104.194.11.204

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: Reliablesite.net LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Trying ports that it shouldn't be.	2020-06-05 06:36:22

Comments on same subnet:

IP	Type	Details	Datetime
104.194.11.173	attackbotsspam	Triggered: repeated knocking on closed ports.	2020-06-11 21:01:54
104.194.11.173	attackbotsspam	port	2020-06-07 02:14:59
104.194.11.180	attack	DATE:2020-05-15 22:49:47, IP:104.194.11.180, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2020-05-16 06:07:18
104.194.11.42	attackbots	May 7 15:51:30 debian-2gb-nbg1-2 kernel: \[11118375.210257\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=104.194.11.42 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=4112 PROTO=TCP SPT=57105 DPT=62034 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-07 22:54:21
104.194.11.42	attackspambots	May 7 13:18:53 debian-2gb-nbg1-2 kernel: \[11109219.070970\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=104.194.11.42 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=64586 PROTO=TCP SPT=57105 DPT=55120 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-07 19:28:35
104.194.11.42	attackbots	May 6 16:19:04 debian-2gb-nbg1-2 kernel: \[11033633.911454\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=104.194.11.42 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=33916 PROTO=TCP SPT=57105 DPT=61759 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-06 22:36:34
104.194.11.42	attackbotsspam	May 6 07:53:04 debian-2gb-nbg1-2 kernel: \[11003275.302584\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=104.194.11.42 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=28416 PROTO=TCP SPT=57105 DPT=55343 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-06 13:57:05
104.194.11.42	attackspambots	May 5 19:00:25 debian-2gb-nbg1-2 kernel: \[10956918.676732\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=104.194.11.42 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=56683 PROTO=TCP SPT=57041 DPT=47415 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-06 01:07:53
104.194.11.42	attackbotsspam	May 4 00:42:52 debian-2gb-nbg1-2 kernel: \[10804674.226420\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=104.194.11.42 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=58036 PROTO=TCP SPT=57041 DPT=46709 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-04 07:05:57
104.194.11.42	attack	May 3 06:33:32 debian-2gb-nbg1-2 kernel: \[10739317.117700\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=104.194.11.42 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=22171 PROTO=TCP SPT=57105 DPT=61013 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-03 12:38:21
104.194.11.42	attackbots	[MK-VM3] Blocked by UFW	2020-05-03 06:06:24
104.194.11.42	attack	May 2 11:23:08 [host] kernel: [5040300.661121] [U May 2 11:24:03 [host] kernel: [5040355.783353] [U May 2 11:25:23 [host] kernel: [5040436.085676] [U May 2 11:25:39 [host] kernel: [5040452.294599] [U May 2 11:28:45 [host] kernel: [5040638.154006] [U May 2 11:29:09 [host] kernel: [5040661.692723] [U	2020-05-02 17:47:29
104.194.11.244	attack	Mar 30 05:55:18 debian-2gb-nbg1-2 kernel: \[7799577.463955\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=104.194.11.244 DST=195.201.40.59 LEN=439 TOS=0x00 PREC=0x00 TTL=55 ID=6970 DF PROTO=UDP SPT=5276 DPT=5060 LEN=419	2020-03-30 13:56:03
104.194.11.244	attackbotsspam	Mar 28 20:14:27 debian-2gb-nbg1-2 kernel: \[7681932.165973\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=104.194.11.244 DST=195.201.40.59 LEN=438 TOS=0x00 PREC=0x00 TTL=55 ID=13353 DF PROTO=UDP SPT=5280 DPT=5060 LEN=418	2020-03-29 03:15:17
104.194.11.10	attack	Port 5071 scan denied	2020-02-05 06:33:45

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.194.11.204
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 45523
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.194.11.204.			IN	A

;; AUTHORITY SECTION:
.			534	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020060401 1800 900 604800 86400

