104.131.4.140 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.131.45.150	attackbotsspam	SSH Brute-Force Attack	2020-10-10 06:06:26
104.131.45.150	attackspam	Oct 9 12:08:42 santamaria sshd\[16538\]: Invalid user user1 from 104.131.45.150 Oct 9 12:08:42 santamaria sshd\[16538\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.45.150 Oct 9 12:08:44 santamaria sshd\[16538\]: Failed password for invalid user user1 from 104.131.45.150 port 57974 ssh2 ...	2020-10-09 22:13:31
104.131.45.150	attack	$f2bV_matches	2020-10-09 14:03:29
104.131.45.150	attackbots	2020-10-04 13:27:23.806264-0500 localhost sshd[92460]: Failed password for root from 104.131.45.150 port 34974 ssh2	2020-10-05 04:06:22
104.131.45.150	attack	(sshd) Failed SSH login from 104.131.45.150 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 4 02:01:54 optimus sshd[12276]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.45.150 user=root Oct 4 02:01:56 optimus sshd[12276]: Failed password for root from 104.131.45.150 port 39428 ssh2 Oct 4 02:14:27 optimus sshd[29613]: Invalid user student7 from 104.131.45.150 Oct 4 02:14:27 optimus sshd[29613]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.45.150 Oct 4 02:14:29 optimus sshd[29613]: Failed password for invalid user student7 from 104.131.45.150 port 57512 ssh2	2020-10-04 19:56:44
104.131.42.61	attack	Invalid user kfk from 104.131.42.61 port 39612	2020-09-29 06:03:56
104.131.42.61	attack	Sep 28 11:05:12 fhem-rasp sshd[1994]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.42.61 Sep 28 11:05:15 fhem-rasp sshd[1994]: Failed password for invalid user alessandro from 104.131.42.61 port 48486 ssh2 ...	2020-09-28 22:29:55
104.131.42.61	attack	Sep 28 08:03:50 vmd26974 sshd[13173]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.42.61 Sep 28 08:03:52 vmd26974 sshd[13173]: Failed password for invalid user ubuntu from 104.131.42.61 port 48854 ssh2 ...	2020-09-28 14:34:42
104.131.48.26	attack	Sep 25 23:00:01 journals sshd\[39491\]: Invalid user phion from 104.131.48.26 Sep 25 23:00:01 journals sshd\[39491\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.48.26 Sep 25 23:00:03 journals sshd\[39491\]: Failed password for invalid user phion from 104.131.48.26 port 39942 ssh2 Sep 25 23:05:51 journals sshd\[40106\]: Invalid user freeswitch from 104.131.48.26 Sep 25 23:05:51 journals sshd\[40106\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.48.26 ...	2020-09-26 05:02:13
104.131.48.26	attack	Sep 25 13:48:46 IngegnereFirenze sshd[22567]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.48.26 user=root ...	2020-09-25 21:55:56
104.131.48.26	attackbotsspam	Ssh brute force	2020-09-25 13:33:58
104.131.48.67	attack	SSH brute force	2020-09-20 22:22:25
104.131.48.67	attack	SSH brute force	2020-09-20 14:13:58
104.131.48.67	attackbots	Sep 19 22:47:20 xeon sshd[43792]: Failed password for root from 104.131.48.67 port 33574 ssh2	2020-09-20 06:13:58
104.131.45.150	attack	Sep 12 17:21:00 prox sshd[28018]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.45.150 Sep 12 17:21:03 prox sshd[28018]: Failed password for invalid user chloe from 104.131.45.150 port 45598 ssh2	2020-09-13 00:04:48

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.131.4.140
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55429
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.131.4.140.			IN	A

;; AUTHORITY SECTION:
.			461	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022030302 1800 900 604800 86400

;; Query time: 18 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Mar 04 11:45:35 CST 2022
;; MSG SIZE  rcvd: 106

