104.131.4.220 - IPInfo

Basic Info

City: Clifton

Region: New Jersey

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.131.45.150	attackbotsspam	SSH Brute-Force Attack	2020-10-10 06:06:26
104.131.45.150	attackspam	Oct 9 12:08:42 santamaria sshd\[16538\]: Invalid user user1 from 104.131.45.150 Oct 9 12:08:42 santamaria sshd\[16538\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.45.150 Oct 9 12:08:44 santamaria sshd\[16538\]: Failed password for invalid user user1 from 104.131.45.150 port 57974 ssh2 ...	2020-10-09 22:13:31
104.131.45.150	attack	$f2bV_matches	2020-10-09 14:03:29
104.131.45.150	attackbots	2020-10-04 13:27:23.806264-0500 localhost sshd[92460]: Failed password for root from 104.131.45.150 port 34974 ssh2	2020-10-05 04:06:22
104.131.45.150	attack	(sshd) Failed SSH login from 104.131.45.150 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 4 02:01:54 optimus sshd[12276]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.45.150 user=root Oct 4 02:01:56 optimus sshd[12276]: Failed password for root from 104.131.45.150 port 39428 ssh2 Oct 4 02:14:27 optimus sshd[29613]: Invalid user student7 from 104.131.45.150 Oct 4 02:14:27 optimus sshd[29613]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.45.150 Oct 4 02:14:29 optimus sshd[29613]: Failed password for invalid user student7 from 104.131.45.150 port 57512 ssh2	2020-10-04 19:56:44
104.131.42.61	attack	Invalid user kfk from 104.131.42.61 port 39612	2020-09-29 06:03:56
104.131.42.61	attack	Sep 28 11:05:12 fhem-rasp sshd[1994]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.42.61 Sep 28 11:05:15 fhem-rasp sshd[1994]: Failed password for invalid user alessandro from 104.131.42.61 port 48486 ssh2 ...	2020-09-28 22:29:55
104.131.42.61	attack	Sep 28 08:03:50 vmd26974 sshd[13173]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.42.61 Sep 28 08:03:52 vmd26974 sshd[13173]: Failed password for invalid user ubuntu from 104.131.42.61 port 48854 ssh2 ...	2020-09-28 14:34:42
104.131.48.26	attack	Sep 25 23:00:01 journals sshd\[39491\]: Invalid user phion from 104.131.48.26 Sep 25 23:00:01 journals sshd\[39491\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.48.26 Sep 25 23:00:03 journals sshd\[39491\]: Failed password for invalid user phion from 104.131.48.26 port 39942 ssh2 Sep 25 23:05:51 journals sshd\[40106\]: Invalid user freeswitch from 104.131.48.26 Sep 25 23:05:51 journals sshd\[40106\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.48.26 ...	2020-09-26 05:02:13
104.131.48.26	attack	Sep 25 13:48:46 IngegnereFirenze sshd[22567]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.48.26 user=root ...	2020-09-25 21:55:56
104.131.48.26	attackbotsspam	Ssh brute force	2020-09-25 13:33:58
104.131.48.67	attack	SSH brute force	2020-09-20 22:22:25
104.131.48.67	attack	SSH brute force	2020-09-20 14:13:58
104.131.48.67	attackbots	Sep 19 22:47:20 xeon sshd[43792]: Failed password for root from 104.131.48.67 port 33574 ssh2	2020-09-20 06:13:58
104.131.45.150	attack	Sep 12 17:21:00 prox sshd[28018]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.45.150 Sep 12 17:21:03 prox sshd[28018]: Failed password for invalid user chloe from 104.131.45.150 port 45598 ssh2	2020-09-13 00:04:48

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.131.4.220
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 47346
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.131.4.220.			IN	A

;; AUTHORITY SECTION:
.			171	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022052200 1800 900 604800 86400

;; Query time: 17 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun May 22 22:28:01 CST 2022
;; MSG SIZE  rcvd: 106

