104.131.11.2 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: None

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.131.110.155	attackbotsspam	Detected by Fail2Ban	2020-10-05 06:27:55
104.131.110.155	attackspam	Oct 4 14:08:14 choloepus sshd[27653]: Did not receive identification string from 104.131.110.155 port 43642 Oct 4 14:08:24 choloepus sshd[27776]: Disconnected from invalid user root 104.131.110.155 port 59624 [preauth] Oct 4 14:08:36 choloepus sshd[27850]: Invalid user oracle from 104.131.110.155 port 44478 ...	2020-10-04 22:29:30
104.131.110.155	attackbotsspam	$f2bV_matches	2020-10-04 14:15:27
104.131.110.155	attack	web-1 [ssh] SSH Attack	2020-10-04 04:44:08
104.131.110.155	attackbots	Invalid user oracle from 104.131.110.155 port 45714	2020-10-03 20:51:43
104.131.110.155	attackspambots	Oct 3 06:39:36 doubuntu sshd[12773]: Did not receive identification string from 104.131.110.155 port 45172 ...	2020-10-03 06:58:24
104.131.11.149	attack	Sep 30 04:18:13 ip-172-31-16-56 sshd\[7755\]: Failed password for root from 104.131.11.149 port 35938 ssh2\ Sep 30 04:18:22 ip-172-31-16-56 sshd\[7757\]: Failed password for root from 104.131.11.149 port 54842 ssh2\ Sep 30 04:18:32 ip-172-31-16-56 sshd\[7760\]: Failed password for root from 104.131.11.149 port 45614 ssh2\ Sep 30 04:18:40 ip-172-31-16-56 sshd\[7762\]: Invalid user admin from 104.131.11.149\ Sep 30 04:18:43 ip-172-31-16-56 sshd\[7762\]: Failed password for invalid user admin from 104.131.11.149 port 36208 ssh2\	2020-09-30 12:21:32
104.131.115.14	attackspambots	SSH bruteforce attack	2020-09-25 04:48:13
104.131.117.137	attackspambots	Several unsuccessful attempts to access my WordPress server with wrong passwords	2020-09-24 01:30:06
104.131.117.137	attackbotsspam	Automatic report - XMLRPC Attack	2020-09-23 17:35:43
104.131.113.106	attackbotsspam	Port scan followed by SSH.	2020-09-21 23:01:06
104.131.113.106	attack	Port scan followed by SSH.	2020-09-21 14:45:36
104.131.118.160	attackbots	Sep 2 01:42:33 bbl sshd[30823]: Did not receive identification string from 104.131.118.160 port 51928 Sep 2 01:43:20 bbl sshd[3577]: Received disconnect from 104.131.118.160 port 49256:11: Normal Shutdown, Thank you for playing [preauth] Sep 2 01:43:20 bbl sshd[3577]: Disconnected from 104.131.118.160 port 49256 [preauth] Sep 2 01:43:43 bbl sshd[6163]: Invalid user ftpuser from 104.131.118.160 port 44062 Sep 2 01:43:43 bbl sshd[6163]: Received disconnect from 104.131.118.160 port 44062:11: Normal Shutdown, Thank you for playing [preauth] Sep 2 01:43:43 bbl sshd[6163]: Disconnected