104.131.2.117 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.131.249.57	attackbotsspam	Oct 13 19:47:46 ip-172-31-16-56 sshd\[2649\]: Invalid user teamspeak from 104.131.249.57\ Oct 13 19:47:48 ip-172-31-16-56 sshd\[2649\]: Failed password for invalid user teamspeak from 104.131.249.57 port 59778 ssh2\ Oct 13 19:52:54 ip-172-31-16-56 sshd\[2723\]: Invalid user webupload from 104.131.249.57\ Oct 13 19:52:56 ip-172-31-16-56 sshd\[2723\]: Failed password for invalid user webupload from 104.131.249.57 port 50902 ssh2\ Oct 13 19:55:40 ip-172-31-16-56 sshd\[2767\]: Invalid user kawase from 104.131.249.57\	2020-10-14 04:05:21
104.131.249.57	attackspambots	Oct 13 07:24:57 ajax sshd[13587]: Failed password for root from 104.131.249.57 port 57952 ssh2	2020-10-13 19:27:39
104.131.21.222	attackbots	firewall-block, port(s): 8088/tcp	2020-10-09 08:00:34
104.131.21.222	attackspambots	" "	2020-10-09 00:35:21
104.131.21.222	attack	[portscan] tcp/22 [SSH] in blocklist.de:'listed [ssh]' *(RWIN=65535)(10080947)	2020-10-08 16:32:07
104.131.249.57	attackspambots	Oct 7 19:24:31 scw-tender-jepsen sshd[1417]: Failed password for root from 104.131.249.57 port 41919 ssh2	2020-10-08 03:52:56
104.131.249.57	attackbotsspam	"Unauthorized connection attempt on SSHD detected"	2020-10-07 20:10:47
104.131.231.109	attackspam	Bruteforce detected by fail2ban	2020-09-16 03:47:49
104.131.231.109	attackbots	leo_www	2020-09-15 19:54:54
104.131.208.119	attackbots	104.131.208.119 - - [13/Sep/2020:14:07:06 +0200] "POST /wp-login.php HTTP/1.0" 200 4794 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-13 23:13:41
104.131.208.119	attackbotsspam	104.131.208.119 - - [13/Sep/2020:06:08:52 +0200] "GET /wp-login.php HTTP/1.1" 200 9184 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.131.208.119 - - [13/Sep/2020:06:08:54 +0200] "POST /wp-login.php HTTP/1.1" 200 9435 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.131.208.119 - - [13/Sep/2020:06:08:55 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-13 15:07:45
104.131.208.119	attackspam	104.131.208.119 - - [12/Sep/2020:18:29:02 +0500] "GET /wp-login.php HTTP/1.1" 301 185 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-13 06:50:41
104.131.22.18	attackbotsspam	104.131.22.18 - - [11/Sep/2020:08:16:40 +0200] "GET /wp-login.php HTTP/1.1" 200 9061 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.131.22.18 - - [11/Sep/2020:08:16:41 +0200] "POST /wp-login.php HTTP/1.1" 200 9312 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.131.22.18 - - [11/Sep/2020:08:16:43 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-12 02:55:40
104.131.249.57	attackspambots	Sep 11 14:01:05 abendstille sshd\[2849\]: Invalid user sapena from 104.131.249.57 Sep 11 14:01:05 abendstille sshd\[2849\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.249.57 Sep 11 14:01:07 abendstille sshd\[2849\]: Failed password for invalid user sapena from 104.131.249.57 port 51784 ssh2 Sep 11 14:05:34 abendstille sshd\[6914\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.249.57 user=root Sep 11 14:05:35 abendstille sshd\[6914\]: Failed password for root from 104.131.249.57 port 58571 ssh2 ...	2020-09-11 20:08:06
104.131.22.18	attackspam	104.131.22.18 - - [11/Sep/2020:08:16:40 +0200] "GET /wp-login.php HTTP/1.1" 200 9061 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.131.22.18 - - [11/Sep/2020:08:16:41 +0200] "POST /wp-login.php HTTP/1.1" 200 9312 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.131.22.18 - - [11/Sep/2020:08:16:43 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-11 18:53:43

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.131.2.117
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 12289
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.131.2.117.			IN	A

;; AUTHORITY SECTION:
.			501	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022500 1800 900 604800 86400

;; Query time: 25 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Feb 26 00:38:34 CST 2022
;; MSG SIZE  rcvd: 106

