104.131.21.208

Basic Info

City: unknown

Region: unknown

Country: None

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.131.21.222	attackbots	firewall-block, port(s): 8088/tcp	2020-10-09 08:00:34
104.131.21.222	attackspambots	" "	2020-10-09 00:35:21
104.131.21.222	attack	[portscan] tcp/22 [SSH] in blocklist.de:'listed [ssh]' *(RWIN=65535)(10080947)	2020-10-08 16:32:07
104.131.218.208	attackspam	Jun 7 17:40:07 *** sshd[29360]: User root from 104.131.218.208 not allowed because not listed in AllowUsers	2020-06-08 01:45:15
104.131.217.93	attackbots	DigitalOcean BotNet attack - 10s of requests to non- pages - :443/app-ads.txt - typically bursts of 8 requests per second - undefined, XSS attacks UA removed	2020-04-20 02:50:09
104.131.216.62	attackspam	DigitalOcean BotNet attack - 10s of requests to non- pages - :443/app-ads.txt - typically bursts of 8 requests per second - undefined, XSS attacks UA removed	2020-04-20 01:53:27
104.131.217.56	attackbots	DigitalOcean BotNet attack - 10s of requests to non- pages - :443/app-ads.txt - typically bursts of 8 requests per second - undefined, XSS attacks UA removed	2020-04-19 22:32:17
104.131.217.66	attackspambots	DigitalOcean BotNet attack - 10s of requests to non- pages - :443/app-ads.txt - typically bursts of 8 requests per second - undefined, XSS attacks UA removed	2020-04-18 02:34:37
104.131.217.187	attackspambots	DigitalOcean BotNet attack - 10s of requests to non- pages - :443/app-ads.txt - typically bursts of 8 requests per second - undefined, XSS attacks UA removed	2020-04-18 02:18:07
104.131.216.136	attack	DigitalOcean BotNet attack - 10s of requests to non- pages - :443/app-ads.txt - typically bursts of 8 requests per second - undefined, XSS attacks UA removed	2020-04-17 20:36:08
104.131.218.29	attackbotsspam	DigitalOcean BotNet attack - 10s of requests to non- pages - :443/app-ads.txt - typically bursts of 8 requests per second - undefined, XSS attacks UA removed	2020-04-05 05:08:47
104.131.215.120	attackspambots	DigitalOcean BotNet attack - 10s of requests to non- pages - :443/app-ads.txt - typically bursts of 8 requests per second - undefined, XSS attacks UA removed	2020-04-05 04:42:26
104.131.219.124	attackbotsspam	DigitalOcean BotNet attack - 10s of requests to non- pages - :443/app-ads.txt - typically bursts of 8 requests per second - undefined, XSS attacks UA removed	2020-04-05 03:09:17
104.131.217.43	attackbots	DigitalOcean BotNet attack - 10s of requests to non- pages - :443/app-ads.txt - typically bursts of 8 requests per second - undefined, XSS attacks UA removed	2020-03-30 03:04:08
104.131.216.33	attackbots	DigitalOcean BotNet attack - 10s of requests to non- pages - :443/app-ads.txt - typically bursts of 8 requests per second - undefined, XSS attacks UA removed	2020-03-30 01:38:07

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.131.21.208
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 35501
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.131.21.208.			IN	A

;; AUTHORITY SECTION:
.			439	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022000 1800 900 604800 86400

;; Query time: 16 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 20 19:13:37 CST 2022
;; MSG SIZE  rcvd: 107