from 104.131.118.160 port 44062 [preauth] Sep 2 01:44:07 bbl sshd[8872]: Invalid user ghostname from 104.131.118.160 port 38862 Sep 2 01:44:07 bbl sshd[8872]: Received disconnect from 104.131.118.160 port 38862:11: Normal Shutdown, Thank you for playing [preauth] Sep 2 01:44:07 bbl sshd[8872]: Disconnected from 104.131.118.160 port 38862 [preauth] Sep 2 01:44:31 bbl sshd[12270]: Inva........ -------------------------------	2020-09-08 00:31:22
104.131.118.160	attackbots	Sep 2 01:42:33 bbl sshd[30823]: Did not receive identification string from 104.131.118.160 port 51928 Sep 2 01:43:20 bbl sshd[3577]: Received disconnect from 104.131.118.160 port 49256:11: Normal Shutdown, Thank you for playing [preauth] Sep 2 01:43:20 bbl sshd[3577]: Disconnected from 104.131.118.160 port 49256 [preauth] Sep 2 01:43:43 bbl sshd[6163]: Invalid user ftpuser from 104.131.118.160 port 44062 Sep 2 01:43:43 bbl sshd[6163]: Received disconnect from 104.131.118.160 port 44062:11: Normal Shutdown, Thank you for playing [preauth] Sep 2 01:43:43 bbl sshd[6163]: Disconnected from 104.131.118.160 port 44062 [preauth] Sep 2 01:44:07 bbl sshd[8872]: Invalid user ghostname from 104.131.118.160 port 38862 Sep 2 01:44:07 bbl sshd[8872]: Received disconnect from 104.131.118.160 port 38862:11: Normal Shutdown, Thank you for playing [preauth] Sep 2 01:44:07 bbl sshd[8872]: Disconnected from 104.131.118.160 port 38862 [preauth] Sep 2 01:44:31 bbl sshd[12270]: Inva........ -------------------------------	2020-09-07 16:00:31
104.131.118.160	attackspambots	Sep 2 01:42:33 bbl sshd[30823]: Did not receive identification string from 104.131.118.160 port 51928 Sep 2 01:43:20 bbl sshd[3577]: Received disconnect from 104.131.118.160 port 49256:11: Normal Shutdown, Thank you for playing [preauth] Sep 2 01:43:20 bbl sshd[3577]: Disconnected from 104.131.118.160 port 49256 [preauth] Sep 2 01:43:43 bbl sshd[6163]: Invalid user ftpuser from 104.131.118.160 port 44062 Sep 2 01:43:43 bbl sshd[6163]: Received disconnect from 104.131.118.160 port 44062:11: Normal Shutdown, Thank you for playing [preauth] Sep 2 01:43:43 bbl sshd[6163]: Disconnected from 104.131.118.160 port 44062 [preauth] Sep 2 01:44:07 bbl sshd[8872]: Invalid user ghostname from 104.131.118.160 port 38862 Sep 2 01:44:07 bbl sshd[8872]: Received disconnect from 104.131.118.160 port 38862:11: Normal Shutdown, Thank you for playing [preauth] Sep 2 01:44:07 bbl sshd[8872]: Disconnected from 104.131.118.160 port 38862 [preauth] Sep 2 01:44:31 bbl sshd[12270]: Inva........ -------------------------------	2020-09-07 08:22:56

