104.131.18.124

Basic Info

City: Clifton

Region: New Jersey

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.131.183.44	attackspam	$f2bV_matches	2020-09-15 04:04:32
104.131.183.44	attackbotsspam	sshd jail - ssh hack attempt	2020-09-14 20:04:45
104.131.181.225	attackbots	Trolling for resource vulnerabilities	2020-08-31 18:50:22
104.131.189.185	attackbots	trying to access non-authorized port	2020-08-29 13:13:03
104.131.182.167	attack	Aug 18 13:01:06 rush sshd[26773]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.182.167 Aug 18 13:01:09 rush sshd[26773]: Failed password for invalid user wanda from 104.131.182.167 port 44392 ssh2 Aug 18 13:05:04 rush sshd[26889]: Failed password for root from 104.131.182.167 port 54016 ssh2 ...	2020-08-18 22:37:56
104.131.182.167	attackbots	Invalid user yj from 104.131.182.167 port 51704	2020-08-18 15:01:09
104.131.189.116	attackbotsspam	Aug 3 17:48:30 ws22vmsma01 sshd[170218]: Failed password for root from 104.131.189.116 port 52328 ssh2 ...	2020-08-04 08:11:31
104.131.189.116	attackbotsspam	Aug 2 17:12:46 fhem-rasp sshd[8124]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.189.116 user=root Aug 2 17:12:49 fhem-rasp sshd[8124]: Failed password for root from 104.131.189.116 port 38730 ssh2 ...	2020-08-03 02:53:31
104.131.189.116	attackbotsspam	Invalid user developer from 104.131.189.116 port 35370	2020-07-21 14:13:28
104.131.189.185	attackspambots	Port scan denied	2020-07-17 16:13:36
104.131.189.4	attack	Port scan denied	2020-07-14 04:15:50
104.131.189.116	attackspam	Jul 11 19:26:50 web1 sshd[18465]: Invalid user zjcl from 104.131.189.116 port 46940 Jul 11 19:26:50 web1 sshd[18465]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.189.116 Jul 11 19:26:50 web1 sshd[18465]: Invalid user zjcl from 104.131.189.116 port 46940 Jul 11 19:26:53 web1 sshd[18465]: Failed password for invalid user zjcl from 104.131.189.116 port 46940 ssh2 Jul 11 19:42:59 web1 sshd[22517]: Invalid user bb from 104.131.189.116 port 33858 Jul 11 19:42:59 web1 sshd[22517]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.189.116 Jul 11 19:42:59 web1 sshd[22517]: Invalid user bb from 104.131.189.116 port 33858 Jul 11 19:43:01 web1 sshd[22517]: Failed password for invalid user bb from 104.131.189.116 port 33858 ssh2 Jul 11 19:45:50 web1 sshd[23244]: Invalid user student8 from 104.131.189.116 port 60394 ...	2020-07-11 18:06:07
104.131.189.4	attackspam	ET CINS Active Threat Intelligence Poor Reputation IP group 96 - port: 2335 proto: TCP cat: Misc Attack	2020-07-08 20:27:05
104.131.189.116	attackspam	Jul 7 21:17:18 marvibiene sshd[21937]: Invalid user phil from 104.131.189.116 port 59050 Jul 7 21:17:18 marvibiene sshd[21937]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.189.116 Jul 7 21:17:18 marvibiene sshd[21937]: Invalid user phil from 104.131.189.116 port 59050 Jul 7 21:17:20 marvibiene sshd[21937]: Failed password for invalid user phil from 104.131.189.116 port 59050 ssh2 ...	2020-07-08 05:38:52
104.131.189.116	attackbotsspam	Jul 7 14:07:39 onepixel sshd[3484292]: Invalid user firefart from 104.131.189.116 port 55324 Jul 7 14:07:39 onepixel sshd[3484292]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.189.116 Jul 7 14:07:39 onepixel sshd[3484292]: Invalid user firefart from 104.131.189.116 port 55324 Jul 7 14:07:41 onepixel sshd[3484292]: Failed password for invalid user firefart from 104.131.189.116 port 55324 ssh2 Jul 7 14:10:00 onepixel sshd[3485302]: Invalid user taller from 104.131.189.116 port 36624	2020-07-07 22:37:36

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.131.18.124
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 43483
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.131.18.124.			IN	A

;; AUTHORITY SECTION:
.			269	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022601 1800 900 604800 86400

;; Query time: 76 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 27 10:39:46 CST 2022
;; MSG SIZE  rcvd: 107

