104.131.66.37 - IPInfo

Basic Info

City: Clifton

Region: New Jersey

Country: United States

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: DigitalOcean, LLC

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.131.66.225	attack	104.131.66.225 - - [22/Apr/2020:22:57:21 +0200] "GET /wp-login.php HTTP/1.1" 200 5686 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.131.66.225 - - [22/Apr/2020:22:57:22 +0200] "POST /wp-login.php HTTP/1.1" 200 5997 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.131.66.225 - - [22/Apr/2020:22:57:23 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-04-23 06:10:25
104.131.66.225	attack	WordPress XMLRPC scan :: 104.131.66.225 0.272 - [30/Mar/2020:08:50:13 0000] www.[censored_1] "POST /xmlrpc.php HTTP/1.1" 200 236 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "HTTP/1.1"	2020-03-30 19:36:26
104.131.66.225	attackspam	WordPress login Brute force / Web App Attack on client site.	2020-03-10 17:01:34
104.131.66.8	attackbots	Chat Spam	2019-08-19 02:29:47

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.131.66.37
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52142
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.131.66.37.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019073002 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Jul 31 02:12:42 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 37.66.131.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 37.66.131.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
128.199.13.51	attackspam	Oct 9 08:51:42 cho sshd[280305]: Failed password for root from 128.199.13.51 port 50248 ssh2 Oct 9 08:53:54 cho sshd[280418]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.13.51 user=root Oct 9 08:53:56 cho sshd[280418]: Failed password for root from 128.199.13.51 port 58370 ssh2 Oct 9 08:56:05 cho sshd[280554]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.13.51 user=root Oct 9 08:56:07 cho sshd[280554]: Failed password for root from 128.199.13.51 port 38260 ssh2 ...	2020-10-09 15:41:14
61.177.172.89	attack	Oct 9 08:00:50 ip-172-31-61-156 sshd[13742]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.89 user=root Oct 9 08:00:52 ip-172-31-61-156 sshd[13742]: Failed password for root from 61.177.172.89 port 43928 ssh2 ...	2020-10-09 16:03:43
112.85.42.190	attack	Oct 9 09:25:58 piServer sshd[31886]: Failed password for root from 112.85.42.190 port 44338 ssh2 Oct 9 09:26:02 piServer sshd[31886]: Failed password for root from 112.85.42.190 port 44338 ssh2 Oct 9 09:26:07 piServer sshd[31886]: Failed password for root from 112.85.42.190 port 44338 ssh2 Oct 9 09:26:12 piServer sshd[31886]: Failed password for root from 112.85.42.190 port 44338 ssh2 ...	2020-10-09 15:27:09
222.221.248.242	attackspambots	2020-10-09T01:30:41.913045linuxbox-skyline sshd[60250]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.221.248.242 user=root 2020-10-09T01:30:43.832754linuxbox-skyline sshd[60250]: Failed password for root from 222.221.248.242 port 40434 ssh2 ...	2020-10-09 16:06:42
186.147.35.76	attackspam	(sshd) Failed SSH login from 186.147.35.76 (CO/Colombia/static-ip-1861473576.cable.net.co): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 9 01:03:00 server sshd[5761]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.147.35.76 user=root Oct 9 01:03:01 server sshd[5761]: Failed password for root from 186.147.35.76 port 57511 ssh2 Oct 9 01:21:01 server sshd[10186]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.147.35.76 user=root Oct 9 01:21:03 server sshd[10186]: Failed password for root from 186.147.35.76 port 44055 ssh2 Oct 9 01:25:46 server sshd[11303]: Invalid user system2 from 186.147.35.76 port 46344	2020-10-09 15:39:21
