104.131.22.119

Basic Info

City: Clifton

Region: New Jersey

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.131.22.18	attackbotsspam	104.131.22.18 - - [11/Sep/2020:08:16:40 +0200] "GET /wp-login.php HTTP/1.1" 200 9061 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.131.22.18 - - [11/Sep/2020:08:16:41 +0200] "POST /wp-login.php HTTP/1.1" 200 9312 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.131.22.18 - - [11/Sep/2020:08:16:43 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-12 02:55:40
104.131.22.18	attackspam	104.131.22.18 - - [11/Sep/2020:08:16:40 +0200] "GET /wp-login.php HTTP/1.1" 200 9061 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.131.22.18 - - [11/Sep/2020:08:16:41 +0200] "POST /wp-login.php HTTP/1.1" 200 9312 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.131.22.18 - - [11/Sep/2020:08:16:43 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-11 18:53:43
104.131.22.18	attack	digital ocean sponsor and attack. YAY! Jail. 104.131.22.18 - - [11/Aug/2020:12:04:27 -0400] "GET /wp-login.php HTTP/1.1" 404 809 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 0 0 "off:-:-" 197 1499	2020-08-12 03:17:00
104.131.221.38	attackbots	DigitalOcean BotNet attack - 10s of requests to non- pages - :443/app-ads.txt - typically bursts of 8 requests per second - undefined, XSS attacks UA removed	2020-04-19 20:30:57
104.131.221.118	attack	DigitalOcean BotNet attack - 10s of requests to non- pages - :443/app-ads.txt - typically bursts of 8 requests per second - undefined, XSS attacks UA removed	2020-04-17 22:45:52
104.131.221.197	attackspam	DigitalOcean BotNet attack - 10s of requests to non- pages - :443/app-ads.txt - typically bursts of 8 requests per second - undefined, XSS attacks UA removed	2020-04-17 21:18:48
104.131.222.45	attack	DigitalOcean BotNet attack - 10s of requests to non- pages - :443/app-ads.txt - typically bursts of 8 requests per second - undefined, XSS attacks UA removed	2020-04-13 19:11:03
104.131.221.38	attackspam	DigitalOcean BotNet attack - 10s of requests to non- pages - :443/app-ads.txt - typically bursts of 8 requests per second - undefined, XSS attacks UA removed	2020-04-10 23:34:18
104.131.224.81	attackspam	detected by Fail2Ban	2020-04-05 18:52:23
104.131.224.81	attack	Mar 31 01:06:53 ns381471 sshd[30702]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.224.81 Mar 31 01:06:55 ns381471 sshd[30702]: Failed password for invalid user wo from 104.131.224.81 port 41894 ssh2	2020-03-31 07:36:23
104.131.224.81	attack	Mar 30 01:01:26 vps647732 sshd[29167]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.224.81 Mar 30 01:01:28 vps647732 sshd[29167]: Failed password for invalid user hkcfpsmtp from 104.131.224.81 port 57981 ssh2 ...	2020-03-30 07:23:36
104.131.221.236	attackbots	DigitalOcean BotNet attack - 10s of requests to non-existent pages - :443/app-ads.txt - typically bursts of 8 requests per second - undefined, XSS attacks node-superagent/4.1.0	2020-03-26 23:10:31
104.131.224.81	attackspambots	SSH login attempts @ 2020-03-17 22:46:26	2020-03-22 03:34:20
104.131.221.208	attack	DigitalOcean BotNet attack - 10s of requests to non-existent pages - :443/app-ads.txt - typically bursts of 8 requests per second - undefined, XSS attacks node-superagent/4.1.0	2020-03-17 02:27:41
104.131.223.156	attackspam	DigitalOcean BotNet attack - 10s of requests to non-existent pages - :443/app-ads.txt - typically bursts of 8 requests per second - undefined, XSS attacks node-superagent/4.1.0	2020-03-12 01:48:30

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.131.22.119
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 53664
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.131.22.119.			IN	A

;; AUTHORITY SECTION:
.			497	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020122701 1800 900 604800 86400

