104.131.11.2 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: None

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.131.110.155	attackbotsspam	Detected by Fail2Ban	2020-10-05 06:27:55
104.131.110.155	attackspam	Oct 4 14:08:14 choloepus sshd[27653]: Did not receive identification string from 104.131.110.155 port 43642 Oct 4 14:08:24 choloepus sshd[27776]: Disconnected from invalid user root 104.131.110.155 port 59624 [preauth] Oct 4 14:08:36 choloepus sshd[27850]: Invalid user oracle from 104.131.110.155 port 44478 ...	2020-10-04 22:29:30
104.131.110.155	attackbotsspam	$f2bV_matches	2020-10-04 14:15:27
104.131.110.155	attack	web-1 [ssh] SSH Attack	2020-10-04 04:44:08
104.131.110.155	attackbots	Invalid user oracle from 104.131.110.155 port 45714	2020-10-03 20:51:43
104.131.110.155	attackspambots	Oct 3 06:39:36 doubuntu sshd[12773]: Did not receive identification string from 104.131.110.155 port 45172 ...	2020-10-03 06:58:24
104.131.11.149	attack	Sep 30 04:18:13 ip-172-31-16-56 sshd\[7755\]: Failed password for root from 104.131.11.149 port 35938 ssh2\ Sep 30 04:18:22 ip-172-31-16-56 sshd\[7757\]: Failed password for root from 104.131.11.149 port 54842 ssh2\ Sep 30 04:18:32 ip-172-31-16-56 sshd\[7760\]: Failed password for root from 104.131.11.149 port 45614 ssh2\ Sep 30 04:18:40 ip-172-31-16-56 sshd\[7762\]: Invalid user admin from 104.131.11.149\ Sep 30 04:18:43 ip-172-31-16-56 sshd\[7762\]: Failed password for invalid user admin from 104.131.11.149 port 36208 ssh2\	2020-09-30 12:21:32
104.131.115.14	attackspambots	SSH bruteforce attack	2020-09-25 04:48:13
104.131.117.137	attackspambots	Several unsuccessful attempts to access my WordPress server with wrong passwords	2020-09-24 01:30:06
104.131.117.137	attackbotsspam	Automatic report - XMLRPC Attack	2020-09-23 17:35:43
104.131.113.106	attackbotsspam	Port scan followed by SSH.	2020-09-21 23:01:06
104.131.113.106	attack	Port scan followed by SSH.	2020-09-21 14:45:36
104.131.118.160	attackbots	Sep 2 01:42:33 bbl sshd[30823]: Did not receive identification string from 104.131.118.160 port 51928 Sep 2 01:43:20 bbl sshd[3577]: Received disconnect from 104.131.118.160 port 49256:11: Normal Shutdown, Thank you for playing [preauth] Sep 2 01:43:20 bbl sshd[3577]: Disconnected from 104.131.118.160 port 49256 [preauth] Sep 2 01:43:43 bbl sshd[6163]: Invalid user ftpuser from 104.131.118.160 port 44062 Sep 2 01:43:43 bbl sshd[6163]: Received disconnect from 104.131.118.160 port 44062:11: Normal Shutdown, Thank you for playing [preauth] Sep 2 01:43:43 bbl sshd[6163]: Disconnected from 104.131.118.160 port 44062 [preauth] Sep 2 01:44:07 bbl sshd[8872]: Invalid user ghostname from 104.131.118.160 port 38862 Sep 2 01:44:07 bbl sshd[8872]: Received disconnect from 104.131.118.160 port 38862:11: Normal Shutdown, Thank you for playing [preauth] Sep 2 01:44:07 bbl sshd[8872]: Disconnected from 104.131.118.160 port 38862 [preauth] Sep 2 01:44:31 bbl sshd[12270]: Inva........ -------------------------------	2020-09-08 00:31:22
104.131.118.160	attackbots	Sep 2 01:42:33 bbl sshd[30823]: Did not receive identification string from 104.131.118.160 port 51928 Sep 2 01:43:20 bbl sshd[3577]: Received disconnect from 104.131.118.160 port 49256:11: Normal Shutdown, Thank you for playing [preauth] Sep 2 01:43:20 bbl sshd[3577]: Disconnected from 104.131.118.160 port 49256 [preauth] Sep 2 01:43:43 bbl sshd[6163]: Invalid user ftpuser from 104.131.118.160 port 44062 Sep 2 01:43:43 bbl sshd[6163]: Received disconnect from 104.131.118.160 port 44062:11: Normal Shutdown, Thank you for playing [preauth] Sep 2 01:43:43 bbl sshd[6163]: Disconnected from 104.131.118.160 port 44062 [preauth] Sep 2 01:44:07 bbl sshd[8872]: Invalid user ghostname from 104.131.118.160 port 38862 Sep 2 01:44:07 bbl sshd[8872]: Received disconnect from 104.131.118.160 port 38862:11: Normal Shutdown, Thank you for playing [preauth] Sep 2 01:44:07 bbl sshd[8872]: Disconnected from 104.131.118.160 port 38862 [preauth] Sep 2 01:44:31 bbl sshd[12270]: Inva........ -------------------------------	2020-09-07 16:00:31
104.131.118.160	attackspambots	Sep 2 01:42:33 bbl sshd[30823]: Did not receive identification string from 104.131.118.160 port 51928 Sep 2 01:43:20 bbl sshd[3577]: Received disconnect from 104.131.118.160 port 49256:11: Normal Shutdown, Thank you for playing [preauth] Sep 2 01:43:20 bbl sshd[3577]: Disconnected from 104.131.118.160 port 49256 [preauth] Sep 2 01:43:43 bbl sshd[6163]: Invalid user ftpuser from 104.131.118.160 port 44062 Sep 2 01:43:43 bbl sshd[6163]: Received disconnect from 104.131.118.160 port 44062:11: Normal Shutdown, Thank you for playing [preauth] Sep 2 01:43:43 bbl sshd[6163]: Disconnected from 104.131.118.160 port 44062 [preauth] Sep 2 01:44:07 bbl sshd[8872]: Invalid user ghostname from 104.131.118.160 port 38862 Sep 2 01:44:07 bbl sshd[8872]: Received disconnect from 104.131.118.160 port 38862:11: Normal Shutdown, Thank you for playing [preauth] Sep 2 01:44:07 bbl sshd[8872]: Disconnected from 104.131.118.160 port 38862 [preauth] Sep 2 01:44:31 bbl sshd[12270]: Inva........ -------------------------------	2020-09-07 08:22:56