Host info

208.21.131.104.in-addr.arpa domain name pointer offscreenmag.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
208.21.131.104.in-addr.arpa	name = offscreenmag.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
222.186.52.124	attackspam	Jul 31 01:11:31 * sshd[28299]: Failed password for root from 222.186.52.124 port 12446 ssh2 Jul 31 01:11:33 * sshd[28299]: Failed password for root from 222.186.52.124 port 12446 ssh2	2019-07-31 07:11:47
177.38.194.222	attack	dovecot jail - smtp auth [ma]	2019-07-31 06:56:01
177.141.198.149	attackspambots	Jul 31 00:37:48 OPSO sshd\[2173\]: Invalid user geraldo from 177.141.198.149 port 53650 Jul 31 00:37:48 OPSO sshd\[2173\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.141.198.149 Jul 31 00:37:51 OPSO sshd\[2173\]: Failed password for invalid user geraldo from 177.141.198.149 port 53650 ssh2 Jul 31 00:43:31 OPSO sshd\[2840\]: Invalid user iptv from 177.141.198.149 port 48742 Jul 31 00:43:31 OPSO sshd\[2840\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.141.198.149	2019-07-31 07:14:57
186.31.37.203	attackspambots	Jul 31 01:40:37 site3 sshd\[111090\]: Invalid user plesk from 186.31.37.203 Jul 31 01:40:37 site3 sshd\[111090\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.31.37.203 Jul 31 01:40:39 site3 sshd\[111090\]: Failed password for invalid user plesk from 186.31.37.203 port 32777 ssh2 Jul 31 01:45:39 site3 sshd\[111178\]: Invalid user loop from 186.31.37.203 Jul 31 01:45:39 site3 sshd\[111178\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.31.37.203 ...	2019-07-31 06:52:18
111.241.98.30	attackbots	Jul 31 07:55:00 our-server-hostname postfix/smtpd[4740]: connect from unknown[111.241.98.30] Jul x@x Jul 31 07:55:03 our-server-hostname postfix/smtpd[4740]: lost connection after RCPT from unknown[111.241.98.30] Jul 31 07:55:03 our-server-hostname postfix/smtpd[4740]: disconnect from unknown[111.241.98.30] Jul 31 08:11:27 our-server-hostname postfix/smtpd[9244]: connect from unknown[111.241.98.30] Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=111.241.98.30	2019-07-31 06:47:00
217.11.67.194	attack	Jul 30 13:36:51 shared10 sshd[26875]: Did not receive identification string from 217.11.67.194 Jul 30 13:45:15 shared10 sshd[28852]: Invalid user thostname0nich from 217.11.67.194 Jul 30 13:45:31 shared10 sshd[28852]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.11.67.194 Jul 30 13:45:34 shared10 sshd[28852]: Failed password for invalid user thostname0nich from 217.11.67.194 port 55167 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=217.11.67.194	2019-07-31 06:35:25
51.83.76.139	attackspambots	Jul 31 00:44:23 MainVPS sshd[26925]: Invalid user cisco from 51.83.76.139 port 33440 Jul 31 00:44:23 MainVPS sshd[26925]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.76.139 Jul 31 00:44:23 MainVPS sshd[26925]: Invalid user cisco from 51.83.76.139 port 33440 Jul 31 00:44:26 MainVPS sshd[26925]: Failed password for invalid user cisco from 51.83.76.139 port 33440 ssh2 Jul 31 00:44:23 MainVPS sshd[26925]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.76.139 Jul 31 00:44:23 MainVPS sshd[26925]: Invalid user cisco from 51.83.76.139 port 33440 Jul 31 00:44:26 MainVPS sshd[26925]: Failed password for invalid user cisco from 51.83.76.139 port 33440 ssh2 Jul 31 00:44:26 MainVPS sshd[26925]: Disconnecting invalid user cisco 51.83.76.139 port 33440: Change of username or service not allowed: (cisco,ssh-connection) -> (c-comatic,ssh-connection) [preauth] ...	2019-07-31 06:57:13
220.225.126.55	attackspam	Jul 31 00:15:24 fr01 sshd[24934]: Invalid user final from 220.225.126.55 Jul 31 00:15:24 fr01 sshd[24934]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.225.126.55 Jul 31 00:15:24 fr01 sshd[24934]: Invalid user final from 220.225.126.55 Jul 31 00:15:27 fr01 sshd[24934]: Failed password for invalid user final from 220.225.126.55 port 49210 ssh2 Jul 31 00:44:38 fr01 sshd[29822]: Invalid user ame from 220.225.126.55 ...	2019-07-31 06:54:12
63.83.73.168	attackbotsspam	Autoban 63.83.73.168 AUTH/CONNECT	2019-07-31 06:47:50
188.19.116.226	attackspam	TCP port 445 (SMB) attempt blocked by firewall. [2019-07-30 14:04:31]	2019-07-31 06:27:22
208.54.4.152	attackspambots	Chat Spam	2019-07-31 07:12:33
103.3.226.166	attack	Jul 31 00:44:53 MK-Soft-Root2 sshd\[28610\]: Invalid user aecpro from 103.3.226.166 port 45321 Jul 31 00:44:53 MK-Soft-Root2 sshd\[28610\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.3.226.166 Jul 31 00:44:55 MK-Soft-Root2 sshd\[28610\]: Failed password for invalid user aecpro from 103.3.226.166 port 45321 ssh2 ...	2019-07-31 06:48:10
220.84.17.195	attackspam	2323/tcp [2019-07-30]1pkt	2019-07-31 06:43:19
185.220.101.45	attackspambots	0,94-02/03 [bc01/m18] concatform PostRequest-Spammer scoring: maputo01_x2b	2019-07-31 06:56:21
195.159.103.189	attackbots	Jul 31 00:58:45 localhost sshd\[900\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.159.103.189 user=root Jul 31 00:58:47 localhost sshd\[900\]: Failed password for root from 195.159.103.189 port 39982 ssh2 Jul 31 01:05:11 localhost sshd\[1313\]: Invalid user tester from 195.159.103.189 Jul 31 01:05:11 localhost sshd\[1313\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.159.103.189 Jul 31 01:05:13 localhost sshd\[1313\]: Failed password for invalid user tester from 195.159.103.189 port 35192 ssh2 ...	2019-07-31 07:06:16

Recently Reported IPs

104.131.200.142	104.131.210.233	104.131.214.106	104.131.222.197
104.131.23.172	104.131.28.139	104.131.33.243	104.131.34.89
104.131.38.170	104.131.39.149	104.131.45.155	104.131.52.220
104.131.54.49	176.169.156.33	104.131.57.249	104.131.58.254
104.131.60.237	104.131.62.146	104.131.63.205	104.131.67.224