104.131.8.137 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	(sshd) Failed SSH login from 104.131.8.137 (US/United States/-): 5 in the last 3600 secs	2020-03-14 13:25:29
attackspambots	SSH Brute-Force Attack	2020-03-02 04:32:00
attack	Feb 18 12:21:32 lnxmysql61 sshd[31778]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.8.137	2020-02-18 19:32:43
attack	Feb 17 09:06:48 MK-Soft-VM6 sshd[23547]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.8.137 Feb 17 09:06:50 MK-Soft-VM6 sshd[23547]: Failed password for invalid user pentaho from 104.131.8.137 port 48514 ssh2 ...	2020-02-17 18:09:21
attackspambots	Unauthorized connection attempt detected from IP address 104.131.8.137 to port 2220 [J]	2020-01-18 23:44:11
attackspambots	Unauthorized connection attempt detected from IP address 104.131.8.137 to port 2220 [J]	2020-01-18 03:07:10
attackbotsspam	Port Scan detected from 104.131.8.137 (US/United States/-). 4 hits in the last 66 seconds	2020-01-10 06:55:46
attackspambots	Dec 21 22:29:01 webhost01 sshd[31901]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.8.137 Dec 21 22:29:04 webhost01 sshd[31901]: Failed password for invalid user com from 104.131.8.137 port 51253 ssh2 ...	2019-12-21 23:44:55
attackbots	$f2bV_matches	2019-12-13 13:51:42
attackspam	Dec 13 00:39:31 herz-der-gamer sshd[9590]: Invalid user de1 from 104.131.8.137 port 41184 Dec 13 00:39:31 herz-der-gamer sshd[9590]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.8.137 Dec 13 00:39:31 herz-der-gamer sshd[9590]: Invalid user de1 from 104.131.8.137 port 41184 Dec 13 00:39:32 herz-der-gamer sshd[9590]: Failed password for invalid user de1 from 104.131.8.137 port 41184 ssh2 ...	2019-12-13 07:43:46
attack	Dec 2 19:37:36 areeb-Workstation sshd[6790]: Failed password for root from 104.131.8.137 port 52122 ssh2 ...	2019-12-02 22:52:55
attackspambots	"Fail2Ban detected SSH brute force attempt"	2019-12-01 06:24:44
attackbotsspam	Nov 26 08:59:03 hcbbdb sshd\[4454\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.8.137 user=backup Nov 26 08:59:04 hcbbdb sshd\[4454\]: Failed password for backup from 104.131.8.137 port 45322 ssh2 Nov 26 09:05:14 hcbbdb sshd\[5093\]: Invalid user git from 104.131.8.137 Nov 26 09:05:14 hcbbdb sshd\[5093\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.8.137 Nov 26 09:05:16 hcbbdb sshd\[5093\]: Failed password for invalid user git from 104.131.8.137 port 35254 ssh2	2019-11-26 17:19:34
attack	Oct 28 09:24:55 odroid64 sshd\[29707\]: User root from 104.131.8.137 not allowed because not listed in AllowUsers Oct 28 09:24:55 odroid64 sshd\[29707\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.8.137 user=root Oct 28 09:24:57 odroid64 sshd\[29707\]: Failed password for invalid user root from 104.131.8.137 port 50323 ssh2 Oct 28 09:57:04 odroid64 sshd\[31351\]: Invalid user 01www from 104.131.8.137 Oct 28 09:57:04 odroid64 sshd\[31351\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.8.137 Oct 28 09:24:55 odroid64 sshd\[29707\]: User root from 104.131.8.137 not allowed because not listed in AllowUsers Oct 28 09:24:55 odroid64 sshd\[29707\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.8.137 user=root Oct 28 09:24:57 odroid64 sshd\[29707\]: Failed password for invalid user root from 104.131.8.137 port 50323 ssh2 Oct 28 09:5 ...	2019-11-21 20:52:20
attackbotsspam	Nov 14 17:00:50 lnxmysql61 sshd[24667]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.8.137	2019-11-15 02:03:15
attack	F2B jail: sshd. Time: 2019-11-10 10:01:20, Reported by: VKReport	2019-11-10 18:20:04
attackspam	Oct 26 18:39:08 php1 sshd\[14941\]: Invalid user dkauffman123 from 104.131.8.137 Oct 26 18:39:08 php1 sshd\[14941\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.8.137 Oct 26 18:39:10 php1 sshd\[14941\]: Failed password for invalid user dkauffman123 from 104.131.8.137 port 40526 ssh2 Oct 26 18:43:39 php1 sshd\[15276\]: Invalid user qwe123!@\# from 104.131.8.137 Oct 26 18:43:39 php1 sshd\[15276\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.8.137	2019-10-27 15:54:34
attackbotsspam	Oct 19 13:52:21 ns381471 sshd[15420]: Failed password for root from 104.131.8.137 port 53107 ssh2 Oct 19 13:56:50 ns381471 sshd[15574]: Failed password for root from 104.131.8.137 port 44585 ssh2	2019-10-19 23:45:04
attack	Oct 11 05:39:57 wbs sshd\[24425\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.8.137 user=root Oct 11 05:39:59 wbs sshd\[24425\]: Failed password for root from 104.131.8.137 port 54725 ssh2 Oct 11 05:44:39 wbs sshd\[24887\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.8.137 user=root Oct 11 05:44:41 wbs sshd\[24887\]: Failed password for root from 104.131.8.137 port 45856 ssh2 Oct 11 05:49:09 wbs sshd\[25254\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.8.137 user=root	2019-10-12 12:16:04
attack	Oct 11 13:34:41 vpn01 sshd[18663]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.8.137 Oct 11 13:34:44 vpn01 sshd[18663]: Failed password for invalid user Georgia2017 from 104.131.8.137 port 51112 ssh2 ...	2019-10-11 19:47:17
attack	Oct 8 12:14:07 lcl-usvr-01 sshd[1909]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.8.137 user=root Oct 8 12:19:13 lcl-usvr-01 sshd[3602]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.8.137 user=root Oct 8 12:24:03 lcl-usvr-01 sshd[5846]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.8.137 user=root	2019-10-08 18:33:39
attack	2019-10-01T02:17:24.804170tmaserv sshd\[30859\]: Invalid user ADONIS from 104.131.8.137 port 58490 2019-10-01T02:17:24.810095tmaserv sshd\[30859\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.8.137 2019-10-01T02:17:27.424747tmaserv sshd\[30859\]: Failed password for invalid user ADONIS from 104.131.8.137 port 58490 ssh2 2019-10-01T02:22:02.823984tmaserv sshd\[31157\]: Invalid user scanner from 104.131.8.137 port 50813 2019-10-01T02:22:02.828395tmaserv sshd\[31157\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.8.137 2019-10-01T02:22:04.610781tmaserv sshd\[31157\]: Failed password for invalid user scanner from 104.131.8.137 port 50813 ssh2 ...	2019-10-01 07:33:47
attack	2019-09-26T16:49:43.786487abusebot-7.cloudsearch.cf sshd\[20786\]: Invalid user vnc from 104.131.8.137 port 57878	2019-09-27 01:42:23
attack	Brute force SMTP login attempted. ...	2019-09-25 19:45:53
attackbots	Sep 24 17:01:14 aat-srv002 sshd[25726]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.8.137 Sep 24 17:01:16 aat-srv002 sshd[25726]: Failed password for invalid user jcampbell from 104.131.8.137 port 59215 ssh2 Sep 24 17:06:14 aat-srv002 sshd[25841]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.8.137 Sep 24 17:06:16 aat-srv002 sshd[25841]: Failed password for invalid user matt from 104.131.8.137 port 51665 ssh2 ...	2019-09-25 06:06:39
attackspambots	Sep 20 06:09:22 ws12vmsma01 sshd[24052]: Invalid user quyan from 104.131.8.137 Sep 20 06:09:24 ws12vmsma01 sshd[24052]: Failed password for invalid user quyan from 104.131.8.137 port 50392 ssh2 Sep 20 06:13:10 ws12vmsma01 sshd[24522]: Invalid user access from 104.131.8.137 ...	2019-09-21 00:37:08

