106.104.172.173

Basic Info

City: unknown

Region: unknown

Country: Taiwan, China

Internet Service Provider: New Century Infocomm Tech. Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Honeypot attack, port: 81, PTR: 106-104-172-173.adsl.static.seed.net.tw.	2020-07-01 16:28:49

Comments on same subnet:

IP	Type	Details	Datetime
106.104.172.25	attack	[portscan] tcp/23 [TELNET] *(RWIN=56142)(11190859)	2019-11-19 17:24:29
106.104.172.25	attack	Caught in portsentry honeypot	2019-08-27 01:26:50

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.104.172.173
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63806
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.104.172.173.		IN	A

;; AUTHORITY SECTION:
.			432	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020070101 1800 900 604800 86400

;; Query time: 184 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jul 01 16:28:46 CST 2020
;; MSG SIZE  rcvd: 119

Host info

173.172.104.106.in-addr.arpa domain name pointer 106-104-172-173.adsl.static.seed.net.tw.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
173.172.104.106.in-addr.arpa	name = 106-104-172-173.adsl.static.seed.net.tw.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
218.92.0.147	attackbotsspam	2019-10-21T04:54:10.279975abusebot-4.cloudsearch.cf sshd\[20539\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.147 user=root	2019-10-21 18:34:39
91.121.103.175	attackspam	Oct 20 17:55:56 hanapaa sshd\[15110\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns354139.ip-91-121-103.eu user=root Oct 20 17:55:58 hanapaa sshd\[15110\]: Failed password for root from 91.121.103.175 port 40766 ssh2 Oct 20 18:01:55 hanapaa sshd\[15579\]: Invalid user powerapp from 91.121.103.175 Oct 20 18:01:55 hanapaa sshd\[15579\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns354139.ip-91-121-103.eu Oct 20 18:01:57 hanapaa sshd\[15579\]: Failed password for invalid user powerapp from 91.121.103.175 port 50596 ssh2	2019-10-21 18:30:03
183.195.106.190	attack	Oct 21 10:55:15 rotator sshd\[29913\]: Invalid user trash from 183.195.106.190Oct 21 10:55:17 rotator sshd\[29913\]: Failed password for invalid user trash from 183.195.106.190 port 41476 ssh2Oct 21 10:59:32 rotator sshd\[30244\]: Invalid user devdev123. from 183.195.106.190Oct 21 10:59:34 rotator sshd\[30244\]: Failed password for invalid user devdev123. from 183.195.106.190 port 45102 ssh2Oct 21 11:03:51 rotator sshd\[31114\]: Invalid user oscar1 from 183.195.106.190Oct 21 11:03:53 rotator sshd\[31114\]: Failed password for invalid user oscar1 from 183.195.106.190 port 48732 ssh2 ...	2019-10-21 18:19:03
190.25.232.2	attack	Lines containing failures of 190.25.232.2 Oct 21 02:42:27 mellenthin sshd[28147]: Invalid user uc from 190.25.232.2 port 55999 Oct 21 02:42:27 mellenthin sshd[28147]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.25.232.2 Oct 21 02:42:29 mellenthin sshd[28147]: Failed password for invalid user uc from 190.25.232.2 port 55999 ssh2 Oct 21 02:42:29 mellenthin sshd[28147]: Received disconnect from 190.25.232.2 port 55999:11: Bye Bye [preauth] Oct 21 02:42:29 mellenthin sshd[28147]: Disconnected from invalid user uc 190.25.232.2 port 55999 [preauth] Oct 21 02:57:30 mellenthin sshd[28265]: User r.r from 190.25.232.2 not allowed because not listed in AllowUsers Oct 21 02:57:30 mellenthin sshd[28265]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.25.232.2 user=r.r Oct 21 02:57:32 mellenthin sshd[28265]: Failed password for invalid user r.r from 190.25.232.2 port 47370 ssh2 Oct 21 02:57:3........ ------------------------------	2019-10-21 18:44:33
106.13.87.145	attack	Oct 21 03:59:15 firewall sshd[24888]: Invalid user tomcat from 106.13.87.145 Oct 21 03:59:17 firewall sshd[24888]: Failed password for invalid user tomcat from 106.13.87.145 port 59526 ssh2 Oct 21 04:03:59 firewall sshd[24990]: Invalid user spamfilter from 106.13.87.145 ...	2019-10-21 18:21:57
103.235.170.195	attack	Oct 21 07:20:38 XXX sshd[4220]: Invalid user victor from 103.235.170.195 port 41660	2019-10-21 18:32:10
60.50.146.131	attackbots	php WP PHPmyadamin ABUSE blocked for 12h	2019-10-21 18:17:03
51.254.205.6	attackbots	Oct 21 06:26:23 server sshd\[26115\]: Invalid user admin from 51.254.205.6 Oct 21 06:26:23 server sshd\[26115\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=6.ip-51-254-205.eu Oct 21 06:26:25 server sshd\[26115\]: Failed password for invalid user admin from 51.254.205.6 port 52040 ssh2 Oct 21 06:43:41 server sshd\[31465\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=6.ip-51-254-205.eu user=root Oct 21 06:43:43 server sshd\[31465\]: Failed password for root from 51.254.205.6 port 52270 ssh2 ...	2019-10-21 18:45:49
45.40.244.197	attack	Oct 21 13:17:53 sauna sshd[109858]: Failed password for root from 45.40.244.197 port 47004 ssh2 ...	2019-10-21 18:40:50
45.82.153.35	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2019-10-21 18:30:39
167.114.185.237	attack	Oct 21 10:28:03 amit sshd\[22889\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.114.185.237 user=root Oct 21 10:28:05 amit sshd\[22889\]: Failed password for root from 167.114.185.237 port 35276 ssh2 Oct 21 10:31:42 amit sshd\[27502\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.114.185.237 user=root ...	2019-10-21 18:27:44
206.189.142.10	attackbotsspam	SSH Brute Force, server-1 sshd[4337]: Failed password for root from 206.189.142.10 port 33274 ssh2	2019-10-21 18:23:20
159.65.230.189	attack	2019-10-21T06:03:41.794179abusebot-6.cloudsearch.cf sshd\[7063\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.230.189 user=root	2019-10-21 18:23:43
198.108.67.132	attackbotsspam	10/21/2019-04:34:41.512288 198.108.67.132 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-10-21 18:16:31
118.24.30.97	attackbots	Oct 21 08:58:30 MK-Soft-VM5 sshd[22960]: Failed password for root from 118.24.30.97 port 33212 ssh2 ...	2019-10-21 18:21:45

Recently Reported IPs

192.82.66.238	223.255.230.233	209.97.170.74	100.164.33.99
111.72.197.113	179.154.3.72	110.136.239.95	109.74.168.231
82.80.178.178	94.156.81.68	179.124.31.118	101.51.106.114
152.32.108.64	202.255.22.54	159.89.43.61	95.248.106.97
45.145.66.112	27.65.48.134	218.203.227.160	167.172.226.2