104.131.4.220 - IPInfo

Basic Info

City: Clifton

Region: New Jersey

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.131.45.150	attackbotsspam	SSH Brute-Force Attack	2020-10-10 06:06:26
104.131.45.150	attackspam	Oct 9 12:08:42 santamaria sshd\[16538\]: Invalid user user1 from 104.131.45.150 Oct 9 12:08:42 santamaria sshd\[16538\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.45.150 Oct 9 12:08:44 santamaria sshd\[16538\]: Failed password for invalid user user1 from 104.131.45.150 port 57974 ssh2 ...	2020-10-09 22:13:31
104.131.45.150	attack	$f2bV_matches	2020-10-09 14:03:29
104.131.45.150	attackbots	2020-10-04 13:27:23.806264-0500 localhost sshd[92460]: Failed password for root from 104.131.45.150 port 34974 ssh2	2020-10-05 04:06:22
104.131.45.150	attack	(sshd) Failed SSH login from 104.131.45.150 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 4 02:01:54 optimus sshd[12276]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.45.150 user=root Oct 4 02:01:56 optimus sshd[12276]: Failed password for root from 104.131.45.150 port 39428 ssh2 Oct 4 02:14:27 optimus sshd[29613]: Invalid user student7 from 104.131.45.150 Oct 4 02:14:27 optimus sshd[29613]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.45.150 Oct 4 02:14:29 optimus sshd[29613]: Failed password for invalid user student7 from 104.131.45.150 port 57512 ssh2	2020-10-04 19:56:44
104.131.42.61	attack	Invalid user kfk from 104.131.42.61 port 39612	2020-09-29 06:03:56
104.131.42.61	attack	Sep 28 11:05:12 fhem-rasp sshd[1994]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.42.61 Sep 28 11:05:15 fhem-rasp sshd[1994]: Failed password for invalid user alessandro from 104.131.42.61 port 48486 ssh2 ...	2020-09-28 22:29:55
104.131.42.61	attack	Sep 28 08:03:50 vmd26974 sshd[13173]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.42.61 Sep 28 08:03:52 vmd26974 sshd[13173]: Failed password for invalid user ubuntu from 104.131.42.61 port 48854 ssh2 ...	2020-09-28 14:34:42
104.131.48.26	attack	Sep 25 23:00:01 journals sshd\[39491\]: Invalid user phion from 104.131.48.26 Sep 25 23:00:01 journals sshd\[39491\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.48.26 Sep 25 23:00:03 journals sshd\[39491\]: Failed password for invalid user phion from 104.131.48.26 port 39942 ssh2 Sep 25 23:05:51 journals sshd\[40106\]: Invalid user freeswitch from 104.131.48.26 Sep 25 23:05:51 journals sshd\[40106\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.48.26 ...	2020-09-26 05:02:13
104.131.48.26	attack	Sep 25 13:48:46 IngegnereFirenze sshd[22567]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.48.26 user=root ...	2020-09-25 21:55:56
104.131.48.26	attackbotsspam	Ssh brute force	2020-09-25 13:33:58
104.131.48.67	attack	SSH brute force	2020-09-20 22:22:25
104.131.48.67	attack	SSH brute force	2020-09-20 14:13:58
104.131.48.67	attackbots	Sep 19 22:47:20 xeon sshd[43792]: Failed password for root from 104.131.48.67 port 33574 ssh2	2020-09-20 06:13:58
104.131.45.150	attack	Sep 12 17:21:00 prox sshd[28018]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.45.150 Sep 12 17:21:03 prox sshd[28018]: Failed password for invalid user chloe from 104.131.45.150 port 45598 ssh2	2020-09-13 00:04:48

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.131.4.220
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 47346
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.131.4.220.			IN	A

;; AUTHORITY SECTION:
.			171	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022052200 1800 900 604800 86400

;; Query time: 17 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun May 22 22:28:01 CST 2022
;; MSG SIZE  rcvd: 106

