104.131.42.68 - IPInfo

Basic Info

City: Clifton

Region: New Jersey

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.131.42.61	attack	Invalid user kfk from 104.131.42.61 port 39612	2020-09-29 06:03:56
104.131.42.61	attack	Sep 28 11:05:12 fhem-rasp sshd[1994]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.42.61 Sep 28 11:05:15 fhem-rasp sshd[1994]: Failed password for invalid user alessandro from 104.131.42.61 port 48486 ssh2 ...	2020-09-28 22:29:55
104.131.42.61	attack	Sep 28 08:03:50 vmd26974 sshd[13173]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.42.61 Sep 28 08:03:52 vmd26974 sshd[13173]: Failed password for invalid user ubuntu from 104.131.42.61 port 48854 ssh2 ...	2020-09-28 14:34:42

Type

Details

Datetime

104.131.42.61

attack

Invalid user kfk from 104.131.42.61 port 39612

2020-09-29 06:03:56

104.131.42.61

attack

Sep 28 11:05:12 fhem-rasp sshd[1994]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.42.61
Sep 28 11:05:15 fhem-rasp sshd[1994]: Failed password for invalid user alessandro from 104.131.42.61 port 48486 ssh2
...

2020-09-28 22:29:55

104.131.42.61

attack

Sep 28 08:03:50 vmd26974 sshd[13173]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.42.61
Sep 28 08:03:52 vmd26974 sshd[13173]: Failed password for invalid user ubuntu from 104.131.42.61 port 48854 ssh2
...

2020-09-28 14:34:42

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.131.42.68
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 46501
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.131.42.68.			IN	A

;; AUTHORITY SECTION:
.			320	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022032602 1800 900 604800 86400

;; Query time: 61 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Mar 27 08:44:05 CST 2022
;; MSG SIZE  rcvd: 106

