104.131.48.94 - IPInfo

Basic Info

City: Clifton

Region: New Jersey

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: DigitalOcean, LLC

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.131.48.26	attack	Sep 25 23:00:01 journals sshd\[39491\]: Invalid user phion from 104.131.48.26 Sep 25 23:00:01 journals sshd\[39491\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.48.26 Sep 25 23:00:03 journals sshd\[39491\]: Failed password for invalid user phion from 104.131.48.26 port 39942 ssh2 Sep 25 23:05:51 journals sshd\[40106\]: Invalid user freeswitch from 104.131.48.26 Sep 25 23:05:51 journals sshd\[40106\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.48.26 ...	2020-09-26 05:02:13
104.131.48.26	attack	Sep 25 13:48:46 IngegnereFirenze sshd[22567]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.48.26 user=root ...	2020-09-25 21:55:56
104.131.48.26	attackbotsspam	Ssh brute force	2020-09-25 13:33:58
104.131.48.67	attack	SSH brute force	2020-09-20 22:22:25
104.131.48.67	attack	SSH brute force	2020-09-20 14:13:58
104.131.48.67	attackbots	Sep 19 22:47:20 xeon sshd[43792]: Failed password for root from 104.131.48.67 port 33574 ssh2	2020-09-20 06:13:58

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.131.48.94
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42953
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.131.48.94.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019050900 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Thu May 09 19:09:34 +08 2019
;; MSG SIZE  rcvd: 117

Host info

Host 94.48.131.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 94.48.131.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
77.247.110.203	attackbots	\[2019-10-02 13:01:50\] NOTICE\[1948\] chan_sip.c: Registration from '\' failed for '77.247.110.203:58260' - Wrong password \[2019-10-02 13:01:50\] SECURITY\[2006\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-10-02T13:01:50.367-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="19000090",SessionID="0x7f1e1c02d9c8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.247.110.203/58260",Challenge="6f70e61f",ReceivedChallenge="6f70e61f",ReceivedHash="e7f3af31eec60850b696047007a1e28b" \[2019-10-02 13:02:28\] NOTICE\[1948\] chan_sip.c: Registration from '\' failed for '77.247.110.203:50821' - Wrong password \[2019-10-02 13:02:28\] SECURITY\[2006\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-10-02T13:02:28.763-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="19000092",SessionID="0x7f1e1c86a428",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77	2019-10-03 01:51:03
114.207.139.203	attackspambots	Oct 2 07:59:50 tdfoods sshd\[14046\]: Invalid user input from 114.207.139.203 Oct 2 07:59:50 tdfoods sshd\[14046\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.207.139.203 Oct 2 07:59:52 tdfoods sshd\[14046\]: Failed password for invalid user input from 114.207.139.203 port 50548 ssh2 Oct 2 08:04:19 tdfoods sshd\[14419\]: Invalid user pi from 114.207.139.203 Oct 2 08:04:19 tdfoods sshd\[14419\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.207.139.203	2019-10-03 02:08:29
113.121.243.245	attack	SASL broute force	2019-10-03 02:10:21
112.175.120.100	attackspam	" "	2019-10-03 02:09:27
111.65.181.96	attack	" "	2019-10-03 02:22:18
212.156.92.82	attackbots	Unauthorized connection attempt from IP address 212.156.92.82 on Port 445(SMB)	2019-10-03 01:34:03
94.102.56.181	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-10-03 02:10:45
221.132.17.81	attackspam	Oct 2 17:49:21 vps691689 sshd[4351]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.132.17.81 Oct 2 17:49:23 vps691689 sshd[4351]: Failed password for invalid user nancys from 221.132.17.81 port 39298 ssh2 Oct 2 17:54:40 vps691689 sshd[4450]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.132.17.81 ...	2019-10-03 01:49:58
188.166.1.123	attackbotsspam	10/02/2019-13:12:36.025806 188.166.1.123 Protocol: 6 ET COMPROMISED Known Compromised or Hostile Host Traffic group 18	2019-10-03 02:18:12
181.40.76.162	attackspambots	Oct 2 17:07:17 localhost sshd\[20899\]: Invalid user usuario from 181.40.76.162 port 59686 Oct 2 17:07:17 localhost sshd\[20899\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.40.76.162 Oct 2 17:07:19 localhost sshd\[20899\]: Failed password for invalid user usuario from 181.40.76.162 port 59686 ssh2 ...	2019-10-03 02:16:52
102.39.73.62	attack	Unauthorized connection attempt from IP address 102.39.73.62 on Port 445(SMB)	2019-10-03 01:44:27
180.101.204.105	attackbots	180.101.204.105 - - [02/Oct/2019:16:37:14 +0200] "GET /TP/public/index.php HTTP/1.1" 404 390 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)" 180.101.204.105 - - [02/Oct/2019:16:37:15 +0200] "GET /TP/index.php HTTP/1.1" 404 390 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)" 180.101.204.105 - - [02/Oct/2019:16:37:17 +0200] "GET /thinkphp/html/public/index.php HTTP/1.1" 404 390 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)" 180.101.204.105 - - [02/Oct/2019:16:37:18 +0200] "GET /html/public/index.php HTTP/1.1" 404 390 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)" 180.101.204.105 - - [02/Oct/2019:16:37:18 +0200] "GET /public/index.php HTTP/1.1" 404 390 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/ ...	2019-10-03 02:11:42
79.139.180.174	attackspambots	Oct 2 12:12:59 f201 sshd[32125]: Connection closed by 79.139.180.174 [preauth] Oct 2 13:28:26 f201 sshd[19012]: Connection closed by 79.139.180.174 [preauth] Oct 2 14:11:49 f201 sshd[30540]: Connection closed by 79.139.180.174 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=79.139.180.174	2019-10-03 01:36:16
112.175.120.64	attackspambots	3389BruteforceFW23	2019-10-03 02:02:30
209.59.188.116	attackspambots	Oct 2 07:54:03 hanapaa sshd\[8968\]: Invalid user 1502 from 209.59.188.116 Oct 2 07:54:03 hanapaa sshd\[8968\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=209.59.188.116 Oct 2 07:54:06 hanapaa sshd\[8968\]: Failed password for invalid user 1502 from 209.59.188.116 port 53216 ssh2 Oct 2 07:58:16 hanapaa sshd\[9320\]: Invalid user test from 209.59.188.116 Oct 2 07:58:16 hanapaa sshd\[9320\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=209.59.188.116	2019-10-03 02:11:10

Recently Reported IPs

30.72.33.78	190.25.219.250	99.8.113.206	79.140.153.19
78.24.182.42	202.222.216.67	1.52.121.202	75.253.1.3
85.154.106.31	206.146.0.230	78.188.139.181	53.227.140.22
181.143.56.178	132.162.87.124	173.212.193.104	179.56.220.253
117.134.211.56	77.40.9.251	200.116.191.185	3.222.135.157