104.131.216.55

Basic Info

City: New York

Region: New York

Country: United States

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	DigitalOcean BotNet attack - 10s of requests to non-existent pages - :443/app-ads.txt - typically bursts of 8 requests per second - undefined, XSS attacks node-superagent/4.1.0	2020-03-09 05:17:03

Comments on same subnet:

IP	Type	Details	Datetime
104.131.216.62	attackspam	DigitalOcean BotNet attack - 10s of requests to non- pages - :443/app-ads.txt - typically bursts of 8 requests per second - undefined, XSS attacks UA removed	2020-04-20 01:53:27
104.131.216.136	attack	DigitalOcean BotNet attack - 10s of requests to non- pages - :443/app-ads.txt - typically bursts of 8 requests per second - undefined, XSS attacks UA removed	2020-04-17 20:36:08
104.131.216.33	attackbots	DigitalOcean BotNet attack - 10s of requests to non- pages - :443/app-ads.txt - typically bursts of 8 requests per second - undefined, XSS attacks UA removed	2020-03-30 01:38:07
104.131.216.35	attackbots	DigitalOcean BotNet attack - 10s of requests to non- pages - :443/app-ads.txt - typically bursts of 8 requests per second - undefined, XSS attacks UA removed	2020-03-29 23:47:17
104.131.216.36	attackspambots	DigitalOcean BotNet attack - 10s of requests to non-existent pages - :443/app-ads.txt - typically bursts of 8 requests per second - undefined, XSS attacks node-superagent/4.1.0	2020-03-10 04:33:40
104.131.216.170	attackbotsspam	Fail2Ban Ban Triggered	2020-01-08 13:52:20
104.131.216.33	attackspam	DigitalOcean BotNet attack - 10s of requests to non-existent pages - :443/app-ads.txt - typically bursts of 8 requests per second - undefined, XSS attacks node-superagent/4.1.0	2019-12-27 01:17:50

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.131.216.55
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4187
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.131.216.55.			IN	A

;; AUTHORITY SECTION:
.			416	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020030801 1800 900 604800 86400

;; Query time: 50 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Mar 09 05:17:00 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 55.216.131.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 55.216.131.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
139.199.122.210	attackbots	Dec 15 23:09:13 localhost sshd\[124625\]: Invalid user id from 139.199.122.210 port 38108 Dec 15 23:09:13 localhost sshd\[124625\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.122.210 Dec 15 23:09:15 localhost sshd\[124625\]: Failed password for invalid user id from 139.199.122.210 port 38108 ssh2 Dec 15 23:14:50 localhost sshd\[124858\]: Invalid user lippe from 139.199.122.210 port 34458 Dec 15 23:14:50 localhost sshd\[124858\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.122.210 ...	2019-12-16 07:20:27
95.189.104.78	attackspam	Unauthorised access (Dec 16) SRC=95.189.104.78 LEN=52 PREC=0x20 TTL=114 ID=17216 DF TCP DPT=445 WINDOW=8192 SYN	2019-12-16 06:59:19
40.92.67.49	attackspambots	Dec 16 01:49:44 debian-2gb-vpn-nbg1-1 kernel: [828555.804860] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:38:96:44:d2:74:7f:6e:37:e3:08:00 SRC=40.92.67.49 DST=78.46.192.101 LEN=40 TOS=0x00 PREC=0x00 TTL=238 ID=46275 DF PROTO=TCP SPT=63476 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0	2019-12-16 07:06:17
189.125.2.234	attack	Dec 15 20:44:19 ws12vmsma01 sshd[61968]: Invalid user szpakowski from 189.125.2.234 Dec 15 20:44:20 ws12vmsma01 sshd[61968]: Failed password for invalid user szpakowski from 189.125.2.234 port 33278 ssh2 Dec 15 20:52:16 ws12vmsma01 sshd[63219]: Invalid user windbacher from 189.125.2.234 ...	2019-12-16 07:25:19
45.55.136.206	attackbots	Invalid user emc from 45.55.136.206 port 33328	2019-12-16 06:46:03
106.12.23.198	attackspam	Dec 15 18:19:00 TORMINT sshd\[20441\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.23.198 user=root Dec 15 18:19:02 TORMINT sshd\[20441\]: Failed password for root from 106.12.23.198 port 41098 ssh2 Dec 15 18:24:45 TORMINT sshd\[21175\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.23.198 user=backup ...	2019-12-16 07:33:42
134.209.252.119	attackbotsspam	Dec 15 22:03:18 srv206 sshd[30479]: Invalid user barentsen from 134.209.252.119 ...	2019-12-16 06:48:57
188.131.142.199	attackspam	Dec 16 00:50:05 server sshd\[20573\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.131.142.199 user=root Dec 16 00:50:07 server sshd\[20573\]: Failed password for root from 188.131.142.199 port 49774 ssh2 Dec 16 01:01:02 server sshd\[23888\]: Invalid user test3 from 188.131.142.199 Dec 16 01:01:02 server sshd\[23888\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.131.142.199 Dec 16 01:01:04 server sshd\[23888\]: Failed password for invalid user test3 from 188.131.142.199 port 52484 ssh2 ...	2019-12-16 06:45:09
138.68.18.232	attackspambots	Dec 15 13:15:46 auw2 sshd\[6812\]: Invalid user pass9999 from 138.68.18.232 Dec 15 13:15:46 auw2 sshd\[6812\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.18.232 Dec 15 13:15:48 auw2 sshd\[6812\]: Failed password for invalid user pass9999 from 138.68.18.232 port 55824 ssh2 Dec 15 13:21:15 auw2 sshd\[7318\]: Invalid user winfield from 138.68.18.232 Dec 15 13:21:16 auw2 sshd\[7318\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.18.232	2019-12-16 07:28:09
37.191.209.83	attackbotsspam	23/tcp 23/tcp 23/tcp... [2019-11-06/12-15]7pkt,1pt.(tcp)	2019-12-16 07:09:27
132.232.79.135	attackbots	2019-12-15T23:18:28.650520shield sshd\[19464\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.79.135 user=root 2019-12-15T23:18:30.407123shield sshd\[19464\]: Failed password for root from 132.232.79.135 port 33460 ssh2 2019-12-15T23:24:29.948684shield sshd\[21579\]: Invalid user backup from 132.232.79.135 port 59142 2019-12-15T23:24:29.953274shield sshd\[21579\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.79.135 2019-12-15T23:24:32.271500shield sshd\[21579\]: Failed password for invalid user backup from 132.232.79.135 port 59142 ssh2	2019-12-16 07:28:52
120.28.109.188	attackbots	leo_www	2019-12-16 07:08:23
159.203.201.217	attackspambots	Unauthorized connection attempt detected from IP address 159.203.201.217 to port 514	2019-12-16 07:22:25
85.202.195.115	attackbotsspam	Ein möglicherweise gefährlicher Request.Form-Wert wurde vom Client (mp$ContentZone$TxtMessage="	2019-12-16 07:26:10
58.216.146.133	attackbots	1433/tcp 1433/tcp 1433/tcp [2019-11-26/12-15]3pkt	2019-12-16 07:13:11

Recently Reported IPs

84.108.247.149	18.180.124.121	3.159.165.238	99.71.6.223
45.216.240.131	32.188.162.211	188.206.64.220	123.110.6.172
100.234.36.66	87.59.14.220	142.93.204.235	115.100.30.145
140.224.132.68	212.135.86.161	122.227.33.244	39.210.123.216
79.44.247.190	193.189.45.120	60.134.238.95	70.199.106.197