104.131.50.85 - IPInfo

Basic Info

City: Clifton

Region: New Jersey

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.131.50.20	attack	Nov 30 05:58:45 sshd[16692]: Connection from 104.131.50.20 port 50820 on server Nov 30 05:58:45 sshd[16692]: Did not receive identification string from 104.131.50.20 Nov 30 06:21:35 sshd[16873]: Connection from 104.131.50.20 port 42310 on server Nov 30 06:21:41 sshd[16873]: Invalid user bad from 104.131.50.20 Nov 30 06:21:43 sshd[16873]: Failed password for invalid user bad from 104.131.50.20 port 42310 ssh2 Nov 30 06:21:43 sshd[16873]: Received disconnect from 104.131.50.20: 11: Normal Shutdown, Thank you for playing [preauth] Nov 30 06:21:43 sshd[16875]: Connection from 104.131.50.20 port 42570 on server Nov 30 06:21:49 sshd[16875]: Failed password for daemon from 104.131.50.20 port 42570 ssh2 Nov 30 06:21:49 sshd[16875]: Received disconnect from 104.131.50.20: 11: Normal Shutdown, Thank you for playing [preauth]	2019-12-01 02:20:24
104.131.50.20	attack	$f2bV_matches	2019-11-30 19:37:19

Type

Details

Datetime

104.131.50.20

attack

Nov 30 05:58:45 sshd[16692]: Connection from 104.131.50.20 port 50820 on server
Nov 30 05:58:45 sshd[16692]: Did not receive identification string from 104.131.50.20
Nov 30 06:21:35 sshd[16873]: Connection from 104.131.50.20 port 42310 on server
Nov 30 06:21:41 sshd[16873]: Invalid user bad from 104.131.50.20
Nov 30 06:21:43 sshd[16873]: Failed password for invalid user bad from 104.131.50.20 port 42310 ssh2
Nov 30 06:21:43 sshd[16873]: Received disconnect from 104.131.50.20: 11: Normal Shutdown, Thank you for playing [preauth]
Nov 30 06:21:43 sshd[16875]: Connection from 104.131.50.20 port 42570 on server
Nov 30 06:21:49 sshd[16875]: Failed password for daemon from 104.131.50.20 port 42570 ssh2
Nov 30 06:21:49 sshd[16875]: Received disconnect from 104.131.50.20: 11: Normal Shutdown, Thank you for playing [preauth]

2019-12-01 02:20:24

104.131.50.20

attack

$f2bV_matches

2019-11-30 19:37:19

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.131.50.85
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17162
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.131.50.85.			IN	A

;; AUTHORITY SECTION:
.			488	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022033100 1800 900 604800 86400

;; Query time: 15 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Mar 31 16:29:06 CST 2022
;; MSG SIZE  rcvd: 106

