104.131.53.42 - IPInfo

Basic Info

City: New York

Region: New York

Country: United States

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	SSH Brute Force	2020-04-29 13:39:00
attackbots	k+ssh-bruteforce	2020-04-15 06:04:24

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.131.53.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 64981
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.131.53.42.			IN	A

;; AUTHORITY SECTION:
.			294	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020041401 1800 900 604800 86400

;; Query time: 86 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Apr 15 06:04:21 CST 2020
;; MSG SIZE  rcvd: 117

Host info

42.53.131.104.in-addr.arpa domain name pointer thescreamingo.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
42.53.131.104.in-addr.arpa	name = thescreamingo.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
173.247.239.190	attackspam	Scanning for open ports	2019-12-16 06:12:38
134.175.7.36	attack	[Aegis] @ 2019-12-15 21:13:53 0000 -> Attempted Administrator Privilege Gain: ET SCAN LibSSH Based Frequent SSH Connections Likely BruteForce Attack	2019-12-16 06:13:26
59.52.36.183	attack	Unauthorized connection attempt from IP address 59.52.36.183 on Port 445(SMB)	2019-12-16 06:16:29
150.223.10.108	attackspam	Dec 15 18:06:31 pornomens sshd\[9811\]: Invalid user ftp from 150.223.10.108 port 50323 Dec 15 18:06:31 pornomens sshd\[9811\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.223.10.108 Dec 15 18:06:33 pornomens sshd\[9811\]: Failed password for invalid user ftp from 150.223.10.108 port 50323 ssh2 ...	2019-12-16 06:10:22
222.186.180.8	attackspam	--- report --- Dec 15 18:41:42 sshd: Connection from 222.186.180.8 port 11088 Dec 15 18:41:45 sshd: Failed password for root from 222.186.180.8 port 11088 ssh2 Dec 15 18:41:46 sshd: Received disconnect from 222.186.180.8: 11: [preauth]	2019-12-16 06:13:06
185.143.223.126	attackbots	2019-12-15T22:12:40.397843+01:00 lumpi kernel: [1734297.405025] INPUT:DROP:SPAMHAUS_EDROP:IN=eth0 OUT= MAC=52:54:a2:01:a5:04:d2:74:7f:6e:37:e3:08:00 SRC=185.143.223.126 DST=78.46.199.189 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=24425 PROTO=TCP SPT=46632 DPT=2000 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-12-16 06:03:17
123.13.210.89	attackspam	Dec 15 20:08:46 sauna sshd[141681]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.13.210.89 Dec 15 20:08:48 sauna sshd[141681]: Failed password for invalid user fern from 123.13.210.89 port 53662 ssh2 ...	2019-12-16 06:07:23
103.54.219.106	attackspam	Unauthorised access (Dec 15) SRC=103.54.219.106 LEN=48 PREC=0x20 TTL=116 ID=15899 DF TCP DPT=445 WINDOW=8192 SYN	2019-12-16 06:20:56
54.154.69.252	attack	Dec 15 22:32:36 minden010 sshd[1568]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.154.69.252 Dec 15 22:32:38 minden010 sshd[1568]: Failed password for invalid user science from 54.154.69.252 port 35926 ssh2 Dec 15 22:38:34 minden010 sshd[3699]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.154.69.252 ...	2019-12-16 06:05:59
81.213.87.159	attackspambots	Attempt to attack host OS, exploiting network vulnerabilities, on 15-12-2019 16:05:33.	2019-12-16 06:10:55
59.99.123.48	attackspam	Unauthorized connection attempt from IP address 59.99.123.48 on Port 445(SMB)	2019-12-16 06:25:59
77.35.67.162	attack	Unauthorized connection attempt from IP address 77.35.67.162 on Port 445(SMB)	2019-12-16 06:38:14
192.187.125.250	attackbotsspam	[portscan] Port scan	2019-12-16 06:29:14
105.112.113.108	attack	1576421155 - 12/15/2019 15:45:55 Host: 105.112.113.108/105.112.113.108 Port: 445 TCP Blocked	2019-12-16 06:17:58
188.166.54.199	attackbots	Dec 15 07:27:15 eddieflores sshd\[21150\]: Invalid user puukila from 188.166.54.199 Dec 15 07:27:15 eddieflores sshd\[21150\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.54.199 Dec 15 07:27:17 eddieflores sshd\[21150\]: Failed password for invalid user puukila from 188.166.54.199 port 55578 ssh2 Dec 15 07:32:57 eddieflores sshd\[21705\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.54.199 user=root Dec 15 07:32:59 eddieflores sshd\[21705\]: Failed password for root from 188.166.54.199 port 59228 ssh2	2019-12-16 06:33:45

Recently Reported IPs

206.108.84.16	97.244.113.87	112.37.229.72	172.197.11.123
142.232.19.126	152.14.132.96	200.231.102.45	31.152.172.37
183.171.21.56	78.152.134.59	63.245.215.112	197.41.196.96
71.242.212.242	75.58.175.66	183.45.119.195	222.155.33.106
194.105.29.204	116.95.78.142	175.44.155.20	74.9.120.239