104.168.214.11

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.168.214.53	attackspambots	[f2b] sshd bruteforce, retries: 1	2020-10-12 05:31:58
104.168.214.53	attack	[f2b] sshd bruteforce, retries: 1	2020-10-11 21:38:42
104.168.214.53	attack	5x Failed Password	2020-10-11 13:35:31
104.168.214.53	attackbotsspam	20 attempts against mh-ssh on ice	2020-10-11 06:59:12
104.168.214.86	attack	Oct 8 11:05:14 mail postfix/smtpd[27643]: warning: hwsrv-786714.hostwindsdns.com[104.168.214.86]: SASL login authentication failed: authentication failure	2020-10-09 05:12:13
104.168.214.86	attack	Oct 7 22:46:27 mellenthin postfix/smtpd[26683]: warning: hwsrv-786714.hostwindsdns.com[104.168.214.86]: SASL login authentication failed: UGFzc3dvcmQ6 Oct 7 22:46:34 mellenthin postfix/smtpd[26683]: warning: hwsrv-786714.hostwindsdns.com[104.168.214.86]: SASL login authentication failed: UGFzc3dvcmQ6	2020-10-08 21:25:49
104.168.214.86	attack	Oct 7 22:46:27 mellenthin postfix/smtpd[26683]: warning: hwsrv-786714.hostwindsdns.com[104.168.214.86]: SASL login authentication failed: UGFzc3dvcmQ6 Oct 7 22:46:34 mellenthin postfix/smtpd[26683]: warning: hwsrv-786714.hostwindsdns.com[104.168.214.86]: SASL login authentication failed: UGFzc3dvcmQ6	2020-10-08 13:19:54
104.168.214.86	attackspam	Oct 7 22:46:27 mellenthin postfix/smtpd[26683]: warning: hwsrv-786714.hostwindsdns.com[104.168.214.86]: SASL login authentication failed: UGFzc3dvcmQ6 Oct 7 22:46:34 mellenthin postfix/smtpd[26683]: warning: hwsrv-786714.hostwindsdns.com[104.168.214.86]: SASL login authentication failed: UGFzc3dvcmQ6	2020-10-08 08:40:21
104.168.214.168	attack	DATE:2020-08-17 05:56:55, IP:104.168.214.168, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2020-08-17 17:12:38

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.168.214.11
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 19084
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.168.214.11.			IN	A

;; AUTHORITY SECTION:
.			278	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022701 1800 900 604800 86400

;; Query time: 64 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 28 13:51:16 CST 2022
;; MSG SIZE  rcvd: 107

Host info

11.214.168.104.in-addr.arpa domain name pointer hwsrv-774829.hostwindsdns.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
11.214.168.104.in-addr.arpa	name = hwsrv-774829.hostwindsdns.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
180.250.135.17	attack	Invalid user musikbot from 180.250.135.17 port 46880	2020-03-27 04:55:58
106.12.47.24	attack	Invalid user airbot from 106.12.47.24 port 45522	2020-03-27 04:59:06
96.2.166.182	attack	Mar 26 22:15:52 main sshd[31142]: Failed password for invalid user gi from 96.2.166.182 port 48650 ssh2	2020-03-27 05:19:17
118.27.36.183	attack	"SERVER-WEBAPP PHPUnit PHP remote code execution attempt"	2020-03-27 05:02:59
176.118.209.247	attack	Automatic report - Port Scan Attack	2020-03-27 05:11:04
115.238.107.211	attackspam	Invalid user rena from 115.238.107.211 port 50692	2020-03-27 05:08:54
36.66.156.125	attack	Mar 27 04:22:57 itv-usvr-02 sshd[14966]: Invalid user postgres from 36.66.156.125 port 60256 Mar 27 04:22:57 itv-usvr-02 sshd[14966]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.66.156.125 Mar 27 04:22:57 itv-usvr-02 sshd[14966]: Invalid user postgres from 36.66.156.125 port 60256 Mar 27 04:23:00 itv-usvr-02 sshd[14966]: Failed password for invalid user postgres from 36.66.156.125 port 60256 ssh2 Mar 27 04:25:03 itv-usvr-02 sshd[15046]: Invalid user admin from 36.66.156.125 port 45992	2020-03-27 05:28:23
120.132.11.186	attack	Mar 26 21:14:32 ns382633 sshd\[11063\]: Invalid user vus from 120.132.11.186 port 51628 Mar 26 21:14:32 ns382633 sshd\[11063\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.132.11.186 Mar 26 21:14:34 ns382633 sshd\[11063\]: Failed password for invalid user vus from 120.132.11.186 port 51628 ssh2 Mar 26 21:17:03 ns382633 sshd\[11735\]: Invalid user msz from 120.132.11.186 port 51238 Mar 26 21:17:03 ns382633 sshd\[11735\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.132.11.186	2020-03-27 05:09:10
202.200.142.251	attack	Mar 26 21:22:41 pi sshd[15567]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.200.142.251 Mar 26 21:22:42 pi sshd[15567]: Failed password for invalid user kwm from 202.200.142.251 port 57832 ssh2	2020-03-27 05:28:48
103.40.26.77	attackbots	$f2bV_matches	2020-03-27 05:28:04
202.39.28.8	attackbots	Mar 26 17:53:39 firewall sshd[23699]: Failed password for invalid user vid from 202.39.28.8 port 53932 ssh2 Mar 26 18:00:49 firewall sshd[24078]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.39.28.8 user=mail Mar 26 18:00:52 firewall sshd[24078]: Failed password for mail from 202.39.28.8 port 44968 ssh2 ...	2020-03-27 05:04:12
188.36.125.210	attackspam	Mar 27 01:56:06 gw1 sshd[12935]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.36.125.210 Mar 27 01:56:08 gw1 sshd[12935]: Failed password for invalid user user from 188.36.125.210 port 54046 ssh2 ...	2020-03-27 05:00:23
165.22.63.73	attackbots	Invalid user test1 from 165.22.63.73 port 54826	2020-03-27 05:03:13
49.72.64.75	attackspambots	Lines containing failures of 49.72.64.75 Mar 26 22:06:55 shared06 sshd[18684]: Invalid user jmx from 49.72.64.75 port 44048 Mar 26 22:06:55 shared06 sshd[18684]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.72.64.75 Mar 26 22:06:57 shared06 sshd[18684]: Failed password for invalid user jmx from 49.72.64.75 port 44048 ssh2 Mar 26 22:06:57 shared06 sshd[18684]: Received disconnect from 49.72.64.75 port 44048:11: Bye Bye [preauth] Mar 26 22:06:57 shared06 sshd[18684]: Disconnected from invalid user jmx 49.72.64.75 port 44048 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=49.72.64.75	2020-03-27 05:26:07
178.60.197.1	attackbotsspam	2020-03-26T14:55:00.803541linuxbox-skyline sshd[1729]: Invalid user live from 178.60.197.1 port 46193 ...	2020-03-27 05:06:25

Recently Reported IPs

104.168.214.184	104.25.70.35	104.168.214.177	104.168.213.25
104.168.214.244	104.168.214.180	104.168.214.45	104.168.22.186
104.168.218.91	104.168.218.105	104.168.215.150	104.168.219.248
104.168.23.186	104.168.216.202	104.168.220.242	104.25.71.35
104.168.219.225	104.168.234.104	104.168.220.241	104.168.234.110