104.131.2.117 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.131.249.57	attackbotsspam	Oct 13 19:47:46 ip-172-31-16-56 sshd\[2649\]: Invalid user teamspeak from 104.131.249.57\ Oct 13 19:47:48 ip-172-31-16-56 sshd\[2649\]: Failed password for invalid user teamspeak from 104.131.249.57 port 59778 ssh2\ Oct 13 19:52:54 ip-172-31-16-56 sshd\[2723\]: Invalid user webupload from 104.131.249.57\ Oct 13 19:52:56 ip-172-31-16-56 sshd\[2723\]: Failed password for invalid user webupload from 104.131.249.57 port 50902 ssh2\ Oct 13 19:55:40 ip-172-31-16-56 sshd\[2767\]: Invalid user kawase from 104.131.249.57\	2020-10-14 04:05:21
104.131.249.57	attackspambots	Oct 13 07:24:57 ajax sshd[13587]: Failed password for root from 104.131.249.57 port 57952 ssh2	2020-10-13 19:27:39
104.131.21.222	attackbots	firewall-block, port(s): 8088/tcp	2020-10-09 08:00:34
104.131.21.222	attackspambots	" "	2020-10-09 00:35:21
104.131.21.222	attack	[portscan] tcp/22 [SSH] in blocklist.de:'listed [ssh]' *(RWIN=65535)(10080947)	2020-10-08 16:32:07
104.131.249.57	attackspambots	Oct 7 19:24:31 scw-tender-jepsen sshd[1417]: Failed password for root from 104.131.249.57 port 41919 ssh2	2020-10-08 03:52:56
104.131.249.57	attackbotsspam	"Unauthorized connection attempt on SSHD detected"	2020-10-07 20:10:47
104.131.231.109	attackspam	Bruteforce detected by fail2ban	2020-09-16 03:47:49
104.131.231.109	attackbots	leo_www	2020-09-15 19:54:54
104.131.208.119	attackbots	104.131.208.119 - - [13/Sep/2020:14:07:06 +0200] "POST /wp-login.php HTTP/1.0" 200 4794 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-13 23:13:41
104.131.208.119	attackbotsspam	104.131.208.119 - - [13/Sep/2020:06:08:52 +0200] "GET /wp-login.php HTTP/1.1" 200 9184 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.131.208.119 - - [13/Sep/2020:06:08:54 +0200] "POST /wp-login.php HTTP/1.1" 200 9435 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.131.208.119 - - [13/Sep/2020:06:08:55 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-13 15:07:45
104.131.208.119	attackspam	104.131.208.119 - - [12/Sep/2020:18:29:02 +0500] "GET /wp-login.php HTTP/1.1" 301 185 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-13 06:50:41
104.131.22.18	attackbotsspam	104.131.22.18 - - [11/Sep/2020:08:16:40 +0200] "GET /wp-login.php HTTP/1.1" 200 9061 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.131.22.18 - - [11/Sep/2020:08:16:41 +0200] "POST /wp-login.php HTTP/1.1" 200 9312 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.131.22.18 - - [11/Sep/2020:08:16:43 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-12 02:55:40
104.131.249.57	attackspambots	Sep 11 14:01:05 abendstille sshd\[2849\]: Invalid user sapena from 104.131.249.57 Sep 11 14:01:05 abendstille sshd\[2849\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.249.57 Sep 11 14:01:07 abendstille sshd\[2849\]: Failed password for invalid user sapena from 104.131.249.57 port 51784 ssh2 Sep 11 14:05:34 abendstille sshd\[6914\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.249.57 user=root Sep 11 14:05:35 abendstille sshd\[6914\]: Failed password for root from 104.131.249.57 port 58571 ssh2 ...	2020-09-11 20:08:06
104.131.22.18	attackspam	104.131.22.18 - - [11/Sep/2020:08:16:40 +0200] "GET /wp-login.php HTTP/1.1" 200 9061 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.131.22.18 - - [11/Sep/2020:08:16:41 +0200] "POST /wp-login.php HTTP/1.1" 200 9312 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.131.22.18 - - [11/Sep/2020:08:16:43 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-11 18:53:43

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.131.2.117
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 12289
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.131.2.117.			IN	A

;; AUTHORITY SECTION:
.			501	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022500 1800 900 604800 86400

;; Query time: 25 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Feb 26 00:38:34 CST 2022
;; MSG SIZE  rcvd: 106