Host info

Host 68.42.131.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 68.42.131.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
217.136.4.88	attackspam	SSHAttack	2019-06-23 14:31:06
222.186.129.44	attack	ports scanning	2019-06-23 14:39:38
82.119.111.122	attackbots	Automatic report - Web App Attack	2019-06-23 15:15:38
127.0.0.1	attack	most exploited ip by Carlos mackinnon in Catalan -expected neighbour link and Inverness on lineK enable.co.uk-add capital have a new network -pedophiles in camper vans albs -lara.ns.cloudflare.com hijacked account by Inverness online near Inverness - reprogramming -apply this and that .com/by/co/io/io io /biz and world wide web managed by IT DEV -UNBELIEVABLE -GSTATIC IS PEDOPHILE SET UP WITH BBC/CHAN 4 TV	2019-06-23 14:27:34
58.242.83.28	attackbots	Jun 23 08:21:50 dcd-gentoo sshd[18549]: User root from 58.242.83.28 not allowed because none of user's groups are listed in AllowGroups Jun 23 08:21:54 dcd-gentoo sshd[18549]: error: PAM: Authentication failure for illegal user root from 58.242.83.28 Jun 23 08:21:50 dcd-gentoo sshd[18549]: User root from 58.242.83.28 not allowed because none of user's groups are listed in AllowGroups Jun 23 08:21:54 dcd-gentoo sshd[18549]: error: PAM: Authentication failure for illegal user root from 58.242.83.28 Jun 23 08:21:50 dcd-gentoo sshd[18549]: User root from 58.242.83.28 not allowed because none of user's groups are listed in AllowGroups Jun 23 08:21:54 dcd-gentoo sshd[18549]: error: PAM: Authentication failure for illegal user root from 58.242.83.28 Jun 23 08:21:54 dcd-gentoo sshd[18549]: Failed keyboard-interactive/pam for invalid user root from 58.242.83.28 port 64864 ssh2 ...	2019-06-23 14:29:31
14.228.227.16	attackbots	445/tcp [2019-06-22]1pkt	2019-06-23 14:24:18
220.225.126.55	attackbotsspam	Invalid user linux from 220.225.126.55 port 48652	2019-06-23 15:11:38
197.33.225.70	attackbots	23/tcp [2019-06-22]1pkt	2019-06-23 14:25:07
179.145.49.105	attackbotsspam	Lines containing failures of 179.145.49.105 Jun 20 06:01:34 ariston sshd[300]: Bad protocol version identification '' from 179.145.49.105 port 49016 Jun 20 06:01:37 ariston sshd[301]: Invalid user support from 179.145.49.105 port 50078 Jun 20 06:01:37 ariston sshd[301]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.145.49.105 Jun 20 06:01:39 ariston sshd[301]: Failed password for invalid user support from 179.145.49.105 port 50078 ssh2 Jun 20 06:01:40 ariston sshd[301]: Connection closed by invalid user support 179.145.49.105 port 50078 [preauth] Jun 20 06:01:41 ariston sshd[311]: Invalid user ubnt from 179.145.49.105 port 54098 Jun 20 06:01:41 ariston sshd[311]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.145.49.105 Jun 20 06:01:44 ariston sshd[311]: Failed password for invalid user ubnt from 179.145.49.105 port 54098 ssh2 Jun 20 06:01:45 ariston sshd[311]: Connection closed by........ ------------------------------	2019-06-23 15:17:08
42.230.35.169	attackspambots	5500/tcp [2019-06-22]1pkt	2019-06-23 14:57:17
119.51.179.165	attackspambots	23/tcp [2019-06-22]1pkt	2019-06-23 14:30:23
202.190.181.177	attackbotsspam	Jun 23 02:09:36 tux-35-217 sshd\[8191\]: Invalid user riak from 202.190.181.177 port 33782 Jun 23 02:09:36 tux-35-217 sshd\[8191\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.190.181.177 Jun 23 02:09:37 tux-35-217 sshd\[8191\]: Failed password for invalid user riak from 202.190.181.177 port 33782 ssh2 Jun 23 02:11:15 tux-35-217 sshd\[8228\]: Invalid user dante from 202.190.181.177 port 50290 Jun 23 02:11:15 tux-35-217 sshd\[8228\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.190.181.177 ...	2019-06-23 14:35:46
62.225.236.240	attackspam	23/tcp [2019-06-22]1pkt	2019-06-23 15:13:09
186.42.103.178	attackspambots	Jun 18 23:30:29 roadrisk sshd[30775]: reveeclipse mapping checking getaddrinfo for 178.103.42.186.static.anycast.cnt-grms.ec [186.42.103.178] failed - POSSIBLE BREAK-IN ATTEMPT! Jun 18 23:30:29 roadrisk sshd[30775]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.42.103.178 user=r.r Jun 18 23:30:30 roadrisk sshd[30775]: Failed password for r.r from 186.42.103.178 port 49298 ssh2 Jun 18 23:30:31 roadrisk sshd[30775]: Received disconnect from 186.42.103.178: 11: Bye Bye [preauth] Jun 18 23:36:04 roadrisk sshd[30844]: reveeclipse mapping checking getaddrinfo for 178.103.42.186.static.anycast.cnt-grms.ec [186.42.103.178] failed - POSSIBLE BREAK-IN ATTEMPT! Jun 18 23:36:07 roadrisk sshd[30844]: Failed password for invalid user http from 186.42.103.178 port 51174 ssh2 Jun 18 23:36:07 roadrisk sshd[30844]: Received disconnect from 186.42.103.178: 11: Bye Bye [preauth] Jun 18 23:38:20 roadrisk sshd[30881]: reveeclipse mapping checkin........ -------------------------------	2019-06-23 14:42:37
120.10.145.190	attackbotsspam	23/tcp [2019-06-22]1pkt	2019-06-23 14:54:11

Recently Reported IPs

104.131.34.167	104.131.46.32	104.131.49.175	104.131.5.212
104.131.53.141	104.131.55.224	104.131.63.24	104.131.66.12
104.131.71.91	104.131.75.154	104.131.77.113	104.131.79.59
104.131.81.202	104.131.86.61	104.131.87.95	104.131.90.200
104.131.95.195	104.131.95.198	104.131.96.116	9.216.26.22