104.131.68.67 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.131.68.23	attack	Sep 1 00:03:23 buvik sshd[23829]: Invalid user mapred from 104.131.68.23 Sep 1 00:03:23 buvik sshd[23829]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.68.23 Sep 1 00:03:25 buvik sshd[23829]: Failed password for invalid user mapred from 104.131.68.23 port 51046 ssh2 ...	2020-09-01 06:25:36
104.131.68.23	attack	Aug 29 22:20:49 ns37 sshd[7452]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.68.23	2020-08-30 08:19:20
104.131.68.23	attackspam	Aug 23 23:53:11 abendstille sshd\[9469\]: Invalid user dell from 104.131.68.23 Aug 23 23:53:11 abendstille sshd\[9469\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.68.23 Aug 23 23:53:13 abendstille sshd\[9469\]: Failed password for invalid user dell from 104.131.68.23 port 45848 ssh2 Aug 23 23:56:33 abendstille sshd\[12846\]: Invalid user ftpuser from 104.131.68.23 Aug 23 23:56:33 abendstille sshd\[12846\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.68.23 ...	2020-08-24 06:01:47
104.131.68.23	attackspambots	"fail2ban match"	2020-08-17 14:51:26
104.131.68.23	attack	2020-08-05T06:51:47.595543mail.standpoint.com.ua sshd[32255]: Failed password for root from 104.131.68.23 port 44254 ssh2 2020-08-05T06:53:28.635229mail.standpoint.com.ua sshd[32483]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.68.23 user=root 2020-08-05T06:53:30.367426mail.standpoint.com.ua sshd[32483]: Failed password for root from 104.131.68.23 port 33966 ssh2 2020-08-05T06:55:13.881136mail.standpoint.com.ua sshd[32716]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.68.23 user=root 2020-08-05T06:55:16.023768mail.standpoint.com.ua sshd[32716]: Failed password for root from 104.131.68.23 port 51922 ssh2 ...	2020-08-05 12:10:25
104.131.68.92	attackspam	POST /wp-login.php HTTP/1.1 POST /wp-login.php HTTP/1.1 POST /wp-login.php HTTP/1.1	2020-06-06 10:57:52
104.131.68.92	attackspam	Automatic report - Banned IP Access	2020-06-04 07:26:21
104.131.68.92	attackbots	104.131.68.92 - - [13/May/2020:23:39:32 +0200] "GET /wp-login.php HTTP/1.1" 200 5879 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.131.68.92 - - [13/May/2020:23:39:34 +0200] "POST /wp-login.php HTTP/1.1" 200 6130 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.131.68.92 - - [13/May/2020:23:39:36 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-05-14 08:22:20
104.131.68.92	attackbotsspam	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-05-02 14:28:56
104.131.68.92	attackspam	CMS (WordPress or Joomla) login attempt.	2020-03-25 17:35:41
104.131.68.92	attack	$f2bV_matches	2020-03-22 16:39:41
104.131.68.92	attack	Automatic report - XMLRPC Attack	2020-03-19 17:35:42
104.131.68.92	attackbots	Automatic report - XMLRPC Attack	2020-02-27 08:59:32
104.131.68.92	attackspambots	Automatic report - XMLRPC Attack	2020-01-08 19:10:10
104.131.68.92	attackspambots	Automatic report - XMLRPC Attack	2020-01-01 05:39:46

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.131.68.67
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58757
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.131.68.67.			IN	A

;; AUTHORITY SECTION:
.			204	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021700 1800 900 604800 86400

;; Query time: 24 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 01:32:27 CST 2022
;; MSG SIZE  rcvd: 106

