104.131.131.140

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Oct 9 00:27:54 electroncash sshd[3996]: Invalid user system from 104.131.131.140 port 51498 Oct 9 00:27:54 electroncash sshd[3996]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.131.140 Oct 9 00:27:54 electroncash sshd[3996]: Invalid user system from 104.131.131.140 port 51498 Oct 9 00:27:56 electroncash sshd[3996]: Failed password for invalid user system from 104.131.131.140 port 51498 ssh2 Oct 9 00:32:04 electroncash sshd[5533]: Invalid user ftpguest from 104.131.131.140 port 54930 ...	2020-10-09 07:16:11
attackspambots	(sshd) Failed SSH login from 104.131.131.140 (US/United States/-): 5 in the last 3600 secs	2020-10-08 23:44:00
attack	Bruteforce detected by fail2ban	2020-10-08 15:39:58
attack	Invalid user dreams from 104.131.131.140 port 34722	2020-09-14 21:03:14
attack	Sep 14 06:31:29 web-main sshd[2343823]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.131.140 Sep 14 06:31:29 web-main sshd[2343823]: Invalid user hy from 104.131.131.140 port 52753 Sep 14 06:31:31 web-main sshd[2343823]: Failed password for invalid user hy from 104.131.131.140 port 52753 ssh2	2020-09-14 12:55:37
attackspam	Sep 13 21:02:17 ns308116 sshd[25452]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.131.140 user=root Sep 13 21:02:19 ns308116 sshd[25452]: Failed password for root from 104.131.131.140 port 40471 ssh2 Sep 13 21:05:54 ns308116 sshd[30485]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.131.140 user=root Sep 13 21:05:56 ns308116 sshd[30485]: Failed password for root from 104.131.131.140 port 35061 ssh2 Sep 13 21:09:19 ns308116 sshd[2631]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.131.140 user=root ...	2020-09-14 04:57:28
attack	Aug 28 23:44:19 pkdns2 sshd\[56504\]: Invalid user oracle from 104.131.131.140Aug 28 23:44:21 pkdns2 sshd\[56504\]: Failed password for invalid user oracle from 104.131.131.140 port 49585 ssh2Aug 28 23:47:32 pkdns2 sshd\[56697\]: Invalid user openerp from 104.131.131.140Aug 28 23:47:35 pkdns2 sshd\[56697\]: Failed password for invalid user openerp from 104.131.131.140 port 45128 ssh2Aug 28 23:50:58 pkdns2 sshd\[56889\]: Invalid user zzh from 104.131.131.140Aug 28 23:51:00 pkdns2 sshd\[56889\]: Failed password for invalid user zzh from 104.131.131.140 port 40672 ssh2 ...	2020-08-29 05:16:32
attack	Aug 24 10:02:48 ns381471 sshd[25213]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.131.140 Aug 24 10:02:50 ns381471 sshd[25213]: Failed password for invalid user cosmos from 104.131.131.140 port 59203 ssh2	2020-08-24 16:59:01
attack	Aug 8 12:17:38 *** sshd[15225]: User root from 104.131.131.140 not allowed because not listed in AllowUsers	2020-08-08 20:47:23
attackbotsspam	detected by Fail2Ban	2020-08-05 04:58:14
attackbots	Aug 4 12:28:11 vpn01 sshd[18540]: Failed password for root from 104.131.131.140 port 51662 ssh2 ...	2020-08-04 18:35:41
attack	Aug 3 14:59:09 OPSO sshd\[29452\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.131.140 user=root Aug 3 14:59:11 OPSO sshd\[29452\]: Failed password for root from 104.131.131.140 port 52596 ssh2 Aug 3 15:03:47 OPSO sshd\[30325\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.131.140 user=root Aug 3 15:03:48 OPSO sshd\[30325\]: Failed password for root from 104.131.131.140 port 59539 ssh2 Aug 3 15:08:19 OPSO sshd\[31015\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.131.140 user=root	2020-08-04 01:17:29
attackspambots	2020-07-27T17:01:21.208332mx.sveta.net sshd[581989]: Invalid user minecraft from 104.131.131.140 port 38680 2020-07-27T17:01:23.116165mx.sveta.net sshd[581989]: Failed password for invalid user minecraft from 104.131.131.140 port 38680 ssh2 2020-07-27T17:06:54.511390mx.sveta.net sshd[582092]: Invalid user john from 104.131.131.140 port 47788 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=104.131.131.140	2020-08-03 07:47:31
attackbots	sshd: Failed password for invalid user .... from 104.131.131.140 port 36468 ssh2 (2 attempts)	2020-07-29 18:28:35

