104.168.21.172

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.168.214.53	attackspambots	[f2b] sshd bruteforce, retries: 1	2020-10-12 05:31:58
104.168.214.53	attack	[f2b] sshd bruteforce, retries: 1	2020-10-11 21:38:42
104.168.214.53	attack	5x Failed Password	2020-10-11 13:35:31
104.168.214.53	attackbotsspam	20 attempts against mh-ssh on ice	2020-10-11 06:59:12
104.168.214.86	attack	Oct 8 11:05:14 mail postfix/smtpd[27643]: warning: hwsrv-786714.hostwindsdns.com[104.168.214.86]: SASL login authentication failed: authentication failure	2020-10-09 05:12:13
104.168.214.86	attack	Oct 7 22:46:27 mellenthin postfix/smtpd[26683]: warning: hwsrv-786714.hostwindsdns.com[104.168.214.86]: SASL login authentication failed: UGFzc3dvcmQ6 Oct 7 22:46:34 mellenthin postfix/smtpd[26683]: warning: hwsrv-786714.hostwindsdns.com[104.168.214.86]: SASL login authentication failed: UGFzc3dvcmQ6	2020-10-08 21:25:49
104.168.214.86	attack	Oct 7 22:46:27 mellenthin postfix/smtpd[26683]: warning: hwsrv-786714.hostwindsdns.com[104.168.214.86]: SASL login authentication failed: UGFzc3dvcmQ6 Oct 7 22:46:34 mellenthin postfix/smtpd[26683]: warning: hwsrv-786714.hostwindsdns.com[104.168.214.86]: SASL login authentication failed: UGFzc3dvcmQ6	2020-10-08 13:19:54
104.168.214.86	attackspam	Oct 7 22:46:27 mellenthin postfix/smtpd[26683]: warning: hwsrv-786714.hostwindsdns.com[104.168.214.86]: SASL login authentication failed: UGFzc3dvcmQ6 Oct 7 22:46:34 mellenthin postfix/smtpd[26683]: warning: hwsrv-786714.hostwindsdns.com[104.168.214.86]: SASL login authentication failed: UGFzc3dvcmQ6	2020-10-08 08:40:21
104.168.214.168	attack	DATE:2020-08-17 05:56:55, IP:104.168.214.168, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2020-08-17 17:12:38
104.168.21.186	attack		2020-08-14 23:01:33
104.168.219.192	attack	14 - Undeliverable: Emails for p*r@rc.com	2020-08-06 07:41:11
104.168.21.186	attack	Automatic report - Banned IP Access	2020-08-01 18:08:31
104.168.219.197	attackspam	13.07.2020 12:23:00 Recursive DNS scan	2020-07-13 22:02:03
104.168.219.181	attack	Port Scan	2020-05-29 20:45:06
104.168.219.2	attack	Unauthorized connection attempt detected from IP address 104.168.219.2 to port 23	2020-04-03 16:35:54

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.168.21.172
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29575
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.168.21.172.			IN	A

;; AUTHORITY SECTION:
.			393	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022800 1800 900 604800 86400

;; Query time: 67 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 28 16:03:52 CST 2022
;; MSG SIZE  rcvd: 107

