104.131.42.68 - IPInfo

Basic Info

City: Clifton

Region: New Jersey

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.131.42.61	attack	Invalid user kfk from 104.131.42.61 port 39612	2020-09-29 06:03:56
104.131.42.61	attack	Sep 28 11:05:12 fhem-rasp sshd[1994]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.42.61 Sep 28 11:05:15 fhem-rasp sshd[1994]: Failed password for invalid user alessandro from 104.131.42.61 port 48486 ssh2 ...	2020-09-28 22:29:55
104.131.42.61	attack	Sep 28 08:03:50 vmd26974 sshd[13173]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.42.61 Sep 28 08:03:52 vmd26974 sshd[13173]: Failed password for invalid user ubuntu from 104.131.42.61 port 48854 ssh2 ...	2020-09-28 14:34:42

Type

Details

Datetime

104.131.42.61

attack

Invalid user kfk from 104.131.42.61 port 39612

2020-09-29 06:03:56

104.131.42.61

attack

Sep 28 11:05:12 fhem-rasp sshd[1994]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.42.61
Sep 28 11:05:15 fhem-rasp sshd[1994]: Failed password for invalid user alessandro from 104.131.42.61 port 48486 ssh2
...

2020-09-28 22:29:55

104.131.42.61

attack

Sep 28 08:03:50 vmd26974 sshd[13173]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.42.61
Sep 28 08:03:52 vmd26974 sshd[13173]: Failed password for invalid user ubuntu from 104.131.42.61 port 48854 ssh2
...

2020-09-28 14:34:42

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.131.42.68
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 46501
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.131.42.68.			IN	A

;; AUTHORITY SECTION:
.			320	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022032602 1800 900 604800 86400

;; Query time: 61 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Mar 27 08:44:05 CST 2022
;; MSG SIZE  rcvd: 106

