104.131.148.142

Basic Info

City: unknown

Region: unknown

Country: None

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.131.148.158	attackbotsspam	Unauthorized connection attempt detected from IP address 104.131.148.158 to port 2220 [J]	2020-02-03 13:23:03
104.131.148.158	attack	Unauthorized connection attempt detected from IP address 104.131.148.158 to port 2220 [J]	2020-01-26 17:30:50
104.131.148.158	attackspam	Unauthorized connection attempt detected from IP address 104.131.148.158 to port 2220 [J]	2020-01-13 19:56:10

Type

Details

Datetime

104.131.148.158

attackbotsspam

Unauthorized connection attempt detected from IP address 104.131.148.158 to port 2220 [J]

2020-02-03 13:23:03

104.131.148.158

attack

Unauthorized connection attempt detected from IP address 104.131.148.158 to port 2220 [J]

2020-01-26 17:30:50

104.131.148.158

attackspam

Unauthorized connection attempt detected from IP address 104.131.148.158 to port 2220 [J]

2020-01-13 19:56:10

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.131.148.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61322
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.131.148.142.		IN	A

;; AUTHORITY SECTION:
.			585	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022500 1800 900 604800 86400

;; Query time: 24 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 25 19:17:47 CST 2022
;; MSG SIZE  rcvd: 108

