104.131.18.212

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.131.183.44	attackspam	$f2bV_matches	2020-09-15 04:04:32
104.131.183.44	attackbotsspam	sshd jail - ssh hack attempt	2020-09-14 20:04:45
104.131.181.225	attackbots	Trolling for resource vulnerabilities	2020-08-31 18:50:22
104.131.189.185	attackbots	trying to access non-authorized port	2020-08-29 13:13:03
104.131.182.167	attack	Aug 18 13:01:06 rush sshd[26773]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.182.167 Aug 18 13:01:09 rush sshd[26773]: Failed password for invalid user wanda from 104.131.182.167 port 44392 ssh2 Aug 18 13:05:04 rush sshd[26889]: Failed password for root from 104.131.182.167 port 54016 ssh2 ...	2020-08-18 22:37:56
104.131.182.167	attackbots	Invalid user yj from 104.131.182.167 port 51704	2020-08-18 15:01:09
104.131.189.116	attackbotsspam	Aug 3 17:48:30 ws22vmsma01 sshd[170218]: Failed password for root from 104.131.189.116 port 52328 ssh2 ...	2020-08-04 08:11:31
104.131.189.116	attackbotsspam	Aug 2 17:12:46 fhem-rasp sshd[8124]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.189.116 user=root Aug 2 17:12:49 fhem-rasp sshd[8124]: Failed password for root from 104.131.189.116 port 38730 ssh2 ...	2020-08-03 02:53:31
104.131.189.116	attackbotsspam	Invalid user developer from 104.131.189.116 port 35370	2020-07-21 14:13:28
104.131.189.185	attackspambots	Port scan denied	2020-07-17 16:13:36
104.131.189.4	attack	Port scan denied	2020-07-14 04:15:50
104.131.189.116	attackspam	Jul 11 19:26:50 web1 sshd[18465]: Invalid user zjcl from 104.131.189.116 port 46940 Jul 11 19:26:50 web1 sshd[18465]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.189.116 Jul 11 19:26:50 web1 sshd[18465]: Invalid user zjcl from 104.131.189.116 port 46940 Jul 11 19:26:53 web1 sshd[18465]: Failed password for invalid user zjcl from 104.131.189.116 port 46940 ssh2 Jul 11 19:42:59 web1 sshd[22517]: Invalid user bb from 104.131.189.116 port 33858 Jul 11 19:42:59 web1 sshd[22517]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.189.116 Jul 11 19:42:59 web1 sshd[22517]: Invalid user bb from 104.131.189.116 port 33858 Jul 11 19:43:01 web1 sshd[22517]: Failed password for invalid user bb from 104.131.189.116 port 33858 ssh2 Jul 11 19:45:50 web1 sshd[23244]: Invalid user student8 from 104.131.189.116 port 60394 ...	2020-07-11 18:06:07
104.131.189.4	attackspam	ET CINS Active Threat Intelligence Poor Reputation IP group 96 - port: 2335 proto: TCP cat: Misc Attack	2020-07-08 20:27:05
104.131.189.116	attackspam	Jul 7 21:17:18 marvibiene sshd[21937]: Invalid user phil from 104.131.189.116 port 59050 Jul 7 21:17:18 marvibiene sshd[21937]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.189.116 Jul 7 21:17:18 marvibiene sshd[21937]: Invalid user phil from 104.131.189.116 port 59050 Jul 7 21:17:20 marvibiene sshd[21937]: Failed password for invalid user phil from 104.131.189.116 port 59050 ssh2 ...	2020-07-08 05:38:52
104.131.189.116	attackbotsspam	Jul 7 14:07:39 onepixel sshd[3484292]: Invalid user firefart from 104.131.189.116 port 55324 Jul 7 14:07:39 onepixel sshd[3484292]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.189.116 Jul 7 14:07:39 onepixel sshd[3484292]: Invalid user firefart from 104.131.189.116 port 55324 Jul 7 14:07:41 onepixel sshd[3484292]: Failed password for invalid user firefart from 104.131.189.116 port 55324 ssh2 Jul 7 14:10:00 onepixel sshd[3485302]: Invalid user taller from 104.131.189.116 port 36624	2020-07-07 22:37:36

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.131.18.212
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6496
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.131.18.212.			IN	A

;; AUTHORITY SECTION:
.			344	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020701 1800 900 604800 86400

;; Query time: 16 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 08 05:40:26 CST 2022
;; MSG SIZE  rcvd: 107

