104.131.6.19 - IPInfo

Basic Info

City: Clifton

Region: New Jersey

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.131.60.112	attack	2020-10-05T07:20:42.286169correo.[domain] sshd[35600]: Failed password for root from 104.131.60.112 port 33698 ssh2 2020-10-05T07:20:42.768494correo.[domain] sshd[35604]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.60.112 user=root 2020-10-05T07:20:44.495237correo.[domain] sshd[35604]: Failed password for root from 104.131.60.112 port 39136 ssh2 ...	2020-10-06 08:05:07
104.131.60.112	attackspambots	Port 22 Scan, PTR: None	2020-10-06 00:27:11
104.131.60.112	attackbotsspam	Oct 5 19:27:15 localhost sshd[2279117]: Unable to negotiate with 104.131.60.112 port 56504: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth] ...	2020-10-05 16:27:42
104.131.60.112	attackbotsspam	Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2020-10-03T21:19:53Z and 2020-10-03T21:20:13Z	2020-10-04 05:40:38
104.131.60.112	attack	s3.hscode.pl - SSH Attack	2020-10-03 13:22:06
104.131.60.112	attackbots	$f2bV_matches	2020-10-03 04:42:18
104.131.60.112	attackbotsspam	port scan and connect, tcp 22 (ssh)	2020-10-03 00:04:00
104.131.60.112	attackbots	Invalid user admin from 104.131.60.112 port 37012	2020-10-02 20:34:44
104.131.60.112	attackspam	Port scan denied	2020-10-02 17:07:22
104.131.60.112	attack	Invalid user admin from 104.131.60.112 port 37012	2020-10-02 13:29:13
104.131.60.112	attackspam	Oct 1 21:08:50 * sshd[9157]: Failed password for root from 104.131.60.112 port 47668 ssh2	2020-10-02 03:14:35
104.131.60.112	attackbotsspam	Auto Fail2Ban report, multiple SSH login attempts.	2020-10-01 19:27:05
104.131.65.184	attackspambots	Invalid user roel from 104.131.65.184 port 49732	2020-10-01 08:02:24
104.131.60.112	attack	Failed password for root from 104.131.60.112 port 55694 ssh2 Failed password for root from 104.131.60.112 port 36950 ssh2	2020-10-01 03:38:55
104.131.65.184	attackbots	2020-09-30T12:24:52.967747mail.thespaminator.com sshd[11083]: Invalid user flex from 104.131.65.184 port 54274 2020-09-30T12:24:55.014675mail.thespaminator.com sshd[11083]: Failed password for invalid user flex from 104.131.65.184 port 54274 ssh2 ...	2020-10-01 00:34:15

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.131.6.19
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 30998
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.131.6.19.			IN	A

;; AUTHORITY SECTION:
.			398	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022031500 1800 900 604800 86400

;; Query time: 22 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Mar 16 01:14:02 CST 2022
;; MSG SIZE  rcvd: 105