Host info

172.21.168.104.in-addr.arpa domain name pointer 104-168-21-172-host.colocrossing.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
172.21.168.104.in-addr.arpa	name = 104-168-21-172-host.colocrossing.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
49.233.68.90	attackspam	Jul 4 06:49:06 dhoomketu sshd[1263947]: Failed password for root from 49.233.68.90 port 46754 ssh2 Jul 4 06:52:18 dhoomketu sshd[1264063]: Invalid user ubuntu from 49.233.68.90 port 37395 Jul 4 06:52:18 dhoomketu sshd[1264063]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.68.90 Jul 4 06:52:18 dhoomketu sshd[1264063]: Invalid user ubuntu from 49.233.68.90 port 37395 Jul 4 06:52:20 dhoomketu sshd[1264063]: Failed password for invalid user ubuntu from 49.233.68.90 port 37395 ssh2 ...	2020-07-04 15:12:01
157.245.155.13	attackbots	Invalid user administracion from 157.245.155.13 port 51330	2020-07-04 14:51:30
144.217.93.78	attackspambots	Jul 4 07:03:13 web-main sshd[200184]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.217.93.78 Jul 4 07:03:13 web-main sshd[200184]: Invalid user repos from 144.217.93.78 port 41518 Jul 4 07:03:15 web-main sshd[200184]: Failed password for invalid user repos from 144.217.93.78 port 41518 ssh2	2020-07-04 14:58:29
46.38.150.188	attackbots	2020-07-04 06:49:01 auth_plain authenticator failed for (User) [46.38.150.188]: 535 Incorrect authentication data (set_id=gay@mail.csmailer.org) 2020-07-04 06:49:47 auth_plain authenticator failed for (User) [46.38.150.188]: 535 Incorrect authentication data (set_id=anand@mail.csmailer.org) 2020-07-04 06:50:34 auth_plain authenticator failed for (User) [46.38.150.188]: 535 Incorrect authentication data (set_id=testdomain@mail.csmailer.org) 2020-07-04 06:51:20 auth_plain authenticator failed for (User) [46.38.150.188]: 535 Incorrect authentication data (set_id=u23@mail.csmailer.org) 2020-07-04 06:52:06 auth_plain authenticator failed for (User) [46.38.150.188]: 535 Incorrect authentication data (set_id=datasync@mail.csmailer.org) ...	2020-07-04 14:52:28
40.73.0.147	attack	ssh brute force	2020-07-04 14:47:44
170.130.187.6	attackbotsspam	Unauthorized connection attempt detected from IP address 170.130.187.6 to port 3389	2020-07-04 14:51:08
177.136.39.254	attackbotsspam	Jul 4 06:11:35 web-main sshd[199405]: Failed password for invalid user csczserver from 177.136.39.254 port 43463 ssh2 Jul 4 06:18:31 web-main sshd[199488]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.136.39.254 user=root Jul 4 06:18:34 web-main sshd[199488]: Failed password for root from 177.136.39.254 port 51630 ssh2	2020-07-04 14:35:56
185.220.101.234	attack	Brute forcing Wordpress login	2020-07-04 15:09:57
198.23.140.218	attack	Hit honeypot r.	2020-07-04 14:53:16
194.26.29.22	attackbotsspam	TCP (SYN) 194.26.29.22:54627 -> port 9999, len 40	2020-07-04 14:40:58
210.13.96.74	attackspam	(sshd) Failed SSH login from 210.13.96.74 (CN/China/-): 5 in the last 3600 secs	2020-07-04 14:52:57
23.115.38.75	attackspambots	VNC brute force attack detected by fail2ban	2020-07-04 15:12:27
175.183.23.47	attackspambots	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: 175-183-23-47.adsl.dynamic.seed.net.tw.	2020-07-04 14:55:57
120.131.13.186	attackbots	k+ssh-bruteforce	2020-07-04 15:03:41
222.186.175.215	attack	2020-07-04T10:14:29.518462afi-git.jinr.ru sshd[10464]: Failed password for root from 222.186.175.215 port 45672 ssh2 2020-07-04T10:14:32.888280afi-git.jinr.ru sshd[10464]: Failed password for root from 222.186.175.215 port 45672 ssh2 2020-07-04T10:14:37.690368afi-git.jinr.ru sshd[10464]: Failed password for root from 222.186.175.215 port 45672 ssh2 2020-07-04T10:14:37.690543afi-git.jinr.ru sshd[10464]: error: maximum authentication attempts exceeded for root from 222.186.175.215 port 45672 ssh2 [preauth] 2020-07-04T10:14:37.690562afi-git.jinr.ru sshd[10464]: Disconnecting: Too many authentication failures [preauth] ...	2020-07-04 15:19:49

Recently Reported IPs

104.168.203.94	104.168.211.198	104.168.205.106	104.168.211.234
104.168.211.80	104.168.211.196	104.168.211.27	104.168.211.85
104.168.22.190	104.168.245.249	104.168.93.126	104.17.10.62
104.17.1.90	104.17.10.137	104.17.102.50	104.17.100.114
104.17.107.26	104.17.11.62	104.17.108.26	104.17.113.33