18.91.31.103 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States of America (the)

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 18.91.31.103
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33921
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;18.91.31.103.			IN	A

;; AUTHORITY SECTION:
.			29	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025021200 1800 900 604800 86400

;; Query time: 56 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Feb 12 18:28:37 CST 2025
;; MSG SIZE  rcvd: 105

Host info

Host 103.31.91.18.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 103.31.91.18.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
27.47.26.220	attackbotsspam	Feb 27 22:06:57 server sshd\[29427\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.47.26.220 user=mysql Feb 27 22:06:59 server sshd\[29427\]: Failed password for mysql from 27.47.26.220 port 4420 ssh2 Feb 27 22:11:54 server sshd\[30264\]: Invalid user oracle from 27.47.26.220 Feb 27 22:11:54 server sshd\[30264\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.47.26.220 Feb 27 22:11:56 server sshd\[30264\]: Failed password for invalid user oracle from 27.47.26.220 port 4421 ssh2 ...	2020-02-28 03:15:52
92.81.117.224	attackbots	port scan and connect, tcp 23 (telnet)	2020-02-28 03:17:23
106.12.90.45	attack	$f2bV_matches	2020-02-28 03:09:07
80.85.86.175	attackspam	Unauthorized connection attempt detected, IP banned.	2020-02-28 03:21:20
140.143.94.220	attackspambots	Feb 27 17:59:43 localhost sshd\[44647\]: Invalid user shiba from 140.143.94.220 port 53162 Feb 27 17:59:43 localhost sshd\[44647\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.94.220 Feb 27 17:59:45 localhost sshd\[44647\]: Failed password for invalid user shiba from 140.143.94.220 port 53162 ssh2 Feb 27 18:03:30 localhost sshd\[44749\]: Invalid user mshan from 140.143.94.220 port 39980 Feb 27 18:03:30 localhost sshd\[44749\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.94.220 ...	2020-02-28 03:25:01
94.176.243.163	attackbotsspam	(Feb 27) LEN=44 TTL=246 ID=6191 DF TCP DPT=23 WINDOW=14600 SYN (Feb 27) LEN=44 TTL=246 ID=55531 DF TCP DPT=23 WINDOW=14600 SYN (Feb 27) LEN=44 TTL=246 ID=33012 DF TCP DPT=23 WINDOW=14600 SYN (Feb 27) LEN=44 TTL=246 ID=11493 DF TCP DPT=23 WINDOW=14600 SYN (Feb 27) LEN=44 TTL=246 ID=53537 DF TCP DPT=23 WINDOW=14600 SYN (Feb 27) LEN=44 TTL=246 ID=16886 DF TCP DPT=23 WINDOW=14600 SYN (Feb 27) LEN=44 TTL=246 ID=64219 DF TCP DPT=23 WINDOW=14600 SYN (Feb 27) LEN=44 TTL=246 ID=4156 DF TCP DPT=23 WINDOW=14600 SYN (Feb 26) LEN=44 TTL=246 ID=60426 DF TCP DPT=23 WINDOW=14600 SYN (Feb 26) LEN=44 TTL=246 ID=6383 DF TCP DPT=23 WINDOW=14600 SYN (Feb 26) LEN=44 TTL=246 ID=21238 DF TCP DPT=23 WINDOW=14600 SYN (Feb 26) LEN=44 TTL=246 ID=22745 DF TCP DPT=23 WINDOW=14600 SYN (Feb 26) LEN=44 TTL=246 ID=42430 DF TCP DPT=23 WINDOW=14600 SYN (Feb 26) LEN=44 TTL=246 ID=21519 DF TCP DPT=23 WINDOW=14600 SYN (Feb 26) LEN=44 TTL=246 ID=59067 DF TCP DPT=23 WINDOW=14600 SYN...	2020-02-28 03:16:09
92.116.160.65	attackbots	Feb 27 13:08:18 mx01 sshd[14143]: Invalid user lzhou from 92.116.160.65 Feb 27 13:08:18 mx01 sshd[14143]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.116.160.65 Feb 27 13:08:20 mx01 sshd[14143]: Failed password for invalid user lzhou from 92.116.160.65 port 33834 ssh2 Feb 27 13:08:20 mx01 sshd[14143]: Received disconnect from 92.116.160.65: 11: Bye Bye [preauth] Feb 27 14:59:08 mx01 sshd[28553]: Invalid user ftpuser from 92.116.160.65 Feb 27 14:59:08 mx01 sshd[28553]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.116.160.65 Feb 27 14:59:10 mx01 sshd[28553]: Failed password for invalid user ftpuser from 92.116.160.65 port 51504 ssh2 Feb 27 14:59:10 mx01 sshd[28553]: Received disconnect from 92.116.160.65: 11: Bye Bye [preauth] Feb 27 15:00:16 mx01 sshd[28815]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.116.160.65 user=www-data Feb........ -------------------------------	2020-02-28 03:39:18
