104.211.5.214 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.211.5.175	attack	Unauthorized connection attempt detected from IP address 104.211.5.175 to port 1433	2020-07-22 16:44:16
104.211.57.33	attack	Invalid user admin from 104.211.57.33 port 1220	2020-07-18 08:45:05
104.211.5.175	attackbots	SSH Invalid Login	2020-07-16 05:58:09
104.211.5.175	attack	Jul 15 09:32:48 odroid64 sshd\[3610\]: Invalid user admin from 104.211.5.175 Jul 15 09:32:48 odroid64 sshd\[3610\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.211.5.175 ...	2020-07-15 16:25:57
104.211.57.162	attack	Abuse	2020-07-12 13:27:40
104.211.5.175	attack	87. On Jun 26 2020 experienced a Brute Force SSH login attempt -> 3 unique times by 104.211.5.175.	2020-06-27 07:37:00
104.211.5.175	attack	2020-06-26T16:56:32.514635vps773228.ovh.net sshd[28559]: Invalid user apc from 104.211.5.175 port 29971 2020-06-26T16:56:32.524806vps773228.ovh.net sshd[28559]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.211.5.175 2020-06-26T16:56:32.514635vps773228.ovh.net sshd[28559]: Invalid user apc from 104.211.5.175 port 29971 2020-06-26T16:56:34.629391vps773228.ovh.net sshd[28559]: Failed password for invalid user apc from 104.211.5.175 port 29971 ssh2 2020-06-26T17:54:15.066945vps773228.ovh.net sshd[28920]: Invalid user m202 from 104.211.5.175 port 46179 ...	2020-06-26 23:54:23
104.211.5.175	attackbots	Lines containing failures of 104.211.5.175 Jun 24 18:12:19 keyhelp sshd[12893]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.211.5.175 user=r.r Jun 24 18:12:19 keyhelp sshd[12895]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.211.5.175 user=r.r Jun 24 18:12:21 keyhelp sshd[12893]: Failed password for r.r from 104.211.5.175 port 37072 ssh2 Jun 24 18:12:21 keyhelp sshd[12893]: Received disconnect from 104.211.5.175 port 37072:11: Client disconnecting normally [preauth] Jun 24 18:12:21 keyhelp sshd[12893]: Disconnected from authenticating user r.r 104.211.5.175 port 37072 [preauth] Jun 24 18:12:21 keyhelp sshd[12895]: Failed password for r.r from 104.211.5.175 port 37151 ssh2 Jun 24 18:12:21 keyhelp sshd[12895]: Received disconnect from 104.211.5.175 port 37151:11: Client disconnecting normally [preauth] Jun 24 18:12:21 keyhelp sshd[12895]: Disconnected from authenticating user r........ ------------------------------	2020-06-26 00:58:31
104.211.54.133	attackbots	Invalid user inf from 104.211.54.133 port 54886	2020-05-21 16:30:43
104.211.54.133	attackspambots	May 16 04:14:36 santamaria sshd\[12930\]: Invalid user postgres from 104.211.54.133 May 16 04:14:36 santamaria sshd\[12930\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.211.54.133 May 16 04:14:38 santamaria sshd\[12930\]: Failed password for invalid user postgres from 104.211.54.133 port 45074 ssh2 ...	2020-05-16 21:58:38
104.211.54.133	attackbots	May 8 14:30:44 santamaria sshd\[1120\]: Invalid user alejandra from 104.211.54.133 May 8 14:30:44 santamaria sshd\[1120\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.211.54.133 May 8 14:30:46 santamaria sshd\[1120\]: Failed password for invalid user alejandra from 104.211.54.133 port 49280 ssh2 ...	2020-05-09 13:54:21
104.211.50.174	attackbotsspam	SSH/22 MH Probe, BF, Hack -	2020-05-04 15:39:36
104.211.50.174	attackspam	Apr 24 18:24:07 ns382633 sshd\[11843\]: Invalid user tomcat2 from 104.211.50.174 port 36020 Apr 24 18:24:07 ns382633 sshd\[11843\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.211.50.174 Apr 24 18:24:09 ns382633 sshd\[11843\]: Failed password for invalid user tomcat2 from 104.211.50.174 port 36020 ssh2 Apr 24 18:41:23 ns382633 sshd\[15297\]: Invalid user ubuntu from 104.211.50.174 port 59514 Apr 24 18:41:23 ns382633 sshd\[15297\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.211.50.174	2020-04-25 01:11:25
104.211.54.30	attackbotsspam	Sep 22 02:15:31 plusreed sshd[5776]: Invalid user lorenza from 104.211.54.30 ...	2019-09-22 14:27:57
104.211.5.31	attackspambots	Multiple failed RDP login attempts	2019-08-05 16:39:16