Host info

124.18.131.104.in-addr.arpa domain name pointer swatchandlearn.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
124.18.131.104.in-addr.arpa	name = swatchandlearn.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
182.52.90.164	attackspam	k+ssh-bruteforce	2020-10-10 16:12:02
149.56.142.1	attackspam	149.56.142.1 - - [10/Oct/2020:09:46:40 +0200] "GET /wp-login.php HTTP/1.1" 200 8796 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 149.56.142.1 - - [10/Oct/2020:09:46:42 +0200] "POST /wp-login.php HTTP/1.1" 200 9047 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 149.56.142.1 - - [10/Oct/2020:09:46:43 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-10-10 16:24:09
210.212.237.67	attack	2020-10-10T02:54:58.066083abusebot-4.cloudsearch.cf sshd[7563]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.212.237.67 user=root 2020-10-10T02:55:00.468949abusebot-4.cloudsearch.cf sshd[7563]: Failed password for root from 210.212.237.67 port 35216 ssh2 2020-10-10T02:59:24.566156abusebot-4.cloudsearch.cf sshd[7568]: Invalid user gpadmin from 210.212.237.67 port 39870 2020-10-10T02:59:24.575214abusebot-4.cloudsearch.cf sshd[7568]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.212.237.67 2020-10-10T02:59:24.566156abusebot-4.cloudsearch.cf sshd[7568]: Invalid user gpadmin from 210.212.237.67 port 39870 2020-10-10T02:59:26.831810abusebot-4.cloudsearch.cf sshd[7568]: Failed password for invalid user gpadmin from 210.212.237.67 port 39870 ssh2 2020-10-10T03:04:01.095341abusebot-4.cloudsearch.cf sshd[7594]: Invalid user anthony from 210.212.237.67 port 44534 ...	2020-10-10 16:25:18
113.160.248.80	attackbotsspam	Oct 10 08:37:30 cdc sshd[27979]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.160.248.80 user=root Oct 10 08:37:33 cdc sshd[27979]: Failed password for invalid user root from 113.160.248.80 port 43701 ssh2	2020-10-10 16:29:58
180.242.107.25	attackbotsspam	1602276452 - 10/09/2020 22:47:32 Host: 180.242.107.25/180.242.107.25 Port: 445 TCP Blocked	2020-10-10 16:14:52
177.68.229.2	attack	Oct 7 20:31:44 pl3server sshd[17019]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.68.229.2 user=r.r Oct 7 20:31:47 pl3server sshd[17019]: Failed password for r.r from 177.68.229.2 port 33224 ssh2 Oct 7 20:31:47 pl3server sshd[17019]: Received disconnect from 177.68.229.2 port 33224:11: Bye Bye [preauth] Oct 7 20:31:47 pl3server sshd[17019]: Disconnected from 177.68.229.2 port 33224 [preauth] Oct 7 20:45:29 pl3server sshd[23889]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.68.229.2 user=r.r Oct 7 20:45:30 pl3server sshd[23889]: Failed password for r.r from 177.68.229.2 port 42114 ssh2 Oct 7 20:45:31 pl3server sshd[23889]: Received disconnect from 177.68.229.2 port 42114:11: Bye Bye [preauth] Oct 7 20:45:31 pl3server sshd[23889]: Disconnected from 177.68.229.2 port 42114 [preauth] Oct 7 20:49:15 pl3server sshd[25519]: pam_unix(sshd:auth): authentication failure; logn........ -------------------------------	2020-10-10 16:18:32
112.85.42.81	attack	Oct 10 09:10:03 mavik sshd[7406]: Failed password for root from 112.85.42.81 port 19386 ssh2 Oct 10 09:10:06 mavik sshd[7406]: Failed password for root from 112.85.42.81 port 19386 ssh2 Oct 10 09:10:10 mavik sshd[7406]: Failed password for root from 112.85.42.81 port 19386 ssh2 Oct 10 09:10:12 mavik sshd[7406]: Failed password for root from 112.85.42.81 port 19386 ssh2 Oct 10 09:10:16 mavik sshd[7406]: Failed password for root from 112.85.42.81 port 19386 ssh2 ...	2020-10-10 16:21:08
