104.131.11.2 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: None

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.131.110.155	attackbotsspam	Detected by Fail2Ban	2020-10-05 06:27:55
104.131.110.155	attackspam	Oct 4 14:08:14 choloepus sshd[27653]: Did not receive identification string from 104.131.110.155 port 43642 Oct 4 14:08:24 choloepus sshd[27776]: Disconnected from invalid user root 104.131.110.155 port 59624 [preauth] Oct 4 14:08:36 choloepus sshd[27850]: Invalid user oracle from 104.131.110.155 port 44478 ...	2020-10-04 22:29:30
104.131.110.155	attackbotsspam	$f2bV_matches	2020-10-04 14:15:27
104.131.110.155	attack	web-1 [ssh] SSH Attack	2020-10-04 04:44:08
104.131.110.155	attackbots	Invalid user oracle from 104.131.110.155 port 45714	2020-10-03 20:51:43
104.131.110.155	attackspambots	Oct 3 06:39:36 doubuntu sshd[12773]: Did not receive identification string from 104.131.110.155 port 45172 ...	2020-10-03 06:58:24
104.131.11.149	attack	Sep 30 04:18:13 ip-172-31-16-56 sshd\[7755\]: Failed password for root from 104.131.11.149 port 35938 ssh2\ Sep 30 04:18:22 ip-172-31-16-56 sshd\[7757\]: Failed password for root from 104.131.11.149 port 54842 ssh2\ Sep 30 04:18:32 ip-172-31-16-56 sshd\[7760\]: Failed password for root from 104.131.11.149 port 45614 ssh2\ Sep 30 04:18:40 ip-172-31-16-56 sshd\[7762\]: Invalid user admin from 104.131.11.149\ Sep 30 04:18:43 ip-172-31-16-56 sshd\[7762\]: Failed password for invalid user admin from 104.131.11.149 port 36208 ssh2\	2020-09-30 12:21:32
104.131.115.14	attackspambots	SSH bruteforce attack	2020-09-25 04:48:13
104.131.117.137	attackspambots	Several unsuccessful attempts to access my WordPress server with wrong passwords	2020-09-24 01:30:06
104.131.117.137	attackbotsspam	Automatic report - XMLRPC Attack	2020-09-23 17:35:43
104.131.113.106	attackbotsspam	Port scan followed by SSH.	2020-09-21 23:01:06
104.131.113.106	attack	Port scan followed by SSH.	2020-09-21 14:45:36
104.131.118.160	attackbots	Sep 2 01:42:33 bbl sshd[30823]: Did not receive identification string from 104.131.118.160 port 51928 Sep 2 01:43:20 bbl sshd[3577]: Received disconnect from 104.131.118.160 port 49256:11: Normal Shutdown, Thank you for playing [preauth] Sep 2 01:43:20 bbl sshd[3577]: Disconnected from 104.131.118.160 port 49256 [preauth] Sep 2 01:43:43 bbl sshd[6163]: Invalid user ftpuser from 104.131.118.160 port 44062 Sep 2 01:43:43 bbl sshd[6163]: Received disconnect from 104.131.118.160 port 44062:11: Normal Shutdown, Thank you for playing [preauth] Sep 2 01:43:43 bbl sshd[6163]: Disconnected