104.131.58.99 - IPInfo

Basic Info

City: Clifton

Region: New Jersey

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.131.58.179	attack	Automatic report - XMLRPC Attack	2020-06-27 16:58:03
104.131.58.179	attack	104.131.58.179 - - \[16/May/2020:18:54:13 +0200\] "POST /wp-login.php HTTP/1.0" 200 6390 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 104.131.58.179 - - \[16/May/2020:18:54:14 +0200\] "POST /wp-login.php HTTP/1.0" 200 6359 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 104.131.58.179 - - \[16/May/2020:18:54:15 +0200\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-05-17 03:51:16
104.131.58.179	attackspam	13.05.2020 16:42:13 - Wordpress fail Detected by ELinOX-ALM	2020-05-14 02:31:38
104.131.58.179	attack	Automatic report - XMLRPC Attack	2020-04-30 15:00:31
104.131.58.179	attackbots	Automatic report - XMLRPC Attack	2020-04-27 02:38:06
104.131.58.179	attackbots	104.131.58.179 - - [26/Apr/2020:05:49:35 +0200] "GET /wp-login.php HTTP/1.1" 200 5863 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.131.58.179 - - [26/Apr/2020:05:49:37 +0200] "POST /wp-login.php HTTP/1.1" 200 6114 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.131.58.179 - - [26/Apr/2020:05:49:38 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-04-26 17:48:44
104.131.58.179	attackbotsspam	WordPress login Brute force / Web App Attack on client site.	2020-04-07 13:54:42
104.131.58.179	attackbots	104.131.58.179 - - [30/Mar/2020:05:54:39 +0200] "GET /wp-login.php HTTP/1.1" 200 5702 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.131.58.179 - - [30/Mar/2020:05:54:40 +0200] "POST /wp-login.php HTTP/1.1" 200 6601 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.131.58.179 - - [30/Mar/2020:05:54:41 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-03-30 14:33:35
104.131.58.179	attackspam	CMS (WordPress or Joomla) login attempt.	2020-03-08 14:25:42
104.131.58.179	attack	104.131.58.179 - - [28/Feb/2020:12:38:31 +0300] "POST /wp-login.php HTTP/1.1" 200 2790 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-02-28 20:02:24
104.131.58.179	attackbots	$f2bV_matches	2020-02-15 16:21:19
104.131.58.179	attackbotsspam	WordPress login Brute force / Web App Attack on client site.	2020-02-14 09:10:04
104.131.58.179	attackspambots	LGS,WP GET /2020/wp-login.php GET /2020/wp-login.php	2020-02-02 07:39:14
104.131.58.179	attackbots	104.131.58.179 - - [11/Jan/2020:14:21:09 +0000] "POST /wp-login.php HTTP/1.1" 200 6409 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.131.58.179 - - [11/Jan/2020:14:21:10 +0000] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-01-12 02:14:18
104.131.58.179	attackspam	C1,WP GET /suche/2019/wp-login.php	2019-12-23 19:14:11

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.131.58.99
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6556
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.131.58.99.			IN	A

;; AUTHORITY SECTION:
.			437	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022032801 1800 900 604800 86400

;; Query time: 16 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Mar 29 12:05:51 CST 2022
;; MSG SIZE  rcvd: 106

