104.131.72.61 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.131.72.150	attackbotsspam	104.131.72.150 - - \[04/Aug/2020:11:21:30 +0200\] "GET / HTTP/1.0" 301 178 "-" "Mozilla/5.0 \(compatible\; NetcraftSurveyAgent/1.0\; +info@netcraft.com\)" ...	2020-08-04 23:43:35
104.131.72.149	attackbots	TCP src-port=50134 dst-port=25 dnsbl-sorbs abuseat-org barracuda (Project Honey Pot rated Suspicious) (117)	2019-08-24 19:00:46

Type

Details

Datetime

104.131.72.150

attackbotsspam

104.131.72.150 - - \[04/Aug/2020:11:21:30 +0200\] "GET / HTTP/1.0" 301 178 "-" "Mozilla/5.0 \(compatible\; NetcraftSurveyAgent/1.0\; +info@netcraft.com\)"
...

2020-08-04 23:43:35

104.131.72.149

attackbots

TCP src-port=50134   dst-port=25    dnsbl-sorbs abuseat-org barracuda       (Project Honey Pot rated Suspicious)   (117)

2019-08-24 19:00:46

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.131.72.61
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61220
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.131.72.61.			IN	A

;; AUTHORITY SECTION:
.			0	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022800 1800 900 604800 86400

;; Query time: 16 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 28 16:00:13 CST 2022
;; MSG SIZE  rcvd: 106