;; Query time: 69 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Dec 28 03:01:47 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 119.22.131.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 119.22.131.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
87.66.16.6	attack	2020-02-13T05:20:38.063419 sshd[10553]: Invalid user gosc1 from 87.66.16.6 port 55752 2020-02-13T05:20:38.077877 sshd[10553]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=87.66.16.6 2020-02-13T05:20:38.063419 sshd[10553]: Invalid user gosc1 from 87.66.16.6 port 55752 2020-02-13T05:20:40.131169 sshd[10553]: Failed password for invalid user gosc1 from 87.66.16.6 port 55752 ssh2 2020-02-13T05:51:09.377530 sshd[11219]: Invalid user emerson from 87.66.16.6 port 56427 ...	2020-02-13 16:31:36
122.51.198.207	attackspambots	Feb 13 08:01:46 h1745522 sshd[14628]: Invalid user test123 from 122.51.198.207 port 36854 Feb 13 08:01:46 h1745522 sshd[14628]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.198.207 Feb 13 08:01:46 h1745522 sshd[14628]: Invalid user test123 from 122.51.198.207 port 36854 Feb 13 08:01:48 h1745522 sshd[14628]: Failed password for invalid user test123 from 122.51.198.207 port 36854 ssh2 Feb 13 08:05:52 h1745522 sshd[14714]: Invalid user csmig from 122.51.198.207 port 57502 Feb 13 08:05:52 h1745522 sshd[14714]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.198.207 Feb 13 08:05:52 h1745522 sshd[14714]: Invalid user csmig from 122.51.198.207 port 57502 Feb 13 08:05:54 h1745522 sshd[14714]: Failed password for invalid user csmig from 122.51.198.207 port 57502 ssh2 Feb 13 08:09:58 h1745522 sshd[14887]: Invalid user changeme from 122.51.198.207 port 49920 ...	2020-02-13 16:12:03
132.255.144.131	attackbotsspam	Unauthorized connection attempt detected from IP address 132.255.144.131 to port 8088	2020-02-13 15:51:51
106.13.130.66	attackbots	$f2bV_matches	2020-02-13 16:04:35
167.99.164.64	attackbots	st-nyc1-01 recorded 3 login violations from 167.99.164.64 and was blocked at 2020-02-13 08:22:40. 167.99.164.64 has been blocked on 16 previous occasions. 167.99.164.64's first attempt was recorded at 2020-02-13 03:35:42	2020-02-13 16:25:44
14.161.46.114	attackspam	IMAP brute force ...	2020-02-13 16:14:31
124.67.40.43	attack	Automatic report - Port Scan Attack	2020-02-13 16:15:22
139.59.238.14	attack	SSH bruteforce	2020-02-13 16:27:47
80.82.65.82	attackbots	02/13/2020-08:59:10.501132 80.82.65.82 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-02-13 16:14:53
106.13.103.128	attackspam	Feb 13 08:58:37 MK-Soft-VM8 sshd[15723]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.103.128 Feb 13 08:58:40 MK-Soft-VM8 sshd[15723]: Failed password for invalid user saport from 106.13.103.128 port 58822 ssh2 ...	2020-02-13 16:02:56
200.160.121.97	attack	Feb 13 09:28:28 vmanager6029 sshd\[25851\]: Invalid user sayama from 200.160.121.97 port 31583 Feb 13 09:28:28 vmanager6029 sshd\[25851\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.160.121.97 Feb 13 09:28:30 vmanager6029 sshd\[25851\]: Failed password for invalid user sayama from 200.160.121.97 port 31583 ssh2	2020-02-13 16:30:10
218.78.166.161	attack	Cluster member 10.133.13.87 (-) said, DENY 218.78.166.161, Reason:[Port Scan detected from 218.78.166.161 (CN/China/161.166.78.218.dial.xw.sh.dynamic.163data.com.cn). 7 hits in the last 56 seconds]	2020-02-13 16:20:14
129.204.109.154	attack	Feb 13 03:05:39 plusreed sshd[23154]: Invalid user jboss from 129.204.109.154 ...	2020-02-13 16:17:16
51.75.195.222	attackbots	Feb 12 23:52:07 plusreed sshd[4583]: Invalid user fhttpadmin from 51.75.195.222 ...	2020-02-13 15:48:16
140.143.196.66	attackbotsspam	Feb 12 11:34:23 server sshd\[26903\]: Invalid user ruehl from 140.143.196.66 Feb 12 11:34:23 server sshd\[26903\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.196.66 Feb 12 11:34:26 server sshd\[26903\]: Failed password for invalid user ruehl from 140.143.196.66 port 39120 ssh2 Feb 13 08:38:28 server sshd\[31473\]: Invalid user rosana from 140.143.196.66 Feb 13 08:38:28 server sshd\[31473\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.196.66 ...	2020-02-13 15:57:58

Recently Reported IPs

45.15.143.155	78.216.152.143	189.171.121.231	201.175.211.42
168.197.153.239	31.163.151.88	85.193.114.230	52.188.110.62
13.66.139.69	89.72.128.118	99.236.237.165	70.55.158.118
216.18.204.216	24.114.60.87	207.81.163.75	85.203.22.234
135.181.145.128	186.33.114.152	186.33.114.180	108.49.158.109