104.131.74.21 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: None

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.131.74.131	attack	Scanning for exploits - /.env	2020-10-08 05:49:08
104.131.74.131	attackspam	(mod_security) mod_security (id:210492) triggered by 104.131.74.131 (US/United States/-): 5 in the last 3600 secs	2020-10-07 14:05:03
104.131.74.38	attackbots	10s of requests to none existent pages - :443/app-ads.txt - typically bursts of 8 requests per second - undefined node-superagent/4.1.0	2019-07-20 19:52:13

Type

Details

Datetime

104.131.74.131

attack

Scanning for exploits - /.env

2020-10-08 05:49:08

104.131.74.131

attackspam

(mod_security) mod_security (id:210492) triggered by 104.131.74.131 (US/United States/-): 5 in the last 3600 secs

2020-10-07 14:05:03

104.131.74.38

attackbots

10s of requests to none existent pages - :443/app-ads.txt - typically bursts of 8 requests per second - undefined
node-superagent/4.1.0

2019-07-20 19:52:13

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.131.74.21
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 47531
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.131.74.21.			IN	A

;; AUTHORITY SECTION:
.			68	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022031100 1800 900 604800 86400

;; Query time: 17 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Mar 11 18:03:54 CST 2022
;; MSG SIZE  rcvd: 106

Host info

Host 21.74.131.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 21.74.131.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
180.109.1.53	attackspambots	Nov 25 01:12:18 eola postfix/smtpd[8744]: connect from unknown[180.109.1.53] Nov 25 01:12:19 eola postfix/smtpd[8740]: connect from unknown[180.109.1.53] Nov 25 01:12:22 eola postfix/smtpd[8740]: lost connection after AUTH from unknown[180.109.1.53] Nov 25 01:12:22 eola postfix/smtpd[8740]: disconnect from unknown[180.109.1.53] ehlo=1 auth=0/1 commands=1/2 Nov 25 01:12:24 eola postfix/smtpd[8740]: connect from unknown[180.109.1.53] Nov 25 01:12:31 eola postfix/smtpd[8740]: lost connection after AUTH from unknown[180.109.1.53] Nov 25 01:12:31 eola postfix/smtpd[8740]: disconnect from unknown[180.109.1.53] ehlo=1 auth=0/1 commands=1/2 Nov 25 01:12:32 eola postfix/smtpd[8740]: connect from unknown[180.109.1.53] Nov 25 01:12:37 eola postfix/smtpd[8740]: lost connection after AUTH from unknown[180.109.1.53] Nov 25 01:12:37 eola postfix/smtpd[8740]: disconnect from unknown[180.109.1.53] ehlo=1 auth=0/1 commands=1/2 Nov 25 01:12:37 eola postfix/smtpd[8740]: connect from unknow........ -------------------------------	2019-11-25 20:46:07
123.20.94.43	attackspam	Nov 25 16:33:10 our-server-hostname postfix/smtpd[23502]: connect from unknown[123.20.94.43] Nov x@x Nov x@x Nov x@x Nov x@x Nov x@x Nov x@x Nov x@x Nov x@x Nov x@x Nov x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=123.20.94.43	2019-11-25 20:40:54
188.166.158.153	attackspambots	Automatic report - XMLRPC Attack	2019-11-25 21:03:51
63.142.215.228	attackbots	Attempt to attack host OS, exploiting network vulnerabilities, on 25-11-2019 06:20:35.	2019-11-25 21:18:41
82.102.22.210	attackspambots	82.102.22.210 was recorded 5 times by 1 hosts attempting to connect to the following ports: 51413. Incident counter (4h, 24h, all-time): 5, 5, 5	2019-11-25 20:44:19
212.64.29.199	attackbotsspam	Nov 25 10:37:11 www sshd\[65490\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.29.199 user=root Nov 25 10:37:14 www sshd\[65490\]: Failed password for root from 212.64.29.199 port 50592 ssh2 Nov 25 10:44:15 www sshd\[701\]: Invalid user rc from 212.64.29.199 Nov 25 10:44:15 www sshd\[701\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.29.199 ...	2019-11-25 20:39:48
193.112.44.102	attackbots	Nov 25 07:21:47 localhost sshd\[11030\]: Invalid user hung from 193.112.44.102 port 52640 Nov 25 07:21:47 localhost sshd\[11030\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.44.102 Nov 25 07:21:49 localhost sshd\[11030\]: Failed password for invalid user hung from 193.112.44.102 port 52640 ssh2	2019-11-25 20:36:24
64.68.229.166	attackbotsspam	Unauthorised access (Nov 25) SRC=64.68.229.166 LEN=40 TOS=0x10 PREC=0x40 TTL=53 ID=39275 TCP DPT=8080 WINDOW=20928 SYN Unauthorised access (Nov 25) SRC=64.68.229.166 LEN=40 TOS=0x10 PREC=0x40 TTL=53 ID=9665 TCP DPT=8080 WINDOW=47817 SYN	2019-11-25 21:15:48
190.85.108.186	attackspambots	Nov 25 10:42:34 ArkNodeAT sshd\[15764\]: Invalid user www from 190.85.108.186 Nov 25 10:42:34 ArkNodeAT sshd\[15764\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.85.108.186 Nov 25 10:42:36 ArkNodeAT sshd\[15764\]: Failed password for invalid user www from 190.85.108.186 port 53692 ssh2	2019-11-25 20:49:58
49.88.112.110	attackspambots	Nov 25 06:25:49 firewall sshd[31138]: Failed password for root from 49.88.112.110 port 31340 ssh2 Nov 25 06:25:51 firewall sshd[31138]: Failed password for root from 49.88.112.110 port 31340 ssh2 Nov 25 06:25:53 firewall sshd[31138]: Failed password for root from 49.88.112.110 port 31340 ssh2 ...	2019-11-25 21:08:58
138.94.165.223	attackbotsspam	Telnet/23 MH Probe, BF, Hack -	2019-11-25 21:01:49
176.235.152.226	attack	" "	2019-11-25 20:50:27
121.99.240.85	attackspambots	121.99.240.85 was recorded 5 times by 1 hosts attempting to connect to the following ports: 51413. Incident counter (4h, 24h, all-time): 5, 5, 5	2019-11-25 20:56:51
180.159.99.17	attack	DATE:2019-11-25 07:20:32, IP:180.159.99.17, PORT:1433 MSSQL brute force auth on honeypot server (honey-neo-dc)	2019-11-25 21:19:38
81.21.86.97	attackbots	2019-11-25 00:20:46 H=(97-86-21-81-pppoe-dynamic-ip.ultel-dot-net) [81.21.86.97]:42924 I=[192.147.25.65]:25 sender verify fail for : Unrouteable address 2019-11-25 00:20:46 H=(97-86-21-81-pppoe-dynamic-ip.ultel-dot-net) [81.21.86.97]:42924 I=[192.147.25.65]:25 F= rejected RCPT : Sender verify failed 2019-11-25 00:20:46 H=(97-86-21-81-pppoe-dynamic-ip.ultel-dot-net) [81.21.86.97]:42924 I=[192.147.25.65]:25 F= rejected RCPT : Sender verify failed ...	2019-11-25 21:08:31

Recently Reported IPs

104.131.67.30	104.131.75.153	104.131.75.201	104.131.75.88
104.131.8.155	104.131.8.184	104.131.80.118	104.131.86.212
190.158.59.189	104.131.87.248	104.131.88.124	104.131.88.16
104.131.92.168	104.131.92.66	104.131.94.110	104.131.97.219
104.131.98.188	104.131.98.243	104.131.99.175	104.140.133.177