from 104.131.118.160 port 44062 [preauth] Sep 2 01:44:07 bbl sshd[8872]: Invalid user ghostname from 104.131.118.160 port 38862 Sep 2 01:44:07 bbl sshd[8872]: Received disconnect from 104.131.118.160 port 38862:11: Normal Shutdown, Thank you for playing [preauth] Sep 2 01:44:07 bbl sshd[8872]: Disconnected from 104.131.118.160 port 38862 [preauth] Sep 2 01:44:31 bbl sshd[12270]: Inva........ -------------------------------	2020-09-08 00:31:22
104.131.118.160	attackbots	Sep 2 01:42:33 bbl sshd[30823]: Did not receive identification string from 104.131.118.160 port 51928 Sep 2 01:43:20 bbl sshd[3577]: Received disconnect from 104.131.118.160 port 49256:11: Normal Shutdown, Thank you for playing [preauth] Sep 2 01:43:20 bbl sshd[3577]: Disconnected from 104.131.118.160 port 49256 [preauth] Sep 2 01:43:43 bbl sshd[6163]: Invalid user ftpuser from 104.131.118.160 port 44062 Sep 2 01:43:43 bbl sshd[6163]: Received disconnect from 104.131.118.160 port 44062:11: Normal Shutdown, Thank you for playing [preauth] Sep 2 01:43:43 bbl sshd[6163]: Disconnected from 104.131.118.160 port 44062 [preauth] Sep 2 01:44:07 bbl sshd[8872]: Invalid user ghostname from 104.131.118.160 port 38862 Sep 2 01:44:07 bbl sshd[8872]: Received disconnect from 104.131.118.160 port 38862:11: Normal Shutdown, Thank you for playing [preauth] Sep 2 01:44:07 bbl sshd[8872]: Disconnected from 104.131.118.160 port 38862 [preauth] Sep 2 01:44:31 bbl sshd[12270]: Inva........ -------------------------------	2020-09-07 16:00:31
104.131.118.160	attackspambots	Sep 2 01:42:33 bbl sshd[30823]: Did not receive identification string from 104.131.118.160 port 51928 Sep 2 01:43:20 bbl sshd[3577]: Received disconnect from 104.131.118.160 port 49256:11: Normal Shutdown, Thank you for playing [preauth] Sep 2 01:43:20 bbl sshd[3577]: Disconnected from 104.131.118.160 port 49256 [preauth] Sep 2 01:43:43 bbl sshd[6163]: Invalid user ftpuser from 104.131.118.160 port 44062 Sep 2 01:43:43 bbl sshd[6163]: Received disconnect from 104.131.118.160 port 44062:11: Normal Shutdown, Thank you for playing [preauth] Sep 2 01:43:43 bbl sshd[6163]: Disconnected from 104.131.118.160 port 44062 [preauth] Sep 2 01:44:07 bbl sshd[8872]: Invalid user ghostname from 104.131.118.160 port 38862 Sep 2 01:44:07 bbl sshd[8872]: Received disconnect from 104.131.118.160 port 38862:11: Normal Shutdown, Thank you for playing [preauth] Sep 2 01:44:07 bbl sshd[8872]: Disconnected from 104.131.118.160 port 38862 [preauth] Sep 2 01:44:31 bbl sshd[12270]: Inva........ -------------------------------	2020-09-07 08:22:56

