104.192.1.214 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.192.113.252	attack	Connection by 104.192.113.252 on port: 1433 got caught by honeypot at 5/7/2020 12:58:15 PM	2020-05-08 01:25:01
104.192.163.119	attack	Unauthorized connection attempt detected from IP address 104.192.163.119 to port 2220 [J]	2020-01-13 17:41:22
104.192.111.79	attack	RDP Bruteforce	2020-01-10 05:47:51
104.192.1.59	attack	Unauthorized connection attempt detected from IP address 104.192.1.59 to port 3389	2020-01-05 06:46:27
104.192.108.175	attackbots	Portscan or hack attempt detected by psad/fwsnort	2019-12-23 07:47:04
104.192.108.175	attackbots	[IPBX probe: SIP=tcp/5060] *(RWIN=1024)(12211217)	2019-12-21 19:43:07
104.192.111.79	attackspam	RDP brute forcing (d)	2019-12-12 18:40:24
104.192.111.79	attackspambots	RDP Bruteforce	2019-11-28 07:47:10
104.192.109.140	attackbots	Honeypot attack, port: 23, PTR: PTR record not found	2019-10-05 17:52:21
104.192.109.140	attackspam	Sep 29 08:10:03 localhost kernel: [3496822.005490] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=104.192.109.140 DST=[mungedIP2] LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=54759 PROTO=TCP SPT=44617 DPT=7676 SEQ=3966675045 ACK=0 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 29 10:24:08 localhost kernel: [3504867.049597] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=104.192.109.140 DST=[mungedIP2] LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=2403 PROTO=TCP SPT=44617 DPT=106 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 29 10:24:08 localhost kernel: [3504867.049626] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=104.192.109.140 DST=[mungedIP2] LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=2403 PROTO=TCP SPT=44617 DPT=106 SEQ=3535038839 ACK=0 WINDOW=1024 RES=0x00 SYN URGP=0	2019-09-30 01:30:51
104.192.138.232	attackspambots	"Account brute force using dictionary attack against Exchange Online"	2019-08-06 06:49:17

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.192.1.214
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 45133
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.192.1.214.			IN	A

;; AUTHORITY SECTION:
.			111	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022051902 1800 900 604800 86400

;; Query time: 27 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri May 20 12:02:57 CST 2022
;; MSG SIZE  rcvd: 106