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.211.5.214
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 40286
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.211.5.214.			IN	A

;; AUTHORITY SECTION:
.			372	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022701 1800 900 604800 86400

;; Query time: 69 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 28 13:57:45 CST 2022
;; MSG SIZE  rcvd: 106

Host info

Host 214.5.211.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 214.5.211.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
185.176.27.162	attackbotsspam	11/02/2019-23:25:26.255229 185.176.27.162 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-11-03 06:25:53
165.227.16.222	attackbotsspam	Nov 2 16:35:45 plusreed sshd[20314]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.16.222 user=root Nov 2 16:35:48 plusreed sshd[20314]: Failed password for root from 165.227.16.222 port 44556 ssh2 ...	2019-11-03 06:14:18
106.13.179.20	attack	Nov 2 20:34:54 h2040555 sshd[7220]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.179.20 user=r.r Nov 2 20:34:57 h2040555 sshd[7220]: Failed password for r.r from 106.13.179.20 port 43404 ssh2 Nov 2 20:34:57 h2040555 sshd[7220]: Received disconnect from 106.13.179.20: 11: Bye Bye [preauth] Nov 2 20:59:24 h2040555 sshd[7723]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.179.20 user=r.r Nov 2 20:59:25 h2040555 sshd[7723]: Failed password for r.r from 106.13.179.20 port 40504 ssh2 Nov 2 20:59:25 h2040555 sshd[7723]: Received disconnect from 106.13.179.20: 11: Bye Bye [preauth] Nov 2 21:04:05 h2040555 sshd[7832]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.179.20 user=r.r Nov 2 21:04:07 h2040555 sshd[7832]: Failed password for r.r from 106.13.179.20 port 52674 ssh2 Nov 2 21:04:07 h2040555 sshd[7832]: Received disco........ -------------------------------	2019-11-03 06:43:54
168.232.198.50	attack	postfix	2019-11-03 06:41:13
85.208.23.171	attackspam	Nov 2 18:39:14 rb06 sshd[18567]: Failed password for r.r from 85.208.23.171 port 36972 ssh2 Nov 2 18:39:14 rb06 sshd[18567]: Received disconnect from 85.208.23.171: 11: Bye Bye [preauth] Nov 2 18:52:13 rb06 sshd[4378]: Failed password for invalid user aa from 85.208.23.171 port 34508 ssh2 Nov 2 18:52:13 rb06 sshd[4378]: Received disconnect from 85.208.23.171: 11: Bye Bye [preauth] Nov 2 18:55:41 rb06 sshd[4919]: Failed password for r.r from 85.208.23.171 port 45372 ssh2 Nov 2 18:55:41 rb06 sshd[4919]: Received disconnect from 85.208.23.171: 11: Bye Bye [preauth] Nov 2 18:58:56 rb06 sshd[17289]: Failed password for r.r from 85.208.23.171 port 56232 ssh2 Nov 2 18:58:56 rb06 sshd[17289]: Received disconnect from 85.208.23.171: 11: Bye Bye [preauth] Nov 2 19:02:17 rb06 sshd[20628]: Failed password for invalid user pos from 85.208.23.171 port 38860 ssh2 Nov 2 19:02:17 rb06 sshd[20628]: Received disconnect from 85.208.23.171: 11: Bye Bye [preauth] Nov 2 19:05:38 rb........ -------------------------------	2019-11-03 06:22:41
45.82.153.133	attack	Fail2Ban - SMTP Bruteforce Attempt	2019-11-03 06:18:29