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.131.11.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 41537
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.131.11.2.			IN	A

;; AUTHORITY SECTION:
.			498	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021702 1800 900 604800 86400

;; Query time: 24 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 08:19:12 CST 2022
;; MSG SIZE  rcvd: 105

Host info

Host 2.11.131.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 2.11.131.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
77.111.247.186	attack	Automatic report - Banned IP Access	2019-12-03 22:43:18
170.81.159.117	attackbots	Unauthorized connection attempt from IP address 170.81.159.117 on Port 445(SMB)	2019-12-03 22:50:45
81.133.73.161	attackspam	F2B jail: sshd. Time: 2019-12-03 15:48:29, Reported by: VKReport	2019-12-03 22:51:12
190.151.105.182	attackspam	Dec 3 04:25:42 hpm sshd\[28808\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.151.105.182 user=root Dec 3 04:25:44 hpm sshd\[28808\]: Failed password for root from 190.151.105.182 port 35362 ssh2 Dec 3 04:33:15 hpm sshd\[29599\]: Invalid user yoyo from 190.151.105.182 Dec 3 04:33:15 hpm sshd\[29599\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.151.105.182 Dec 3 04:33:17 hpm sshd\[29599\]: Failed password for invalid user yoyo from 190.151.105.182 port 55366 ssh2	2019-12-03 22:45:53
165.22.112.45	attackspam	Dec 3 04:24:54 hanapaa sshd\[19860\]: Invalid user krishnam from 165.22.112.45 Dec 3 04:24:54 hanapaa sshd\[19860\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.112.45 Dec 3 04:24:56 hanapaa sshd\[19860\]: Failed password for invalid user krishnam from 165.22.112.45 port 42980 ssh2 Dec 3 04:30:26 hanapaa sshd\[20406\]: Invalid user password123 from 165.22.112.45 Dec 3 04:30:26 hanapaa sshd\[20406\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.112.45	2019-12-03 22:46:42
110.145.25.35	attackbotsspam	Dec 3 09:54:39 plusreed sshd[18068]: Invalid user dewey from 110.145.25.35 ...	2019-12-03 23:14:35
195.22.225.19	attackspambots	Dec 3 13:07:07 vtv3 sshd[25251]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.22.225.19 Dec 3 13:07:09 vtv3 sshd[25251]: Failed password for invalid user thailai from 195.22.225.19 port 36004 ssh2 Dec 3 13:15:17 vtv3 sshd[29505]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.22.225.19 Dec 3 13:30:33 vtv3 sshd[4406]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.22.225.19 Dec 3 13:30:35 vtv3 sshd[4406]: Failed password for invalid user sinkovic from 195.22.225.19 port 55848 ssh2 Dec 3 13:38:21 vtv3 sshd[7801]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.22.225.19 Dec 3 13:53:35 vtv3 sshd[15400]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.22.225.19 Dec 3 13:53:36 vtv3 sshd[15400]: Failed password for invalid user host from 195.22.225.19 port 45684 ssh2 Dec 3 14:01:0	2019-12-03 23:10:18
201.18.19.186	attack	Dec 3 10:05:46 marvibiene sshd[19310]: Invalid user rsl from 201.18.19.186 port 50596 Dec 3 10:05:46 marvibiene sshd[19310]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.18.19.186 Dec 3 10:05:46 marvibiene sshd[19310]: Invalid user rsl from 201.18.19.186 port 50596 Dec 3 10:05:47 marvibiene sshd[19310]: Failed password for invalid user rsl from 201.18.19.186 port 50596 ssh2 ...	2019-12-03 22:26:15