Host info

Host 117.2.131.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 117.2.131.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
195.154.209.94	attack	Port scan denied	2020-09-29 15:03:34
103.100.159.91	attackspam	Sep 28 20:13:21 s5 sshd[27335]: Invalid user gpadmin from 103.100.159.91 port 60352 Sep 28 20:13:21 s5 sshd[27335]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.100.159.91 Sep 28 20:13:24 s5 sshd[27335]: Failed password for invalid user gpadmin from 103.100.159.91 port 60352 ssh2 Sep 28 20:26:41 s5 sshd[28345]: Invalid user deployer from 103.100.159.91 port 52112 Sep 28 20:26:41 s5 sshd[28345]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.100.159.91 Sep 28 20:26:42 s5 sshd[28345]: Failed password for invalid user deployer from 103.100.159.91 port 52112 ssh2 Sep 28 20:27:43 s5 sshd[28368]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.100.159.91 user=r.r Sep 28 20:27:45 s5 sshd[28368]: Failed password for r.r from 103.100.159.91 port 58566 ssh2 Sep 28 20:28:37 s5 sshd[28394]: pam_unix(sshd:auth): authentication failure; logname= uid=........ ------------------------------	2020-09-29 14:47:26
139.155.85.67	attackbotsspam	Invalid user qcp from 139.155.85.67 port 42058	2020-09-29 14:43:58
5.39.76.105	attackbotsspam	Sep 29 07:36:51 ourumov-web sshd\[14616\]: Invalid user odoo from 5.39.76.105 port 38008 Sep 29 07:36:51 ourumov-web sshd\[14616\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.39.76.105 Sep 29 07:36:53 ourumov-web sshd\[14616\]: Failed password for invalid user odoo from 5.39.76.105 port 38008 ssh2 ...	2020-09-29 14:58:43
163.44.149.204	attack	SSH Invalid Login	2020-09-29 15:10:36
167.71.234.29	attack	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-09-29 15:08:54
49.233.147.147	attackspambots	Sep 29 06:56:59 rush sshd[21542]: Failed password for root from 49.233.147.147 port 44970 ssh2 Sep 29 07:06:04 rush sshd[21842]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.147.147 Sep 29 07:06:05 rush sshd[21842]: Failed password for invalid user diana from 49.233.147.147 port 59690 ssh2 ...	2020-09-29 15:12:34
222.186.30.57	attackspambots	(sshd) Failed SSH login from 222.186.30.57 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 29 02:32:49 optimus sshd[14178]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.57 user=root Sep 29 02:32:49 optimus sshd[14159]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.57 user=root Sep 29 02:32:51 optimus sshd[14178]: Failed password for root from 222.186.30.57 port 42921 ssh2 Sep 29 02:32:51 optimus sshd[14159]: Failed password for root from 222.186.30.57 port 55872 ssh2 Sep 29 02:32:53 optimus sshd[14178]: Failed password for root from 222.186.30.57 port 42921 ssh2	2020-09-29 14:33:18
106.12.105.130	attackspam	Sep 29 02:50:54 mx sshd[1040388]: Failed password for root from 106.12.105.130 port 46978 ssh2 Sep 29 02:53:10 mx sshd[1040421]: Invalid user simon from 106.12.105.130 port 56364 Sep 29 02:53:10 mx sshd[1040421]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.105.130 Sep 29 02:53:10 mx sshd[1040421]: Invalid user simon from 106.12.105.130 port 56364 Sep 29 02:53:12 mx sshd[1040421]: Failed password for invalid user simon from 106.12.105.130 port 56364 ssh2 ...	2020-09-29 14:53:51
45.142.120.215	attack	Sep 29 08:14:04 host1 postfix/smtpd[22333]: warning: unknown[45.142.120.215]: SASL LOGIN authentication failed: authentication failure ...	2020-09-29 15:13:06
159.65.150.151	attackbots	DATE:2020-09-29 08:27:13,IP:159.65.150.151,MATCHES:10,PORT:ssh	2020-09-29 15:05:01
160.19.99.122	attackbots	20/9/28@16:38:41: FAIL: Alarm-Intrusion address from=160.19.99.122 ...	2020-09-29 14:40:22
111.229.75.27	attackbotsspam	Sep 29 09:28:03 NG-HHDC-SVS-001 sshd[25259]: Invalid user teamspeak from 111.229.75.27 ...	2020-09-29 15:19:47
107.151.184.138	attack	Port scan denied	2020-09-29 14:57:57
106.12.30.87	attack	Port scan denied	2020-09-29 15:14:56

Recently Reported IPs

104.131.182.181	104.131.191.119	104.131.182.50	104.131.2.152
104.131.2.159	104.131.20.232	104.131.20.179	104.131.206.23
104.131.214.218	104.131.228.136	104.131.23.217	104.131.24.100
104.131.246.51	104.131.33.240	103.205.233.70	104.131.27.91
104.131.28.8	104.131.29.86	104.131.35.224	104.131.25.47