104.131.81.199

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.131.81.54	attackbots	104.131.81.54 - - [21/Sep/2020:11:08:30 +0100] "POST /wp-login.php HTTP/1.1" 200 2426 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.131.81.54 - - [21/Sep/2020:11:08:31 +0100] "POST /wp-login.php HTTP/1.1" 200 2407 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.131.81.54 - - [21/Sep/2020:11:08:31 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-21 18:13:47
104.131.81.133	attackspambots	$f2bV_matches	2020-08-20 02:53:58
104.131.81.133	attack	>30 unauthorized SSH connections	2020-08-19 15:12:52
104.131.81.133	attack	Aug 18 20:46:00 vlre-nyc-1 sshd\[1684\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.81.133 user=root Aug 18 20:46:02 vlre-nyc-1 sshd\[1684\]: Failed password for root from 104.131.81.133 port 51798 ssh2 Aug 18 20:46:20 vlre-nyc-1 sshd\[1700\]: Invalid user oracle from 104.131.81.133 Aug 18 20:46:20 vlre-nyc-1 sshd\[1700\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.81.133 Aug 18 20:46:22 vlre-nyc-1 sshd\[1700\]: Failed password for invalid user oracle from 104.131.81.133 port 43528 ssh2 ...	2020-08-19 05:24:18
104.131.81.54	attackbots	104.131.81.54 - - [08/Aug/2020:05:35:02 +0100] "POST /wp-login.php HTTP/1.1" 200 2080 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.131.81.54 - - [08/Aug/2020:05:35:04 +0100] "POST /wp-login.php HTTP/1.1" 200 2059 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.131.81.54 - - [08/Aug/2020:05:35:05 +0100] "POST /wp-login.php HTTP/1.1" 200 2061 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-08 13:07:24
104.131.81.54	attackbotsspam	C1,WP POST /suche/wp-login.php	2020-07-29 14:59:07
104.131.81.54	attack	104.131.81.54 - - [20/Jul/2020:06:03:51 +0200] "GET /wp-login.php HTTP/1.1" 200 6310 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.131.81.54 - - [20/Jul/2020:06:03:52 +0200] "POST /wp-login.php HTTP/1.1" 200 6561 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.131.81.54 - - [20/Jul/2020:06:03:53 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-07-20 12:13:01
104.131.81.54	attackspambots	techno.ws 104.131.81.54 [07/Jul/2020:09:13:30 +0200] "POST /wp-login.php HTTP/1.1" 200 5898 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" techno.ws 104.131.81.54 [07/Jul/2020:09:13:31 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4036 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-07-07 17:18:03
104.131.81.54	attackbots	WordPress login Brute force / Web App Attack on client site.	2019-11-28 13:16:52
104.131.81.54	attack	Wordpress bruteforce	2019-11-18 05:48:51
104.131.81.54	attack	WordPress XMLRPC scan :: 104.131.81.54 0.320 - [04/Nov/2019:06:38:58 0000] [censored_1] "POST /xmlrpc.php HTTP/1.1" 200 236 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "HTTP/1.1"	2019-11-04 14:53:30
104.131.81.54	attack	WordPress login Brute force / Web App Attack on client site.	2019-10-24 13:09:26

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.131.81.199
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 49542
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.131.81.199.			IN	A

;; AUTHORITY SECTION:
.			599	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022800 1800 900 604800 86400

;; Query time: 69 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 28 16:00:15 CST 2022
;; MSG SIZE  rcvd: 107