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.131.11.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 41537
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.131.11.2.			IN	A

;; AUTHORITY SECTION:
.			498	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021702 1800 900 604800 86400

;; Query time: 24 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 08:19:12 CST 2022
;; MSG SIZE  rcvd: 105

Host info

Host 2.11.131.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 2.11.131.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
185.36.81.129	attack	Jul 20 14:59:29 plusreed sshd[3395]: Invalid user admin4 from 185.36.81.129 ...	2019-07-21 04:03:10
134.73.76.72	attackspambots	Spam mails sent to address hacked/leaked from Nexus Mods in July 2013	2019-07-21 04:12:15
119.40.55.96	attackspambots	Jul 15 22:18:02 xb3 sshd[30532]: Failed password for invalid user fy from 119.40.55.96 port 25766 ssh2 Jul 15 22:18:02 xb3 sshd[30532]: Received disconnect from 119.40.55.96: 11: Bye Bye [preauth] Jul 15 22:33:21 xb3 sshd[29009]: Failed password for invalid user new from 119.40.55.96 port 25771 ssh2 Jul 15 22:33:21 xb3 sshd[29009]: Received disconnect from 119.40.55.96: 11: Bye Bye [preauth] Jul 15 22:37:54 xb3 sshd[25560]: Failed password for invalid user spread from 119.40.55.96 port 25775 ssh2 Jul 15 22:37:55 xb3 sshd[25560]: Received disconnect from 119.40.55.96: 11: Bye Bye [preauth] Jul 15 22:42:39 xb3 sshd[25367]: Failed password for invalid user eugene from 119.40.55.96 port 25780 ssh2 Jul 15 22:42:39 xb3 sshd[25367]: Received disconnect from 119.40.55.96: 11: Bye Bye [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=119.40.55.96	2019-07-21 03:57:33
122.199.225.53	attack	Jul 20 21:00:43 ubuntu-2gb-nbg1-dc3-1 sshd[5166]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.199.225.53 Jul 20 21:00:45 ubuntu-2gb-nbg1-dc3-1 sshd[5166]: Failed password for invalid user anthony from 122.199.225.53 port 40170 ssh2 ...	2019-07-21 03:38:12
80.82.77.33	attack	SNMP Scan	2019-07-21 03:45:58
189.18.243.210	attackspam	Jul 20 11:51:47 server sshd\[107166\]: Invalid user planeacion from 189.18.243.210 Jul 20 11:51:47 server sshd\[107166\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.18.243.210 Jul 20 11:51:50 server sshd\[107166\]: Failed password for invalid user planeacion from 189.18.243.210 port 47470 ssh2 ...	2019-07-21 03:46:18
95.30.69.14	attackspam	Automatic report - Port Scan Attack	2019-07-21 03:44:29
197.227.98.140	attackspam	Jul 20 20:37:45 km20725 sshd\[17344\]: Invalid user pi from 197.227.98.140Jul 20 20:37:46 km20725 sshd\[17346\]: Invalid user pi from 197.227.98.140Jul 20 20:37:47 km20725 sshd\[17344\]: Failed password for invalid user pi from 197.227.98.140 port 44158 ssh2Jul 20 20:37:47 km20725 sshd\[17346\]: Failed password for invalid user pi from 197.227.98.140 port 44166 ssh2 ...	2019-07-21 04:00:13
51.255.197.164	attack	2019-07-20T19:48:57.303058abusebot-6.cloudsearch.cf sshd\[20515\]: Invalid user emmanuel from 51.255.197.164 port 59374	2019-07-21 04:08:40
202.79.170.2	attackbots	Auto reported by IDS	2019-07-21 03:52:48
31.47.0.141	attackspambots	Jul 20 15:28:39 TORMINT sshd\[19306\]: Invalid user ari from 31.47.0.141 Jul 20 15:28:39 TORMINT sshd\[19306\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.47.0.141 Jul 20 15:28:41 TORMINT sshd\[19306\]: Failed password for invalid user ari from 31.47.0.141 port 26737 ssh2 ...	2019-07-21 03:41:51
103.232.120.109	attackbotsspam	Jul 20 21:27:11 OPSO sshd\[11785\]: Invalid user martina from 103.232.120.109 port 41696 Jul 20 21:27:11 OPSO sshd\[11785\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.232.120.109 Jul 20 21:27:13 OPSO sshd\[11785\]: Failed password for invalid user martina from 103.232.120.109 port 41696 ssh2 Jul 20 21:33:41 OPSO sshd\[12485\]: Invalid user demo from 103.232.120.109 port 39054 Jul 20 21:33:41 OPSO sshd\[12485\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.232.120.109	2019-07-21 03:34:47
81.22.45.81	attack	Splunk® : port scan detected: Jul 20 13:23:09 testbed kernel: Firewall: TCP_IN Blocked IN=eth0 OUT= MAC=82:c6:52:d1:6e:53:c0:42:d0:39:2c:30:08:00 SRC=81.22.45.81 DST=104.248.11.191 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=53782 PROTO=TCP SPT=53873 DPT=3456 WINDOW=1024 RES=0x00 SYN URGP=0	2019-07-21 03:56:22
41.41.47.147	attackbotsspam	2 failed emails per dmarc_support@corp.mail.ru [Fri Jul 19 00:00:00 2019 GMT thru Sat Jul 20 00:00:00 2019 GMT]	2019-07-21 03:20:32
101.249.58.218	attackspam	spamhaus attack, whatever it is.	2019-07-21 03:35:29

Recently Reported IPs

104.131.1.113	104.131.106.80	104.131.120.50	104.131.125.221
104.131.121.157	104.131.110.168	104.131.102.238	125.1.55.169
104.131.16.222	104.131.102.173	104.131.189.108	104.131.21.50
104.131.20.216	104.131.23.66	104.131.211.232	104.131.169.15
104.131.43.215	104.131.29.136	104.131.45.112	104.131.249.90