222.186.30.112	attack	Oct 10 10:06:16 abendstille sshd\[28203\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.112 user=root Oct 10 10:06:19 abendstille sshd\[28203\]: Failed password for root from 222.186.30.112 port 51277 ssh2 Oct 10 10:06:22 abendstille sshd\[28203\]: Failed password for root from 222.186.30.112 port 51277 ssh2 Oct 10 10:06:24 abendstille sshd\[28203\]: Failed password for root from 222.186.30.112 port 51277 ssh2 Oct 10 10:06:26 abendstille sshd\[28249\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.112 user=root ...	2020-10-10 16:07:00
84.78.23.234	attack	Oct 10 08:05:56 WHD8 dovecot: pop3-login: Disconnected: Inactivity $auth failed, 1 attempts in 180 secs$: user=\, method=PLAIN, rip=84.78.23.234, lip=10.64.89.208, session=\ Oct 10 08:06:01 WHD8 dovecot: pop3-login: Disconnected: Inactivity $auth failed, 1 attempts in 180 secs$: user=\, method=PLAIN, rip=84.78.23.234, lip=10.64.89.208, session=\ Oct 10 08:20:56 WHD8 dovecot: pop3-login: Disconnected: Inactivity $auth failed, 1 attempts in 180 secs$: user=\, method=PLAIN, rip=84.78.23.234, lip=10.64.89.208, session=\ Oct 10 08:21:01 WHD8 dovecot: pop3-login: Disconnected: Inactivity $auth failed, 1 attempts in 180 secs$: user=\, method=PLAIN, rip=84.78.23.234, lip=10.64.89.208, session=\<16YAB0uxQCZUThfq\> Oct 10 08:35:56 WHD8 dovecot: pop3-login: Disconnected: Inactivity $auth failed, 1 attempts in 180 secs$: user=\	2020-10-10 16:10:04
82.196.15.195	attackbotsspam	Oct 10 09:47:38 dev0-dcde-rnet sshd[13503]: Failed password for man from 82.196.15.195 port 51292 ssh2 Oct 10 09:54:55 dev0-dcde-rnet sshd[14010]: Failed password for root from 82.196.15.195 port 56976 ssh2 Oct 10 10:02:20 dev0-dcde-rnet sshd[14597]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.196.15.195	2020-10-10 16:30:16
202.59.166.146	attack	Oct 10 10:14:29 santamaria sshd\[1728\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.59.166.146 user=root Oct 10 10:14:31 santamaria sshd\[1728\]: Failed password for root from 202.59.166.146 port 38220 ssh2 Oct 10 10:20:47 santamaria sshd\[1828\]: Invalid user ak47 from 202.59.166.146 Oct 10 10:20:47 santamaria sshd\[1828\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.59.166.146 ...	2020-10-10 16:29:14
122.194.229.37	attackbots	Oct 10 10:32:53 sso sshd[27520]: Failed password for root from 122.194.229.37 port 25748 ssh2 Oct 10 10:33:05 sso sshd[27520]: Failed password for root from 122.194.229.37 port 25748 ssh2 ...	2020-10-10 16:42:08
78.128.113.119	attackspam	Oct 10 09:06:58 web01.agentur-b-2.de postfix/smtpd[215842]: warning: unknown[78.128.113.119]: SASL PLAIN authentication failed: Oct 10 09:06:58 web01.agentur-b-2.de postfix/smtpd[215842]: lost connection after AUTH from unknown[78.128.113.119] Oct 10 09:07:03 web01.agentur-b-2.de postfix/smtpd[215170]: lost connection after AUTH from unknown[78.128.113.119] Oct 10 09:07:07 web01.agentur-b-2.de postfix/smtpd[215842]: lost connection after AUTH from unknown[78.128.113.119] Oct 10 09:07:12 web01.agentur-b-2.de postfix/smtpd[198023]: lost connection after AUTH from unknown[78.128.113.119]	2020-10-10 16:16:18
106.13.189.172	attack	Oct 10 08:46:52 gospond sshd[23990]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.189.172 Oct 10 08:46:51 gospond sshd[23990]: Invalid user informix from 106.13.189.172 port 42298 Oct 10 08:46:54 gospond sshd[23990]: Failed password for invalid user informix from 106.13.189.172 port 42298 ssh2 ...	2020-10-10 16:26:33
165.231.148.203	attackbotsspam	Sep 14 11:27:39 hidden postfix/postscreen[49054]: DNSBL rank 3 for [165.231.148.203]:49451	2020-10-10 16:44:44

Recently Reported IPs

104.131.116.23	104.131.181.3	104.131.150.143	104.131.191.244
104.131.21.149	104.131.23.55	104.131.56.94	104.131.57.147
104.131.69.123	104.131.85.191	104.140.122.253	104.143.44.203
104.131.95.197	104.144.145.187	104.144.157.26	104.143.45.27
104.144.161.159	104.144.147.28	104.148.18.152	104.145.233.208