Host info

Host 117.2.131.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 117.2.131.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
240e:3a0:3a03:62df:7c45:ba78:523b:bf64	attackbotsspam	Multiple port scan	2020-03-27 12:12:15
165.227.104.253	attack	...	2020-03-27 12:10:13
61.160.96.90	attack	Mar 27 04:50:30 ns392434 sshd[23479]: Invalid user qwy from 61.160.96.90 port 16515 Mar 27 04:50:30 ns392434 sshd[23479]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.160.96.90 Mar 27 04:50:30 ns392434 sshd[23479]: Invalid user qwy from 61.160.96.90 port 16515 Mar 27 04:50:32 ns392434 sshd[23479]: Failed password for invalid user qwy from 61.160.96.90 port 16515 ssh2 Mar 27 04:56:29 ns392434 sshd[23525]: Invalid user hkz from 61.160.96.90 port 30802 Mar 27 04:56:29 ns392434 sshd[23525]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.160.96.90 Mar 27 04:56:29 ns392434 sshd[23525]: Invalid user hkz from 61.160.96.90 port 30802 Mar 27 04:56:32 ns392434 sshd[23525]: Failed password for invalid user hkz from 61.160.96.90 port 30802 ssh2 Mar 27 04:59:25 ns392434 sshd[23655]: Invalid user ikw from 61.160.96.90 port 20321	2020-03-27 12:04:32
51.158.127.163	attack	Mar 27 00:04:30 silence02 sshd[31279]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.158.127.163 Mar 27 00:04:32 silence02 sshd[31279]: Failed password for invalid user buv from 51.158.127.163 port 43360 ssh2 Mar 27 00:10:55 silence02 sshd[31650]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.158.127.163	2020-03-27 09:30:01
122.160.76.224	attackspambots	Mar 27 03:53:53 ip-172-31-62-245 sshd\[25976\]: Invalid user mba from 122.160.76.224\ Mar 27 03:53:55 ip-172-31-62-245 sshd\[25976\]: Failed password for invalid user mba from 122.160.76.224 port 59898 ssh2\ Mar 27 03:57:17 ip-172-31-62-245 sshd\[25991\]: Invalid user xbt from 122.160.76.224\ Mar 27 03:57:19 ip-172-31-62-245 sshd\[25991\]: Failed password for invalid user xbt from 122.160.76.224 port 56392 ssh2\ Mar 27 04:00:45 ip-172-31-62-245 sshd\[26015\]: Invalid user lyu from 122.160.76.224\	2020-03-27 12:14:24
113.161.57.213	attack	CMS (WordPress or Joomla) login attempt.	2020-03-27 09:28:52
119.7.15.53	attackspambots	Unauthorized connection attempt detected from IP address 119.7.15.53 to port 1433	2020-03-27 12:04:19
203.189.253.243	attackspam	Mar 26 19:11:00 server1 sshd\[13995\]: Invalid user ihy from 203.189.253.243 Mar 26 19:11:00 server1 sshd\[13995\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.189.253.243 Mar 26 19:11:02 server1 sshd\[13996\]: Failed password for invalid user ihy from 203.189.253.243 port 33270 ssh2 Mar 26 19:11:02 server1 sshd\[13995\]: Failed password for invalid user ihy from 203.189.253.243 port 33272 ssh2 Mar 26 19:17:10 server1 sshd\[16113\]: Invalid user jinsc from 203.189.253.243 ...	2020-03-27 09:39:20
106.13.38.246	attackspam	SSH Brute-Force reported by Fail2Ban	2020-03-27 12:11:12
159.203.14.38	attackbotsspam	Telnet Server BruteForce Attack	2020-03-27 12:06:11
85.254.74.253	attackbotsspam	SSH invalid-user multiple login try	2020-03-27 09:47:55
106.12.138.253	attack	2020-03-27T05:03:12.881439v22018076590370373 sshd[12547]: Invalid user mvm from 106.12.138.253 port 54034 2020-03-27T05:03:12.890691v22018076590370373 sshd[12547]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.138.253 2020-03-27T05:03:12.881439v22018076590370373 sshd[12547]: Invalid user mvm from 106.12.138.253 port 54034 2020-03-27T05:03:14.935668v22018076590370373 sshd[12547]: Failed password for invalid user mvm from 106.12.138.253 port 54034 ssh2 2020-03-27T05:06:37.852171v22018076590370373 sshd[14974]: Invalid user wqq from 106.12.138.253 port 43648 ...	2020-03-27 12:07:55
150.242.213.189	attackspam	Mar 27 04:09:15 game-panel sshd[27811]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.242.213.189 Mar 27 04:09:17 game-panel sshd[27811]: Failed password for invalid user xox from 150.242.213.189 port 57670 ssh2 Mar 27 04:12:45 game-panel sshd[27938]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.242.213.189	2020-03-27 12:13:54
46.219.3.139	attackbots	Mar 27 04:55:25 host sshd[28189]: Invalid user qpo from 46.219.3.139 port 49726 ...	2020-03-27 12:13:07
165.22.65.134	attackbotsspam	SSH-BruteForce	2020-03-27 09:37:15

Recently Reported IPs

104.131.182.181	104.131.191.119	104.131.182.50	104.131.2.152
104.131.2.159	104.131.20.232	104.131.20.179	104.131.206.23
104.131.214.218	104.131.228.136	104.131.23.217	104.131.24.100
104.131.246.51	104.131.33.240	103.205.233.70	104.131.27.91
104.131.28.8	104.131.29.86	104.131.35.224	104.131.25.47