104.131.131.140

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Oct 9 00:27:54 electroncash sshd[3996]: Invalid user system from 104.131.131.140 port 51498 Oct 9 00:27:54 electroncash sshd[3996]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.131.140 Oct 9 00:27:54 electroncash sshd[3996]: Invalid user system from 104.131.131.140 port 51498 Oct 9 00:27:56 electroncash sshd[3996]: Failed password for invalid user system from 104.131.131.140 port 51498 ssh2 Oct 9 00:32:04 electroncash sshd[5533]: Invalid user ftpguest from 104.131.131.140 port 54930 ...	2020-10-09 07:16:11
attackspambots	(sshd) Failed SSH login from 104.131.131.140 (US/United States/-): 5 in the last 3600 secs	2020-10-08 23:44:00
attack	Bruteforce detected by fail2ban	2020-10-08 15:39:58
attack	Invalid user dreams from 104.131.131.140 port 34722	2020-09-14 21:03:14
attack	Sep 14 06:31:29 web-main sshd[2343823]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.131.140 Sep 14 06:31:29 web-main sshd[2343823]: Invalid user hy from 104.131.131.140 port 52753 Sep 14 06:31:31 web-main sshd[2343823]: Failed password for invalid user hy from 104.131.131.140 port 52753 ssh2	2020-09-14 12:55:37
attackspam	Sep 13 21:02:17 ns308116 sshd[25452]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.131.140 user=root Sep 13 21:02:19 ns308116 sshd[25452]: Failed password for root from 104.131.131.140 port 40471 ssh2 Sep 13 21:05:54 ns308116 sshd[30485]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.131.140 user=root Sep 13 21:05:56 ns308116 sshd[30485]: Failed password for root from 104.131.131.140 port 35061 ssh2 Sep 13 21:09:19 ns308116 sshd[2631]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.131.140 user=root ...	2020-09-14 04:57:28
attack	Aug 28 23:44:19 pkdns2 sshd\[56504\]: Invalid user oracle from 104.131.131.140Aug 28 23:44:21 pkdns2 sshd\[56504\]: Failed password for invalid user oracle from 104.131.131.140 port 49585 ssh2Aug 28 23:47:32 pkdns2 sshd\[56697\]: Invalid user openerp from 104.131.131.140Aug 28 23:47:35 pkdns2 sshd\[56697\]: Failed password for invalid user openerp from 104.131.131.140 port 45128 ssh2Aug 28 23:50:58 pkdns2 sshd\[56889\]: Invalid user zzh from 104.131.131.140Aug 28 23:51:00 pkdns2 sshd\[56889\]: Failed password for invalid user zzh from 104.131.131.140 port 40672 ssh2 ...	2020-08-29 05:16:32
attack	Aug 24 10:02:48 ns381471 sshd[25213]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.131.140 Aug 24 10:02:50 ns381471 sshd[25213]: Failed password for invalid user cosmos from 104.131.131.140 port 59203 ssh2	2020-08-24 16:59:01
attack	Aug 8 12:17:38 *** sshd[15225]: User root from 104.131.131.140 not allowed because not listed in AllowUsers	2020-08-08 20:47:23
attackbotsspam	detected by Fail2Ban	2020-08-05 04:58:14
attackbots	Aug 4 12:28:11 vpn01 sshd[18540]: Failed password for root from 104.131.131.140 port 51662 ssh2 ...	2020-08-04 18:35:41
attack	Aug 3 14:59:09 OPSO sshd\[29452\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.131.140 user=root Aug 3 14:59:11 OPSO sshd\[29452\]: Failed password for root from 104.131.131.140 port 52596 ssh2 Aug 3 15:03:47 OPSO sshd\[30325\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.131.140 user=root Aug 3 15:03:48 OPSO sshd\[30325\]: Failed password for root from 104.131.131.140 port 59539 ssh2 Aug 3 15:08:19 OPSO sshd\[31015\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.131.140 user=root	2020-08-04 01:17:29
attackspambots	2020-07-27T17:01:21.208332mx.sveta.net sshd[581989]: Invalid user minecraft from 104.131.131.140 port 38680 2020-07-27T17:01:23.116165mx.sveta.net sshd[581989]: Failed password for invalid user minecraft from 104.131.131.140 port 38680 ssh2 2020-07-27T17:06:54.511390mx.sveta.net sshd[582092]: Invalid user john from 104.131.131.140 port 47788 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=104.131.131.140	2020-08-03 07:47:31
attackbots	sshd: Failed password for invalid user .... from 104.131.131.140 port 36468 ssh2 (2 attempts)	2020-07-29 18:28:35

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.131.131.140
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 11754
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.131.131.140.		IN	A

;; AUTHORITY SECTION:
.			219	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020072900 1800 900 604800 86400

;; Query time: 547 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jul 29 18:28:32 CST 2020
;; MSG SIZE  rcvd: 119