Host info

Host 99.58.131.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 99.58.131.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
222.233.53.132	attack	Sep 1 12:30:36 hiderm sshd\[31609\]: Invalid user dovecot from 222.233.53.132 Sep 1 12:30:36 hiderm sshd\[31609\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.233.53.132 Sep 1 12:30:39 hiderm sshd\[31609\]: Failed password for invalid user dovecot from 222.233.53.132 port 57140 ssh2 Sep 1 12:35:26 hiderm sshd\[32019\]: Invalid user ashton from 222.233.53.132 Sep 1 12:35:26 hiderm sshd\[32019\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.233.53.132	2019-09-02 06:47:04
197.248.16.118	attackspam	Sep 1 19:30:15 bouncer sshd\[10360\]: Invalid user local from 197.248.16.118 port 57594 Sep 1 19:30:15 bouncer sshd\[10360\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.248.16.118 Sep 1 19:30:18 bouncer sshd\[10360\]: Failed password for invalid user local from 197.248.16.118 port 57594 ssh2 ...	2019-09-02 07:30:20
218.215.188.167	attackspam	Sep 1 21:50:04 localhost sshd\[14337\]: Invalid user super@123 from 218.215.188.167 port 57818 Sep 1 21:50:04 localhost sshd\[14337\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.215.188.167 Sep 1 21:50:06 localhost sshd\[14337\]: Failed password for invalid user super@123 from 218.215.188.167 port 57818 ssh2 Sep 1 21:58:35 localhost sshd\[14566\]: Invalid user 123456 from 218.215.188.167 port 43394 Sep 1 21:58:35 localhost sshd\[14566\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.215.188.167 ...	2019-09-02 07:43:32
5.218.49.197	attackbots	Unauthorized connection attempt from IP address 5.218.49.197 on Port 445(SMB)	2019-09-02 06:43:02
106.52.68.59	attack	Sep 1 18:32:54 MK-Soft-VM6 sshd\[18532\]: Invalid user ftpadmin from 106.52.68.59 port 39424 Sep 1 18:32:54 MK-Soft-VM6 sshd\[18532\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.68.59 Sep 1 18:32:56 MK-Soft-VM6 sshd\[18532\]: Failed password for invalid user ftpadmin from 106.52.68.59 port 39424 ssh2 ...	2019-09-02 07:23:54
59.46.161.55	attackspambots	Sep 1 21:07:26 localhost sshd\[18850\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.46.161.55 user=backup Sep 1 21:07:29 localhost sshd\[18850\]: Failed password for backup from 59.46.161.55 port 61012 ssh2 Sep 1 21:11:13 localhost sshd\[19193\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.46.161.55 user=list	2019-09-02 07:35:42
134.209.99.27	attack	$f2bV_matches	2019-09-02 07:29:17
190.119.190.122	attack	Sep 1 23:10:51 mail sshd\[16180\]: Failed password for invalid user pop3 from 190.119.190.122 port 33348 ssh2 Sep 1 23:15:34 mail sshd\[16678\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.119.190.122 user=nagios Sep 1 23:15:36 mail sshd\[16678\]: Failed password for nagios from 190.119.190.122 port 49870 ssh2 Sep 1 23:20:20 mail sshd\[17223\]: Invalid user hammer from 190.119.190.122 port 38176 Sep 1 23:20:20 mail sshd\[17223\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.119.190.122	2019-09-02 07:28:45
85.93.56.21	attackspam	[portscan] Port scan	2019-09-02 07:42:32
110.49.70.248	attackbots	Sep 1 17:39:58 server sshd[16050]: Failed password for invalid user test3 from 110.49.70.248 port 59546 ssh2 Sep 1 18:05:20 server sshd[21951]: Failed password for invalid user frederick from 110.49.70.248 port 34318 ssh2 Sep 1 19:30:20 server sshd[54669]: Failed password for www-data from 110.49.70.248 port 33084 ssh2	2019-09-02 07:26:04
139.59.79.56	attackbotsspam	Sep 2 01:15:18 root sshd[17668]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.79.56 Sep 2 01:15:20 root sshd[17668]: Failed password for invalid user httpd from 139.59.79.56 port 47888 ssh2 Sep 2 01:23:59 root sshd[17750]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.79.56 ...	2019-09-02 07:36:43
106.12.75.175	attackbots	Sep 2 01:43:52 server sshd\[18658\]: User root from 106.12.75.175 not allowed because listed in DenyUsers Sep 2 01:43:52 server sshd\[18658\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.75.175 user=root Sep 2 01:43:54 server sshd\[18658\]: Failed password for invalid user root from 106.12.75.175 port 37532 ssh2 Sep 2 01:53:42 server sshd\[9841\]: Invalid user archiva from 106.12.75.175 port 45254 Sep 2 01:53:42 server sshd\[9841\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.75.175	2019-09-02 07:33:00
185.35.139.72	attackspambots	Sep 1 21:24:29 yabzik sshd[14341]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.35.139.72 Sep 1 21:24:31 yabzik sshd[14341]: Failed password for invalid user debian from 185.35.139.72 port 35182 ssh2 Sep 1 21:28:03 yabzik sshd[15906]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.35.139.72	2019-09-02 06:55:13
183.109.79.253	attackbots	Sep 2 01:23:27 lcl-usvr-02 sshd[8001]: Invalid user devdata from 183.109.79.253 port 62833 Sep 2 01:23:27 lcl-usvr-02 sshd[8001]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.109.79.253 Sep 2 01:23:27 lcl-usvr-02 sshd[8001]: Invalid user devdata from 183.109.79.253 port 62833 Sep 2 01:23:29 lcl-usvr-02 sshd[8001]: Failed password for invalid user devdata from 183.109.79.253 port 62833 ssh2 Sep 2 01:28:28 lcl-usvr-02 sshd[9072]: Invalid user asgbrasil from 183.109.79.253 port 62664 ...	2019-09-02 06:50:51
51.38.126.92	attackspambots	Sep 1 20:55:33 SilenceServices sshd[28869]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.126.92 Sep 1 20:55:35 SilenceServices sshd[28869]: Failed password for invalid user sandi from 51.38.126.92 port 45220 ssh2 Sep 1 20:59:15 SilenceServices sshd[31676]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.126.92	2019-09-02 07:43:08

Recently Reported IPs

104.131.58.29	104.131.63.229	104.131.66.115	104.131.83.133
104.140.108.236	104.140.12.194	104.140.159.49	104.140.63.170
104.143.45.4	104.144.105.194	104.144.125.2	104.144.128.142
104.144.129.214	104.144.139.55	104.16.201.246	104.16.201.94
104.16.203.216	104.16.215.17	104.16.216.17	104.16.225.63