Host info

Host 220.4.131.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 220.4.131.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
112.85.42.176	attackspam	2020-08-10T08:17:10.689366afi-git.jinr.ru sshd[19583]: Failed password for root from 112.85.42.176 port 17577 ssh2 2020-08-10T08:17:13.905804afi-git.jinr.ru sshd[19583]: Failed password for root from 112.85.42.176 port 17577 ssh2 2020-08-10T08:17:17.535177afi-git.jinr.ru sshd[19583]: Failed password for root from 112.85.42.176 port 17577 ssh2 2020-08-10T08:17:17.535335afi-git.jinr.ru sshd[19583]: error: maximum authentication attempts exceeded for root from 112.85.42.176 port 17577 ssh2 [preauth] 2020-08-10T08:17:17.535349afi-git.jinr.ru sshd[19583]: Disconnecting: Too many authentication failures [preauth] ...	2020-08-10 13:25:53
35.225.146.248	attackspambots	...	2020-08-10 12:49:04
84.1.30.70	attackspam	Bruteforce detected by fail2ban	2020-08-10 13:15:16
167.114.152.170	attackspambots	167.114.152.170 - - [10/Aug/2020:04:55:11 +0100] "POST /wp-login.php HTTP/1.1" 200 2415 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 167.114.152.170 - - [10/Aug/2020:04:55:12 +0100] "POST /wp-login.php HTTP/1.1" 200 2400 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 167.114.152.170 - - [10/Aug/2020:04:55:12 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-10 13:43:44
51.68.227.98	attack	2020-08-10T03:50:27.511159vps1033 sshd[26693]: Failed password for root from 51.68.227.98 port 59836 ssh2 2020-08-10T03:52:51.997097vps1033 sshd[31955]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=98.ip-51-68-227.eu user=root 2020-08-10T03:52:53.722583vps1033 sshd[31955]: Failed password for root from 51.68.227.98 port 48242 ssh2 2020-08-10T03:55:26.274644vps1033 sshd[5076]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=98.ip-51-68-227.eu user=root 2020-08-10T03:55:28.611369vps1033 sshd[5076]: Failed password for root from 51.68.227.98 port 36650 ssh2 ...	2020-08-10 13:29:40
121.28.69.85	attack	$f2bV_matches	2020-08-10 13:19:22
222.186.175.183	attackbots	Aug 10 05:41:37 dev0-dcde-rnet sshd[5405]: Failed password for root from 222.186.175.183 port 35844 ssh2 Aug 10 05:41:50 dev0-dcde-rnet sshd[5405]: error: maximum authentication attempts exceeded for root from 222.186.175.183 port 35844 ssh2 [preauth] Aug 10 05:41:56 dev0-dcde-rnet sshd[5407]: Failed password for root from 222.186.175.183 port 41170 ssh2	2020-08-10 12:53:07
89.248.169.12	attackbotsspam	Sent packet to closed port: 5985	2020-08-10 12:56:13
222.186.175.202	attack	Aug 9 22:14:19 vm0 sshd[19623]: Failed password for root from 222.186.175.202 port 11122 ssh2 Aug 10 07:38:46 vm0 sshd[13992]: Failed password for root from 222.186.175.202 port 60768 ssh2 ...	2020-08-10 13:46:04
49.69.158.159	attackspambots	Lines containing failures of 49.69.158.159 Aug 4 09:04:05 neweola sshd[5283]: Bad protocol version identification '' from 49.69.158.159 port 40699 Aug 4 09:04:10 neweola sshd[5284]: Invalid user pi from 49.69.158.159 port 40970 Aug 4 09:04:11 neweola sshd[5284]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.69.158.159 Aug 4 09:04:12 neweola sshd[5284]: Failed password for invalid user pi from 49.69.158.159 port 40970 ssh2 Aug 4 09:04:16 neweola sshd[5284]: Connection closed by invalid user pi 49.69.158.159 port 40970 [preauth] Aug 4 09:04:21 neweola sshd[5287]: Invalid user pi from 49.69.158.159 port 45583 Aug 4 09:04:22 neweola sshd[5287]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.69.158.159 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=49.69.158.159	2020-08-10 12:48:47
218.92.0.212	attackbots	Aug 10 06:53:43 * sshd[25282]: Failed password for root from 218.92.0.212 port 3800 ssh2 Aug 10 06:53:53 * sshd[25282]: Failed password for root from 218.92.0.212 port 3800 ssh2	2020-08-10 13:05:28
51.68.189.69	attack	Aug 10 06:27:20 ns382633 sshd\[26698\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.189.69 user=root Aug 10 06:27:23 ns382633 sshd\[26698\]: Failed password for root from 51.68.189.69 port 44594 ssh2 Aug 10 06:32:53 ns382633 sshd\[27563\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.189.69 user=root Aug 10 06:32:55 ns382633 sshd\[27563\]: Failed password for root from 51.68.189.69 port 60253 ssh2 Aug 10 06:36:38 ns382633 sshd\[28347\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.189.69 user=root	2020-08-10 13:42:50
207.244.251.52	attackbotsspam	2020-08-10T01:15:36.793400devel sshd[12440]: Failed password for root from 207.244.251.52 port 45066 ssh2 2020-08-10T01:17:49.409351devel sshd[12575]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=vmi412680.contaboserver.net user=root 2020-08-10T01:17:51.669382devel sshd[12575]: Failed password for root from 207.244.251.52 port 53854 ssh2	2020-08-10 13:20:14
51.210.151.242	attack	Aug 10 05:45:49 vm0 sshd[32310]: Failed password for root from 51.210.151.242 port 47464 ssh2 ...	2020-08-10 13:02:38
107.170.113.190	attackspambots	Bruteforce detected by fail2ban	2020-08-10 13:09:25

Recently Reported IPs

104.131.39.153	104.131.40.209	104.131.41.89	104.131.45.207
104.131.46.37	104.131.48.149	104.131.53.127	104.131.56.83
104.131.59.46	104.131.67.221	104.131.67.4	104.131.67.83
104.131.7.119	104.131.72.142	62.58.173.103	104.131.73.215
104.131.74.223	104.131.76.235	104.131.77.115	104.131.77.52