Host info

Host 140.131.131.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 140.131.131.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
142.4.203.130	attackbots	$f2bV_matches_ltvn	2019-08-13 20:42:11
151.80.146.228	attackspam	Aug 13 08:29:38 spiceship sshd\[43012\]: Invalid user www from 151.80.146.228 Aug 13 08:29:38 spiceship sshd\[43012\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=151.80.146.228 ...	2019-08-13 20:39:47
85.70.85.19	attack	Unauthorized connection attempt from IP address 85.70.85.19 on Port 445(SMB)	2019-08-13 20:12:58
36.84.64.105	attackbotsspam	Unauthorized connection attempt from IP address 36.84.64.105 on Port 445(SMB)	2019-08-13 20:45:11
31.14.142.109	attackbots	Splunk® : Brute-Force login attempt on SSH: Aug 13 08:05:15 testbed sshd[14522]: Disconnected from 31.14.142.109 port 50947 [preauth]	2019-08-13 20:07:52
113.161.225.39	attackbotsspam	Unauthorized connection attempt from IP address 113.161.225.39 on Port 445(SMB)	2019-08-13 19:59:07
80.58.142.254	attack	Aug 13 10:54:26 intra sshd\[19295\]: Invalid user utilisateur from 80.58.142.254Aug 13 10:54:28 intra sshd\[19295\]: Failed password for invalid user utilisateur from 80.58.142.254 port 57808 ssh2Aug 13 10:57:16 intra sshd\[19317\]: Invalid user marta from 80.58.142.254Aug 13 10:57:18 intra sshd\[19317\]: Failed password for invalid user marta from 80.58.142.254 port 39630 ssh2Aug 13 11:00:08 intra sshd\[19343\]: Invalid user mp from 80.58.142.254Aug 13 11:00:10 intra sshd\[19343\]: Failed password for invalid user mp from 80.58.142.254 port 49704 ssh2 ...	2019-08-13 20:06:10
46.101.224.184	attackspam	Aug 13 13:56:44 eventyay sshd[31807]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.224.184 Aug 13 13:56:46 eventyay sshd[31807]: Failed password for invalid user um from 46.101.224.184 port 45896 ssh2 Aug 13 14:02:39 eventyay sshd[604]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.224.184 ...	2019-08-13 20:09:03
165.227.93.58	attackspam	Aug 13 10:49:50 localhost sshd\[1608\]: Invalid user oracle from 165.227.93.58 Aug 13 10:49:50 localhost sshd\[1608\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.93.58 Aug 13 10:49:52 localhost sshd\[1608\]: Failed password for invalid user oracle from 165.227.93.58 port 57904 ssh2 Aug 13 10:54:23 localhost sshd\[1888\]: Invalid user hang from 165.227.93.58 Aug 13 10:54:23 localhost sshd\[1888\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.93.58 ...	2019-08-13 20:39:11
192.99.7.175	attackspambots	Unauthorized SMTP/IMAP/POP3 connection attempt	2019-08-13 20:14:53
202.146.1.4	attack	Aug 13 07:31:27 sshgateway sshd\[13242\]: Invalid user fax from 202.146.1.4 Aug 13 07:31:27 sshgateway sshd\[13242\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.146.1.4 Aug 13 07:31:28 sshgateway sshd\[13242\]: Failed password for invalid user fax from 202.146.1.4 port 57046 ssh2	2019-08-13 20:04:25
106.12.33.174	attackbots	Aug 13 13:43:50 bouncer sshd\[448\]: Invalid user moodle from 106.12.33.174 port 46874 Aug 13 13:43:50 bouncer sshd\[448\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.33.174 Aug 13 13:43:52 bouncer sshd\[448\]: Failed password for invalid user moodle from 106.12.33.174 port 46874 ssh2 ...	2019-08-13 20:30:57
185.220.101.69	attackspam	v+ssh-bruteforce	2019-08-13 20:07:31
51.83.74.158	attackbots	Aug 13 14:16:14 vps691689 sshd[26099]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.74.158 Aug 13 14:16:16 vps691689 sshd[26099]: Failed password for invalid user nagios from 51.83.74.158 port 38844 ssh2 Aug 13 14:20:37 vps691689 sshd[26179]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.74.158 ...	2019-08-13 20:26:08
123.207.94.252	attackbots	Aug 13 13:36:16 bouncer sshd\[364\]: Invalid user postgres from 123.207.94.252 port 51816 Aug 13 13:36:16 bouncer sshd\[364\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.94.252 Aug 13 13:36:18 bouncer sshd\[364\]: Failed password for invalid user postgres from 123.207.94.252 port 51816 ssh2 ...	2019-08-13 20:21:20

Recently Reported IPs

121.145.33.80	149.28.107.253	45.185.164.132	220.134.109.12
222.117.85.3	196.20.110.189	46.209.230.140	155.225.55.244
197.92.25.163	31.7.82.66	174.141.166.237	220.133.90.70
154.0.173.16	89.198.63.5	31.28.8.163	180.242.154.163
119.45.11.243	5.235.127.21	180.183.61.182	122.117.152.222