104.131.53.42 - IPInfo

Basic Info

City: New York

Region: New York

Country: United States

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	SSH Brute Force	2020-04-29 13:39:00
attackbots	k+ssh-bruteforce	2020-04-15 06:04:24

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.131.53.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 64981
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.131.53.42.			IN	A

;; AUTHORITY SECTION:
.			294	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020041401 1800 900 604800 86400

;; Query time: 86 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Apr 15 06:04:21 CST 2020
;; MSG SIZE  rcvd: 117

Host info

42.53.131.104.in-addr.arpa domain name pointer thescreamingo.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
42.53.131.104.in-addr.arpa	name = thescreamingo.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
124.239.168.74	attack	Aug 20 06:51:33 dignus sshd[11044]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.239.168.74 Aug 20 06:51:35 dignus sshd[11044]: Failed password for invalid user gama from 124.239.168.74 port 56162 ssh2 Aug 20 06:55:41 dignus sshd[11688]: Invalid user csgoserver from 124.239.168.74 port 39310 Aug 20 06:55:41 dignus sshd[11688]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.239.168.74 Aug 20 06:55:43 dignus sshd[11688]: Failed password for invalid user csgoserver from 124.239.168.74 port 39310 ssh2 ...	2020-08-21 01:10:09
2.136.179.77	attackbots	Aug 20 15:21:09 ncomp sshd[15898]: Invalid user postgres from 2.136.179.77 Aug 20 15:21:09 ncomp sshd[15898]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.136.179.77 Aug 20 15:21:09 ncomp sshd[15898]: Invalid user postgres from 2.136.179.77 Aug 20 15:21:10 ncomp sshd[15898]: Failed password for invalid user postgres from 2.136.179.77 port 44009 ssh2	2020-08-21 00:38:34
122.155.223.58	attackspambots	Aug 20 23:04:41 itv-usvr-02 sshd[12101]: Invalid user ywq from 122.155.223.58 port 49876 Aug 20 23:04:42 itv-usvr-02 sshd[12101]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.155.223.58 Aug 20 23:04:41 itv-usvr-02 sshd[12101]: Invalid user ywq from 122.155.223.58 port 49876 Aug 20 23:04:43 itv-usvr-02 sshd[12101]: Failed password for invalid user ywq from 122.155.223.58 port 49876 ssh2 Aug 20 23:09:14 itv-usvr-02 sshd[12319]: Invalid user zjm from 122.155.223.58 port 55644	2020-08-21 00:46:33
88.132.66.26	attack	$f2bV_matches	2020-08-21 00:28:56
49.233.75.234	attackbotsspam	SSH Brute-Forcing (server1)	2020-08-21 01:02:30
187.16.255.102	attackbots	TCP (SYN) 187.16.255.102:60796 -> port 22, len 48	2020-08-21 01:09:44
125.21.18.2	attackbots	Unauthorized connection attempt from IP address 125.21.18.2 on Port 445(SMB)	2020-08-21 00:58:47
75.162.87.56	attackspambots	Aug 20 13:58:52 admin sshd[9938]: User admin from 75.162.87.56 not allowed because not listed in AllowUsers Aug 20 13:58:56 admin sshd[9940]: User admin from 75.162.87.56 not allowed because not listed in AllowUsers Aug 20 13:58:59 admin sshd[9945]: Invalid user oracle from 75.162.87.56 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=75.162.87.56	2020-08-21 00:36:41
170.130.165.179	attackbotsspam	IP: 170.130.165.179 Ports affected Simple Mail Transfer (25) Found in DNSBL('s) ASN Details AS62904 EONIX-COMMUNICATIONS-ASBLOCK-62904 United States (US) CIDR 170.130.160.0/21 Log Date: 20/08/2020 12:29:14 PM UTC	2020-08-21 01:05:02
154.85.38.237	attackbots	Aug 20 16:45:07 mellenthin sshd[14831]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.85.38.237 Aug 20 16:45:08 mellenthin sshd[14831]: Failed password for invalid user teste from 154.85.38.237 port 50116 ssh2	2020-08-21 01:05:16
192.141.72.119	attackbots	20/8/20@08:03:20: FAIL: Alarm-Network address from=192.141.72.119 ...	2020-08-21 00:49:14
192.144.228.253	attackspambots	Aug 20 14:36:18 haigwepa sshd[18636]: Failed password for root from 192.144.228.253 port 13052 ssh2 ...	2020-08-21 01:01:44
71.246.211.18	attack	SSH Brute Force	2020-08-21 00:52:06
52.47.187.125	attack	52.47.187.125 - - [20/Aug/2020:14:03:41 +0200] "GET /wp-login.php HTTP/1.1" 200 8775 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 52.47.187.125 - - [20/Aug/2020:14:03:41 +0200] "POST /wp-login.php HTTP/1.1" 200 9026 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 52.47.187.125 - - [20/Aug/2020:14:03:42 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-21 00:31:11
106.52.243.17	attackspambots	Aug 20 15:47:32 sigma sshd\[31890\]: Invalid user git from 106.52.243.17Aug 20 15:47:35 sigma sshd\[31890\]: Failed password for invalid user git from 106.52.243.17 port 32962 ssh2 ...	2020-08-21 00:54:57

Recently Reported IPs

206.108.84.16	97.244.113.87	112.37.229.72	172.197.11.123
142.232.19.126	152.14.132.96	200.231.102.45	31.152.172.37
183.171.21.56	78.152.134.59	63.245.215.112	197.41.196.96
71.242.212.242	75.58.175.66	183.45.119.195	222.155.33.106
194.105.29.204	116.95.78.142	175.44.155.20	74.9.120.239