Host info

214.1.192.104.in-addr.arpa domain name pointer buf94.datawagon.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
214.1.192.104.in-addr.arpa	name = buf94.datawagon.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
141.98.81.207	attackbotsspam	Jun 27 14:22:22 debian64 sshd[5389]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.98.81.207 Jun 27 14:22:24 debian64 sshd[5389]: Failed password for invalid user admin from 141.98.81.207 port 9865 ssh2 ...	2020-06-27 20:34:43
206.189.222.181	attackbotsspam	Jun 27 04:21:41 dignus sshd[4744]: Failed password for root from 206.189.222.181 port 44550 ssh2 Jun 27 04:24:48 dignus sshd[5016]: Invalid user cust from 206.189.222.181 port 43846 Jun 27 04:24:48 dignus sshd[5016]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.222.181 Jun 27 04:24:50 dignus sshd[5016]: Failed password for invalid user cust from 206.189.222.181 port 43846 ssh2 Jun 27 04:27:49 dignus sshd[5327]: Invalid user zhong from 206.189.222.181 port 43160 ...	2020-06-27 20:17:49
188.254.0.124	attack	Jun 27 12:35:56 localhost sshd[113047]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.254.0.124 user=root Jun 27 12:35:58 localhost sshd[113047]: Failed password for root from 188.254.0.124 port 49832 ssh2 Jun 27 12:40:30 localhost sshd[113677]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.254.0.124 user=root Jun 27 12:40:31 localhost sshd[113677]: Failed password for root from 188.254.0.124 port 50100 ssh2 Jun 27 12:45:04 localhost sshd[114197]: Invalid user dixie from 188.254.0.124 port 50366 ...	2020-06-27 20:53:30
112.199.122.122	attackspambots	Unauthorized connection attempt: SRC=112.199.122.122 ...	2020-06-27 20:36:10
51.38.36.9	attack	Jun 27 08:22:29 mail sshd\[38252\]: Invalid user cmsuser from 51.38.36.9 Jun 27 08:22:29 mail sshd\[38252\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.36.9 ...	2020-06-27 20:27:08
170.130.143.6	attackbotsspam	170.130.143.6 has been banned for [spam] ...	2020-06-27 20:30:48
139.198.5.138	attack	Jun 27 12:41:08 onepixel sshd[212341]: Invalid user luka from 139.198.5.138 port 51862 Jun 27 12:41:08 onepixel sshd[212341]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.5.138 Jun 27 12:41:08 onepixel sshd[212341]: Invalid user luka from 139.198.5.138 port 51862 Jun 27 12:41:10 onepixel sshd[212341]: Failed password for invalid user luka from 139.198.5.138 port 51862 ssh2 Jun 27 12:44:12 onepixel sshd[214137]: Invalid user administrator from 139.198.5.138 port 42122	2020-06-27 20:51:41
36.111.146.209	attack	Invalid user ch from 36.111.146.209 port 37580	2020-06-27 20:19:39
111.229.122.177	attackspam	$f2bV_matches	2020-06-27 20:56:38
86.98.151.52	attackbotsspam	1593260550 - 06/27/2020 14:22:30 Host: 86.98.151.52/86.98.151.52 Port: 445 TCP Blocked	2020-06-27 20:26:41
185.143.73.148	attack	Jun 27 14:55:40 srv0 postfix/smtpd\[3653\]: warning: unknown\[185.143.73.148\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 27 14:56:51 srv0 postfix/smtpd\[3653\]: warning: unknown\[185.143.73.148\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 27 14:58:00 srv0 postfix/smtpd\[3654\]: warning: unknown\[185.143.73.148\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-06-27 20:59:39
14.143.3.30	attack	Bruteforce detected by fail2ban	2020-06-27 20:31:31
198.50.197.72	attackbotsspam	Jun 27 10:57:01 ns sshd[14547]: Connection from 198.50.197.72 port 57276 on 134.119.39.98 port 22 Jun 27 10:57:02 ns sshd[14547]: Invalid user santi from 198.50.197.72 port 57276 Jun 27 10:57:02 ns sshd[14547]: Failed password for invalid user santi from 198.50.197.72 port 57276 ssh2 Jun 27 10:57:02 ns sshd[14547]: Received disconnect from 198.50.197.72 port 57276:11: Bye Bye [preauth] Jun 27 10:57:02 ns sshd[14547]: Disconnected from 198.50.197.72 port 57276 [preauth] Jun 27 11:04:54 ns sshd[5755]: Connection from 198.50.197.72 port 49584 on 134.119.39.98 port 22 Jun 27 11:04:55 ns sshd[5755]: Invalid user armando from 198.50.197.72 port 49584 Jun 27 11:04:55 ns sshd[5755]: Failed password for invalid user armando from 198.50.197.72 port 49584 ssh2 Jun 27 11:04:55 ns sshd[5755]: Received disconnect from 198.50.197.72 port 49584:11: Bye Bye [preauth] Jun 27 11:04:55 ns sshd[5755]: Disconnected from 198.50.197.72 port 49584 [preauth] Jun 27 11:08:08 ns sshd[12049]: Conne........ -------------------------------	2020-06-27 20:28:26
1.6.103.18	attackbotsspam	detected by Fail2Ban	2020-06-27 20:44:57
111.229.139.95	attackspambots	k+ssh-bruteforce	2020-06-27 20:36:38

Recently Reported IPs

104.19.95.91	104.192.102.18	104.192.220.90	104.192.28.165
104.192.33.140	104.193.254.53	104.197.151.85	50.40.235.24
104.20.149.3	219.246.87.252	178.128.220.229	104.20.159.251
104.20.16.158	104.20.161.209	104.20.17.130	104.20.17.158
240.136.148.19	136.113.71.25	178.208.96.215	131.3.199.28