104.168.214.200

Basic Info

City: Seattle

Region: Washington

Country: United States

Internet Service Provider: Hostwinds LLC.

Hostname: unknown

Organization: Hostwinds LLC.

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.168.214.53	attackspambots	[f2b] sshd bruteforce, retries: 1	2020-10-12 05:31:58
104.168.214.53	attack	[f2b] sshd bruteforce, retries: 1	2020-10-11 21:38:42
104.168.214.53	attack	5x Failed Password	2020-10-11 13:35:31
104.168.214.53	attackbotsspam	20 attempts against mh-ssh on ice	2020-10-11 06:59:12
104.168.214.86	attack	Oct 8 11:05:14 mail postfix/smtpd[27643]: warning: hwsrv-786714.hostwindsdns.com[104.168.214.86]: SASL login authentication failed: authentication failure	2020-10-09 05:12:13
104.168.214.86	attack	Oct 7 22:46:27 mellenthin postfix/smtpd[26683]: warning: hwsrv-786714.hostwindsdns.com[104.168.214.86]: SASL login authentication failed: UGFzc3dvcmQ6 Oct 7 22:46:34 mellenthin postfix/smtpd[26683]: warning: hwsrv-786714.hostwindsdns.com[104.168.214.86]: SASL login authentication failed: UGFzc3dvcmQ6	2020-10-08 21:25:49
104.168.214.86	attack	Oct 7 22:46:27 mellenthin postfix/smtpd[26683]: warning: hwsrv-786714.hostwindsdns.com[104.168.214.86]: SASL login authentication failed: UGFzc3dvcmQ6 Oct 7 22:46:34 mellenthin postfix/smtpd[26683]: warning: hwsrv-786714.hostwindsdns.com[104.168.214.86]: SASL login authentication failed: UGFzc3dvcmQ6	2020-10-08 13:19:54
104.168.214.86	attackspam	Oct 7 22:46:27 mellenthin postfix/smtpd[26683]: warning: hwsrv-786714.hostwindsdns.com[104.168.214.86]: SASL login authentication failed: UGFzc3dvcmQ6 Oct 7 22:46:34 mellenthin postfix/smtpd[26683]: warning: hwsrv-786714.hostwindsdns.com[104.168.214.86]: SASL login authentication failed: UGFzc3dvcmQ6	2020-10-08 08:40:21
104.168.214.168	attack	DATE:2020-08-17 05:56:55, IP:104.168.214.168, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2020-08-17 17:12:38

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.168.214.200
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18052
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.168.214.200.		IN	A

;; AUTHORITY SECTION:
.			2550	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019062500 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Jun 25 15:54:37 CST 2019
;; MSG SIZE  rcvd: 119

Host info

200.214.168.104.in-addr.arpa domain name pointer slot0.caferooftops.com.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
200.214.168.104.in-addr.arpa	name = slot0.caferooftops.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
87.251.74.240	attack	04/25/2020-15:50:31.391012 87.251.74.240 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-04-26 04:19:51
194.31.244.26	attack	Apr 25 22:00:25 debian-2gb-nbg1-2 kernel: \[10103763.529713\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=194.31.244.26 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=1429 PROTO=TCP SPT=57719 DPT=33778 WINDOW=1024 RES=0x00 SYN URGP=0	2020-04-26 04:20:20
79.137.87.44	attack	Brute-force attempt banned	2020-04-26 04:24:41
189.206.147.226	attack	firewall-block, port(s): 1433/tcp	2020-04-26 04:05:27
112.85.42.195	attack	Apr 25 20:17:11 game-panel sshd[10964]: Failed password for root from 112.85.42.195 port 24848 ssh2 Apr 25 20:18:18 game-panel sshd[11030]: Failed password for root from 112.85.42.195 port 29884 ssh2	2020-04-26 04:23:09
200.195.171.74	attackbots	Invalid user vx from 200.195.171.74 port 43436	2020-04-26 04:13:09
209.85.166.68	attack	fictitious purchase at app store	2020-04-26 04:15:38
139.59.135.84	attack	Bruteforce detected by fail2ban	2020-04-26 04:06:28
37.49.226.250	attackspam	Excessive Port-Scanning	2020-04-26 04:23:34
187.33.235.50	attackbotsspam	Unauthorized connection attempt from IP address 187.33.235.50 on Port 445(SMB)	2020-04-26 04:09:35
159.89.145.59	attackbots	Apr 25 14:19:27 firewall sshd[10561]: Invalid user leviomri from 159.89.145.59 Apr 25 14:19:30 firewall sshd[10561]: Failed password for invalid user leviomri from 159.89.145.59 port 46696 ssh2 Apr 25 14:23:21 firewall sshd[10626]: Invalid user bella from 159.89.145.59 ...	2020-04-26 04:25:19
186.87.32.48	attackbots	Apr 26 03:25:12 itv-usvr-02 sshd[9624]: Invalid user jamie from 186.87.32.48 port 36658 Apr 26 03:25:12 itv-usvr-02 sshd[9624]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.87.32.48 Apr 26 03:25:12 itv-usvr-02 sshd[9624]: Invalid user jamie from 186.87.32.48 port 36658 Apr 26 03:25:14 itv-usvr-02 sshd[9624]: Failed password for invalid user jamie from 186.87.32.48 port 36658 ssh2 Apr 26 03:28:35 itv-usvr-02 sshd[9738]: Invalid user spring from 186.87.32.48 port 59409	2020-04-26 04:32:00
106.12.69.35	attackspam	SSH auth scanning - multiple failed logins	2020-04-26 04:14:01
111.229.85.222	attackbots	Invalid user admin from 111.229.85.222 port 42204	2020-04-26 04:02:21
218.204.17.44	attack	Apr 25 16:25:37 ny01 sshd[22165]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.204.17.44 Apr 25 16:25:40 ny01 sshd[22165]: Failed password for invalid user chandru from 218.204.17.44 port 44946 ssh2 Apr 25 16:29:51 ny01 sshd[22891]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.204.17.44	2020-04-26 04:32:40

Recently Reported IPs

219.228.20.192	182.33.105.189	61.90.18.153	171.238.99.45
40.200.228.111	125.214.56.100	74.22.231.145	38.155.200.132
209.57.236.87	179.238.175.139	191.53.239.57	73.81.38.188
183.118.9.236	49.80.208.73	77.50.54.34	39.89.124.82
8.252.155.115	197.86.174.196	88.229.246.48	100.139.128.201