104.131.18.124

Basic Info

City: Clifton

Region: New Jersey

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.131.183.44	attackspam	$f2bV_matches	2020-09-15 04:04:32
104.131.183.44	attackbotsspam	sshd jail - ssh hack attempt	2020-09-14 20:04:45
104.131.181.225	attackbots	Trolling for resource vulnerabilities	2020-08-31 18:50:22
104.131.189.185	attackbots	trying to access non-authorized port	2020-08-29 13:13:03
104.131.182.167	attack	Aug 18 13:01:06 rush sshd[26773]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.182.167 Aug 18 13:01:09 rush sshd[26773]: Failed password for invalid user wanda from 104.131.182.167 port 44392 ssh2 Aug 18 13:05:04 rush sshd[26889]: Failed password for root from 104.131.182.167 port 54016 ssh2 ...	2020-08-18 22:37:56
104.131.182.167	attackbots	Invalid user yj from 104.131.182.167 port 51704	2020-08-18 15:01:09
104.131.189.116	attackbotsspam	Aug 3 17:48:30 ws22vmsma01 sshd[170218]: Failed password for root from 104.131.189.116 port 52328 ssh2 ...	2020-08-04 08:11:31
104.131.189.116	attackbotsspam	Aug 2 17:12:46 fhem-rasp sshd[8124]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.189.116 user=root Aug 2 17:12:49 fhem-rasp sshd[8124]: Failed password for root from 104.131.189.116 port 38730 ssh2 ...	2020-08-03 02:53:31
104.131.189.116	attackbotsspam	Invalid user developer from 104.131.189.116 port 35370	2020-07-21 14:13:28
104.131.189.185	attackspambots	Port scan denied	2020-07-17 16:13:36
104.131.189.4	attack	Port scan denied	2020-07-14 04:15:50
104.131.189.116	attackspam	Jul 11 19:26:50 web1 sshd[18465]: Invalid user zjcl from 104.131.189.116 port 46940 Jul 11 19:26:50 web1 sshd[18465]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.189.116 Jul 11 19:26:50 web1 sshd[18465]: Invalid user zjcl from 104.131.189.116 port 46940 Jul 11 19:26:53 web1 sshd[18465]: Failed password for invalid user zjcl from 104.131.189.116 port 46940 ssh2 Jul 11 19:42:59 web1 sshd[22517]: Invalid user bb from 104.131.189.116 port 33858 Jul 11 19:42:59 web1 sshd[22517]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.189.116 Jul 11 19:42:59 web1 sshd[22517]: Invalid user bb from 104.131.189.116 port 33858 Jul 11 19:43:01 web1 sshd[22517]: Failed password for invalid user bb from 104.131.189.116 port 33858 ssh2 Jul 11 19:45:50 web1 sshd[23244]: Invalid user student8 from 104.131.189.116 port 60394 ...	2020-07-11 18:06:07
104.131.189.4	attackspam	ET CINS Active Threat Intelligence Poor Reputation IP group 96 - port: 2335 proto: TCP cat: Misc Attack	2020-07-08 20:27:05
104.131.189.116	attackspam	Jul 7 21:17:18 marvibiene sshd[21937]: Invalid user phil from 104.131.189.116 port 59050 Jul 7 21:17:18 marvibiene sshd[21937]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.189.116 Jul 7 21:17:18 marvibiene sshd[21937]: Invalid user phil from 104.131.189.116 port 59050 Jul 7 21:17:20 marvibiene sshd[21937]: Failed password for invalid user phil from 104.131.189.116 port 59050 ssh2 ...	2020-07-08 05:38:52
104.131.189.116	attackbotsspam	Jul 7 14:07:39 onepixel sshd[3484292]: Invalid user firefart from 104.131.189.116 port 55324 Jul 7 14:07:39 onepixel sshd[3484292]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.189.116 Jul 7 14:07:39 onepixel sshd[3484292]: Invalid user firefart from 104.131.189.116 port 55324 Jul 7 14:07:41 onepixel sshd[3484292]: Failed password for invalid user firefart from 104.131.189.116 port 55324 ssh2 Jul 7 14:10:00 onepixel sshd[3485302]: Invalid user taller from 104.131.189.116 port 36624	2020-07-07 22:37:36

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.131.18.124
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 43483
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.131.18.124.			IN	A

;; AUTHORITY SECTION:
.			269	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022601 1800 900 604800 86400

;; Query time: 76 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 27 10:39:46 CST 2022
;; MSG SIZE  rcvd: 107

