104.131.18.154

Basic Info

City: Clifton

Region: New Jersey

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.131.183.44	attackspam	$f2bV_matches	2020-09-15 04:04:32
104.131.183.44	attackbotsspam	sshd jail - ssh hack attempt	2020-09-14 20:04:45
104.131.181.225	attackbots	Trolling for resource vulnerabilities	2020-08-31 18:50:22
104.131.189.185	attackbots	trying to access non-authorized port	2020-08-29 13:13:03
104.131.182.167	attack	Aug 18 13:01:06 rush sshd[26773]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.182.167 Aug 18 13:01:09 rush sshd[26773]: Failed password for invalid user wanda from 104.131.182.167 port 44392 ssh2 Aug 18 13:05:04 rush sshd[26889]: Failed password for root from 104.131.182.167 port 54016 ssh2 ...	2020-08-18 22:37:56
104.131.182.167	attackbots	Invalid user yj from 104.131.182.167 port 51704	2020-08-18 15:01:09
104.131.189.116	attackbotsspam	Aug 3 17:48:30 ws22vmsma01 sshd[170218]: Failed password for root from 104.131.189.116 port 52328 ssh2 ...	2020-08-04 08:11:31
104.131.189.116	attackbotsspam	Aug 2 17:12:46 fhem-rasp sshd[8124]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.189.116 user=root Aug 2 17:12:49 fhem-rasp sshd[8124]: Failed password for root from 104.131.189.116 port 38730 ssh2 ...	2020-08-03 02:53:31
104.131.189.116	attackbotsspam	Invalid user developer from 104.131.189.116 port 35370	2020-07-21 14:13:28
104.131.189.185	attackspambots	Port scan denied	2020-07-17 16:13:36
104.131.189.4	attack	Port scan denied	2020-07-14 04:15:50
104.131.189.116	attackspam	Jul 11 19:26:50 web1 sshd[18465]: Invalid user zjcl from 104.131.189.116 port 46940 Jul 11 19:26:50 web1 sshd[18465]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.189.116 Jul 11 19:26:50 web1 sshd[18465]: Invalid user zjcl from 104.131.189.116 port 46940 Jul 11 19:26:53 web1 sshd[18465]: Failed password for invalid user zjcl from 104.131.189.116 port 46940 ssh2 Jul 11 19:42:59 web1 sshd[22517]: Invalid user bb from 104.131.189.116 port 33858 Jul 11 19:42:59 web1 sshd[22517]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.189.116 Jul 11 19:42:59 web1 sshd[22517]: Invalid user bb from 104.131.189.116 port 33858 Jul 11 19:43:01 web1 sshd[22517]: Failed password for invalid user bb from 104.131.189.116 port 33858 ssh2 Jul 11 19:45:50 web1 sshd[23244]: Invalid user student8 from 104.131.189.116 port 60394 ...	2020-07-11 18:06:07
104.131.189.4	attackspam	ET CINS Active Threat Intelligence Poor Reputation IP group 96 - port: 2335 proto: TCP cat: Misc Attack	2020-07-08 20:27:05
104.131.189.116	attackspam	Jul 7 21:17:18 marvibiene sshd[21937]: Invalid user phil from 104.131.189.116 port 59050 Jul 7 21:17:18 marvibiene sshd[21937]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.189.116 Jul 7 21:17:18 marvibiene sshd[21937]: Invalid user phil from 104.131.189.116 port 59050 Jul 7 21:17:20 marvibiene sshd[21937]: Failed password for invalid user phil from 104.131.189.116 port 59050 ssh2 ...	2020-07-08 05:38:52
104.131.189.116	attackbotsspam	Jul 7 14:07:39 onepixel sshd[3484292]: Invalid user firefart from 104.131.189.116 port 55324 Jul 7 14:07:39 onepixel sshd[3484292]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.189.116 Jul 7 14:07:39 onepixel sshd[3484292]: Invalid user firefart from 104.131.189.116 port 55324 Jul 7 14:07:41 onepixel sshd[3484292]: Failed password for invalid user firefart from 104.131.189.116 port 55324 ssh2 Jul 7 14:10:00 onepixel sshd[3485302]: Invalid user taller from 104.131.189.116 port 36624	2020-07-07 22:37:36

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.131.18.154
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 45393
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.131.18.154.			IN	A

;; AUTHORITY SECTION:
.			478	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022032801 1800 900 604800 86400

;; Query time: 66 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Mar 29 12:05:10 CST 2022
;; MSG SIZE  rcvd: 107