Host info

Host 19.6.131.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 19.6.131.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
82.117.239.108	attack	Jul 12 06:35:47 eventyay sshd[12963]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.117.239.108 Jul 12 06:35:49 eventyay sshd[12963]: Failed password for invalid user ca from 82.117.239.108 port 35168 ssh2 Jul 12 06:41:10 eventyay sshd[14349]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.117.239.108 ...	2019-07-12 12:44:37
134.209.161.167	attack	Jul 12 04:27:20 ip-172-31-1-72 sshd\[8386\]: Invalid user fs from 134.209.161.167 Jul 12 04:27:20 ip-172-31-1-72 sshd\[8386\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.161.167 Jul 12 04:27:22 ip-172-31-1-72 sshd\[8386\]: Failed password for invalid user fs from 134.209.161.167 port 49864 ssh2 Jul 12 04:32:33 ip-172-31-1-72 sshd\[8503\]: Invalid user sam from 134.209.161.167 Jul 12 04:32:33 ip-172-31-1-72 sshd\[8503\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.161.167	2019-07-12 12:40:00
218.92.0.164	attackspam	Jul 12 06:29:53 [munged] sshd[19279]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.164 user=root Jul 12 06:29:55 [munged] sshd[19279]: Failed password for root from 218.92.0.164 port 41746 ssh2	2019-07-12 12:35:40
116.108.9.196	attackspambots	Invalid user admin from 116.108.9.196 port 44882	2019-07-12 11:44:48
125.65.112.247	attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2019-07-12 12:16:18
74.63.232.2	attackbots	2019-07-12T03:44:25.350464abusebot-6.cloudsearch.cf sshd\[18760\]: Invalid user captive from 74.63.232.2 port 47302	2019-07-12 11:47:30
209.17.97.98	attackspambots	Portscan or hack attempt detected by psad/fwsnort	2019-07-12 11:51:08
104.196.16.112	attackbotsspam	Jul 12 05:39:10 bouncer sshd\[29874\]: Invalid user ftp from 104.196.16.112 port 56090 Jul 12 05:39:10 bouncer sshd\[29874\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.196.16.112 Jul 12 05:39:12 bouncer sshd\[29874\]: Failed password for invalid user ftp from 104.196.16.112 port 56090 ssh2 ...	2019-07-12 11:45:34
200.118.57.2	attack	Jul 12 06:09:31 tux-35-217 sshd\[31320\]: Invalid user soporte from 200.118.57.2 port 57502 Jul 12 06:09:31 tux-35-217 sshd\[31320\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.118.57.2 Jul 12 06:09:34 tux-35-217 sshd\[31320\]: Failed password for invalid user soporte from 200.118.57.2 port 57502 ssh2 Jul 12 06:17:19 tux-35-217 sshd\[31412\]: Invalid user lab from 200.118.57.2 port 58125 Jul 12 06:17:19 tux-35-217 sshd\[31412\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.118.57.2 ...	2019-07-12 12:21:36
175.9.143.111	attack	TCP port 1433 (MSSQL) attempt blocked by firewall. [2019-07-12 01:59:50]	2019-07-12 12:27:11
178.128.3.152	attackbotsspam	Jul 12 03:17:00 marvibiene sshd[58752]: Invalid user tamara from 178.128.3.152 port 43776 Jul 12 03:17:00 marvibiene sshd[58752]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.3.152 Jul 12 03:17:00 marvibiene sshd[58752]: Invalid user tamara from 178.128.3.152 port 43776 Jul 12 03:17:03 marvibiene sshd[58752]: Failed password for invalid user tamara from 178.128.3.152 port 43776 ssh2 ...	2019-07-12 12:26:37
163.172.54.52	attack	163.172.54.52 - - [12/Jul/2019:02:00:09 +0200] "GET /wp-login.php HTTP/1.1" 200 1301 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 163.172.54.52 - - [12/Jul/2019:02:00:10 +0200] "POST /wp-login.php HTTP/1.1" 200 1704 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 163.172.54.52 - - [12/Jul/2019:02:00:10 +0200] "GET /wp-login.php HTTP/1.1" 200 1301 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 163.172.54.52 - - [12/Jul/2019:02:00:10 +0200] "POST /wp-login.php HTTP/1.1" 200 1684 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 163.172.54.52 - - [12/Jul/2019:02:00:10 +0200] "GET /wp-login.php HTTP/1.1" 200 1301 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 163.172.54.52 - - [12/Jul/2019:02:00:11 +0200] "POST /wp-login.php HTTP/1.1" 200 1678 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-07-12 12:37:43
67.217.148.199	attackspam	Spamassassin_67.217.148.199	2019-07-12 12:24:11
87.120.36.238	attack	Jul 12 00:42:40 web1 postfix/smtpd[32428]: warning: guard.webcare360.net[87.120.36.238]: SASL LOGIN authentication failed: authentication failure ...	2019-07-12 12:44:21
188.166.72.240	attackspambots	IP attempted unauthorised action	2019-07-12 11:53:12

Recently Reported IPs

104.131.51.174	104.131.67.217	104.131.89.11	104.143.34.180
25.206.152.78	104.149.135.26	104.149.140.122	104.149.143.86
104.149.148.38	104.149.149.26	104.149.151.94	104.149.155.134
104.149.155.34	104.149.18.226	104.149.182.35	104.149.182.41
104.149.188.54	104.149.199.138	104.149.201.141	104.149.201.180