;; Query time: 166 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jun 05 06:36:09 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 204.11.194.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 204.11.194.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
120.131.9.167	attackbotsspam	$f2bV_matches	2020-07-06 16:49:33
96.69.25.158	attackspambots	4112/tcp 20223/tcp 28046/tcp... [2020-05-27/07-06]8pkt,3pt.(tcp)	2020-07-06 17:48:07
191.235.65.29	attack	2020-07-06T09:00:21.158637afi-git.jinr.ru sshd[21730]: Invalid user sys from 191.235.65.29 port 53552 2020-07-06T09:00:21.161862afi-git.jinr.ru sshd[21730]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.235.65.29 2020-07-06T09:00:21.158637afi-git.jinr.ru sshd[21730]: Invalid user sys from 191.235.65.29 port 53552 2020-07-06T09:00:22.897791afi-git.jinr.ru sshd[21730]: Failed password for invalid user sys from 191.235.65.29 port 53552 ssh2 2020-07-06T09:02:41.201287afi-git.jinr.ru sshd[22274]: Invalid user f from 191.235.65.29 port 53036 ...	2020-07-06 17:43:12
103.99.251.106	attack	VNC brute force attack detected by fail2ban	2020-07-06 17:01:11
52.130.93.119	attack	2020-07-05T21:49:31.206592linuxbox-skyline sshd[628935]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.130.93.119 user=root 2020-07-05T21:49:33.276140linuxbox-skyline sshd[628935]: Failed password for root from 52.130.93.119 port 1024 ssh2 ...	2020-07-06 17:48:54
49.74.219.26	attackspam	Jul 6 10:40:20 nextcloud sshd\[20144\]: Invalid user hwserver from 49.74.219.26 Jul 6 10:40:20 nextcloud sshd\[20144\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.74.219.26 Jul 6 10:40:22 nextcloud sshd\[20144\]: Failed password for invalid user hwserver from 49.74.219.26 port 29846 ssh2	2020-07-06 16:54:02
222.186.173.238	attackbots	(sshd) Failed SSH login from 222.186.173.238 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jul 6 11:55:04 amsweb01 sshd[7341]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.238 user=root Jul 6 11:55:04 amsweb01 sshd[7343]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.238 user=root Jul 6 11:55:05 amsweb01 sshd[7343]: Failed password for root from 222.186.173.238 port 8338 ssh2 Jul 6 11:55:05 amsweb01 sshd[7341]: Failed password for root from 222.186.173.238 port 12584 ssh2 Jul 6 11:55:09 amsweb01 sshd[7343]: Failed password for root from 222.186.173.238 port 8338 ssh2	2020-07-06 17:56:38
202.154.191.106	attack	Automatic report - Banned IP Access	2020-07-06 17:32:19
61.155.110.210	attackbotsspam	Cluster member 67.227.229.95 (US/United States/host.cjthedj97.me) said, DENY 61.155.110.210, Reason:[(sshd) Failed SSH login from 61.155.110.210 (CN/China/-): 1 in the last 3600 secs]; Ports: *; Direction: inout; Trigger: LF_CLUSTER	2020-07-06 17:07:38
91.121.173.41	attack	2020-07-06T11:43:14.860553lavrinenko.info sshd[25831]: Invalid user vl from 91.121.173.41 port 35148 2020-07-06T11:43:14.871814lavrinenko.info sshd[25831]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.121.173.41 2020-07-06T11:43:14.860553lavrinenko.info sshd[25831]: Invalid user vl from 91.121.173.41 port 35148 2020-07-06T11:43:16.938653lavrinenko.info sshd[25831]: Failed password for invalid user vl from 91.121.173.41 port 35148 ssh2 2020-07-06T11:46:00.526313lavrinenko.info sshd[26122]: Invalid user newftpuser from 91.121.173.41 port 60772 ...	2020-07-06 17:01:32
38.108.61.202	attack	Jul 6 06:39:18 hostnameis sshd[56048]: Invalid user admin from 38.108.61.202 Jul 6 06:39:18 hostnameis sshd[56048]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=38.108.61.202 Jul 6 06:39:20 hostnameis sshd[56048]: Failed password for invalid user admin from 38.108.61.202 port 53125 ssh2 Jul 6 06:39:20 hostnameis sshd[56048]: Received disconnect from 38.108.61.202: 11: Bye Bye [preauth] Jul 6 06:39:23 hostnameis sshd[56050]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=38.108.61.202 user=r.r Jul 6 06:39:25 hostnameis sshd[56050]: Failed password for r.r from 38.108.61.202 port 53215 ssh2 Jul 6 06:39:25 hostnameis sshd[56050]: Received disconnect from 38.108.61.202: 11: Bye Bye [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=38.108.61.202	2020-07-06 17:54:25
61.219.11.153	attack	TCP (SYN) 61.219.11.153:64201 -> port 443, len 40	2020-07-06 17:42:50
90.177.244.100	attackbotsspam	Automatic report - Banned IP Access	2020-07-06 17:07:12
204.48.23.76	attackspambots	Lines containing failures of 204.48.23.76 Jul 5 23:09:30 penfold sshd[27083]: Invalid user lfp from 204.48.23.76 port 53588 Jul 5 23:09:30 penfold sshd[27083]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=204.48.23.76 Jul 5 23:09:32 penfold sshd[27083]: Failed password for invalid user lfp from 204.48.23.76 port 53588 ssh2 Jul 5 23:09:33 penfold sshd[27083]: Received disconnect from 204.48.23.76 port 53588:11: Bye Bye [preauth] Jul 5 23:09:33 penfold sshd[27083]: Disconnected from invalid user lfp 204.48.23.76 port 53588 [preauth] Jul 5 23:26:49 penfold sshd[28156]: Invalid user prashant from 204.48.23.76 port 53374 Jul 5 23:26:49 penfold sshd[28156]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=204.48.23.76 Jul 5 23:26:51 penfold sshd[28156]: Failed password for invalid user prashant from 204.48.23.76 port 53374 ssh2 Jul 5 23:26:51 penfold sshd[28156]: Received disconnect fr........ ------------------------------	2020-07-06 16:53:32
110.175.238.10	attack	Automatic report - XMLRPC Attack	2020-07-06 16:50:24

Recently Reported IPs

24.47.17.14	96.65.79.48	209.15.205.35	60.84.12.92
54.234.3.89	196.202.209.137	123.20.249.11	68.216.33.143
69.201.25.52	95.158.53.90	49.167.187.85	67.241.196.211
151.3.144.151	131.155.231.61	23.238.48.210	108.131.29.11
197.41.231.46	121.33.196.4	68.116.13.114	189.207.105.245