Host info

124.18.131.104.in-addr.arpa domain name pointer swatchandlearn.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
124.18.131.104.in-addr.arpa	name = swatchandlearn.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
139.59.158.8	attack	$f2bV_matches	2019-09-17 11:45:07
91.151.93.91	attackbots	Postfix RBL failed	2019-09-17 12:25:48
222.186.31.136	attack	Sep 17 00:00:18 plusreed sshd[28856]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.31.136 user=root Sep 17 00:00:21 plusreed sshd[28856]: Failed password for root from 222.186.31.136 port 18477 ssh2 ...	2019-09-17 12:00:44
54.183.194.124	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2019-09-17 12:24:34
186.89.252.177	attack	Automatic report - Port Scan Attack	2019-09-17 12:16:54
94.176.77.55	attackbots	(Sep 17) LEN=40 TTL=244 ID=41104 DF TCP DPT=23 WINDOW=14600 SYN (Sep 17) LEN=40 TTL=244 ID=24873 DF TCP DPT=23 WINDOW=14600 SYN (Sep 17) LEN=40 TTL=244 ID=49573 DF TCP DPT=23 WINDOW=14600 SYN (Sep 16) LEN=40 TTL=244 ID=42547 DF TCP DPT=23 WINDOW=14600 SYN (Sep 16) LEN=40 TTL=244 ID=34652 DF TCP DPT=23 WINDOW=14600 SYN (Sep 16) LEN=40 TTL=244 ID=48736 DF TCP DPT=23 WINDOW=14600 SYN (Sep 16) LEN=40 TTL=244 ID=23667 DF TCP DPT=23 WINDOW=14600 SYN (Sep 16) LEN=40 TTL=244 ID=48534 DF TCP DPT=23 WINDOW=14600 SYN (Sep 16) LEN=40 TTL=244 ID=10578 DF TCP DPT=23 WINDOW=14600 SYN (Sep 16) LEN=40 TTL=244 ID=29721 DF TCP DPT=23 WINDOW=14600 SYN (Sep 16) LEN=40 TTL=244 ID=7067 DF TCP DPT=23 WINDOW=14600 SYN (Sep 16) LEN=40 TTL=244 ID=1024 DF TCP DPT=23 WINDOW=14600 SYN (Sep 16) LEN=40 TTL=244 ID=33758 DF TCP DPT=23 WINDOW=14600 SYN (Sep 15) LEN=40 TTL=244 ID=19766 DF TCP DPT=23 WINDOW=14600 SYN (Sep 15) LEN=40 TTL=244 ID=24772 DF TCP DPT=23 WINDOW=14600 SY...	2019-09-17 11:53:10
75.102.138.62	attackbots	Unauthorized IMAP connection attempt	2019-09-17 12:05:54
54.37.254.57	attackbots	F2B jail: sshd. Time: 2019-09-17 05:42:01, Reported by: VKReport	2019-09-17 11:44:14
207.154.225.170	attack	Sep 17 05:37:42 localhost sshd\[14045\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.154.225.170 user=root Sep 17 05:37:43 localhost sshd\[14045\]: Failed password for root from 207.154.225.170 port 48028 ssh2 Sep 17 05:41:52 localhost sshd\[14702\]: Invalid user poliana from 207.154.225.170 port 37860	2019-09-17 11:48:59
132.145.213.82	attackspam	Sep 16 17:55:34 php1 sshd\[6807\]: Invalid user da from 132.145.213.82 Sep 16 17:55:34 php1 sshd\[6807\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.145.213.82 Sep 16 17:55:37 php1 sshd\[6807\]: Failed password for invalid user da from 132.145.213.82 port 54384 ssh2 Sep 16 18:00:00 php1 sshd\[7223\]: Invalid user guishan from 132.145.213.82 Sep 16 18:00:00 php1 sshd\[7223\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.145.213.82	2019-09-17 12:03:20
49.88.112.78	attackbotsspam	Sep 17 09:51:34 areeb-Workstation sshd[4834]: Failed password for root from 49.88.112.78 port 41971 ssh2 ...	2019-09-17 12:26:51
213.14.214.203	attackspam	Sep 17 03:32:10 ip-172-31-62-245 sshd\[6667\]: Invalid user service from 213.14.214.203\ Sep 17 03:32:13 ip-172-31-62-245 sshd\[6667\]: Failed password for invalid user service from 213.14.214.203 port 33918 ssh2\ Sep 17 03:36:38 ip-172-31-62-245 sshd\[6689\]: Invalid user muddu from 213.14.214.203\ Sep 17 03:36:40 ip-172-31-62-245 sshd\[6689\]: Failed password for invalid user muddu from 213.14.214.203 port 49908 ssh2\ Sep 17 03:40:58 ip-172-31-62-245 sshd\[6787\]: Invalid user fo from 213.14.214.203\	2019-09-17 12:27:48
218.92.0.188	attack	Sep 17 05:41:49 MK-Soft-Root1 sshd\[26194\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.188 user=root Sep 17 05:41:51 MK-Soft-Root1 sshd\[26194\]: Failed password for root from 218.92.0.188 port 38921 ssh2 Sep 17 05:41:54 MK-Soft-Root1 sshd\[26194\]: Failed password for root from 218.92.0.188 port 38921 ssh2 ...	2019-09-17 11:47:26
91.121.102.44	attackspam	Sep 17 06:00:20 SilenceServices sshd[7433]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.121.102.44 Sep 17 06:00:22 SilenceServices sshd[7433]: Failed password for invalid user citrix from 91.121.102.44 port 38046 ssh2 Sep 17 06:04:02 SilenceServices sshd[8990]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.121.102.44	2019-09-17 12:06:49
170.238.209.6	attackbots	Automatic report - Port Scan Attack	2019-09-17 12:22:45

Recently Reported IPs

104.131.116.23	104.131.181.3	104.131.150.143	104.131.191.244
104.131.21.149	104.131.23.55	104.131.56.94	104.131.57.147
104.131.69.123	104.131.85.191	104.140.122.253	104.143.44.203
104.131.95.197	104.144.145.187	104.144.157.26	104.143.45.27
104.144.161.159	104.144.147.28	104.148.18.152	104.145.233.208