112.85.42.189	attackspambots	11/02/2019-17:44:20.218203 112.85.42.189 Protocol: 6 ET SCAN Potential SSH Scan	2019-11-03 06:10:00
64.231.175.61	attackbots	Honeypot attack, port: 23, PTR: toroon2634w-lp130-05-64-231-175-61.dsl.bell.ca.	2019-11-03 06:34:07
1.214.204.50	attackspam	missing rdns	2019-11-03 06:41:51
138.204.235.30	attackspam	Lines containing failures of 138.204.235.30 Oct 29 01:42:35 shared11 sshd[7816]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.204.235.30 user=r.r Oct 29 01:42:38 shared11 sshd[7816]: Failed password for r.r from 138.204.235.30 port 51014 ssh2 Oct 29 01:42:38 shared11 sshd[7816]: Received disconnect from 138.204.235.30 port 51014:11: Bye Bye [preauth] Oct 29 01:42:38 shared11 sshd[7816]: Disconnected from authenticating user r.r 138.204.235.30 port 51014 [preauth] Oct 29 01:57:12 shared11 sshd[12485]: Invalid user asconex from 138.204.235.30 port 40713 Oct 29 01:57:12 shared11 sshd[12485]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.204.235.30 Oct 29 01:57:14 shared11 sshd[12485]: Failed password for invalid user asconex from 138.204.235.30 port 40713 ssh2 Oct 29 01:57:14 shared11 sshd[12485]: Received disconnect from 138.204.235.30 port 40713:11: Bye Bye [preauth] Oct 29 01:57........ ------------------------------	2019-11-03 06:09:13
83.246.135.101	attackbots	Oct 29 09:21:13 tux postfix/smtpd[25435]: connect from relay.ttb.ru[83.246.135.101] Oct 29 09:21:13 tux postfix/smtpd[25435]: Anonymous TLS connection established from relay.ttb.ru[83.246.135.101]: TLSv1.2 whostnameh cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bhostnames) Oct x@x Oct x@x Oct 29 09:21:14 tux postfix/smtpd[25435]: disconnect from relay.ttb.ru[83.246.135.101] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=83.246.135.101	2019-11-03 06:15:22
177.2.108.162	attack	namecheap spam	2019-11-03 06:18:01
51.77.194.241	attackbotsspam	Nov 2 23:38:50 server sshd\[30973\]: User root from 51.77.194.241 not allowed because listed in DenyUsers Nov 2 23:38:50 server sshd\[30973\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.194.241 user=root Nov 2 23:38:51 server sshd\[30973\]: Failed password for invalid user root from 51.77.194.241 port 50906 ssh2 Nov 2 23:42:18 server sshd\[26752\]: User root from 51.77.194.241 not allowed because listed in DenyUsers Nov 2 23:42:18 server sshd\[26752\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.194.241 user=root	2019-11-03 06:14:33
123.206.76.184	attack	2019-11-02T22:20:59.395277abusebot-2.cloudsearch.cf sshd\[14995\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.206.76.184 user=root	2019-11-03 06:35:12
118.24.38.53	attack	Nov 2 23:18:04 vpn01 sshd[15272]: Failed password for root from 118.24.38.53 port 47346 ssh2 ...	2019-11-03 06:24:48

Recently Reported IPs

105.213.101.30	104.211.41.215	104.211.5.128	104.211.5.87
104.211.50.18	104.211.60.104	104.211.7.200	104.211.63.229
104.211.59.224	104.211.77.233	104.211.73.126	104.214.101.105
104.214.101.74	104.211.8.26	105.213.101.46	104.214.102.180
104.214.102.64	104.214.102.179	104.214.103.115	104.214.20.11