Host info

Host 199.81.131.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 199.81.131.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
31.193.125.236	attackbotsspam	Unauthorized connection attempt from IP address 31.193.125.236 on Port 445(SMB)	2019-07-14 21:55:42
218.106.121.18	attackspambots	2019-07-12T15:55:32.038235game.arvenenaske.de sshd[44418]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.106.121.18 user=r.r 2019-07-12T15:55:34.035818game.arvenenaske.de sshd[44418]: Failed password for r.r from 218.106.121.18 port 57844 ssh2 2019-07-12T15:55:35.871357game.arvenenaske.de sshd[44420]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.106.121.18 user=r.r 2019-07-12T15:55:37.612940game.arvenenaske.de sshd[44420]: Failed password for r.r from 218.106.121.18 port 60178 ssh2 2019-07-12T15:55:39.742643game.arvenenaske.de sshd[44424]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.106.121.18 user=r.r 2019-07-12T15:55:42.035943game.arvenenaske.de sshd[44424]: Failed password for r.r from 218.106.121.18 port 34266 ssh2 2019-07-12T15:55:45.693505game.arvenenaske.de sshd[44426]: pam_unix(sshd:auth): authentication failure; logname=........ ------------------------------	2019-07-14 22:39:55
123.207.167.233	attackspambots	Jul 14 13:39:47 MK-Soft-VM5 sshd\[14026\]: Invalid user axente from 123.207.167.233 port 60930 Jul 14 13:39:47 MK-Soft-VM5 sshd\[14026\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.167.233 Jul 14 13:39:49 MK-Soft-VM5 sshd\[14026\]: Failed password for invalid user axente from 123.207.167.233 port 60930 ssh2 ...	2019-07-14 21:59:05
108.61.202.67	attack	firewall-block, port(s): 11035/tcp, 15299/tcp, 15757/tcp	2019-07-14 22:51:15
201.46.62.180	attack	failed_logins	2019-07-14 21:52:11
120.132.105.173	attackbots	Jul 14 16:03:21 meumeu sshd[16069]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.132.105.173 Jul 14 16:03:23 meumeu sshd[16069]: Failed password for invalid user zorin from 120.132.105.173 port 34588 ssh2 Jul 14 16:10:57 meumeu sshd[17394]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.132.105.173 ...	2019-07-14 22:19:06
218.92.0.137	attack	Jul 14 15:53:39 fr01 sshd[22501]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.137 user=root Jul 14 15:53:41 fr01 sshd[22501]: Failed password for root from 218.92.0.137 port 29304 ssh2 Jul 14 15:53:43 fr01 sshd[22501]: Failed password for root from 218.92.0.137 port 29304 ssh2 Jul 14 15:53:39 fr01 sshd[22501]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.137 user=root Jul 14 15:53:41 fr01 sshd[22501]: Failed password for root from 218.92.0.137 port 29304 ssh2 Jul 14 15:53:43 fr01 sshd[22501]: Failed password for root from 218.92.0.137 port 29304 ssh2 Jul 14 15:53:39 fr01 sshd[22501]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.137 user=root Jul 14 15:53:41 fr01 sshd[22501]: Failed password for root from 218.92.0.137 port 29304 ssh2 Jul 14 15:53:43 fr01 sshd[22501]: Failed password for root from 218.92.0.137 port 29304 ssh2 Jul 14 15:53:47 fr01 sshd[22	2019-07-14 22:29:05
36.90.153.104	attack	Unauthorized connection attempt from IP address 36.90.153.104 on Port 445(SMB)	2019-07-14 21:52:39
137.74.112.125	attackbots	Jul 14 15:52:35 SilenceServices sshd[25226]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=137.74.112.125 Jul 14 15:52:37 SilenceServices sshd[25226]: Failed password for invalid user tomcat from 137.74.112.125 port 51490 ssh2 Jul 14 15:57:20 SilenceServices sshd[30132]: Failed password for bin from 137.74.112.125 port 50790 ssh2	2019-07-14 22:02:01
119.29.196.109	attackspam	ThinkPHP Remote Code Execution Vulnerability	2019-07-14 22:32:53
185.234.218.251	attackbotsspam	Rude login attack (84 tries in 1d)	2019-07-14 22:00:18
201.48.233.194	attackspambots	Invalid user red5 from 201.48.233.194 port 47729 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.48.233.194 Failed password for invalid user red5 from 201.48.233.194 port 47729 ssh2 Invalid user stefano from 201.48.233.194 port 62007 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.48.233.194	2019-07-14 22:46:11
216.218.206.122	attack	30005/tcp 4786/tcp 8080/tcp... [2019-05-14/07-13]30pkt,14pt.(tcp),1pt.(udp)	2019-07-14 22:29:34
162.243.136.230	attack	Invalid user long from 162.243.136.230 port 60804 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.136.230 Failed password for invalid user long from 162.243.136.230 port 60804 ssh2 Invalid user secure from 162.243.136.230 port 45088 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.136.230	2019-07-14 22:56:29
124.116.217.85	attackbotsspam	FTP/21 MH Probe, BF, Hack -	2019-07-14 22:32:17

Recently Reported IPs

104.131.79.62	104.131.72.61	104.131.82.30	104.131.83.0
104.131.74.159	104.131.75.86	104.131.83.103	104.131.84.22
104.131.87.21	104.131.87.28	104.131.88.213	104.131.89.97
104.131.91.117	104.131.88.203	104.131.89.106	104.131.92.176
104.131.92.77	104.139.69.121	104.139.69.193	104.139.69.37