104.131.72.61 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.131.72.150	attackbotsspam	104.131.72.150 - - \[04/Aug/2020:11:21:30 +0200\] "GET / HTTP/1.0" 301 178 "-" "Mozilla/5.0 \(compatible\; NetcraftSurveyAgent/1.0\; +info@netcraft.com\)" ...	2020-08-04 23:43:35
104.131.72.149	attackbots	TCP src-port=50134 dst-port=25 dnsbl-sorbs abuseat-org barracuda (Project Honey Pot rated Suspicious) (117)	2019-08-24 19:00:46

Type

Details

Datetime

104.131.72.150

attackbotsspam

104.131.72.150 - - \[04/Aug/2020:11:21:30 +0200\] "GET / HTTP/1.0" 301 178 "-" "Mozilla/5.0 \(compatible\; NetcraftSurveyAgent/1.0\; +info@netcraft.com\)"
...

2020-08-04 23:43:35

104.131.72.149

attackbots

TCP src-port=50134   dst-port=25    dnsbl-sorbs abuseat-org barracuda       (Project Honey Pot rated Suspicious)   (117)

2019-08-24 19:00:46

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.131.72.61
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61220
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.131.72.61.			IN	A

;; AUTHORITY SECTION:
.			0	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022800 1800 900 604800 86400

;; Query time: 16 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 28 16:00:13 CST 2022
;; MSG SIZE  rcvd: 106

Host info

61.72.131.104.in-addr.arpa domain name pointer tor.legoktm.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
61.72.131.104.in-addr.arpa	name = tor.legoktm.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
106.13.12.210	attackspam	Nov 26 18:41:45 venus sshd\[25963\]: Invalid user sutorius from 106.13.12.210 port 45252 Nov 26 18:41:45 venus sshd\[25963\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.12.210 Nov 26 18:41:46 venus sshd\[25963\]: Failed password for invalid user sutorius from 106.13.12.210 port 45252 ssh2 ...	2019-11-27 03:26:07
49.88.112.71	attackbots	2019-11-26T19:26:11.699965abusebot-6.cloudsearch.cf sshd\[30818\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.71 user=root	2019-11-27 03:45:08
37.49.227.202	attackspam	ET CINS Active Threat Intelligence Poor Reputation IP group 21 - port: 5353 proto: UDP cat: Misc Attack	2019-11-27 03:25:03
62.210.77.54	attackspambots	Connection by 62.210.77.54 on port: 2002 got caught by honeypot at 11/26/2019 5:28:05 PM	2019-11-27 03:43:38
220.156.172.70	attack	Autoban 220.156.172.70 ABORTED AUTH	2019-11-27 03:38:45
106.13.117.241	attack	Nov 26 21:27:27 gw1 sshd[22918]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.117.241 Nov 26 21:27:29 gw1 sshd[22918]: Failed password for invalid user ronald from 106.13.117.241 port 35979 ssh2 ...	2019-11-27 03:47:34
177.86.170.132	attackspambots	firewall-block, port(s): 23/tcp	2019-11-27 03:55:36
159.138.159.24	attackspambots	badbot	2019-11-27 03:48:49
157.245.33.4	attackbotsspam	Brute Force through SSH	2019-11-27 03:21:08
122.51.37.26	attack	2019-11-26T19:24:43.316893scmdmz1 sshd\[22291\]: Invalid user zxc from 122.51.37.26 port 36066 2019-11-26T19:24:43.319538scmdmz1 sshd\[22291\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.37.26 2019-11-26T19:24:45.048093scmdmz1 sshd\[22291\]: Failed password for invalid user zxc from 122.51.37.26 port 36066 ssh2 ...	2019-11-27 03:41:31
201.222.70.167	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/201.222.70.167/ BO - 1H : (12) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : BO NAME ASN : ASN25620 IP : 201.222.70.167 CIDR : 201.222.64.0/21 PREFIX COUNT : 104 UNIQUE IP COUNT : 163840 ATTACKS DETECTED ASN25620 : 1H - 1 3H - 1 6H - 3 12H - 7 24H - 7 DateTime : 2019-11-26 18:22:31 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-11-27 03:35:22
142.93.142.89	attackspam	Automatic report - XMLRPC Attack	2019-11-27 03:39:43
185.176.27.118	attackspambots	11/26/2019-13:52:51.343328 185.176.27.118 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-11-27 03:20:03
60.9.130.6	attack	Too many connections or unauthorized access detected from Yankee banned ip	2019-11-27 03:38:25
164.132.53.185	attackspam	2019-11-26T13:00:43.742896ns547587 sshd\[32419\]: Invalid user guest from 164.132.53.185 port 42754 2019-11-26T13:00:43.748136ns547587 sshd\[32419\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=mail.scd.ovh 2019-11-26T13:00:45.794032ns547587 sshd\[32419\]: Failed password for invalid user guest from 164.132.53.185 port 42754 ssh2 2019-11-26T13:06:28.652419ns547587 sshd\[2149\]: Invalid user sicher from 164.132.53.185 port 50754 ...	2019-11-27 03:39:22

Recently Reported IPs

104.131.81.199	104.131.82.30	104.131.83.0	104.131.74.159
104.131.75.86	104.131.83.103	104.131.84.22	104.131.87.21
104.131.87.28	104.131.88.213	104.131.89.97	104.131.91.117
104.131.88.203	104.131.89.106	104.131.92.176	104.131.92.77
104.139.69.121	104.139.69.193	104.139.69.37	104.139.69.213