City: Clifton
Region: New Jersey
Country: United States
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
| IP | Type | Details | Datetime |
|---|---|---|---|
| 104.131.66.225 | attack | 104.131.66.225 - - [22/Apr/2020:22:57:21 +0200] "GET /wp-login.php HTTP/1.1" 200 5686 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.131.66.225 - - [22/Apr/2020:22:57:22 +0200] "POST /wp-login.php HTTP/1.1" 200 5997 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.131.66.225 - - [22/Apr/2020:22:57:23 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" |
2020-04-23 06:10:25 |
| 104.131.66.225 | attack | WordPress XMLRPC scan :: 104.131.66.225 0.272 - [30/Mar/2020:08:50:13 0000] www.[censored_1] "POST /xmlrpc.php HTTP/1.1" 200 236 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "HTTP/1.1" |
2020-03-30 19:36:26 |
| 104.131.66.225 | attackspam | WordPress login Brute force / Web App Attack on client site. |
2020-03-10 17:01:34 |
| 104.131.66.8 | attackbots | Chat Spam |
2019-08-19 02:29:47 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.131.66.12
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 5609
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;104.131.66.12. IN A
;; AUTHORITY SECTION:
. 301 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022032602 1800 900 604800 86400
;; Query time: 96 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Mar 27 08:44:24 CST 2022
;; MSG SIZE rcvd: 106Host 12.66.131.104.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 12.66.131.104.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 168.228.150.147 | attackspambots | Brute force attempt |
2019-07-07 11:33:33 |
| 14.48.43.156 | attack | Autoban 14.48.43.156 AUTH/CONNECT |
2019-07-07 11:23:45 |
| 84.253.140.10 | attackbots | Jul 6 19:08:51 server sshd\[16828\]: Invalid user ftpd from 84.253.140.10 Jul 6 19:08:51 server sshd\[16828\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=84.253.140.10 Jul 6 19:08:53 server sshd\[16828\]: Failed password for invalid user ftpd from 84.253.140.10 port 49486 ssh2 ... |
2019-07-07 11:13:44 |
| 132.232.40.86 | attackspambots | Jul 7 04:39:27 dev sshd\[22573\]: Invalid user luky from 132.232.40.86 port 44280 Jul 7 04:39:27 dev sshd\[22573\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.40.86 ... |
2019-07-07 11:28:50 |
| 185.176.27.50 | attackspambots | Port scan on 6 port(s): 4321 5678 9876 12345 13391 33390 |
2019-07-07 11:36:07 |
| 219.144.130.208 | attackspam | SQL Injection |
2019-07-07 11:26:19 |
| 111.230.66.65 | attack | Jul 6 19:52:43 xb0 sshd[24757]: Failed password for invalid user ts3 from 111.230.66.65 port 34888 ssh2 Jul 6 19:52:44 xb0 sshd[24757]: Received disconnect from 111.230.66.65: 11: Bye Bye [preauth] Jul 6 20:05:48 xb0 sshd[17678]: Failed password for invalid user odoo from 111.230.66.65 port 40812 ssh2 Jul 6 20:05:48 xb0 sshd[17678]: Received disconnect from 111.230.66.65: 11: Bye Bye [preauth] Jul 6 20:12:41 xb0 sshd[23119]: Failed password for invalid user gerrhostname2 from 111.230.66.65 port 44956 ssh2 Jul 6 20:12:43 xb0 sshd[23119]: Received disconnect from 111.230.66.65: 11: Bye Bye [preauth] Jul 6 20:14:26 xb0 sshd[27792]: Connection closed by 111.230.66.65 [preauth] Jul 6 20:16:07 xb0 sshd[17615]: Connection closed by 111.230.66.65 [preauth] Jul 6 20:17:46 xb0 sshd[21450]: Failed password for invalid user qhsupport from 111.230.66.65 port 55082 ssh2 Jul 6 20:17:48 xb0 sshd[21450]: Received disconnect from 111.230.66.65: 11: Bye Bye [preauth] Jul 6 20:1........ ------------------------------- |
2019-07-07 11:32:15 |
| 162.247.74.216 | attackbotsspam | Unauthorized SSH login attempts |
2019-07-07 11:06:14 |
| 185.211.245.170 | attackspambots | Jul 7 04:20:05 mail postfix/smtpd\[30628\]: warning: unknown\[185.211.245.170\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Jul 7 04:55:58 mail postfix/smtpd\[31119\]: warning: unknown\[185.211.245.170\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Jul 7 04:56:06 mail postfix/smtpd\[31119\]: warning: unknown\[185.211.245.170\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Jul 7 04:58:40 mail postfix/smtpd\[31279\]: warning: unknown\[185.211.245.170\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ |
2019-07-07 11:24:46 |
| 79.137.35.70 | attackbotsspam | Jul 7 00:40:23 localhost sshd\[16511\]: Invalid user wedding from 79.137.35.70 port 37404 Jul 7 00:40:23 localhost sshd\[16511\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.137.35.70 Jul 7 00:40:26 localhost sshd\[16511\]: Failed password for invalid user wedding from 79.137.35.70 port 37404 ssh2 ... |
2019-07-07 10:59:34 |
| 180.76.108.110 | attackspambots | Jul 6 23:07:56 *** sshd[30176]: Invalid user olga from 180.76.108.110 |
2019-07-07 11:43:12 |
| 46.101.221.138 | attackbotsspam | miraniessen.de 46.101.221.138 \[07/Jul/2019:01:08:43 +0200\] "POST /wp-login.php HTTP/1.1" 200 5972 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" miraniessen.de 46.101.221.138 \[07/Jul/2019:01:08:43 +0200\] "POST /wp-login.php HTTP/1.1" 200 5972 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" |
2019-07-07 11:20:49 |
| 223.255.134.222 | attack | /shell?busybox |
2019-07-07 11:31:59 |
| 170.130.187.14 | attack | 3389BruteforceFW22 |
2019-07-07 11:10:06 |
| 185.220.100.253 | attackbots | Unauthorized SSH login attempts |
2019-07-07 11:06:32 |