5.196.29.194	attackbots	Dec 3 18:24:56 microserver sshd[23113]: Invalid user lokman from 5.196.29.194 port 55497 Dec 3 18:24:56 microserver sshd[23113]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.196.29.194 Dec 3 18:24:58 microserver sshd[23113]: Failed password for invalid user lokman from 5.196.29.194 port 55497 ssh2 Dec 3 18:34:11 microserver sshd[24546]: Invalid user server from 5.196.29.194 port 47203 Dec 3 18:34:11 microserver sshd[24546]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.196.29.194 Dec 3 18:46:09 microserver sshd[26556]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.196.29.194 user=news Dec 3 18:46:11 microserver sshd[26556]: Failed password for news from 5.196.29.194 port 34104 ssh2 Dec 3 18:52:14 microserver sshd[27311]: Invalid user watchdog from 5.196.29.194 port 43403 Dec 3 18:52:14 microserver sshd[27311]: pam_unix(sshd:auth): authentication failure; logname= uid=0	2019-12-03 23:07:34
37.187.60.182	attackspam	Dec 3 14:49:09 localhost sshd\[18093\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.187.60.182 user=backup Dec 3 14:49:11 localhost sshd\[18093\]: Failed password for backup from 37.187.60.182 port 40122 ssh2 Dec 3 14:58:43 localhost sshd\[18724\]: Invalid user system from 37.187.60.182 Dec 3 14:58:43 localhost sshd\[18724\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.187.60.182 Dec 3 14:58:45 localhost sshd\[18724\]: Failed password for invalid user system from 37.187.60.182 port 52002 ssh2 ...	2019-12-03 22:29:03
41.76.242.226	attack	Unauthorized connection attempt from IP address 41.76.242.226 on Port 445(SMB)	2019-12-03 22:39:21
80.211.2.59	attack	80.211.2.59 - - [03/Dec/2019:15:30:15 +0100] "GET /wp-login.php HTTP/1.1" 301 247 "http://mediaxtend.net/wp-login.php" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 80.211.2.59 - - [03/Dec/2019:15:30:15 +0100] "GET /wp-login.php HTTP/1.1" 404 4264 "http://www.mediaxtend.net/wp-login.php" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-12-03 23:10:48
181.211.244.253	attackbotsspam	Unauthorized connection attempt from IP address 181.211.244.253 on Port 445(SMB)	2019-12-03 22:46:09
61.94.42.200	attackbots	Unauthorized connection attempt from IP address 61.94.42.200 on Port 445(SMB)	2019-12-03 22:48:34
159.203.165.197	attackspambots	Dec 3 04:54:22 kmh-wmh-003-nbg03 sshd[15059]: Invalid user server from 159.203.165.197 port 38120 Dec 3 04:54:22 kmh-wmh-003-nbg03 sshd[15059]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.165.197 Dec 3 04:54:24 kmh-wmh-003-nbg03 sshd[15059]: Failed password for invalid user server from 159.203.165.197 port 38120 ssh2 Dec 3 04:54:24 kmh-wmh-003-nbg03 sshd[15059]: Received disconnect from 159.203.165.197 port 38120:11: Bye Bye [preauth] Dec 3 04:54:24 kmh-wmh-003-nbg03 sshd[15059]: Disconnected from 159.203.165.197 port 38120 [preauth] Dec 3 05:04:04 kmh-wmh-003-nbg03 sshd[16188]: Invalid user skibba from 159.203.165.197 port 59122 Dec 3 05:04:04 kmh-wmh-003-nbg03 sshd[16188]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.165.197 Dec 3 05:04:06 kmh-wmh-003-nbg03 sshd[16188]: Failed password for invalid user skibba from 159.203.165.197 port 59122 ssh2 Dec 3 05:15:........ -------------------------------	2019-12-03 23:09:02

Recently Reported IPs

104.131.1.113	104.131.106.80	104.131.120.50	104.131.125.221
104.131.121.157	104.131.110.168	104.131.102.238	125.1.55.169
104.131.16.222	104.131.102.173	104.131.189.108	104.131.21.50
104.131.20.216	104.131.23.66	104.131.211.232	104.131.169.15
104.131.43.215	104.131.29.136	104.131.45.112	104.131.249.90