Must be a valid IPv4 or IPv6 ip address, e.g. 127.0.0.1 or 2001:DB8:0:0:8:800:200C:417A
Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:
Type Details Datetime
attack
Oct  9 00:27:54 electroncash sshd[3996]: Invalid user system from 104.131.131.140 port 51498
Oct  9 00:27:54 electroncash sshd[3996]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.131.140 
Oct  9 00:27:54 electroncash sshd[3996]: Invalid user system from 104.131.131.140 port 51498
Oct  9 00:27:56 electroncash sshd[3996]: Failed password for invalid user system from 104.131.131.140 port 51498 ssh2
Oct  9 00:32:04 electroncash sshd[5533]: Invalid user ftpguest from 104.131.131.140 port 54930
...
2020-10-09 07:16:11
attackspambots
(sshd) Failed SSH login from 104.131.131.140 (US/United States/-): 5 in the last 3600 secs
2020-10-08 23:44:00
attack
Bruteforce detected by fail2ban
2020-10-08 15:39:58
attack
Invalid user dreams from 104.131.131.140 port 34722
2020-09-14 21:03:14
attack
Sep 14 06:31:29 web-main sshd[2343823]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.131.140 
Sep 14 06:31:29 web-main sshd[2343823]: Invalid user hy from 104.131.131.140 port 52753
Sep 14 06:31:31 web-main sshd[2343823]: Failed password for invalid user hy from 104.131.131.140 port 52753 ssh2
2020-09-14 12:55:37
attackspam
Sep 13 21:02:17 ns308116 sshd[25452]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.131.140  user=root
Sep 13 21:02:19 ns308116 sshd[25452]: Failed password for root from 104.131.131.140 port 40471 ssh2
Sep 13 21:05:54 ns308116 sshd[30485]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.131.140  user=root
Sep 13 21:05:56 ns308116 sshd[30485]: Failed password for root from 104.131.131.140 port 35061 ssh2
Sep 13 21:09:19 ns308116 sshd[2631]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.131.140  user=root
...
2020-09-14 04:57:28
attack
Aug 28 23:44:19 pkdns2 sshd\[56504\]: Invalid user oracle from 104.131.131.140Aug 28 23:44:21 pkdns2 sshd\[56504\]: Failed password for invalid user oracle from 104.131.131.140 port 49585 ssh2Aug 28 23:47:32 pkdns2 sshd\[56697\]: Invalid user openerp from 104.131.131.140Aug 28 23:47:35 pkdns2 sshd\[56697\]: Failed password for invalid user openerp from 104.131.131.140 port 45128 ssh2Aug 28 23:50:58 pkdns2 sshd\[56889\]: Invalid user zzh from 104.131.131.140Aug 28 23:51:00 pkdns2 sshd\[56889\]: Failed password for invalid user zzh from 104.131.131.140 port 40672 ssh2
...
2020-08-29 05:16:32
attack
Aug 24 10:02:48 ns381471 sshd[25213]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.131.140
Aug 24 10:02:50 ns381471 sshd[25213]: Failed password for invalid user cosmos from 104.131.131.140 port 59203 ssh2
2020-08-24 16:59:01
attack
Aug  8 12:17:38 *** sshd[15225]: User root from 104.131.131.140 not allowed because not listed in AllowUsers
2020-08-08 20:47:23
attackbotsspam
detected by Fail2Ban
2020-08-05 04:58:14
attackbots
Aug  4 12:28:11 vpn01 sshd[18540]: Failed password for root from 104.131.131.140 port 51662 ssh2
...
2020-08-04 18:35:41
attack
Aug  3 14:59:09 OPSO sshd\[29452\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.131.140  user=root
Aug  3 14:59:11 OPSO sshd\[29452\]: Failed password for root from 104.131.131.140 port 52596 ssh2
Aug  3 15:03:47 OPSO sshd\[30325\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.131.140  user=root
Aug  3 15:03:48 OPSO sshd\[30325\]: Failed password for root from 104.131.131.140 port 59539 ssh2
Aug  3 15:08:19 OPSO sshd\[31015\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.131.140  user=root
2020-08-04 01:17:29
attackspambots
2020-07-27T17:01:21.208332mx.sveta.net sshd[581989]: Invalid user minecraft from 104.131.131.140 port 38680
2020-07-27T17:01:23.116165mx.sveta.net sshd[581989]: Failed password for invalid user minecraft from 104.131.131.140 port 38680 ssh2
2020-07-27T17:06:54.511390mx.sveta.net sshd[582092]: Invalid user john from 104.131.131.140 port 47788