Host info

Host 220.4.131.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 220.4.131.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
192.144.140.20	attackbots	Lines containing failures of 192.144.140.20 Sep 24 11:38:43 vps9 sshd[25515]: Invalid user j0k3r from 192.144.140.20 port 42014 Sep 24 11:38:43 vps9 sshd[25515]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.144.140.20 Sep 24 11:38:46 vps9 sshd[25515]: Failed password for invalid user j0k3r from 192.144.140.20 port 42014 ssh2 Sep 24 11:38:46 vps9 sshd[25515]: Received disconnect from 192.144.140.20 port 42014:11: Bye Bye [preauth] Sep 24 11:38:46 vps9 sshd[25515]: Disconnected from invalid user j0k3r 192.144.140.20 port 42014 [preauth] Sep 24 12:00:03 vps9 sshd[4235]: Invalid user zhostnameian from 192.144.140.20 port 35450 Sep 24 12:00:03 vps9 sshd[4235]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.144.140.20 Sep 24 12:00:05 vps9 sshd[4235]: Failed password for invalid user zhostnameian from 192.144.140.20 port 35450 ssh2 Sep 24 12:00:05 vps9 sshd[4235]: Received disconnect f........ ------------------------------	2019-09-26 15:50:36
51.15.43.205	attackbots	09/26/2019-05:49:41.400919 51.15.43.205 Protocol: 6 ET TOR Known Tor Exit Node Traffic group 68	2019-09-26 15:56:05
213.133.3.8	attackbotsspam	2019-09-26T06:59:04.725197abusebot-3.cloudsearch.cf sshd\[28664\]: Invalid user cristina from 213.133.3.8 port 60416	2019-09-26 15:21:04
94.177.242.162	attack	Automatic report - Port Scan Attack	2019-09-26 15:33:18
93.90.82.2	attackbotsspam	[portscan] Port scan	2019-09-26 15:50:55
218.92.0.187	attack	$f2bV_matches	2019-09-26 15:17:55
198.108.67.63	attack	" "	2019-09-26 15:32:42
111.231.132.94	attackspam	2019-09-26T06:37:44.508601abusebot-3.cloudsearch.cf sshd\[28599\]: Invalid user nishiyama from 111.231.132.94 port 55490	2019-09-26 15:52:50
129.28.97.252	attackbots	Sep 26 05:55:02 apollo sshd\[2686\]: Invalid user celery from 129.28.97.252Sep 26 05:55:04 apollo sshd\[2686\]: Failed password for invalid user celery from 129.28.97.252 port 38616 ssh2Sep 26 06:04:54 apollo sshd\[2699\]: Invalid user mara from 129.28.97.252 ...	2019-09-26 15:58:46
171.228.220.129	attack	Sep 26 05:50:18 dev sshd\[15829\]: Invalid user admin from 171.228.220.129 port 40346 Sep 26 05:50:18 dev sshd\[15829\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.228.220.129 Sep 26 05:50:20 dev sshd\[15829\]: Failed password for invalid user admin from 171.228.220.129 port 40346 ssh2	2019-09-26 15:30:26
185.169.43.141	attack	Sep 26 04:21:36 thevastnessof sshd[24669]: Failed password for root from 185.169.43.141 port 7764 ssh2 ...	2019-09-26 15:16:35
80.82.78.85	attack	Sep 26 08:57:38 relay dovecot: pop3-login: Aborted login $auth failed, 1 attempts in 2 secs$: user=\, method=PLAIN, rip=80.82.78.85, lip=176.9.177.164, session=\ Sep 26 09:00:54 relay dovecot: pop3-login: Aborted login $auth failed, 1 attempts in 2 secs$: user=\, method=PLAIN, rip=80.82.78.85, lip=176.9.177.164, session=\ Sep 26 09:02:15 relay dovecot: pop3-login: Aborted login $auth failed, 1 attempts in 2 secs$: user=\, method=PLAIN, rip=80.82.78.85, lip=176.9.177.164, session=\ Sep 26 09:06:21 relay dovecot: pop3-login: Aborted login $auth failed, 1 attempts in 2 secs$: user=\, method=PLAIN, rip=80.82.78.85, lip=176.9.177.164, session=\ Sep 26 09:08:08 relay dovecot: pop3-login: Aborted login $auth failed, 1 attempts in 2 secs$: user=\, method=PLAIN, rip=80.82.78.85, lip=176.9.177.164 ...	2019-09-26 15:26:50
49.234.109.61	attackspambots	F2B jail: sshd. Time: 2019-09-26 09:39:24, Reported by: VKReport	2019-09-26 15:45:19
115.68.1.14	attackspambots	Sep 23 18:17:39 h2570396 sshd[19837]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.68.1.14 user=r.r Sep 23 18:17:41 h2570396 sshd[19837]: Failed password for r.r from 115.68.1.14 port 55597 ssh2 Sep 23 18:17:43 h2570396 sshd[19837]: Failed password for r.r from 115.68.1.14 port 55597 ssh2 Sep 23 18:17:46 h2570396 sshd[19837]: Failed password for r.r from 115.68.1.14 port 55597 ssh2 Sep 23 18:17:48 h2570396 sshd[19837]: Failed password for r.r from 115.68.1.14 port 55597 ssh2 Sep 23 18:17:50 h2570396 sshd[19837]: Failed password for r.r from 115.68.1.14 port 55597 ssh2 Sep 23 18:17:52 h2570396 sshd[19837]: Failed password for r.r from 115.68.1.14 port 55597 ssh2 Sep 23 18:17:52 h2570396 sshd[19837]: Disconnecting: Too many authentication failures for r.r from 115.68.1.14 port 55597 ssh2 [preauth] Sep 23 18:17:52 h2570396 sshd[19837]: PAM 5 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.68.1.14 ........ -------------------------------	2019-09-26 15:54:57
51.77.201.36	attackbots	Sep 26 01:33:50 ny01 sshd[2475]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.201.36 Sep 26 01:33:52 ny01 sshd[2475]: Failed password for invalid user sn from 51.77.201.36 port 56842 ssh2 Sep 26 01:37:47 ny01 sshd[3048]: Failed password for nobody from 51.77.201.36 port 42208 ssh2	2019-09-26 15:49:33

Recently Reported IPs

104.131.39.153	104.131.40.209	104.131.41.89	104.131.45.207
104.131.46.37	104.131.48.149	104.131.53.127	104.131.56.83
104.131.59.46	104.131.67.221	104.131.67.4	104.131.67.83
104.131.7.119	104.131.72.142	62.58.173.103	104.131.73.215
104.131.74.223	104.131.76.235	104.131.77.115	104.131.77.52