Host info

Host 142.148.131.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 142.148.131.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
2403:6200:8000:a6:fdcd:2d23:11c7:11a9	attackbots	xmlrpc attack	2020-07-29 01:21:54
35.199.73.100	attack	2020-07-28T17:25:23.147721lavrinenko.info sshd[14434]: Invalid user xuyz from 35.199.73.100 port 32818 2020-07-28T17:25:23.154649lavrinenko.info sshd[14434]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.199.73.100 2020-07-28T17:25:23.147721lavrinenko.info sshd[14434]: Invalid user xuyz from 35.199.73.100 port 32818 2020-07-28T17:25:24.564248lavrinenko.info sshd[14434]: Failed password for invalid user xuyz from 35.199.73.100 port 32818 ssh2 2020-07-28T17:29:44.281401lavrinenko.info sshd[14806]: Invalid user vcsa from 35.199.73.100 port 36764 ...	2020-07-29 01:32:20
5.152.0.226	attack	Automatic report - Port Scan Attack	2020-07-29 01:22:16
87.251.85.102	attack	Jul 28 13:56:36 mxgate1 postfix/postscreen[7251]: CONNECT from [87.251.85.102]:42327 to [176.31.12.44]:25 Jul 28 13:56:36 mxgate1 postfix/dnsblog[7263]: addr 87.251.85.102 listed by domain zen.spamhaus.org as 127.0.0.3 Jul 28 13:56:42 mxgate1 postfix/postscreen[7251]: DNSBL rank 2 for [87.251.85.102]:42327 Jul x@x Jul 28 13:56:43 mxgate1 postfix/postscreen[7251]: DISCONNECT [87.251.85.102]:42327 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=87.251.85.102	2020-07-29 01:07:04
102.89.0.211	attack	Unauthorized connection attempt from IP address 102.89.0.211 on Port 445(SMB)	2020-07-29 01:36:00
106.53.204.206	attackspam	Total attacks: 2	2020-07-29 00:59:43
167.172.216.29	attackspambots	Port Scan detected from 167.172.216.29 (US/United States/California/Santa Clara/-). 4 hits in the last 65 seconds	2020-07-29 01:38:07
60.176.148.198	attack	Jul 28 21:48:51 our-server-hostname sshd[31009]: reveeclipse mapping checking getaddrinfo for 198.148.176.60.broad.hz.zj.dynamic.163data.com.cn [60.176.148.198] failed - POSSIBLE BREAK-IN ATTEMPT! Jul 28 21:48:51 our-server-hostname sshd[31009]: Invalid user liming from 60.176.148.198 Jul 28 21:48:51 our-server-hostname sshd[31009]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.176.148.198 Jul 28 21:48:53 our-server-hostname sshd[31009]: Failed password for invalid user liming from 60.176.148.198 port 48139 ssh2 Jul 28 21:57:32 our-server-hostname sshd[32308]: reveeclipse mapping checking getaddrinfo for 198.148.176.60.broad.hz.zj.dynamic.163data.com.cn [60.176.148.198] failed - POSSIBLE BREAK-IN ATTEMPT! Jul 28 21:57:32 our-server-hostname sshd[32308]: Invalid user jiachi from 60.176.148.198 Jul 28 21:57:32 our-server-hostname sshd[32308]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rho........ -------------------------------	2020-07-29 01:17:54
204.116.1.138	attackspam	Jul 28 13:54:19 * sshd[7829]: Invalid user admin from 204.116.1.138 Jul 28 13:54:19 * sshd[7829]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=204.116.1.138 Jul 28 13:54:21 * sshd[7829]: Failed password for invalid user admin from 204.116.1.138 port 51457 ssh2 Jul 28 13:54:21 * sshd[7829]: Received disconnect from 204.116.1.138: 11: Bye Bye [preauth] Jul 28 13:54:22 * sshd[7833]: Invalid user admin from 204.116.1.138 Jul 28 13:54:22 * sshd[7833]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=204.116.1.138 Jul 28 13:54:24 * sshd[7833]: Failed password for invalid user admin from 204.116.1.138 port 51563 ssh2 Jul 28 13:54:24 * sshd[7833]: Received disconnect from 204.116.1.138: 11: Bye Bye [preauth] Jul 28 13:54:27 * sshd[7835]: Invalid user admin from 204.116.1.138 Jul 28 13:54:27 * sshd[7835]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=s........ -------------------------------	2020-07-29 01:04:04
106.55.170.47	attackspambots	Jul 28 18:42:42 vm1 sshd[23476]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.55.170.47 Jul 28 18:42:45 vm1 sshd[23476]: Failed password for invalid user yuhui from 106.55.170.47 port 33224 ssh2 ...	2020-07-29 01:15:44
187.189.241.135	attackbots	Jul 28 06:33:06 server1 sshd\[18119\]: Invalid user torus from 187.189.241.135 Jul 28 06:33:06 server1 sshd\[18119\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.189.241.135 Jul 28 06:33:07 server1 sshd\[18119\]: Failed password for invalid user torus from 187.189.241.135 port 23097 ssh2 Jul 28 06:37:23 server1 sshd\[20608\]: Invalid user accelrys from 187.189.241.135 Jul 28 06:37:23 server1 sshd\[20608\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.189.241.135 ...	2020-07-29 01:09:27
85.57.145.133	attack	Jul 28 10:07:15 WHD8 dovecot: pop3-login: Disconnected: Inactivity \(auth failed, 1 attempts in 180 secs\): user=\, method=PLAIN, rip=85.57.145.133, lip=10.64.89.208, session=\ Jul 28 10:37:13 WHD8 dovecot: pop3-login: Disconnected: Inactivity \(auth failed, 1 attempts in 180 secs\): user=\, method=PLAIN, rip=85.57.145.133, lip=10.64.89.208, session=\ Jul 28 10:37:15 WHD8 dovecot: pop3-login: Disconnected: Inactivity \(auth failed, 1 attempts in 179 secs\): user=\, method=PLAIN, rip=85.57.145.133, lip=10.64.89.208, session=\ Jul 28 12:45:19 WHD8 dovecot: pop3-login: Aborted login \(auth failed, 1 attempts in 3 secs\): user=\, method=PLAIN, rip=85.57.145.133, lip=10.64.89.208, session=\ Jul 28 12:57:51 WHD8 dovecot: pop3-login: Disconnected \(auth failed, 1 attempts in 6 secs\): user=\, m ...	2020-07-29 01:14:34
180.183.97.182	attackspambots	1595937815 - 07/28/2020 14:03:35 Host: 180.183.97.182/180.183.97.182 Port: 445 TCP Blocked	2020-07-29 01:31:16
103.76.191.99	attackbotsspam	Port Scan ...	2020-07-29 01:03:35
179.108.126.114	attack	Unauthorised access (Jul 28) SRC=179.108.126.114 LEN=52 TOS=0x10 PREC=0x40 TTL=112 ID=10258 DF TCP DPT=445 WINDOW=8192 SYN	2020-07-29 01:18:57

Recently Reported IPs

101.109.150.201	101.109.150.212	101.109.150.216	101.109.150.236
101.109.150.238	101.109.150.242	35.222.39.1	101.109.150.36
101.109.150.52	61.182.242.26	104.136.188.17	104.136.196.12
104.136.182.189	104.136.197.157	104.136.131.88	104.136.20.76
104.136.167.214	104.136.131.100	104.136.197.159	104.136.102.221