Host info

140.4.131.104.in-addr.arpa domain name pointer seuguru.digital.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
140.4.131.104.in-addr.arpa	name = seuguru.digital.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
182.61.40.214	attack	Port Scan ...	2020-09-01 22:31:24
35.232.241.208	attack	2020-09-01T15:58:53.774321+02:00 sshd[15779]: Failed password for invalid user status from 35.232.241.208 port 43286 ssh2	2020-09-01 22:10:24
109.244.100.99	attackbots	sshd jail - ssh hack attempt	2020-09-01 22:08:50
18.27.197.252	attackbots	Sep 1 16:25:53 ncomp sshd[23113]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=18.27.197.252 user=root Sep 1 16:25:55 ncomp sshd[23113]: Failed password for root from 18.27.197.252 port 46588 ssh2 Sep 1 16:26:06 ncomp sshd[23113]: error: maximum authentication attempts exceeded for root from 18.27.197.252 port 46588 ssh2 [preauth] Sep 1 16:25:53 ncomp sshd[23113]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=18.27.197.252 user=root Sep 1 16:25:55 ncomp sshd[23113]: Failed password for root from 18.27.197.252 port 46588 ssh2 Sep 1 16:26:06 ncomp sshd[23113]: error: maximum authentication attempts exceeded for root from 18.27.197.252 port 46588 ssh2 [preauth]	2020-09-01 22:29:48
5.188.86.206	attackspam	Cowrie Honeypot: Unauthorised SSH/Telnet login attempt with user "root" at 2020-09-01T14:04:40Z	2020-09-01 22:06:01
49.233.160.103	attack	Sep 1 14:33:50 rancher-0 sshd[1385904]: Invalid user nfe from 49.233.160.103 port 37732 ...	2020-09-01 21:57:13
103.133.105.65	attackbots	Sep 1 15:25:52 ns308116 postfix/smtpd[23746]: warning: unknown[103.133.105.65]: SASL LOGIN authentication failed: authentication failure Sep 1 15:25:52 ns308116 postfix/smtpd[23746]: warning: unknown[103.133.105.65]: SASL LOGIN authentication failed: authentication failure Sep 1 15:25:53 ns308116 postfix/smtpd[23746]: warning: unknown[103.133.105.65]: SASL LOGIN authentication failed: authentication failure Sep 1 15:25:53 ns308116 postfix/smtpd[23746]: warning: unknown[103.133.105.65]: SASL LOGIN authentication failed: authentication failure Sep 1 15:25:54 ns308116 postfix/smtpd[23746]: warning: unknown[103.133.105.65]: SASL LOGIN authentication failed: authentication failure Sep 1 15:25:54 ns308116 postfix/smtpd[23746]: warning: unknown[103.133.105.65]: SASL LOGIN authentication failed: authentication failure ...	2020-09-01 22:34:21
49.234.45.241	attackbots	SSH Login Bruteforce	2020-09-01 22:27:46
88.250.12.76	attackspam	Portscan detected	2020-09-01 22:19:56
114.33.97.221	attackspambots	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-09-01 22:26:33
51.255.83.132	attack	51.255.83.132 - - [01/Sep/2020:14:41:15 +0100] "POST /wp-login.php HTTP/1.1" 200 2121 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 51.255.83.132 - - [01/Sep/2020:14:41:16 +0100] "POST /wp-login.php HTTP/1.1" 200 2116 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 51.255.83.132 - - [01/Sep/2020:14:41:17 +0100] "POST /wp-login.php HTTP/1.1" 200 2086 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-01 22:38:34
112.85.42.176	attackspambots	Sep 1 15:38:19 piServer sshd[5764]: Failed password for root from 112.85.42.176 port 1308 ssh2 Sep 1 15:38:24 piServer sshd[5764]: Failed password for root from 112.85.42.176 port 1308 ssh2 Sep 1 15:38:28 piServer sshd[5764]: Failed password for root from 112.85.42.176 port 1308 ssh2 Sep 1 15:38:32 piServer sshd[5764]: Failed password for root from 112.85.42.176 port 1308 ssh2 ...	2020-09-01 21:59:57
222.186.175.169	attackbotsspam	Sep 1 15:52:43 vm1 sshd[25124]: Failed password for root from 222.186.175.169 port 31692 ssh2 Sep 1 15:52:58 vm1 sshd[25124]: error: maximum authentication attempts exceeded for root from 222.186.175.169 port 31692 ssh2 [preauth] ...	2020-09-01 22:00:22
219.240.99.110	attackspam	$f2bV_matches	2020-09-01 22:25:27
93.123.96.141	attack	ET CINS Active Threat Intelligence Poor Reputation IP group 81 - port: 24079 proto: tcp cat: Misc Attackbytes: 60	2020-09-01 22:21:37

Recently Reported IPs

112.66.108.171	104.131.36.57	104.131.35.213	104.131.38.99
104.131.4.194	104.131.48.112	104.131.40.238	104.131.46.73
104.131.48.52	104.131.49.195	112.66.108.177	104.131.57.251
104.131.55.171	104.131.5.31	104.131.5.69	104.131.56.128
104.131.63.174	104.131.71.50	104.131.67.121	104.131.81.85