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.131.131.140
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 11754
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.131.131.140.		IN	A

;; AUTHORITY SECTION:
.			219	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020072900 1800 900 604800 86400

;; Query time: 547 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jul 29 18:28:32 CST 2020
;; MSG SIZE  rcvd: 119

Host info

Host 140.131.131.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 140.131.131.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
217.68.215.3	attack	Host is trying to send e-mails. Multiple unauthorized connections to SMTP Sever: tcp/25.	2019-10-28 03:29:04
217.68.214.96	attack	Host is trying to send e-mails. Multiple unauthorized connections to SMTP Sever: tcp/25.	2019-10-28 03:58:29
217.68.215.185	attack	Host is trying to send e-mails. Multiple unauthorized connections to SMTP Sever: tcp/25.	2019-10-28 03:43:28
217.68.215.204	attack	Host is trying to send e-mails. Multiple unauthorized connections to SMTP Sever: tcp/25.	2019-10-28 03:39:35
159.65.112.93	attack	Oct 27 08:23:26 kapalua sshd\[28507\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.112.93 user=root Oct 27 08:23:28 kapalua sshd\[28507\]: Failed password for root from 159.65.112.93 port 38874 ssh2 Oct 27 08:27:10 kapalua sshd\[28838\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.112.93 user=root Oct 27 08:27:12 kapalua sshd\[28838\]: Failed password for root from 159.65.112.93 port 47968 ssh2 Oct 27 08:30:52 kapalua sshd\[29104\]: Invalid user tecnici from 159.65.112.93	2019-10-28 03:54:49
217.68.215.128	attackspam	Host is trying to send e-mails. Multiple unauthorized connections to SMTP Sever: tcp/25.	2019-10-28 03:50:57
160.16.94.153	attackspambots	Oct 27 20:42:21 vps691689 sshd[6283]: Failed password for root from 160.16.94.153 port 51872 ssh2 Oct 27 20:46:17 vps691689 sshd[6407]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=160.16.94.153 ...	2019-10-28 03:59:26
217.68.215.115	attack	Host is trying to send e-mails. Multiple unauthorized connections to SMTP Sever: tcp/25.	2019-10-28 03:52:30
42.87.185.146	attackspambots	Port Scan	2019-10-28 03:36:15
141.98.80.204	attackbots	CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2019-10-28 03:44:33
217.68.215.144	attack	Host is trying to send e-mails. Multiple unauthorized connections to SMTP Sever: tcp/25.	2019-10-28 03:49:00
217.68.215.152	attackbotsspam	Host is trying to send e-mails. Multiple unauthorized connections to SMTP Sever: tcp/25.	2019-10-28 03:46:41
217.68.215.228	attack	Host is trying to send e-mails. Multiple unauthorized connections to SMTP Sever: tcp/25.	2019-10-28 03:35:04
159.255.43.31	attackspam	Oct 27 20:01:05 OPSO sshd\[6438\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.255.43.31 user=root Oct 27 20:01:07 OPSO sshd\[6438\]: Failed password for root from 159.255.43.31 port 56354 ssh2 Oct 27 20:05:30 OPSO sshd\[7122\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.255.43.31 user=root Oct 27 20:05:32 OPSO sshd\[7122\]: Failed password for root from 159.255.43.31 port 39532 ssh2 Oct 27 20:09:50 OPSO sshd\[7604\]: Invalid user oracle from 159.255.43.31 port 50938 Oct 27 20:09:50 OPSO sshd\[7604\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.255.43.31	2019-10-28 03:29:56
217.68.215.122	attack	Host is trying to send e-mails. Multiple unauthorized connections to SMTP Sever: tcp/25.	2019-10-28 03:51:32

Recently Reported IPs

121.145.33.80	149.28.107.253	45.185.164.132	220.134.109.12
222.117.85.3	196.20.110.189	46.209.230.140	155.225.55.244
197.92.25.163	31.7.82.66	174.141.166.237	220.133.90.70
154.0.173.16	89.198.63.5	31.28.8.163	180.242.154.163
119.45.11.243	5.235.127.21	180.183.61.182	122.117.152.222