104.214.218.85

Basic Info

City: unknown

Region: unknown

Country: Netherlands

Internet Service Provider: Microsoft Corporation

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	TCP (SYN) 104.214.218.85:4230 -> port 1433, len 52	2020-08-03 01:47:55

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.214.218.85
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24718
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.214.218.85.			IN	A

;; AUTHORITY SECTION:
.			264	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020080201 1800 900 604800 86400

;; Query time: 19 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Aug 03 01:47:51 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 85.218.214.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 85.218.214.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
94.23.172.28	attackspam	Mar 14 03:53:22 *** sshd[7513]: Invalid user uehara from 94.23.172.28	2020-03-14 14:09:10
106.54.97.214	attackspam	Mar 16 00:47:05 server sshd\[12403\]: Failed password for root from 106.54.97.214 port 58066 ssh2 Mar 16 10:15:39 server sshd\[21359\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.97.214 user=root Mar 16 10:15:41 server sshd\[21359\]: Failed password for root from 106.54.97.214 port 34872 ssh2 Mar 16 10:47:26 server sshd\[28410\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.97.214 user=root Mar 16 10:47:29 server sshd\[28410\]: Failed password for root from 106.54.97.214 port 33420 ssh2 ...	2020-03-16 17:56:47
200.40.45.82	attackspam	detected by Fail2Ban	2020-03-16 17:10:13
165.22.112.45	attack	Mar 16 09:16:49 vmd17057 sshd[24186]: Failed password for root from 165.22.112.45 port 41970 ssh2 ...	2020-03-16 17:47:06
171.250.68.143	attackbotsspam	Honeypot attack, port: 445, PTR: dynamic-adsl.viettel.vn.	2020-03-16 17:51:55
60.50.140.140	attackbotsspam	Mar 16 08:44:10 site3 sshd\[207890\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.50.140.140 user=root Mar 16 08:44:12 site3 sshd\[207890\]: Failed password for root from 60.50.140.140 port 29487 ssh2 Mar 16 08:49:52 site3 sshd\[207936\]: Invalid user gitlab from 60.50.140.140 Mar 16 08:49:52 site3 sshd\[207936\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.50.140.140 Mar 16 08:49:55 site3 sshd\[207936\]: Failed password for invalid user gitlab from 60.50.140.140 port 16003 ssh2 ...	2020-03-16 17:00:37
195.231.3.155	attackbotsspam	Mar 14 05:58:43 mail.srvfarm.net postfix/smtpd[2941132]: warning: unknown[195.231.3.155]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 14 05:58:43 mail.srvfarm.net postfix/smtpd[2941132]: lost connection after AUTH from unknown[195.231.3.155] Mar 14 05:59:18 mail.srvfarm.net postfix/smtpd[2940780]: warning: unknown[195.231.3.155]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 14 05:59:18 mail.srvfarm.net postfix/smtpd[2940780]: lost connection after AUTH from unknown[195.231.3.155] Mar 14 06:00:03 mail.srvfarm.net postfix/smtpd[2939580]: warning: unknown[195.231.3.155]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 14 06:00:03 mail.srvfarm.net postfix/smtpd[2939580]: lost connection after AUTH from unknown[195.231.3.155]	2020-03-14 14:07:38
51.68.32.21	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-03-16 17:58:34
49.231.222.2	attackbotsspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-03-16 18:01:15
49.234.61.180	attack	2020-03-14T04:53:21.528810shield sshd\[20553\]: Invalid user cisco from 49.234.61.180 port 44436 2020-03-14T04:53:21.536670shield sshd\[20553\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.61.180 2020-03-14T04:53:24.199934shield sshd\[20553\]: Failed password for invalid user cisco from 49.234.61.180 port 44436 ssh2 2020-03-14T04:56:50.713597shield sshd\[21187\]: Invalid user ns2 from 49.234.61.180 port 53748 2020-03-14T04:56:50.719613shield sshd\[21187\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.61.180	2020-03-14 14:05:38
195.231.3.146	attackspam	Mar 14 06:50:09 mail.srvfarm.net postfix/smtpd[2965365]: warning: unknown[195.231.3.146]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 14 06:50:09 mail.srvfarm.net postfix/smtpd[2965365]: lost connection after AUTH from unknown[195.231.3.146] Mar 14 06:50:12 mail.srvfarm.net postfix/smtpd[2960448]: lost connection after CONNECT from unknown[195.231.3.146] Mar 14 06:56:46 mail.srvfarm.net postfix/smtpd[2964690]: warning: unknown[195.231.3.146]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 14 06:56:46 mail.srvfarm.net postfix/smtpd[2966545]: warning: unknown[195.231.3.146]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2020-03-14 14:09:28
113.161.31.254	attack	Honeypot attack, port: 445, PTR: static.vnpt.vn.	2020-03-16 17:56:20
222.186.175.167	attack	pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.167 user=root Failed password for root from 222.186.175.167 port 63068 ssh2 Failed password for root from 222.186.175.167 port 63068 ssh2 Failed password for root from 222.186.175.167 port 63068 ssh2 Failed password for root from 222.186.175.167 port 63068 ssh2	2020-03-14 14:00:18
45.133.99.2	attackbots	Mar 14 06:45:30 relay postfix/smtpd\[17671\]: warning: unknown\[45.133.99.2\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 14 06:45:44 relay postfix/smtpd\[8366\]: warning: unknown\[45.133.99.2\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 14 06:57:37 relay postfix/smtpd\[18046\]: warning: unknown\[45.133.99.2\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 14 06:57:53 relay postfix/smtpd\[8366\]: warning: unknown\[45.133.99.2\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 14 06:58:10 relay postfix/smtpd\[8366\]: warning: unknown\[45.133.99.2\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-03-14 14:10:34
46.101.11.213	attack	Invalid user test from 46.101.11.213 port 55640	2020-03-14 14:02:10

Recently Reported IPs

58.187.143.215	37.49.224.2	103.81.115.8	13.250.46.200
47.103.159.227	112.10.116.220	197.188.26.255	47.238.149.48
108.67.49.2	67.60.162.235	209.127.178.83	223.178.69.217
139.155.17.125	14.246.19.88	124.13.174.50	124.156.119.150
83.146.109.79	49.84.109.50	27.102.101.79	70.214.134.101