Comments on same subnet:

IP	Type	Details	Datetime
104.131.82.44	attack	Scan port	2023-06-12 15:39:16
104.131.82.44	attack	Scan port	2022-12-07 22:03:29
104.131.82.44	attack	Scan port	2022-11-16 13:46:34
104.131.82.44	attack	Scan port	2022-09-07 12:57:00
104.131.83.213	attackbotsspam	Sep 30 21:47:55 lnxweb61 sshd[8542]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.83.213	2020-10-01 04:20:50
104.131.83.213	attackbotsspam	Sep 30 12:16:19 mout sshd[10016]: Invalid user cai from 104.131.83.213 port 54256	2020-09-30 20:32:35
104.131.83.213	attackbots	Sep 29 18:41:23 web9 sshd\[3469\]: Invalid user majordomo from 104.131.83.213 Sep 29 18:41:23 web9 sshd\[3469\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.83.213 Sep 29 18:41:25 web9 sshd\[3469\]: Failed password for invalid user majordomo from 104.131.83.213 port 54494 ssh2 Sep 29 18:46:24 web9 sshd\[4246\]: Invalid user web from 104.131.83.213 Sep 29 18:46:24 web9 sshd\[4246\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.83.213	2020-09-30 13:01:12
104.131.84.225	attackspambots	20 attempts against mh-ssh on cloud	2020-09-30 04:42:26
104.131.84.225	attackbots	Sep 29 13:48:31 prox sshd[12152]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.84.225 Sep 29 13:48:33 prox sshd[12152]: Failed password for invalid user bugzilla from 104.131.84.225 port 45004 ssh2	2020-09-29 20:51:12
104.131.84.225	attackspam	Sep 29 00:39:32 minden010 sshd[17908]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.84.225 Sep 29 00:39:34 minden010 sshd[17908]: Failed password for invalid user siva from 104.131.84.225 port 36318 ssh2 Sep 29 00:43:29 minden010 sshd[18949]: Failed password for root from 104.131.84.225 port 47298 ssh2 ...	2020-09-29 13:01:55
104.131.84.222	attackbotsspam	Invalid user webadmin from 104.131.84.222 port 57010	2020-09-28 01:01:13
104.131.84.222	attackspam	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-09-27T04:18:16Z and 2020-09-27T04:25:03Z	2020-09-27 17:03:40
104.131.88.115	attackbots	Sep 25 00:27:01 main sshd[29388]: Failed password for invalid user admin from 104.131.88.115 port 50588 ssh2 Sep 25 00:27:02 main sshd[29390]: Failed password for invalid user admin from 104.131.88.115 port 52342 ssh2 Sep 25 00:27:02 main sshd[29392]: Failed password for invalid user ubuntu from 104.131.88.115 port 54130 ssh2 Sep 25 00:27:03 main sshd[29396]: Failed password for invalid user user from 104.131.88.115 port 57684 ssh2 Sep 25 00:27:04 main sshd[29398]: Failed password for invalid user ubnt from 104.131.88.115 port 59452 ssh2 Sep 25 00:27:05 main sshd[29400]: Failed password for invalid user support from 104.131.88.115 port 32910 ssh2	2020-09-26 04:27:15
104.131.88.115	attack	Invalid user admin from 104.131.88.115 port 46348	2020-09-25 21:17:29
104.131.88.115	attackbotsspam	TCP (SYN) 104.131.88.115:41773 -> port 22, len 40	2020-09-25 12:55:39

