167.172.103.6 - IPInfo

Basic Info

City: Frankfurt am Main

Region: Hessen

Country: Germany

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
167.172.103.66	attackspambots	Registration form abuse	2020-09-24 01:09:55
167.172.103.66	attackbotsspam	Registration form abuse	2020-09-23 17:13:42
167.172.103.224	attackspam	Fail2Ban Ban Triggered	2020-07-20 07:51:10
167.172.103.224	attack	TCP (SYN) 167.172.103.224:41853 -> port 2611, len 44	2020-07-12 00:22:55
167.172.103.224	attackspambots	Jul 11 00:29:09 rush sshd[1248]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.172.103.224 Jul 11 00:29:11 rush sshd[1248]: Failed password for invalid user intern from 167.172.103.224 port 36590 ssh2 Jul 11 00:34:05 rush sshd[1403]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.172.103.224 ...	2020-07-11 08:47:39
167.172.103.224	attackspam	Jun 24 07:49:52 lukav-desktop sshd\[22096\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.172.103.224 user=root Jun 24 07:49:53 lukav-desktop sshd\[22096\]: Failed password for root from 167.172.103.224 port 40748 ssh2 Jun 24 07:53:06 lukav-desktop sshd\[22180\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.172.103.224 user=root Jun 24 07:53:08 lukav-desktop sshd\[22180\]: Failed password for root from 167.172.103.224 port 51084 ssh2 Jun 24 07:56:16 lukav-desktop sshd\[22253\]: Invalid user test2 from 167.172.103.224	2020-06-24 19:36:31
167.172.103.224	attackspam	Jun 22 03:37:46 php1 sshd\[26188\]: Invalid user luke from 167.172.103.224 Jun 22 03:37:46 php1 sshd\[26188\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.172.103.224 Jun 22 03:37:48 php1 sshd\[26188\]: Failed password for invalid user luke from 167.172.103.224 port 39288 ssh2 Jun 22 03:42:08 php1 sshd\[26682\]: Invalid user wp from 167.172.103.224 Jun 22 03:42:08 php1 sshd\[26682\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.172.103.224	2020-06-22 21:57:56
167.172.103.224	attackspam	2020-06-20T20:16:45.282453randservbullet-proofcloud-66.localdomain sshd[9414]: Invalid user tester from 167.172.103.224 port 55454 2020-06-20T20:16:45.287210randservbullet-proofcloud-66.localdomain sshd[9414]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.172.103.224 2020-06-20T20:16:45.282453randservbullet-proofcloud-66.localdomain sshd[9414]: Invalid user tester from 167.172.103.224 port 55454 2020-06-20T20:16:47.377611randservbullet-proofcloud-66.localdomain sshd[9414]: Failed password for invalid user tester from 167.172.103.224 port 55454 ssh2 ...	2020-06-21 05:07:57
167.172.103.224	attackspambots	Jun 20 14:11:56 marvibiene sshd[30804]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.172.103.224 user=root Jun 20 14:11:57 marvibiene sshd[30804]: Failed password for root from 167.172.103.224 port 46278 ssh2 Jun 20 14:23:25 marvibiene sshd[30857]: Invalid user elizabeth from 167.172.103.224 port 37232 ...	2020-06-20 22:32:59
167.172.103.224	attack	Jun 19 09:01:40 abendstille sshd\[26992\]: Invalid user cat from 167.172.103.224 Jun 19 09:01:40 abendstille sshd\[26992\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.172.103.224 Jun 19 09:01:42 abendstille sshd\[26992\]: Failed password for invalid user cat from 167.172.103.224 port 53168 ssh2 Jun 19 09:05:51 abendstille sshd\[31158\]: Invalid user dong from 167.172.103.224 Jun 19 09:05:51 abendstille sshd\[31158\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.172.103.224 ...	2020-06-19 15:14:19
167.172.103.224	attack	2020-06-18T20:56:29.548337snf-827550 sshd[32713]: Invalid user oto from 167.172.103.224 port 40820 2020-06-18T20:56:31.522848snf-827550 sshd[32713]: Failed password for invalid user oto from 167.172.103.224 port 40820 ssh2 2020-06-18T21:00:41.486781snf-827550 sshd[32737]: Invalid user ftpuser from 167.172.103.224 port 40816 ...	2020-06-19 02:18:37
167.172.103.224	attackbotsspam	(sshd) Failed SSH login from 167.172.103.224 (DE/Germany/-): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jun 17 09:10:10 ubnt-55d23 sshd[16390]: Invalid user tommy from 167.172.103.224 port 35496 Jun 17 09:10:11 ubnt-55d23 sshd[16390]: Failed password for invalid user tommy from 167.172.103.224 port 35496 ssh2	2020-06-17 16:51:42
167.172.103.224	attack	SSH login attempts.	2020-06-16 18:05:34
167.172.103.224	attackbots	Jun 15 23:41:08 home sshd[19802]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.172.103.224 Jun 15 23:41:10 home sshd[19802]: Failed password for invalid user yyf from 167.172.103.224 port 33104 ssh2 Jun 15 23:45:04 home sshd[20228]: Failed password for root from 167.172.103.224 port 33540 ssh2 ...	2020-06-16 05:54:21
167.172.103.224	attack	Jun 6 11:37:07 vps46666688 sshd[19437]: Failed password for root from 167.172.103.224 port 52010 ssh2 ...	2020-06-07 04:14:03