Host info

Host 154.18.131.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 154.18.131.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
162.243.131.210	attack	3389BruteforceFW22	2020-02-06 00:07:52
159.53.224.21	attackbotsspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/159.53.224.21/ US - 1H : (11) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : US NAME ASN : ASN10934 IP : 159.53.224.21 CIDR : 159.53.224.0/21 PREFIX COUNT : 7 UNIQUE IP COUNT : 3584 ATTACKS DETECTED ASN10934 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 DateTime : 2020-02-05 14:47:48 INFO : HACK ! - Looking for resource vulnerabilities Scan Detected and Blocked by ADMIN - data recovery	2020-02-06 00:11:38
46.101.11.213	attack	Feb 5 15:35:21 web8 sshd\[32191\]: Invalid user 1q2w3e4r from 46.101.11.213 Feb 5 15:35:21 web8 sshd\[32191\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.11.213 Feb 5 15:35:23 web8 sshd\[32191\]: Failed password for invalid user 1q2w3e4r from 46.101.11.213 port 37262 ssh2 Feb 5 15:37:29 web8 sshd\[875\]: Invalid user whoopsie123 from 46.101.11.213 Feb 5 15:37:29 web8 sshd\[875\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.11.213	2020-02-05 23:46:24
222.72.137.110	attackbots	Feb 5 05:44:44 auw2 sshd\[27822\]: Invalid user xaviar from 222.72.137.110 Feb 5 05:44:44 auw2 sshd\[27822\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.72.137.110 Feb 5 05:44:46 auw2 sshd\[27822\]: Failed password for invalid user xaviar from 222.72.137.110 port 33314 ssh2 Feb 5 05:47:31 auw2 sshd\[28073\]: Invalid user rosenie from 222.72.137.110 Feb 5 05:47:31 auw2 sshd\[28073\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.72.137.110	2020-02-06 00:14:11
162.243.98.66	attackbots	Feb 5 15:34:36 game-panel sshd[27889]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.98.66 Feb 5 15:34:39 game-panel sshd[27889]: Failed password for invalid user spal from 162.243.98.66 port 60342 ssh2 Feb 5 15:37:16 game-panel sshd[28014]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.98.66	2020-02-05 23:55:28
222.186.30.12	attackspambots	2020-2-5 4:19:34 PM: failed ssh attempt	2020-02-05 23:34:14
185.48.181.194	attack	Feb 5 14:48:13 mail kernel: [319953.207546] [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=185.48.181.194 DST=77.73.69.240 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=31105 PROTO=TCP SPT=50488 DPT=3865 WINDOW=1024 RES=0x00 SYN URGP=0 Feb 5 14:48:14 mail kernel: [319953.248434] [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=185.48.181.194 DST=77.73.69.240 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=52633 PROTO=TCP SPT=50488 DPT=3962 WINDOW=1024 RES=0x00 SYN URGP=0 Feb 5 14:48:14 mail kernel: [319953.260570] [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=185.48.181.194 DST=77.73.69.240 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=37753 PROTO=TCP SPT=50488 DPT=3979 WINDOW=1024 RES=0x00 SYN URGP=0 Feb 5 14:48:14 mail kernel: [319953.262868] [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=185.48.181.194 DST=77.73.69.240 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=54642 PROTO=TCP SPT=50488 DPT=3887 WINDOW=1024 RES=0x00 SYN URGP	2020-02-05 23:32:33
148.253.169.186	attackbots	2020-02-05T16:07:00.755808 sshd[2519]: Invalid user backups from 148.253.169.186 port 33526 2020-02-05T16:07:00.771215 sshd[2519]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.253.169.186 2020-02-05T16:07:00.755808 sshd[2519]: Invalid user backups from 148.253.169.186 port 33526 2020-02-05T16:07:02.863755 sshd[2519]: Failed password for invalid user backups from 148.253.169.186 port 33526 ssh2 2020-02-05T16:09:55.794059 sshd[2599]: Invalid user wilson from 148.253.169.186 port 32806 ...	2020-02-05 23:34:35
101.36.153.183	attackbots	Unauthorized connection attempt detected from IP address 101.36.153.183 to port 2220 [J]	2020-02-05 23:36:14
192.81.210.176	attack	WordPress login Brute force / Web App Attack on client site.	2020-02-06 00:15:21
104.131.190.193	attackbots	Unauthorized connection attempt detected from IP address 104.131.190.193 to port 2220 [J]	2020-02-05 23:59:34
222.24.63.126	attack	2020-02-05T08:53:56.853275-07:00 suse-nuc sshd[29570]: Invalid user vatche3 from 222.24.63.126 port 58232 ...	2020-02-06 00:11:59
116.214.56.11	attackspam	2020-02-05T15:16:58.798532scmdmz1 sshd[18042]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.214.56.11 user=root 2020-02-05T15:17:00.434839scmdmz1 sshd[18042]: Failed password for root from 116.214.56.11 port 44824 ssh2 2020-02-05T15:20:18.678869scmdmz1 sshd[18367]: Invalid user alice1 from 116.214.56.11 port 33400 2020-02-05T15:20:18.683175scmdmz1 sshd[18367]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.214.56.11 2020-02-05T15:20:18.678869scmdmz1 sshd[18367]: Invalid user alice1 from 116.214.56.11 port 33400 2020-02-05T15:20:20.774946scmdmz1 sshd[18367]: Failed password for invalid user alice1 from 116.214.56.11 port 33400 ssh2 ...	2020-02-06 00:09:54
120.70.103.239	attackbotsspam	Feb 5 00:39:26 h2022099 sshd[7377]: Invalid user sayali from 120.70.103.239 Feb 5 00:39:26 h2022099 sshd[7377]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.70.103.239 Feb 5 00:39:29 h2022099 sshd[7377]: Failed password for invalid user sayali from 120.70.103.239 port 52001 ssh2 Feb 5 00:39:29 h2022099 sshd[7377]: Received disconnect from 120.70.103.239: 11: Bye Bye [preauth] Feb 5 00:45:39 h2022099 sshd[8318]: Invalid user Friends from 120.70.103.239 Feb 5 00:45:39 h2022099 sshd[8318]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.70.103.239 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=120.70.103.239	2020-02-06 00:17:41
118.70.118.214	attackbots	Unauthorized connection attempt detected from IP address 118.70.118.214 to port 445	2020-02-05 23:53:11

Recently Reported IPs

104.131.179.120	104.131.189.220	104.131.190.210	104.131.217.45
104.131.26.99	104.131.28.96	104.131.29.170	104.131.32.144
104.131.42.95	104.131.54.221	104.131.58.29	104.131.58.99
104.131.63.229	104.131.66.115	104.131.83.133	104.140.108.236
104.140.12.194	104.140.159.49	104.140.63.170	104.143.45.4