Host info

61.72.131.104.in-addr.arpa domain name pointer tor.legoktm.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
61.72.131.104.in-addr.arpa	name = tor.legoktm.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
37.79.254.216	attackspam	$f2bV_matches	2019-09-02 21:34:05
4.14.115.26	attackbotsspam	445/tcp 445/tcp 445/tcp [2019-09-02]3pkt	2019-09-02 21:57:35
202.191.132.211	attackspambots	Unauthorized connection attempt from IP address 202.191.132.211 on Port 445(SMB)	2019-09-02 21:13:33
27.206.115.60	attackspam	Sep 2 07:17:41 localhost kernel: [1160877.953363] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=27.206.115.60 DST=[mungedIP2] LEN=40 TOS=0x00 PREC=0x00 TTL=51 ID=29877 PROTO=TCP SPT=24977 DPT=52869 WINDOW=22433 RES=0x00 SYN URGP=0 Sep 2 07:17:41 localhost kernel: [1160877.953388] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=27.206.115.60 DST=[mungedIP2] LEN=40 TOS=0x00 PREC=0x00 TTL=51 ID=29877 PROTO=TCP SPT=24977 DPT=52869 SEQ=758669438 ACK=0 WINDOW=22433 RES=0x00 SYN URGP=0 Sep 2 09:16:36 localhost kernel: [1168013.028514] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=27.206.115.60 DST=[mungedIP2] LEN=40 TOS=0x00 PREC=0x00 TTL=51 ID=24323 PROTO=TCP SPT=24977 DPT=52869 WINDOW=22433 RES=0x00 SYN URGP=0 Sep 2 09:16:36 localhost kernel: [1168013.028537] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=27.206.115.60 DST=[mungedIP2] LEN=40 TOS=0x00 PR	2019-09-02 21:57:04
188.226.250.69	attackbots	$f2bV_matches	2019-09-02 21:03:23
112.94.2.65	attackspam	Sep 2 03:12:33 auw2 sshd\[17935\]: Invalid user systest from 112.94.2.65 Sep 2 03:12:33 auw2 sshd\[17935\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.94.2.65 Sep 2 03:12:35 auw2 sshd\[17935\]: Failed password for invalid user systest from 112.94.2.65 port 4193 ssh2 Sep 2 03:17:03 auw2 sshd\[18328\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.94.2.65 user=root Sep 2 03:17:05 auw2 sshd\[18328\]: Failed password for root from 112.94.2.65 port 40577 ssh2	2019-09-02 21:28:59
103.15.226.108	attackbots	2019-09-02T13:17:07.052495abusebot.cloudsearch.cf sshd\[21443\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.15.226.108 user=root	2019-09-02 21:25:17
113.125.60.208	attackbotsspam	Sep 2 05:34:08 toyboy sshd[1113]: Invalid user train from 113.125.60.208 Sep 2 05:34:08 toyboy sshd[1113]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.125.60.208 Sep 2 05:34:10 toyboy sshd[1113]: Failed password for invalid user train from 113.125.60.208 port 44636 ssh2 Sep 2 05:34:10 toyboy sshd[1113]: Received disconnect from 113.125.60.208: 11: Bye Bye [preauth] Sep 2 05:40:12 toyboy sshd[1400]: Invalid user group from 113.125.60.208 Sep 2 05:40:12 toyboy sshd[1400]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.125.60.208 Sep 2 05:40:14 toyboy sshd[1400]: Failed password for invalid user group from 113.125.60.208 port 34452 ssh2 Sep 2 05:40:14 toyboy sshd[1400]: Received disconnect from 113.125.60.208: 11: Bye Bye [preauth] Sep 2 05:43:10 toyboy sshd[1578]: Invalid user lenin from 113.125.60.208 Sep 2 05:43:10 toyboy sshd[1578]: pam_unix(sshd:auth): authentication........ -------------------------------	2019-09-02 21:48:50
103.130.197.221	attack	$f2bV_matches	2019-09-02 21:05:38
128.199.82.144	attackspambots	Sep 2 09:12:20 xtremcommunity sshd\[20971\]: Invalid user chen from 128.199.82.144 port 44994 Sep 2 09:12:20 xtremcommunity sshd\[20971\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.82.144 Sep 2 09:12:22 xtremcommunity sshd\[20971\]: Failed password for invalid user chen from 128.199.82.144 port 44994 ssh2 Sep 2 09:16:58 xtremcommunity sshd\[21156\]: Invalid user ll from 128.199.82.144 port 32794 Sep 2 09:16:58 xtremcommunity sshd\[21156\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.82.144 ...	2019-09-02 21:34:28
59.179.17.140	attackbotsspam	Sep 2 15:16:54 saschabauer sshd[29473]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.179.17.140 Sep 2 15:16:57 saschabauer sshd[29473]: Failed password for invalid user mircte from 59.179.17.140 port 44458 ssh2	2019-09-02 21:37:09
42.104.97.231	attackspam	Sep 2 15:04:59 server sshd[20422]: Failed password for invalid user pk from 42.104.97.231 port 60302 ssh2 Sep 2 15:13:32 server sshd[22497]: Failed password for invalid user printul from 42.104.97.231 port 21494 ssh2 Sep 2 15:17:09 server sshd[23395]: Failed password for invalid user jjjjj from 42.104.97.231 port 36595 ssh2	2019-09-02 21:22:31
209.97.166.60	attackbots	Sep 2 03:45:04 wbs sshd\[20394\]: Invalid user access from 209.97.166.60 Sep 2 03:45:04 wbs sshd\[20394\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=209.97.166.60 Sep 2 03:45:05 wbs sshd\[20394\]: Failed password for invalid user access from 209.97.166.60 port 42492 ssh2 Sep 2 03:53:15 wbs sshd\[21134\]: Invalid user saulo from 209.97.166.60 Sep 2 03:53:15 wbs sshd\[21134\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=209.97.166.60	2019-09-02 21:55:11
92.53.102.43	attackbots	TCP Port: 25 _ invalid blocked barracudacentral rbldns-ru _ _ _ _ (337)	2019-09-02 21:12:11
95.39.5.247	attack	Sep 2 03:12:40 php2 sshd\[9366\]: Invalid user brother from 95.39.5.247 Sep 2 03:12:40 php2 sshd\[9366\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.39.5.247.static.user.ono.com Sep 2 03:12:43 php2 sshd\[9366\]: Failed password for invalid user brother from 95.39.5.247 port 48101 ssh2 Sep 2 03:16:59 php2 sshd\[9743\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.39.5.247.static.user.ono.com user=root Sep 2 03:17:00 php2 sshd\[9743\]: Failed password for root from 95.39.5.247 port 44834 ssh2	2019-09-02 21:32:42

Recently Reported IPs

104.131.81.199	104.131.82.30	104.131.83.0	104.131.74.159
104.131.75.86	104.131.83.103	104.131.84.22	104.131.87.21
104.131.87.28	104.131.88.213	104.131.89.97	104.131.91.117
104.131.88.203	104.131.89.106	104.131.92.176	104.131.92.77
104.139.69.121	104.139.69.193	104.139.69.37	104.139.69.213