104.22.54.115 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.22.54.115
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33920
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.22.54.115.			IN	A

;; AUTHORITY SECTION:
.			521	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022201 1800 900 604800 86400

;; Query time: 64 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Feb 23 04:11:59 CST 2022
;; MSG SIZE  rcvd: 106

Host info

Host 115.54.22.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 115.54.22.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
167.114.86.88	attackspam	[Wed Nov 13 21:49:16.520737 2019] [:error] [pid 12300:tid 140421355181824] [client 167.114.86.88:62519] [client 167.114.86.88] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "python-requests" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-913-SCANNER-DETECTION.conf"] [line "147"] [id "913101"] [msg "Found User-Agent associated with scripting/generic HTTP client"] [data "Matched Data: python-requests found within REQUEST_HEADERS:User-Agent: python-requests/2.22.0"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-reputation-scripting"] [tag "OWASP_CRS"] [tag "OWASP_CRS/AUTOMATION/SCRIPTING"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [tag "paranoia-level/2"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/wso.php"] [unique_id "XcwX7B24SvWzdCAfTVgLewAAABY"] ...	2019-11-14 01:16:18
222.186.175.212	attack	$f2bV_matches	2019-11-14 01:01:45
80.211.129.148	attack	Nov 13 17:11:08 ns41 sshd[8074]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.129.148	2019-11-14 01:12:35
222.186.175.169	attack	Nov 13 17:54:34 h2177944 sshd\[32089\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.169 user=root Nov 13 17:54:36 h2177944 sshd\[32089\]: Failed password for root from 222.186.175.169 port 54058 ssh2 Nov 13 17:54:40 h2177944 sshd\[32089\]: Failed password for root from 222.186.175.169 port 54058 ssh2 Nov 13 17:54:43 h2177944 sshd\[32089\]: Failed password for root from 222.186.175.169 port 54058 ssh2 ...	2019-11-14 01:15:29
220.133.129.5	attackbotsspam	Telnet/23 MH Probe, BF, Hack -	2019-11-14 01:02:37
115.48.129.202	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2019-11-14 00:49:28
222.186.175.167	attackspambots	" "	2019-11-14 01:07:21
198.20.103.242	attackbots	Connection by 198.20.103.242 on port: 1723 got caught by honeypot at 11/13/2019 1:49:45 PM	2019-11-14 01:00:25
129.28.177.29	attackspambots	Nov 13 16:43:34 hcbbdb sshd\[1167\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.28.177.29 user=bin Nov 13 16:43:37 hcbbdb sshd\[1167\]: Failed password for bin from 129.28.177.29 port 56966 ssh2 Nov 13 16:49:52 hcbbdb sshd\[1858\]: Invalid user sidliu from 129.28.177.29 Nov 13 16:49:52 hcbbdb sshd\[1858\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.28.177.29 Nov 13 16:49:55 hcbbdb sshd\[1858\]: Failed password for invalid user sidliu from 129.28.177.29 port 36858 ssh2	2019-11-14 01:09:26
223.16.210.94	attackspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/223.16.210.94/ HK - 1H : (13) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : HK NAME ASN : ASN18116 IP : 223.16.210.94 CIDR : 223.16.192.0/18 PREFIX COUNT : 26 UNIQUE IP COUNT : 195840 ATTACKS DETECTED ASN18116 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 DateTime : 2019-11-13 16:47:30 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-11-14 00:53:10
180.215.208.156	attack	Fail2Ban Ban Triggered	2019-11-14 01:21:15
79.172.214.169	attack	Nov 13 17:03:09 taivassalofi sshd[87290]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.172.214.169 Nov 13 17:03:11 taivassalofi sshd[87290]: Failed password for invalid user zantis from 79.172.214.169 port 47919 ssh2 ...	2019-11-14 00:41:00
115.159.96.160	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-11-14 01:04:35
51.158.148.5	attackbotsspam	Nov 13 16:52:47 MK-Soft-VM3 sshd[29188]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.158.148.5 Nov 13 16:52:49 MK-Soft-VM3 sshd[29188]: Failed password for invalid user brain from 51.158.148.5 port 51144 ssh2 ...	2019-11-14 00:53:36
45.79.48.151	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-11-14 00:45:58

Recently Reported IPs

104.22.53.198	104.22.54.133	104.22.54.158	104.22.54.185
104.22.54.187	104.22.54.196	95.61.68.244	104.22.54.64
104.22.54.69	104.22.55.115	104.22.55.133	104.22.55.157
104.22.55.158	104.22.55.185	104.22.55.187	104.22.55.196
104.22.55.64	104.22.55.69	104.22.56.117	104.22.56.120