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.131.11.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 41537
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.131.11.2.			IN	A

;; AUTHORITY SECTION:
.			498	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021702 1800 900 604800 86400

;; Query time: 24 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 08:19:12 CST 2022
;; MSG SIZE  rcvd: 105

Host info

Host 2.11.131.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 2.11.131.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
50.67.178.164	attackspam	Aug 22 10:47:51 MK-Soft-Root1 sshd\[3908\]: Invalid user bot from 50.67.178.164 port 37162 Aug 22 10:47:51 MK-Soft-Root1 sshd\[3908\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=50.67.178.164 Aug 22 10:47:52 MK-Soft-Root1 sshd\[3908\]: Failed password for invalid user bot from 50.67.178.164 port 37162 ssh2 ...	2019-08-22 17:00:40
187.217.199.20	attackspambots	Aug 22 11:27:06 SilenceServices sshd[24932]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.217.199.20 Aug 22 11:27:08 SilenceServices sshd[24932]: Failed password for invalid user hdfs from 187.217.199.20 port 44680 ssh2 Aug 22 11:31:33 SilenceServices sshd[28131]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.217.199.20	2019-08-22 17:53:09
1.9.126.57	attackspam	SSH/22 MH Probe, BF, Hack -	2019-08-22 17:49:39
94.228.200.224	attack	scan z	2019-08-22 17:04:36
212.87.9.141	attack	Aug 22 05:14:18 TORMINT sshd\[10256\]: Invalid user sss from 212.87.9.141 Aug 22 05:14:18 TORMINT sshd\[10256\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.87.9.141 Aug 22 05:14:20 TORMINT sshd\[10256\]: Failed password for invalid user sss from 212.87.9.141 port 21552 ssh2 ...	2019-08-22 17:29:31
188.166.251.87	attack	Automatic report	2019-08-22 17:08:35
138.197.93.133	attack	Aug 22 11:17:25 vps691689 sshd[17276]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.93.133 Aug 22 11:17:27 vps691689 sshd[17276]: Failed password for invalid user denisa from 138.197.93.133 port 49814 ssh2 ...	2019-08-22 17:22:41
193.108.117.16	attackbotsspam	Aug 21 23:57:49 lcprod sshd\[1588\]: Invalid user ftp from 193.108.117.16 Aug 21 23:57:49 lcprod sshd\[1588\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.108.117.16 Aug 21 23:57:52 lcprod sshd\[1588\]: Failed password for invalid user ftp from 193.108.117.16 port 58866 ssh2 Aug 22 00:02:50 lcprod sshd\[2062\]: Invalid user martin from 193.108.117.16 Aug 22 00:02:50 lcprod sshd\[2062\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.108.117.16	2019-08-22 18:06:33
202.159.24.35	attackspambots	Aug 22 10:41:25 h2177944 sshd\[11776\]: Invalid user admin from 202.159.24.35 port 56149 Aug 22 10:41:25 h2177944 sshd\[11776\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.159.24.35 Aug 22 10:41:27 h2177944 sshd\[11776\]: Failed password for invalid user admin from 202.159.24.35 port 56149 ssh2 Aug 22 10:47:23 h2177944 sshd\[12032\]: Invalid user kr from 202.159.24.35 port 50525 Aug 22 10:47:23 h2177944 sshd\[12032\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.159.24.35 ...	2019-08-22 17:32:37
120.92.20.197	attackbotsspam	Aug 22 10:40:12 v22019058497090703 sshd[6049]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.20.197 Aug 22 10:40:14 v22019058497090703 sshd[6049]: Failed password for invalid user userftp from 120.92.20.197 port 45159 ssh2 Aug 22 10:45:48 v22019058497090703 sshd[6411]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.20.197 ...	2019-08-22 17:18:32
191.53.254.36	attack	Aug 22 04:47:34 web1 postfix/smtpd[18753]: warning: unknown[191.53.254.36]: SASL PLAIN authentication failed: authentication failure ...	2019-08-22 17:12:37
142.93.26.245	attack	Aug 22 08:47:09 MK-Soft-VM3 sshd\[5413\]: Invalid user ts3 from 142.93.26.245 port 56160 Aug 22 08:47:09 MK-Soft-VM3 sshd\[5413\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.26.245 Aug 22 08:47:11 MK-Soft-VM3 sshd\[5413\]: Failed password for invalid user ts3 from 142.93.26.245 port 56160 ssh2 ...	2019-08-22 17:42:13
157.230.175.122	attackspam	Aug 22 05:47:42 xtremcommunity sshd\[6997\]: Invalid user user from 157.230.175.122 port 52212 Aug 22 05:47:42 xtremcommunity sshd\[6997\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.175.122 Aug 22 05:47:44 xtremcommunity sshd\[6997\]: Failed password for invalid user user from 157.230.175.122 port 52212 ssh2 Aug 22 05:51:52 xtremcommunity sshd\[7213\]: Invalid user export from 157.230.175.122 port 41742 Aug 22 05:51:52 xtremcommunity sshd\[7213\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.175.122 ...	2019-08-22 18:07:29
138.68.140.76	attackbots	Aug 22 11:22:07 lnxweb62 sshd[28947]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.140.76	2019-08-22 17:24:03
103.228.112.45	attack	Aug 22 11:51:45 legacy sshd[23423]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.228.112.45 Aug 22 11:51:47 legacy sshd[23423]: Failed password for invalid user ftpd from 103.228.112.45 port 55640 ssh2 Aug 22 11:57:33 legacy sshd[23580]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.228.112.45 ...	2019-08-22 18:00:18

Recently Reported IPs

104.131.1.113	104.131.106.80	104.131.120.50	104.131.125.221
104.131.121.157	104.131.110.168	104.131.102.238	125.1.55.169
104.131.16.222	104.131.102.173	104.131.189.108	104.131.21.50
104.131.20.216	104.131.23.66	104.131.211.232	104.131.169.15
104.131.43.215	104.131.29.136	104.131.45.112	104.131.249.90