124.120.33.83	attack	Lines containing failures of 124.120.33.83 Feb x@x Feb 27 15:03:06 shared11 sshd[26848]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.120.33.83 Feb x@x Feb x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=124.120.33.83	2020-02-28 03:42:45
112.85.42.172	attackbots	Feb 27 20:38:32 vps647732 sshd[464]: Failed password for root from 112.85.42.172 port 59829 ssh2 Feb 27 20:38:47 vps647732 sshd[464]: error: maximum authentication attempts exceeded for root from 112.85.42.172 port 59829 ssh2 [preauth] ...	2020-02-28 03:40:53
185.38.250.84	attack	Feb 26 22:40:11 server6 sshd[16926]: Failed password for invalid user sinusbot from 185.38.250.84 port 48981 ssh2 Feb 26 22:40:11 server6 sshd[16926]: Received disconnect from 185.38.250.84: 11: Bye Bye [preauth] Feb 27 14:45:58 server6 sshd[20344]: Failed password for r.r from 185.38.250.84 port 55651 ssh2 Feb 27 14:45:58 server6 sshd[20344]: Received disconnect from 185.38.250.84: 11: Bye Bye [preauth] Feb 27 14:51:31 server6 sshd[25401]: Failed password for invalid user influxdb from 185.38.250.84 port 53732 ssh2 Feb 27 14:51:31 server6 sshd[25401]: Received disconnect from 185.38.250.84: 11: Bye Bye [preauth] Feb 27 14:54:33 server6 sshd[27578]: Failed password for uucp from 185.38.250.84 port 51813 ssh2 Feb 27 14:54:33 server6 sshd[27578]: Received disconnect from 185.38.250.84: 11: Bye Bye [preauth] Feb 27 14:57:32 server6 sshd[30244]: Failed password for invalid user server-pilotuser from 185.38.250.84 port 49894 ssh2 Feb 27 14:57:32 server6 sshd[30244]: Received........ -------------------------------	2020-02-28 03:33:42
80.82.78.211	attackspambots	Automatic report - Port Scan	2020-02-28 03:11:54
42.115.19.112	attackspambots	Brute-force general attack.	2020-02-28 03:39:44
80.82.77.139	attackspam	firewall-block, port(s): 523/udp	2020-02-28 03:13:08
222.186.3.249	attackspambots	2020-02-27T20:08:36.448175scmdmz1 sshd[9439]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.3.249 user=root 2020-02-27T20:08:37.989856scmdmz1 sshd[9439]: Failed password for root from 222.186.3.249 port 58490 ssh2 2020-02-27T20:08:40.028288scmdmz1 sshd[9439]: Failed password for root from 222.186.3.249 port 58490 ssh2 2020-02-27T20:08:36.448175scmdmz1 sshd[9439]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.3.249 user=root 2020-02-27T20:08:37.989856scmdmz1 sshd[9439]: Failed password for root from 222.186.3.249 port 58490 ssh2 2020-02-27T20:08:40.028288scmdmz1 sshd[9439]: Failed password for root from 222.186.3.249 port 58490 ssh2 2020-02-27T20:08:36.448175scmdmz1 sshd[9439]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.3.249 user=root 2020-02-27T20:08:37.989856scmdmz1 sshd[9439]: Failed password for root from 222.186.3.249 port 58490 ssh2 2020-02-27T20:08:	2020-02-28 03:16:43
178.154.171.22	attack	[Thu Feb 27 21:22:03.437383 2020] [:error] [pid 3621:tid 139837710403328] [client 178.154.171.22:62589] [client 178.154.171.22] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "XlfQi3gSyCP9O11ZuEgQSwAAAUs"] ...	2020-02-28 03:37:38

Recently Reported IPs

157.179.76.64	249.64.41.116	122.102.211.238	117.82.18.153
238.29.198.232	198.93.163.183	53.111.219.59	150.54.108.56
154.153.240.41	247.249.145.245	180.199.129.73	89.68.148.241
252.124.133.123	93.46.250.43	30.166.58.169	173.90.246.144
80.153.118.199	174.76.60.34	116.165.98.33	217.173.148.10