104.21.92.2 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.21.92.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 48229
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.21.92.2.			IN	A

;; AUTHORITY SECTION:
.			358	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021701 1800 900 604800 86400

;; Query time: 169 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 03:16:06 CST 2022
;; MSG SIZE  rcvd: 104

Host info

Host 2.92.21.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 2.92.21.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
58.33.35.82	attackspam	Sep 13 00:33:48 ns41 sshd[11977]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.33.35.82 Sep 13 00:33:48 ns41 sshd[11977]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.33.35.82	2020-09-13 07:09:32
89.248.171.181	attack	Brute forcing email accounts	2020-09-13 06:59:02
5.188.86.216	attackspambots	Cowrie Honeypot: Unauthorised SSH/Telnet login attempt with user "root" at 2020-09-12T20:30:32Z	2020-09-13 07:16:44
125.179.28.108	attack	DATE:2020-09-12 18:54:13, IP:125.179.28.108, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-09-13 07:16:23
198.2.109.207	attack	Sep 12 23:52:34 master sshd[28854]: Failed password for invalid user netman from 198.2.109.207 port 60136 ssh2	2020-09-13 07:29:01
59.148.136.149	attackbots	Time: Sat Sep 12 12:58:56 2020 -0400 IP: 59.148.136.149 (HK/Hong Kong/059148136149.ctinets.com) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 12 12:58:46 pv-11-ams1 sshd[14736]: Invalid user admin from 59.148.136.149 port 48861 Sep 12 12:58:48 pv-11-ams1 sshd[14736]: Failed password for invalid user admin from 59.148.136.149 port 48861 ssh2 Sep 12 12:58:50 pv-11-ams1 sshd[14740]: Invalid user admin from 59.148.136.149 port 48937 Sep 12 12:58:53 pv-11-ams1 sshd[14740]: Failed password for invalid user admin from 59.148.136.149 port 48937 ssh2 Sep 12 12:58:55 pv-11-ams1 sshd[14743]: Invalid user admin from 59.148.136.149 port 49083	2020-09-13 07:04:15
122.155.11.89	attackbotsspam	122.155.11.89 (TH/Thailand/-), 6 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 12 19:07:42 server2 sshd[659]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.155.11.89 user=root Sep 12 19:09:14 server2 sshd[2111]: Failed password for root from 191.217.170.33 port 57700 ssh2 Sep 12 19:07:44 server2 sshd[659]: Failed password for root from 122.155.11.89 port 60264 ssh2 Sep 12 19:07:22 server2 sshd[573]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.102.31.36 user=root Sep 12 19:07:23 server2 sshd[573]: Failed password for root from 58.102.31.36 port 33488 ssh2 Sep 12 19:05:56 server2 sshd[32249]: Failed password for root from 158.69.194.115 port 53086 ssh2 IP Addresses Blocked:	2020-09-13 07:21:17
176.106.132.131	attackspambots	176.106.132.131 (RU/Russia/-), 6 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 12 16:21:25 jbs1 sshd[14190]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.172.238.159 user=root Sep 12 16:21:48 jbs1 sshd[14327]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.24.23.31 user=root Sep 12 16:21:50 jbs1 sshd[14327]: Failed password for root from 175.24.23.31 port 38568 ssh2 Sep 12 16:27:33 jbs1 sshd[18015]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.106.132.131 user=root Sep 12 16:21:18 jbs1 sshd[14086]: Failed password for root from 149.202.40.210 port 52998 ssh2 Sep 12 16:21:27 jbs1 sshd[14190]: Failed password for root from 167.172.238.159 port 60214 ssh2 IP Addresses Blocked: 167.172.238.159 (US/United States/-) 175.24.23.31 (CN/China/-)	2020-09-13 07:32:55
138.197.222.141	attack	firewall-block, port(s): 5273/tcp	2020-09-13 07:09:04
40.73.0.147	attackbotsspam	Invalid user admin from 40.73.0.147 port 38718	2020-09-13 07:17:33
186.226.188.138	attack	Port scan: Attack repeated for 24 hours	2020-09-13 07:08:45
114.80.94.228	attack	(sshd) Failed SSH login from 114.80.94.228 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 12 18:29:34 optimus sshd[32283]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.80.94.228 user=root Sep 12 18:29:35 optimus sshd[32283]: Failed password for root from 114.80.94.228 port 64984 ssh2 Sep 12 18:37:29 optimus sshd[2220]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.80.94.228 user=root Sep 12 18:37:31 optimus sshd[2220]: Failed password for root from 114.80.94.228 port 57722 ssh2 Sep 12 18:39:49 optimus sshd[2853]: Invalid user lucas from 114.80.94.228	2020-09-13 07:36:32
77.247.178.140	attackspam	[2020-09-12 19:04:13] NOTICE[1239][C-0000289c] chan_sip.c: Call from '' (77.247.178.140:59284) to extension '9011442037693601' rejected because extension not found in context 'public'. [2020-09-12 19:04:13] SECURITY[1264] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-09-12T19:04:13.554-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="9011442037693601",SessionID="0x7f4d480d6c18",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.247.178.140/59284",ACLName="no_extension_match" [2020-09-12 19:06:41] NOTICE[1239][C-000028a1] chan_sip.c: Call from '' (77.247.178.140:62122) to extension '+442037693713' rejected because extension not found in context 'public'. [2020-09-12 19:06:41] SECURITY[1264] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-09-12T19:06:41.064-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="+442037693713",SessionID="0x7f4d481e2018",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP ...	2020-09-13 07:07:03
175.139.3.41	attackbots	Invalid user ncafact from 175.139.3.41 port 54456	2020-09-13 07:19:09
51.210.44.157	attackbots	Automated report - ssh fail2ban: Sep 13 00:46:45 Invalid user elasticsearch, port=37948 Sep 13 00:46:45 Disconnected from invalid user elasticsearch 51.210.44.157 port=37948 [preauth] Sep 13 00:53:11 Invalid user elasticsearch, port=43612 Sep 13 00:53:11 Disconnected from invalid user elasticsearch 51.210.44.157 port=43612 [preauth]	2020-09-13 07:05:57

Recently Reported IPs

104.21.92.199	104.21.92.201	104.21.92.202	104.21.92.203
104.21.92.207	104.21.92.206	104.21.92.204	104.21.92.210
104.21.92.205	104.21.92.21	104.21.92.213	104.21.92.211
104.21.92.212	104.21.92.214	69.74.75.2	104.21.92.215
104.21.92.216	104.21.92.223	104.21.92.22	104.21.92.217