Host info

Host 67.68.131.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 67.68.131.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
96.85.147.237	attackbotsspam	2020/04/01 21:55:25 [error] 17203#17203: 98912 open() "/srv/automx/instance/cgi-bin/ViewLog.asp" failed (2: No such file or directory), client: 96.85.147.237, server: autoconfig.tuxlinux.eu, request: "POST /cgi-bin/ViewLog.asp HTTP/1.1", host: "127.0.0.1" 2020/04/02 05:54:42 [error] 17202#17202: 100229 open() "/srv/automx/instance/cgi-bin/ViewLog.asp" failed (2: No such file or directory), client: 96.85.147.237, server: autoconfig.tuxlinux.eu, request: "POST /cgi-bin/ViewLog.asp HTTP/1.1", host: "127.0.0.1" ...	2020-04-02 17:31:31
58.87.75.178	attack	Brute-force attempt banned	2020-04-02 17:28:25
221.181.24.246	attack	Unauthorized connection attempt detected from IP address 221.181.24.246 to port 22 [T]	2020-04-02 17:29:14
114.67.78.79	attackspambots	Invalid user wra from 114.67.78.79 port 57708	2020-04-02 17:41:50
118.169.37.36	attackbotsspam	" "	2020-04-02 17:31:10
91.220.53.217	attackspambots	$f2bV_matches	2020-04-02 17:41:35
188.165.128.88	attackbots	Apr 1 23:26:54 web9 sshd\[18722\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.165.128.88 user=root Apr 1 23:26:56 web9 sshd\[18722\]: Failed password for root from 188.165.128.88 port 38766 ssh2 Apr 1 23:32:36 web9 sshd\[19492\]: Invalid user ov from 188.165.128.88 Apr 1 23:32:36 web9 sshd\[19492\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.165.128.88 Apr 1 23:32:38 web9 sshd\[19492\]: Failed password for invalid user ov from 188.165.128.88 port 45279 ssh2	2020-04-02 17:33:06
51.75.27.239	attack	Apr 2 08:45:37 pve sshd[16062]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.27.239 Apr 2 08:45:40 pve sshd[16062]: Failed password for invalid user oracle from 51.75.27.239 port 41533 ssh2 Apr 2 08:55:19 pve sshd[17524]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.27.239	2020-04-02 17:43:55
51.144.84.163	attack	Apr 2 10:59:23 websrv1.derweidener.de postfix/smtps/smtpd[171680]: warning: unknown[51.144.84.163]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 2 10:59:23 websrv1.derweidener.de postfix/smtps/smtpd[171679]: warning: unknown[51.144.84.163]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 2 10:59:23 websrv1.derweidener.de postfix/smtps/smtpd[171678]: warning: unknown[51.144.84.163]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 2 10:59:23 websrv1.derweidener.de postfix/smtps/smtpd[171676]: warning: unknown[51.144.84.163]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 2 11:01:20 websrv1.derweidener.de postfix/smtps/smtpd[182166]: warning: unknown[51.144.84.163]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 2 11:01:20 websrv1.derweidener.de postfix/smtps/smtpd[182165]: warning: unknown[51.144.84.163]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 2 11:01:20 websrv1.derweidener.de postfix/smtps/smtpd[182164]: warning: unknown[51.144.84.163]: SASL LOGIN authentication failed:	2020-04-02 17:25:21
101.36.161.68	attackbotsspam	Mar 31 17:09:00 mailserver sshd[18201]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.36.161.68 user=r.r Mar 31 17:09:02 mailserver sshd[18201]: Failed password for r.r from 101.36.161.68 port 50876 ssh2 Mar 31 17:09:04 mailserver sshd[18201]: Received disconnect from 101.36.161.68 port 50876:11: Bye Bye [preauth] Mar 31 17:09:04 mailserver sshd[18201]: Disconnected from 101.36.161.68 port 50876 [preauth] Mar 31 17:12:20 mailserver sshd[18697]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.36.161.68 user=r.r Mar 31 17:12:22 mailserver sshd[18697]: Failed password for r.r from 101.36.161.68 port 37684 ssh2 Mar 31 17:12:22 mailserver sshd[18697]: Received disconnect from 101.36.161.68 port 37684:11: Bye Bye [preauth] Mar 31 17:12:22 mailserver sshd[18697]: Disconnected from 101.36.161.68 port 37684 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=101.36.161.6	2020-04-02 17:49:08
182.121.175.53	attack	CN China hn.kd.ny.adsl Failures: 20 ftpd	2020-04-02 17:39:11
51.254.156.114	attackspam	Brute force attempt	2020-04-02 18:02:06
116.12.52.141	attackspam	Apr 2 11:16:04 h1745522 sshd[16560]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.12.52.141 user=root Apr 2 11:16:05 h1745522 sshd[16560]: Failed password for root from 116.12.52.141 port 38917 ssh2 Apr 2 11:19:55 h1745522 sshd[16794]: Invalid user sy from 116.12.52.141 port 39874 Apr 2 11:19:55 h1745522 sshd[16794]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.12.52.141 Apr 2 11:19:55 h1745522 sshd[16794]: Invalid user sy from 116.12.52.141 port 39874 Apr 2 11:19:57 h1745522 sshd[16794]: Failed password for invalid user sy from 116.12.52.141 port 39874 ssh2 Apr 2 11:23:46 h1745522 sshd[16917]: Invalid user sy from 116.12.52.141 port 40836 Apr 2 11:23:46 h1745522 sshd[16917]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.12.52.141 Apr 2 11:23:46 h1745522 sshd[16917]: Invalid user sy from 116.12.52.141 port 40836 Apr 2 11:23:48 h1745522 s ...	2020-04-02 17:52:17
45.133.99.6	attackspambots	Apr 2 10:58:38 relay postfix/smtpd\[21100\]: warning: unknown\[45.133.99.6\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 2 10:58:58 relay postfix/smtpd\[21020\]: warning: unknown\[45.133.99.6\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 2 11:06:59 relay postfix/smtpd\[21070\]: warning: unknown\[45.133.99.6\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 2 11:07:18 relay postfix/smtpd\[21068\]: warning: unknown\[45.133.99.6\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 2 11:12:51 relay postfix/smtpd\[21070\]: warning: unknown\[45.133.99.6\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-04-02 17:27:13
96.64.7.59	attackbots	Apr 2 11:45:06 pve sshd[12455]: Failed password for root from 96.64.7.59 port 41884 ssh2 Apr 2 11:47:58 pve sshd[12947]: Failed password for root from 96.64.7.59 port 36624 ssh2	2020-04-02 17:53:40

Recently Reported IPs

104.131.82.90	104.131.66.233	104.131.91.59	104.131.85.219
104.131.88.176	104.131.93.56	104.131.99.122	104.14.120.185
104.143.9.210	104.21.63.151	104.131.95.47	104.144.147.69
104.144.178.245	104.144.147.85	104.144.240.117	104.144.250.22
104.148.27.221	104.144.202.228	104.144.3.246	104.149.128.238