104.130.127.58

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: Rackspace Inc.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	104.130.127.58 - - [07/Aug/2020:05:42:07 +0100] "POST /wp-login.php HTTP/1.1" 200 1960 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.130.127.58 - - [07/Aug/2020:05:42:09 +0100] "POST /wp-login.php HTTP/1.1" 200 1927 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.130.127.58 - - [07/Aug/2020:05:42:09 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-07 13:05:29

Type

Details

Datetime

attackspam

104.130.127.58 - - [07/Aug/2020:05:42:07 +0100] "POST /wp-login.php HTTP/1.1" 200 1960 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
104.130.127.58 - - [07/Aug/2020:05:42:09 +0100] "POST /wp-login.php HTTP/1.1" 200 1927 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
104.130.127.58 - - [07/Aug/2020:05:42:09 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
...

2020-08-07 13:05:29

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.130.127.58
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29943
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.130.127.58.			IN	A

;; AUTHORITY SECTION:
.			482	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020080604 1800 900 604800 86400

;; Query time: 27 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Aug 07 13:05:24 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 58.127.130.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 58.127.130.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
122.49.216.108	attackbots	Dec 17 22:05:07 relay postfix/smtpd\[29773\]: warning: unknown\[122.49.216.108\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 17 22:06:10 relay postfix/smtpd\[25460\]: warning: unknown\[122.49.216.108\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 17 22:06:41 relay postfix/smtpd\[25460\]: warning: unknown\[122.49.216.108\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 17 22:22:59 relay postfix/smtpd\[29773\]: warning: unknown\[122.49.216.108\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 17 22:23:11 relay postfix/smtpd\[343\]: warning: unknown\[122.49.216.108\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-12-18 05:36:14
89.179.246.46	attackbots	$f2bV_matches	2019-12-18 05:29:08
222.255.115.237	attackspambots	Dec 17 11:25:11 web1 sshd\[32054\]: Invalid user squid from 222.255.115.237 Dec 17 11:25:11 web1 sshd\[32054\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.255.115.237 Dec 17 11:25:14 web1 sshd\[32054\]: Failed password for invalid user squid from 222.255.115.237 port 43154 ssh2 Dec 17 11:31:51 web1 sshd\[303\]: Invalid user ssh from 222.255.115.237 Dec 17 11:31:51 web1 sshd\[303\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.255.115.237	2019-12-18 05:58:16
213.217.5.23	attackspambots	k+ssh-bruteforce	2019-12-18 05:48:45
106.12.24.170	attackbots	Unauthorized connection attempt detected from IP address 106.12.24.170 to port 22	2019-12-18 05:57:26
101.79.62.143	attack	SSH login attempts.	2019-12-18 05:52:29
36.67.226.223	attackspambots	Dec 17 22:44:11 vps647732 sshd[22985]: Failed password for root from 36.67.226.223 port 59286 ssh2 ...	2019-12-18 06:01:05
141.98.80.124	attackspambots	Dec 17 22:16:48 mail postfix/smtpd[25521]: warning: unknown[141.98.80.124]: SASL PLAIN authentication failed: Dec 17 22:16:48 mail postfix/smtpd[25576]: warning: unknown[141.98.80.124]: SASL PLAIN authentication failed: Dec 17 22:16:48 mail postfix/smtpd[25552]: warning: unknown[141.98.80.124]: SASL PLAIN authentication failed: Dec 17 22:16:48 mail postfix/smtpd[25588]: warning: unknown[141.98.80.124]: SASL PLAIN authentication failed: Dec 17 22:16:48 mail postfix/smtpd[25566]: warning: unknown[141.98.80.124]: SASL PLAIN authentication failed: Dec 17 22:16:48 mail postfix/smtpd[20974]: warning: unknown[141.98.80.124]: SASL PLAIN authentication failed:	2019-12-18 05:38:14
80.66.146.84	attackspambots	Dec 17 11:51:14 web1 sshd\[2630\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.66.146.84 user=root Dec 17 11:51:16 web1 sshd\[2630\]: Failed password for root from 80.66.146.84 port 58508 ssh2 Dec 17 11:56:56 web1 sshd\[3210\]: Invalid user zeke from 80.66.146.84 Dec 17 11:56:56 web1 sshd\[3210\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.66.146.84 Dec 17 11:56:58 web1 sshd\[3210\]: Failed password for invalid user zeke from 80.66.146.84 port 38138 ssh2	2019-12-18 06:08:24
67.205.138.198	attackspambots	$f2bV_matches	2019-12-18 05:32:04
40.92.5.80	attack	Dec 17 20:19:47 debian-2gb-vpn-nbg1-1 kernel: [981554.129176] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:38:96:44:d2:74:7f:6e:37:e3:08:00 SRC=40.92.5.80 DST=78.46.192.101 LEN=48 TOS=0x00 PREC=0x00 TTL=104 ID=2483 DF PROTO=TCP SPT=6845 DPT=25 WINDOW=8192 RES=0x00 SYN URGP=0	2019-12-18 06:05:28
109.124.65.86	attackbotsspam	Invalid user jegen from 109.124.65.86 port 58627	2019-12-18 05:39:14
40.92.5.100	attackspam	Dec 17 17:19:27 debian-2gb-vpn-nbg1-1 kernel: [970734.596850] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:38:96:44:d2:74:7f:6e:37:e3:08:00 SRC=40.92.5.100 DST=78.46.192.101 LEN=48 TOS=0x00 PREC=0x00 TTL=104 ID=25198 DF PROTO=TCP SPT=63815 DPT=25 WINDOW=8192 RES=0x00 SYN URGP=0	2019-12-18 05:49:47
106.13.84.25	attack	Dec 17 08:14:17 kapalua sshd\[23093\]: Invalid user ubnt from 106.13.84.25 Dec 17 08:14:17 kapalua sshd\[23093\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.84.25 Dec 17 08:14:19 kapalua sshd\[23093\]: Failed password for invalid user ubnt from 106.13.84.25 port 42982 ssh2 Dec 17 08:21:44 kapalua sshd\[23781\]: Invalid user Dex2017 from 106.13.84.25 Dec 17 08:21:44 kapalua sshd\[23781\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.84.25	2019-12-18 05:43:03
185.53.88.98	attackbots	Port scan detected on ports: 1024[UDP], 1025[UDP], 1026[UDP]	2019-12-18 06:06:29

Recently Reported IPs

56.150.62.87	76.77.25.88	173.212.205.123	180.149.125.153
197.253.124.204	185.153.199.185	36.72.218.42	223.149.185.24
71.94.242.84	37.221.79.90	171.6.114.5	53.20.219.126
184.179.64.141	36.69.187.185	220.136.148.32	203.81.88.226
171.244.38.118	110.77.149.76	118.129.196.28	192.198.80.246