Host info

Host 212.18.131.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 212.18.131.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
202.227.41.28	attack	Port Scan ...	2020-08-24 00:42:08
45.6.27.192	attack	Aug 22 15:55:34 mail.srvfarm.net postfix/smtpd[2319740]: warning: unknown[45.6.27.192]: SASL PLAIN authentication failed: Aug 22 15:55:34 mail.srvfarm.net postfix/smtpd[2319740]: lost connection after AUTH from unknown[45.6.27.192] Aug 22 15:56:10 mail.srvfarm.net postfix/smtpd[2321913]: warning: unknown[45.6.27.192]: SASL PLAIN authentication failed: Aug 22 15:56:11 mail.srvfarm.net postfix/smtpd[2321913]: lost connection after AUTH from unknown[45.6.27.192] Aug 22 15:59:12 mail.srvfarm.net postfix/smtpd[2321919]: warning: unknown[45.6.27.192]: SASL PLAIN authentication failed:	2020-08-24 00:24:32
192.35.168.229	attack	Port Scan ...	2020-08-24 00:44:31
188.165.255.134	attackspam	188.165.255.134 - - [23/Aug/2020:15:44:19 +0100] "POST /wp-login.php HTTP/1.1" 200 2489 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 188.165.255.134 - - [23/Aug/2020:15:44:19 +0100] "POST /wp-login.php HTTP/1.1" 200 2450 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 188.165.255.134 - - [23/Aug/2020:15:44:19 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-24 00:08:01
159.89.84.231	attackbotsspam	Invalid user bdadmin from 159.89.84.231 port 50604	2020-08-24 00:35:35
23.129.64.195	attack	2020-08-23T12:21:09.310715abusebot-2.cloudsearch.cf sshd[21721]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.129.64.195 user=root 2020-08-23T12:21:11.344285abusebot-2.cloudsearch.cf sshd[21721]: Failed password for root from 23.129.64.195 port 21134 ssh2 2020-08-23T12:21:14.413045abusebot-2.cloudsearch.cf sshd[21721]: Failed password for root from 23.129.64.195 port 21134 ssh2 2020-08-23T12:21:09.310715abusebot-2.cloudsearch.cf sshd[21721]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.129.64.195 user=root 2020-08-23T12:21:11.344285abusebot-2.cloudsearch.cf sshd[21721]: Failed password for root from 23.129.64.195 port 21134 ssh2 2020-08-23T12:21:14.413045abusebot-2.cloudsearch.cf sshd[21721]: Failed password for root from 23.129.64.195 port 21134 ssh2 2020-08-23T12:21:09.310715abusebot-2.cloudsearch.cf sshd[21721]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruse ...	2020-08-24 00:34:32
2.224.168.43	attack	Aug 23 17:28:30 pornomens sshd\[21222\]: Invalid user venus from 2.224.168.43 port 37122 Aug 23 17:28:30 pornomens sshd\[21222\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.224.168.43 Aug 23 17:28:32 pornomens sshd\[21222\]: Failed password for invalid user venus from 2.224.168.43 port 37122 ssh2 ...	2020-08-23 23:59:09
95.52.76.238	attackspambots	tried to spam in our blog comments: Добрый день, помогите Как называется эта кошка? url_detected:www dot youtube dot com/watch?v=TBn2-1A41_8 #qmHzPwcKn4	2020-08-24 00:38:51
222.186.42.137	attack	Aug 23 21:05:49 gw1 sshd[19813]: Failed password for root from 222.186.42.137 port 37715 ssh2 ...	2020-08-24 00:07:47
203.109.100.25	attackbots	20/8/23@08:21:23: FAIL: Alarm-Intrusion address from=203.109.100.25 ...	2020-08-24 00:30:02
134.17.94.214	attackspambots	Aug 23 15:22:06 sshd\[12579\]: User root from 134.17.94.214 not allowed because not listed in AllowUsersAug 23 15:22:08 sshd\[12579\]: Failed password for invalid user root from 134.17.94.214 port 8748 ssh2 ...	2020-08-24 00:16:38
128.199.149.111	attackspambots	Aug 23 14:21:30 * sshd[28074]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.149.111 Aug 23 14:21:32 * sshd[28074]: Failed password for invalid user lyn from 128.199.149.111 port 59032 ssh2	2020-08-24 00:24:07
3.90.188.80	attack	23-8-2020 14:14:26 Unauthorized connection attempt (Brute-Force). 23-8-2020 14:14:26 Connection from IP address: 3.90.188.80 on port: 993 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=3.90.188.80	2020-08-24 00:11:46
222.186.31.204	attackbots	Aug 23 17:26:29 minden010 sshd[6031]: Failed password for root from 222.186.31.204 port 40359 ssh2 Aug 23 17:26:31 minden010 sshd[6031]: Failed password for root from 222.186.31.204 port 40359 ssh2 Aug 23 17:26:33 minden010 sshd[6031]: Failed password for root from 222.186.31.204 port 40359 ssh2 ...	2020-08-24 00:14:55
2.200.98.88	attack	Invalid user ftpuser from 2.200.98.88 port 52356	2020-08-24 00:29:38

Recently Reported IPs

113.93.242.74	171.97.9.245	64.227.183.159	162.255.108.225
39.70.213.89	164.90.224.156	187.163.174.134	103.80.61.130
154.201.33.221	201.62.54.170	171.88.163.194	45.133.1.53
187.178.68.84	27.38.211.94	204.195.154.33	113.194.130.44
2.56.56.109	3.214.53.166	60.20.162.192	183.134.206.14