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=104.131.131.140
2020-08-03 07:47:31
attackbots
sshd: Failed password for invalid user .... from 104.131.131.140 port 36468 ssh2 (2 attempts)
2020-07-29 18:28:35
Comments on same subnet:
No discussion about this subnet yet..
Whois info:
b
Dig info:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.131.131.140
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 11754
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.131.131.140.		IN	A

;; AUTHORITY SECTION:
.			219	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020072900 1800 900 604800 86400

;; Query time: 547 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jul 29 18:28:32 CST 2020
;; MSG SIZE  rcvd: 119
Host info
Host 140.131.131.104.in-addr.arpa. not found: 3(NXDOMAIN)
Nslookup info:
Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 140.131.131.104.in-addr.arpa: NXDOMAIN
Related IP info:
Related comments:
IP Type Details Datetime
217.68.215.3 attack
Host is trying to send e-mails. Multiple unauthorized connections to SMTP Sever: tcp/25.
2019-10-28 03:29:04
217.68.214.96 attack
Host is trying to send e-mails. Multiple unauthorized connections to SMTP Sever: tcp/25.
2019-10-28 03:58:29
217.68.215.185 attack
Host is trying to send e-mails. Multiple unauthorized connections to SMTP Sever: tcp/25.
2019-10-28 03:43:28
217.68.215.204 attack
Host is trying to send e-mails. Multiple unauthorized connections to SMTP Sever: tcp/25.
2019-10-28 03:39:35
159.65.112.93 attack
Oct 27 08:23:26 kapalua sshd\[28507\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.112.93  user=root
Oct 27 08:23:28 kapalua sshd\[28507\]: Failed password for root from 159.65.112.93 port 38874 ssh2
Oct 27 08:27:10 kapalua sshd\[28838\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.112.93  user=root
Oct 27 08:27:12 kapalua sshd\[28838\]: Failed password for root from 159.65.112.93 port 47968 ssh2
Oct 27 08:30:52 kapalua sshd\[29104\]: Invalid user tecnici from 159.65.112.93
2019-10-28 03:54:49
217.68.215.128 attackspam
Host is trying to send e-mails. Multiple unauthorized connections to SMTP Sever: tcp/25.
2019-10-28 03:50:57
160.16.94.153 attackspambots
Oct 27 20:42:21 vps691689 sshd[6283]: Failed password for root from 160.16.94.153 port 51872 ssh2
Oct 27 20:46:17 vps691689 sshd[6407]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=160.16.94.153
...
2019-10-28 03:59:26
217.68.215.115 attack
Host is trying to send e-mails. Multiple unauthorized connections to SMTP Sever: tcp/25.
2019-10-28 03:52:30
42.87.185.146 attackspambots
Port Scan
2019-10-28 03:36:15
141.98.80.204 attackbots
CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found
2019-10-28 03:44:33
217.68.215.144 attack
Host is trying to send e-mails. Multiple unauthorized connections to SMTP Sever: tcp/25.
2019-10-28 03:49:00
217.68.215.152 attackbotsspam
Host is trying to send e-mails. Multiple unauthorized connections to SMTP Sever: tcp/25.
2019-10-28 03:46:41
217.68.215.228 attack
Host is trying to send e-mails. Multiple unauthorized connections to SMTP Sever: tcp/25.
2019-10-28 03:35:04
159.255.43.31 attackspam
Oct 27 20:01:05 OPSO sshd\[6438\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.255.43.31  user=root
Oct 27 20:01:07 OPSO sshd\[6438\]: Failed password for root from 159.255.43.31 port 56354 ssh2
Oct 27 20:05:30 OPSO sshd\[7122\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.255.43.31  user=root
Oct 27 20:05:32 OPSO sshd\[7122\]: Failed password for root from 159.255.43.31 port 39532 ssh2
Oct 27 20:09:50 OPSO sshd\[7604\]: Invalid user oracle from 159.255.43.31 port 50938
Oct 27 20:09:50 OPSO sshd\[7604\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.255.43.31
2019-10-28 03:29:56
217.68.215.122 attack
Host is trying to send e-mails. Multiple unauthorized connections to SMTP Sever: tcp/25.
2019-10-28 03:51:32

Recently Reported IPs

121.145.33.80 149.28.107.253 45.185.164.132 220.134.109.12
222.117.85.3 196.20.110.189 46.209.230.140 155.225.55.244
197.92.25.163 31.7.82.66 174.141.166.237 220.133.90.70
154.0.173.16 89.198.63.5 31.28.8.163 180.242.154.163
119.45.11.243 5.235.127.21 180.183.61.182 122.117.152.222