Host info

85.50.131.104.in-addr.arpa domain name pointer rockstarrhub.wpmudev.host.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
85.50.131.104.in-addr.arpa	name = rockstarrhub.wpmudev.host.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
51.68.181.121	attackspam	[2020-05-24 16:04:51] NOTICE[1157] chan_sip.c: Registration from '"4401" ' failed for '51.68.181.121:5907' - Wrong password [2020-05-24 16:04:51] SECURITY[1173] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-05-24T16:04:51.253-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="4401",SessionID="0x7f5f1092cfb8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/51.68.181.121/5907",Challenge="6c5d0adb",ReceivedChallenge="6c5d0adb",ReceivedHash="17c5b7c1adc1cc0e2c5caf0579430139" [2020-05-24 16:04:51] NOTICE[1157] chan_sip.c: Registration from '"4401" ' failed for '51.68.181.121:5907' - Wrong password [2020-05-24 16:04:51] SECURITY[1173] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-05-24T16:04:51.398-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="4401",SessionID="0x7f5f102e5628",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/51 ...	2020-05-25 04:14:55
49.88.112.55	attack	2020-05-24T22:50:46.292803afi-git.jinr.ru sshd[28222]: Failed password for root from 49.88.112.55 port 2342 ssh2 2020-05-24T22:50:50.286527afi-git.jinr.ru sshd[28222]: Failed password for root from 49.88.112.55 port 2342 ssh2 2020-05-24T22:50:53.832777afi-git.jinr.ru sshd[28222]: Failed password for root from 49.88.112.55 port 2342 ssh2 2020-05-24T22:50:53.832937afi-git.jinr.ru sshd[28222]: error: maximum authentication attempts exceeded for root from 49.88.112.55 port 2342 ssh2 [preauth] 2020-05-24T22:50:53.832950afi-git.jinr.ru sshd[28222]: Disconnecting: Too many authentication failures [preauth] ...	2020-05-25 04:09:56
51.15.118.114	attack	bruteforce detected	2020-05-25 04:17:27
212.83.183.57	attackbotsspam	May 24 22:07:14 legacy sshd[10847]: Failed password for root from 212.83.183.57 port 52584 ssh2 May 24 22:10:27 legacy sshd[11005]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.83.183.57 May 24 22:10:29 legacy sshd[11005]: Failed password for invalid user xavier from 212.83.183.57 port 38662 ssh2 ...	2020-05-25 04:13:21
167.71.146.220	attackspam	Automatic report - Banned IP Access	2020-05-25 03:43:42
181.228.12.63	attackbots	May 24 21:36:42 journals sshd\[47624\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.228.12.63 user=root May 24 21:36:44 journals sshd\[47624\]: Failed password for root from 181.228.12.63 port 50550 ssh2 May 24 21:39:18 journals sshd\[48060\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.228.12.63 user=root May 24 21:39:20 journals sshd\[48060\]: Failed password for root from 181.228.12.63 port 56910 ssh2 May 24 21:41:55 journals sshd\[48591\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.228.12.63 user=root ...	2020-05-25 03:59:22
62.21.33.141	attackspambots	May 22 23:05:01 josie sshd[3311]: Invalid user bih from 62.21.33.141 May 22 23:05:01 josie sshd[3311]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.21.33.141 May 22 23:05:03 josie sshd[3311]: Failed password for invalid user bih from 62.21.33.141 port 40808 ssh2 May 22 23:05:03 josie sshd[3312]: Received disconnect from 62.21.33.141: 11: Bye Bye May 22 23:19:27 josie sshd[5397]: Invalid user azz from 62.21.33.141 May 22 23:19:27 josie sshd[5397]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.21.33.141 May 22 23:19:29 josie sshd[5397]: Failed password for invalid user azz from 62.21.33.141 port 58030 ssh2 May 22 23:19:30 josie sshd[5398]: Received disconnect from 62.21.33.141: 11: Bye Bye May 22 23:23:09 josie sshd[5971]: Invalid user lqo from 62.21.33.141 May 22 23:23:09 josie sshd[5971]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62......... -------------------------------	2020-05-25 03:58:21
178.62.0.138	attackbotsspam	May 24 14:21:53 mail sshd\[5831\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.0.138 user=root May 24 14:21:55 mail sshd\[5831\]: Failed password for root from 178.62.0.138 port 36728 ssh2 May 24 14:26:10 mail sshd\[5936\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.0.138 user=root ...	2020-05-25 03:55:28
181.49.118.185	attackbotsspam	Tried sshing with brute force.	2020-05-25 04:15:52
175.24.107.214	attackspam	May 24 17:07:11 gw1 sshd[17952]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.24.107.214 May 24 17:07:13 gw1 sshd[17952]: Failed password for invalid user kak from 175.24.107.214 port 44656 ssh2 ...	2020-05-25 04:01:10
80.106.185.148	attackbotsspam	Port probing on unauthorized port 85	2020-05-25 03:44:35
67.211.133.100	attackspam	Unauthorized connection attempt from IP address 67.211.133.100 on port 3389	2020-05-25 04:09:21
187.188.206.106	attack	2020-05-24T19:25:42.707025server.espacesoutien.com sshd[22066]: Failed password for root from 187.188.206.106 port 14447 ssh2 2020-05-24T19:26:51.680098server.espacesoutien.com sshd[22118]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.188.206.106 user=root 2020-05-24T19:26:53.269027server.espacesoutien.com sshd[22118]: Failed password for root from 187.188.206.106 port 31836 ssh2 2020-05-24T19:27:54.457979server.espacesoutien.com sshd[22253]: Invalid user paypals from 187.188.206.106 port 63907 ...	2020-05-25 04:04:42
54.37.233.192	attack	May 24 21:34:23 OPSO sshd\[6995\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.233.192 user=root May 24 21:34:25 OPSO sshd\[6995\]: Failed password for root from 54.37.233.192 port 54680 ssh2 May 24 21:38:02 OPSO sshd\[7667\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.233.192 user=named May 24 21:38:03 OPSO sshd\[7667\]: Failed password for named from 54.37.233.192 port 32946 ssh2 May 24 21:41:40 OPSO sshd\[8586\]: Invalid user cat from 54.37.233.192 port 39460 May 24 21:41:40 OPSO sshd\[8586\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.233.192	2020-05-25 03:50:20
162.243.144.239	attackspambots	From CCTV User Interface Log ...::ffff:162.243.144.239 - - [24/May/2020:09:23:23 +0000] "-" 400 179 ...	2020-05-25 04:03:55

Recently Reported IPs

104.131.50.155	104.131.51.35	104.131.67.65	104.131.67.66
104.131.7.165	104.131.7.53	104.131.70.232	104.131.75.142
104.131.85.123	104.131.89.69	104.131.95.161	104.131.96.68
104.140.169.59	104.140.192.192	104.140.207.153	104.140.99.227
104.143.94.130	104.144.109.78	104.144.233.153	104.144.56.8