Whois info:

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2025, American Registry for Internet Numbers, Ltd.
#


NetRange:       167.172.0.0 - 167.172.255.255
CIDR:           167.172.0.0/16
NetName:        RIPE-ERX-167-172-0-0
NetHandle:      NET-167-172-0-0-1
Parent:         NET167 (NET-167-0-0-0-0)
NetType:        Early Registrations, Transferred to RIPE NCC
OriginAS:       
Organization:   RIPE Network Coordination Centre (RIPE)
RegDate:        2003-07-23
Updated:        2025-02-10
Comment:        These addresses have been further assigned to users in the RIPE NCC region. Please note that the organization and point of contact details listed below are those of the RIPE NCC not the current address holder. ** You can find user contact information for the current address holder in the RIPE database at http://www.ripe.net/whois.
Ref:            https://rdap.arin.net/registry/ip/167.172.0.0

ResourceLink:  https://apps.db.ripe.net/db-web-ui/query
ResourceLink:  whois.ripe.net


OrgName:        RIPE Network Coordination Centre
OrgId:          RIPE
Address:        P.O. Box 10096
City:           Amsterdam
StateProv:      
PostalCode:     1001EB
Country:        NL
RegDate:        
Updated:        2013-07-29
Ref:            https://rdap.arin.net/registry/entity/RIPE

ReferralServer:  whois.ripe.net
ResourceLink:  https://apps.db.ripe.net/db-web-ui/query

OrgAbuseHandle: ABUSE3850-ARIN
OrgAbuseName:   Abuse Contact
OrgAbusePhone:  +31205354444 
OrgAbuseEmail:  abuse@ripe.net
OrgAbuseRef:    https://rdap.arin.net/registry/entity/ABUSE3850-ARIN

OrgTechHandle: RNO29-ARIN
OrgTechName:   RIPE NCC Operations
OrgTechPhone:  +31 20 535 4444 
OrgTechEmail:  hostmaster@ripe.net
OrgTechRef:    https://rdap.arin.net/registry/entity/RNO29-ARIN


#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2025, American Registry for Internet Numbers, Ltd.
#

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 167.172.103.6
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3733
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;167.172.103.6.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025092901 1800 900 604800 86400

;; Query time: 12 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Sep 30 02:41:43 CST 2025
;; MSG SIZE  rcvd: 106