71.211.144.1	attackspam	sshguard	2020-10-09 16:08:02
110.164.163.54	attack	Oct 7 04:52:33 datentool sshd[4173]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.164.163.54 user=r.r Oct 7 04:52:35 datentool sshd[4173]: Failed password for r.r from 110.164.163.54 port 44540 ssh2 Oct 7 05:05:55 datentool sshd[4453]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.164.163.54 user=r.r Oct 7 05:05:57 datentool sshd[4453]: Failed password for r.r from 110.164.163.54 port 44684 ssh2 Oct 7 05:12:30 datentool sshd[4509]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.164.163.54 user=r.r Oct 7 05:12:31 datentool sshd[4509]: Failed password for r.r from 110.164.163.54 port 49714 ssh2 Oct 7 05:18:52 datentool sshd[4609]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.164.163.54 user=r.r Oct 7 05:18:53 datentool sshd[4609]: Failed password for r.r from 110.164.163.54 port........ -------------------------------	2020-10-09 15:27:23
74.120.14.17	attack	Hit honeypot r.	2020-10-09 15:51:50
106.52.29.132	attackspam	Too many connections or unauthorized access detected from Arctic banned ip	2020-10-09 15:34:46
148.233.37.48	attack	Unauthorized connection attempt from IP address 148.233.37.48 on Port 445(SMB)	2020-10-09 15:55:28
122.51.208.60	attackspambots	Oct 7 06:22:56 ns4 sshd[3809]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.208.60 user=r.r Oct 7 06:22:58 ns4 sshd[3809]: Failed password for r.r from 122.51.208.60 port 53814 ssh2 Oct 7 06:33:26 ns4 sshd[5801]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.208.60 user=r.r Oct 7 06:33:29 ns4 sshd[5801]: Failed password for r.r from 122.51.208.60 port 39868 ssh2 Oct 7 06:38:26 ns4 sshd[6403]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.208.60 user=r.r Oct 7 06:38:28 ns4 sshd[6403]: Failed password for r.r from 122.51.208.60 port 35622 ssh2 Oct 7 06:43:25 ns4 sshd[7167]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.208.60 user=r.r Oct 7 06:43:27 ns4 sshd[7167]: Failed password for r.r from 122.51.208.60 port 59612 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/	2020-10-09 15:58:09
187.174.65.4	attack	Oct 8 19:44:18 sachi sshd\[17220\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.174.65.4 user=root Oct 8 19:44:19 sachi sshd\[17220\]: Failed password for root from 187.174.65.4 port 52674 ssh2 Oct 8 19:45:36 sachi sshd\[17341\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.174.65.4 user=root Oct 8 19:45:38 sachi sshd\[17341\]: Failed password for root from 187.174.65.4 port 45114 ssh2 Oct 8 19:46:55 sachi sshd\[17440\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.174.65.4 user=root	2020-10-09 15:54:06
190.214.15.209	attackspam	Icarus honeypot on github	2020-10-09 15:52:25
132.232.4.33	attackspam	Oct 9 07:02:54 ns382633 sshd\[29193\]: Invalid user database from 132.232.4.33 port 50010 Oct 9 07:02:54 ns382633 sshd\[29193\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.4.33 Oct 9 07:02:56 ns382633 sshd\[29193\]: Failed password for invalid user database from 132.232.4.33 port 50010 ssh2 Oct 9 07:09:01 ns382633 sshd\[30060\]: Invalid user webalizer from 132.232.4.33 port 55134 Oct 9 07:09:01 ns382633 sshd\[30060\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.4.33	2020-10-09 16:05:09
106.75.132.3	attackspam	SSH login attempts.	2020-10-09 15:32:51

Recently Reported IPs

117.224.124.80	119.65.229.225	94.6.138.247	71.209.210.116
165.1.183.175	184.12.71.222	77.72.255.193	162.42.41.159
4.16.175.1	31.23.63.30	172.93.135.130	102.76.179.216
84.150.131.85	211.132.11.16	220.105.238.180	14.121.33.187
52.203.42.125	233.159.127.163	176.122.177.84	245.221.126.6