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.131.8.137
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 13129
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.131.8.137.			IN	A

;; AUTHORITY SECTION:
.			524	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019092000 1800 900 604800 86400

;; Query time: 450 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Sep 21 00:37:03 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 137.8.131.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 137.8.131.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
201.159.52.218	attackbotsspam	SASL PLAIN auth failed: ruser=...	2020-07-17 06:46:52
211.193.60.137	attackbotsspam	Jul 15 06:00:44 myvps sshd[23689]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.193.60.137 Jul 15 06:00:46 myvps sshd[23689]: Failed password for invalid user ftpuser from 211.193.60.137 port 55288 ssh2 Jul 15 06:09:17 myvps sshd[31447]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.193.60.137 ...	2020-07-17 06:28:23
213.92.204.175	attack	SASL PLAIN auth failed: ruser=...	2020-07-17 06:32:51
93.99.4.38	attackbots	SASL PLAIN auth failed: ruser=...	2020-07-17 06:37:07
167.71.219.169	attackbotsspam	Jul 17 00:22:00 OPSO sshd\[1937\]: Invalid user rsync from 167.71.219.169 port 33670 Jul 17 00:22:00 OPSO sshd\[1937\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.219.169 Jul 17 00:22:02 OPSO sshd\[1937\]: Failed password for invalid user rsync from 167.71.219.169 port 33670 ssh2 Jul 17 00:26:25 OPSO sshd\[2643\]: Invalid user wenyan from 167.71.219.169 port 49756 Jul 17 00:26:25 OPSO sshd\[2643\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.219.169	2020-07-17 06:33:55
185.82.139.63	attackbotsspam	SASL PLAIN auth failed: ruser=...	2020-07-17 07:00:28
31.170.48.138	attack	SASL PLAIN auth failed: ruser=...	2020-07-17 06:44:35
218.92.0.215	attackbotsspam	Jul 16 17:52:19 vm0 sshd[24956]: Failed password for root from 218.92.0.215 port 24374 ssh2 Jul 17 00:42:19 vm0 sshd[2367]: Failed password for root from 218.92.0.215 port 29627 ssh2 ...	2020-07-17 06:45:45
181.174.144.13	attackbotsspam	SASL PLAIN auth failed: ruser=...	2020-07-17 07:02:06
77.45.86.105	attackspambots	SASL PLAIN auth failed: ruser=...	2020-07-17 06:39:56
77.45.84.108	attackspam	SASL PLAIN auth failed: ruser=...	2020-07-17 06:40:37
77.45.86.207	attackspambots	SASL PLAIN auth failed: ruser=...	2020-07-17 06:39:25
186.216.67.163	attackspambots	SASL PLAIN auth failed: ruser=...	2020-07-17 06:58:19
93.99.133.168	attackspam	SASL PLAIN auth failed: ruser=...	2020-07-17 06:36:33
186.96.196.104	attackspam	SASL PLAIN auth failed: ruser=...	2020-07-17 06:58:59

Recently Reported IPs

71.77.35.238	66.212.44.213	132.114.221.144	106.42.167.114
154.165.197.126	170.59.115.166	140.32.99.92	114.121.62.77
192.3.135.166	195.194.45.156	183.154.51.26	101.102.106.69
115.208.114.121	63.185.209.104	208.30.200.253	121.61.195.172
37.114.146.5	171.241.110.114	118.173.220.166	209.59.160.192