 auth.log:Aug 31 13:23:39 omfg sshd[30277]: Connection from 123.201.36.4 port 52401 on 78.46.60.42 port 22 auth.log:Aug 31 13:23:39 omfg sshd[30277]: Did not receive identification string from 123.201.36.4 auth.log:Aug 31 13:23:42 omfg sshd[30278]: Connection from 123.201.36.4 port 55458 on 78.46.60.41 port 22 auth.log:Aug 31 13:23:44 omfg sshd[30278]: Invalid user support from 123.201.36.4 auth.log:Aug 31 13:23:44 omfg sshd[30278]: Connection closed by 123.201.36.4 port 55458 [preauth] ........ ----------------------------------------------- https://www.blocklist.	2019-09-01 05:41:42
2.139.176.35	attackbots	2019-08-31T21:30:31.702018abusebot-6.cloudsearch.cf sshd\[22145\]: Invalid user postgres from 2.139.176.35 port 54328	2019-09-01 05:39:01
186.26.127.18	attackspam	Unauthorized connection attempt from IP address 186.26.127.18 on Port 445(SMB)	2019-09-01 05:45:15
24.210.199.30	attackspam	Aug 31 20:21:10 meumeu sshd[1310]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=24.210.199.30 Aug 31 20:21:12 meumeu sshd[1310]: Failed password for invalid user semenov from 24.210.199.30 port 33128 ssh2 Aug 31 20:26:17 meumeu sshd[1939]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=24.210.199.30 ...	2019-09-01 05:28:15
121.13.237.38	attack	Aug3113:28:20server4pure-ftpd:$\?@121.13.237.38$[WARNING]Authenticationfailedforuser[www]Aug3113:28:24server4pure-ftpd:$\?@121.13.237.38$[WARNING]Authenticationfailedforuser[www]Aug3112:39:36server4pure-ftpd:$\?@183.184.50.184$[WARNING]Authenticationfailedforuser[www]Aug3113:31:48server4pure-ftpd:$\?@117.68.197.99$[WARNING]Authenticationfailedforuser[www]Aug3112:38:58server4pure-ftpd:$\?@183.184.50.184$[WARNING]Authenticationfailedforuser[www]Aug3112:39:04server4pure-ftpd:$\?@183.184.50.184$[WARNING]Authenticationfailedforuser[www]Aug3112:39:10server4pure-ftpd:$\?@183.184.50.184$[WARNING]Authenticationfailedforuser[www]Aug3113:08:03server4pure-ftpd:$\?@125.93.81.120$[WARNING]Authenticationfailedforuser[www]Aug3112:39:17server4pure-ftpd:$\?@183.184.50.184$[WARNING]Authenticationfailedforuser[www]Aug3112:38:52server4pure-ftpd:$\?@183.184.50.184$[WARNING]Authenticationfailedforuser[www]IPAddressesBlocked:	2019-09-01 05:44:31
165.22.128.115	attackbotsspam	Apr 23 01:14:34 vtv3 sshd\[27340\]: Invalid user zc from 165.22.128.115 port 52666 Apr 23 01:14:34 vtv3 sshd\[27340\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.128.115 Apr 23 01:14:36 vtv3 sshd\[27340\]: Failed password for invalid user zc from 165.22.128.115 port 52666 ssh2 Apr 23 01:19:41 vtv3 sshd\[29831\]: Invalid user ftpalert from 165.22.128.115 port 46796 Apr 23 01:19:41 vtv3 sshd\[29831\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.128.115 Apr 23 01:31:20 vtv3 sshd\[3728\]: Invalid user www from 165.22.128.115 port 37146 Apr 23 01:31:20 vtv3 sshd\[3728\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.128.115 Apr 23 01:31:22 vtv3 sshd\[3728\]: Failed password for invalid user www from 165.22.128.115 port 37146 ssh2 Apr 23 01:33:49 vtv3 sshd\[4769\]: Invalid user rock from 165.22.128.115 port 35218 Apr 23 01:33:49 vtv3 sshd\[4769\]: pam_unix\	2019-09-01 05:22:15

Recently Reported IPs

104.131.63.24	104.131.71.91	104.131.75.154	104.131.77.113
104.131.79.59	104.131.81.202	104.131.86.61	104.131.87.95
104.131.90.200	104.131.95.195	104.131.95.198	104.131.96.116
9.216.26.22	104.131.97.31	104.131.97.85	104.131.99.192
104.140.150.150	104.140.169.9	104.140.176.26	104.140.185.14