Host info

Host 68.42.131.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 68.42.131.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
222.186.175.151	attackbots	Oct 20 21:48:44 www_kotimaassa_fi sshd[18936]: Failed password for root from 222.186.175.151 port 42056 ssh2 Oct 20 21:48:48 www_kotimaassa_fi sshd[18936]: Failed password for root from 222.186.175.151 port 42056 ssh2 ...	2019-10-21 05:52:30
106.52.254.20	attack	Oct 18 01:17:41 mxgate1 sshd[10710]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.254.20 user=r.r Oct 18 01:17:42 mxgate1 sshd[10710]: Failed password for r.r from 106.52.254.20 port 45374 ssh2 Oct 18 01:17:42 mxgate1 sshd[10710]: Received disconnect from 106.52.254.20 port 45374:11: Bye Bye [preauth] Oct 18 01:17:42 mxgate1 sshd[10710]: Disconnected from 106.52.254.20 port 45374 [preauth] Oct 18 01:35:35 mxgate1 sshd[11345]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.254.20 user=r.r Oct 18 01:35:37 mxgate1 sshd[11345]: Failed password for r.r from 106.52.254.20 port 38232 ssh2 Oct 18 01:35:37 mxgate1 sshd[11345]: Received disconnect from 106.52.254.20 port 38232:11: Bye Bye [preauth] Oct 18 01:35:37 mxgate1 sshd[11345]: Disconnected from 106.52.254.20 port 38232 [preauth] Oct 18 01:40:13 mxgate1 sshd[11441]: Invalid user mysql from 106.52.254.20 port 50752 Oct 18 01:........ -------------------------------	2019-10-21 05:53:40
193.238.177.91	attackspam	Honeypot attack, port: 445, PTR: host-193-238-177-91.123online.org.	2019-10-21 05:29:00
59.63.163.30	attackspambots	WordPress wp-login brute force :: 59.63.163.30 0.040 BYPASS [21/Oct/2019:07:27:07 1100] [censored_2] "POST /wp-login.php HTTP/1.1" 200 4630 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-10-21 05:26:25
89.248.169.17	attackspam	From CCTV User Interface Log ...::ffff:89.248.169.17 - - [20/Oct/2019:17:19:08 +0000] "GET / HTTP/1.1" 200 960 ...	2019-10-21 05:31:06
46.101.43.235	attackbotsspam	Oct 16 23:58:43 plesk sshd[4399]: Invalid user = from 46.101.43.235 Oct 16 23:58:43 plesk sshd[4399]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.43.235 Oct 16 23:58:45 plesk sshd[4399]: Failed password for invalid user = from 46.101.43.235 port 51388 ssh2 Oct 16 23:58:45 plesk sshd[4399]: Received disconnect from 46.101.43.235: 11: Bye Bye [preauth] Oct 16 23:59:26 plesk sshd[4458]: Invalid user , from 46.101.43.235 Oct 16 23:59:26 plesk sshd[4458]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.43.235 Oct 16 23:59:28 plesk sshd[4458]: Failed password for invalid user , from 46.101.43.235 port 42789 ssh2 Oct 16 23:59:28 plesk sshd[4458]: Received disconnect from 46.101.43.235: 11: Bye Bye [preauth] Oct 17 00:00:09 plesk sshd[4497]: Invalid user ! from 46.101.43.235 Oct 17 00:00:09 plesk sshd[4497]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=s........ -------------------------------	2019-10-21 05:23:48
58.240.218.198	attackspambots	Oct 20 22:22:41 v22018076622670303 sshd\[3012\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.240.218.198 user=root Oct 20 22:22:43 v22018076622670303 sshd\[3012\]: Failed password for root from 58.240.218.198 port 52434 ssh2 Oct 20 22:26:48 v22018076622670303 sshd\[3030\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.240.218.198 user=root ...	2019-10-21 05:35:04
198.211.110.133	attackbots	Oct 20 23:07:14 server sshd\[32517\]: Invalid user admin from 198.211.110.133 Oct 20 23:07:14 server sshd\[32517\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.211.110.133 Oct 20 23:07:16 server sshd\[32517\]: Failed password for invalid user admin from 198.211.110.133 port 34134 ssh2 Oct 20 23:26:24 server sshd\[5793\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.211.110.133 user=root Oct 20 23:26:26 server sshd\[5793\]: Failed password for root from 198.211.110.133 port 46940 ssh2 ...	2019-10-21 05:51:02
188.240.208.26	attackspambots	WordPress wp-login brute force :: 188.240.208.26 0.116 BYPASS [21/Oct/2019:08:07:24 1100] www.[censored_1] "POST /wp-login.php HTTP/1.1" 200 3979 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.90 Safari/537.36 2345Explorer/9.3.2.17331"	2019-10-21 05:41:14
70.132.17.57	attackbotsspam	Automatic report generated by Wazuh	2019-10-21 05:21:39
180.168.55.110	attackspam	Oct 20 21:41:34 hcbbdb sshd\[1912\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.168.55.110 user=root Oct 20 21:41:36 hcbbdb sshd\[1912\]: Failed password for root from 180.168.55.110 port 45596 ssh2 Oct 20 21:45:44 hcbbdb sshd\[2367\]: Invalid user operator from 180.168.55.110 Oct 20 21:45:44 hcbbdb sshd\[2367\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.168.55.110 Oct 20 21:45:46 hcbbdb sshd\[2367\]: Failed password for invalid user operator from 180.168.55.110 port 36570 ssh2	2019-10-21 05:52:12
182.239.43.161	attackspambots	WordPress wp-login brute force :: 182.239.43.161 0.052 BYPASS [21/Oct/2019:07:26:24 1100] [censored_4] "POST /wp-login.php HTTP/1.1" 200 3989 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-10-21 05:51:52
67.205.139.165	attackbots	Oct 18 01:23:28 ovpn sshd[4489]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=67.205.139.165 user=r.r Oct 18 01:23:30 ovpn sshd[4489]: Failed password for r.r from 67.205.139.165 port 52166 ssh2 Oct 18 01:23:30 ovpn sshd[4489]: Received disconnect from 67.205.139.165 port 52166:11: Bye Bye [preauth] Oct 18 01:23:30 ovpn sshd[4489]: Disconnected from 67.205.139.165 port 52166 [preauth] Oct 18 01:31:14 ovpn sshd[6025]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=67.205.139.165 user=r.r Oct 18 01:31:17 ovpn sshd[6025]: Failed password for r.r from 67.205.139.165 port 35434 ssh2 Oct 18 01:31:17 ovpn sshd[6025]: Received disconnect from 67.205.139.165 port 35434:11: Bye Bye [preauth] Oct 18 01:31:17 ovpn sshd[6025]: Disconnected from 67.205.139.165 port 35434 [preauth] Oct 18 01:34:48 ovpn sshd[6710]: Invalid user vl from 67.205.139.165 Oct 18 01:34:48 ovpn sshd[6710]: pam_unix(sshd:auth)........ ------------------------------	2019-10-21 05:52:51
190.145.25.166	attackspam	2019-10-20T21:29:18.874038abusebot-2.cloudsearch.cf sshd\[31140\]: Invalid user okmnj from 190.145.25.166 port 65044	2019-10-21 05:39:04
119.84.8.43	attackbots	$f2bV_matches	2019-10-21 05:54:08

Recently Reported IPs

104.131.34.167	104.131.46.32	104.131.49.175	104.131.5.212
104.131.53.141	104.131.55.224	104.131.63.24	104.131.66.12
104.131.71.91	104.131.75.154	104.131.77.113	104.131.79.59
104.131.81.202	104.131.86.61	104.131.87.95	104.131.90.200
104.131.95.195	104.131.95.198	104.131.96.116	9.216.26.22