104.131.216.55

Basic Info

City: New York

Region: New York

Country: United States

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	DigitalOcean BotNet attack - 10s of requests to non-existent pages - :443/app-ads.txt - typically bursts of 8 requests per second - undefined, XSS attacks node-superagent/4.1.0	2020-03-09 05:17:03

Comments on same subnet:

IP	Type	Details	Datetime
104.131.216.62	attackspam	DigitalOcean BotNet attack - 10s of requests to non- pages - :443/app-ads.txt - typically bursts of 8 requests per second - undefined, XSS attacks UA removed	2020-04-20 01:53:27
104.131.216.136	attack	DigitalOcean BotNet attack - 10s of requests to non- pages - :443/app-ads.txt - typically bursts of 8 requests per second - undefined, XSS attacks UA removed	2020-04-17 20:36:08
104.131.216.33	attackbots	DigitalOcean BotNet attack - 10s of requests to non- pages - :443/app-ads.txt - typically bursts of 8 requests per second - undefined, XSS attacks UA removed	2020-03-30 01:38:07
104.131.216.35	attackbots	DigitalOcean BotNet attack - 10s of requests to non- pages - :443/app-ads.txt - typically bursts of 8 requests per second - undefined, XSS attacks UA removed	2020-03-29 23:47:17
104.131.216.36	attackspambots	DigitalOcean BotNet attack - 10s of requests to non-existent pages - :443/app-ads.txt - typically bursts of 8 requests per second - undefined, XSS attacks node-superagent/4.1.0	2020-03-10 04:33:40
104.131.216.170	attackbotsspam	Fail2Ban Ban Triggered	2020-01-08 13:52:20
104.131.216.33	attackspam	DigitalOcean BotNet attack - 10s of requests to non-existent pages - :443/app-ads.txt - typically bursts of 8 requests per second - undefined, XSS attacks node-superagent/4.1.0	2019-12-27 01:17:50

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.131.216.55
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4187
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.131.216.55.			IN	A

;; AUTHORITY SECTION:
.			416	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020030801 1800 900 604800 86400

;; Query time: 50 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Mar 09 05:17:00 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 55.216.131.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 55.216.131.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
95.252.33.204	attack	Host Scan	2020-01-01 16:09:36
222.186.190.2	attack	$f2bV_matches	2020-01-01 16:02:07
106.12.3.170	attackspambots	Dec 31 16:14:42 server sshd\[4999\]: Invalid user thebeast from 106.12.3.170 Dec 31 16:14:42 server sshd\[4999\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.3.170 Dec 31 16:14:44 server sshd\[4999\]: Failed password for invalid user thebeast from 106.12.3.170 port 44966 ssh2 Jan 1 10:22:46 server sshd\[26361\]: Invalid user bot2 from 106.12.3.170 Jan 1 10:22:46 server sshd\[26361\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.3.170 ...	2020-01-01 15:37:46
179.97.69.20	attack	Jan 1 08:29:46 MK-Soft-VM7 sshd[11295]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.97.69.20 Jan 1 08:29:48 MK-Soft-VM7 sshd[11295]: Failed password for invalid user root8888 from 179.97.69.20 port 50998 ssh2 ...	2020-01-01 15:51:39
203.92.33.93	attackbots	C1,WP GET /lappan/wp-login.php	2020-01-01 15:34:13
218.86.123.242	attackspambots	2020-01-01T07:23:28.574607shield sshd\[29507\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.86.123.242 user=nobody 2020-01-01T07:23:30.699835shield sshd\[29507\]: Failed password for nobody from 218.86.123.242 port 54407 ssh2 2020-01-01T07:27:02.595819shield sshd\[31165\]: Invalid user test from 218.86.123.242 port 14241 2020-01-01T07:27:02.600711shield sshd\[31165\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.86.123.242 2020-01-01T07:27:04.103771shield sshd\[31165\]: Failed password for invalid user test from 218.86.123.242 port 14241 ssh2	2020-01-01 15:40:17
178.128.86.127	attackbotsspam	Jan 1 07:16:24 server sshd[3669]: Failed password for invalid user saint from 178.128.86.127 port 42126 ssh2 Jan 1 07:25:03 server sshd[3923]: Failed password for invalid user admin from 178.128.86.127 port 39250 ssh2 Jan 1 07:27:42 server sshd[3972]: Failed password for invalid user gamm from 178.128.86.127 port 34256 ssh2	2020-01-01 16:06:07
202.100.182.250	attackspambots	Dec 31 18:02:40 server sshd\[25046\]: Failed password for root from 202.100.182.250 port 60758 ssh2 Jan 1 09:45:17 server sshd\[17278\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.100.182.250 user=root Jan 1 09:45:19 server sshd\[17278\]: Failed password for root from 202.100.182.250 port 50012 ssh2 Jan 1 09:45:21 server sshd\[17278\]: Failed password for root from 202.100.182.250 port 50012 ssh2 Jan 1 09:45:23 server sshd\[17278\]: Failed password for root from 202.100.182.250 port 50012 ssh2 ...	2020-01-01 15:58:37
46.214.108.92	attackbotsspam	Jan 1 07:28:21 icecube sshd[86468]: Failed password for root from 46.214.108.92 port 58184 ssh2	2020-01-01 15:40:56
179.83.56.223	attackbotsspam	Automatic report - Port Scan Attack	2020-01-01 15:53:19
219.141.211.70	attack	Host Scan	2020-01-01 15:46:42
178.176.222.9	attackspam	Honeypot attack, port: 23, PTR: PTR record not found	2020-01-01 16:04:45
159.89.165.36	attackbots	Jan 1 07:28:20 zeus sshd[14354]: Failed password for mysql from 159.89.165.36 port 57712 ssh2 Jan 1 07:32:03 zeus sshd[14442]: Failed password for root from 159.89.165.36 port 32954 ssh2 Jan 1 07:35:31 zeus sshd[14531]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.165.36	2020-01-01 16:01:40
92.63.194.81	attack	01/01/2020-01:28:16.580361 92.63.194.81 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-01-01 15:44:26
51.77.140.111	attack	...	2020-01-01 16:04:03

Recently Reported IPs

84.108.247.149	18.180.124.121	3.159.165.238	99.71.6.223
45.216.240.131	32.188.162.211	188.206.64.220	123.110.6.172
100.234.36.66	87.59.14.220	142.93.204.235	115.100.30.145
140.224.132.68	212.135.86.161	122.227.33.244	39.210.123.216
79.44.247.190	193.189.45.120	60.134.238.95	70.199.106.197