Host info

Host 6.103.172.167.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 6.103.172.167.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
106.12.9.10	attack	Attempted connection to port 31634.	2020-04-21 18:15:31
113.161.88.42	attack	Dovecot Invalid User Login Attempt.	2020-04-21 18:20:47
122.144.196.122	attack	DATE:2020-04-21 09:54:55, IP:122.144.196.122, PORT:ssh SSH brute force auth (docker-dc)	2020-04-21 18:08:53
168.195.206.195	attackspambots	20/4/20@23:49:57: FAIL: Alarm-Network address from=168.195.206.195 20/4/20@23:49:57: FAIL: Alarm-Network address from=168.195.206.195 ...	2020-04-21 18:24:38
83.159.194.187	attackbots	2020-04-20 UTC: (8x) - admin,di,kb,kt,root(2x),test01,tester	2020-04-21 18:27:22
103.23.102.3	attackbots	Invalid user hk from 103.23.102.3 port 51266	2020-04-21 18:05:37
124.156.121.233	attackbotsspam	2020-04-21T09:27:51.169074vps773228.ovh.net sshd[15124]: Invalid user docker from 124.156.121.233 port 51154 2020-04-21T09:27:51.181485vps773228.ovh.net sshd[15124]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.156.121.233 2020-04-21T09:27:51.169074vps773228.ovh.net sshd[15124]: Invalid user docker from 124.156.121.233 port 51154 2020-04-21T09:27:53.631943vps773228.ovh.net sshd[15124]: Failed password for invalid user docker from 124.156.121.233 port 51154 ssh2 2020-04-21T09:34:48.144918vps773228.ovh.net sshd[15240]: Invalid user ubuntu from 124.156.121.233 port 42682 ...	2020-04-21 18:44:29
77.43.129.150	attackspambots	404 NOT FOUND	2020-04-21 18:09:19
5.249.146.176	attack	Apr 21 09:27:09 srv01 sshd[28867]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.146.176 user=root Apr 21 09:27:11 srv01 sshd[28867]: Failed password for root from 5.249.146.176 port 36042 ssh2 Apr 21 09:31:43 srv01 sshd[29176]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.146.176 user=root Apr 21 09:31:45 srv01 sshd[29176]: Failed password for root from 5.249.146.176 port 37730 ssh2 Apr 21 09:36:17 srv01 sshd[29484]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.146.176 user=root Apr 21 09:36:19 srv01 sshd[29484]: Failed password for root from 5.249.146.176 port 39422 ssh2 ...	2020-04-21 18:44:52
60.211.240.122	attackspam	04/21/2020-00:23:04.918491 60.211.240.122 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2020-04-21 18:14:26
112.113.159.178	attackbots	leo_www	2020-04-21 18:23:13
119.93.116.186	attackspambots	(sshd) Failed SSH login from 119.93.116.186 (PH/Philippines/-): 3 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 21 03:48:45 andromeda sshd[21951]: Did not receive identification string from 119.93.116.186 port 56927 Apr 21 03:49:29 andromeda sshd[21962]: Invalid user admin2 from 119.93.116.186 port 59241 Apr 21 03:49:31 andromeda sshd[21962]: Failed password for invalid user admin2 from 119.93.116.186 port 59241 ssh2	2020-04-21 18:45:49
90.94.99.72	attackbotsspam	Unauthorized connection attempt detected from IP address 90.94.99.72 to port 23	2020-04-21 18:38:04
206.189.47.166	attackbotsspam	$f2bV_matches	2020-04-21 18:12:55
94.69.60.159	attack	Port probing on unauthorized port 8080	2020-04-21 18:46:21

Recently Reported IPs

138.97.233.212	195.178.110.109	98.81.221.17	152.32.207.234
45.149.173.227	180.153.236.40	107.197.177.173	183.7.145.164
66.132.153.114	120.77.83.14	240e:43d:20:11ba:343d:eaff:fe5f:fd02	2409:8924:4c7b:7f11:24f2:fe4:68ec:fb25
38.110.46.239	113.215.188.169	165.154.125.148	167.71.32.8
147.185.132.85	54.251.192.243	150.158.17.223	95.179.133.32