172.104.206.53

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 172.104.206.53
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 11402
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;172.104.206.53.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021800 1800 900 604800 86400

;; Query time: 16 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 15:12:46 CST 2022
;; MSG SIZE  rcvd: 107

Host info

53.206.104.172.in-addr.arpa domain name pointer 172-104-206-53.ip.linodeusercontent.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
53.206.104.172.in-addr.arpa	name = 172-104-206-53.ip.linodeusercontent.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
36.68.239.218	attackbotsspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-08-25 17:43:28,056 INFO [shellcode_manager] (36.68.239.218) no match, writing hexdump (5625718adfc55c463bd1064aee95eacb :2200705) - MS17010 (EternalBlue)	2019-08-26 12:28:32
118.170.151.226	attackspambots	Honeypot attack, port: 23, PTR: 118-170-151-226.dynamic-ip.hinet.net.	2019-08-26 12:12:05
106.248.249.26	attack	Aug 26 06:31:54 s64-1 sshd[10856]: Failed password for backup from 106.248.249.26 port 44770 ssh2 Aug 26 06:37:58 s64-1 sshd[10885]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.248.249.26 Aug 26 06:38:00 s64-1 sshd[10885]: Failed password for invalid user postgresql from 106.248.249.26 port 37084 ssh2 ...	2019-08-26 12:41:59
91.148.141.188	attackspambots	91.148.141.188 - - \[26/Aug/2019:05:28:42 +0200\] "POST /wp-login.php HTTP/1.1" 200 2110 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 91.148.141.188 - - \[26/Aug/2019:05:28:43 +0200\] "POST /wp-login.php HTTP/1.1" 200 2113 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" ...	2019-08-26 12:32:39
143.255.105.109	attack	Aug 26 06:42:04 eventyay sshd[22222]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=143.255.105.109 Aug 26 06:42:06 eventyay sshd[22222]: Failed password for invalid user ftpadmin from 143.255.105.109 port 59694 ssh2 Aug 26 06:47:03 eventyay sshd[22326]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=143.255.105.109 ...	2019-08-26 13:01:02
37.49.230.216	attackbots	Splunk® : port scan detected: Aug 25 23:29:08 testbed kernel: Firewall: TCP_IN Blocked IN=eth0 OUT= MAC=82:c6:52:d1:6e:53:c0:42:d0:39:2c:30:08:00 SRC=37.49.230.216 DST=104.248.11.191 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=54321 PROTO=TCP SPT=40071 DPT=81 WINDOW=65535 RES=0x00 SYN URGP=0	2019-08-26 12:12:23
45.76.237.54	attackspam	Aug 25 18:28:25 tdfoods sshd\[14292\]: Invalid user alphonse from 45.76.237.54 Aug 25 18:28:25 tdfoods sshd\[14292\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.76.237.54 Aug 25 18:28:27 tdfoods sshd\[14292\]: Failed password for invalid user alphonse from 45.76.237.54 port 58117 ssh2 Aug 25 18:32:27 tdfoods sshd\[14657\]: Invalid user sakura from 45.76.237.54 Aug 25 18:32:27 tdfoods sshd\[14657\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.76.237.54	2019-08-26 12:41:22
133.130.121.206	attackbotsspam	Aug 25 18:18:43 hanapaa sshd\[23784\]: Invalid user four from 133.130.121.206 Aug 25 18:18:43 hanapaa sshd\[23784\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=v133-130-121-206.a04c.g.tyo1.static.cnode.io Aug 25 18:18:44 hanapaa sshd\[23784\]: Failed password for invalid user four from 133.130.121.206 port 42270 ssh2 Aug 25 18:23:24 hanapaa sshd\[24141\]: Invalid user lang from 133.130.121.206 Aug 25 18:23:24 hanapaa sshd\[24141\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=v133-130-121-206.a04c.g.tyo1.static.cnode.io	2019-08-26 12:35:15
66.240.205.34	attackspambots	General Date 08/25/2019 Time 07:09:53 Session ID 109767652 Virtual Domain root Source IP 66.240.205.34 Source Port 46798 Country/Region United States Source Interface wan2 Destination IP xxx.xxx.xxx.xxx Host Name xxx.com.vn Port 443 Destination Interface lan URL Application Protocol tcp Service HTTPS Action Action dropped Policy 8 Security Level Threat Level critical Threat Score 50 Intrusion Prevention Profile Name default Attack Name Bladabindi.Botnet Attack ID 38856 Reference http://www.fortinet.com/ids/VID38856 Incident Serial No. 41849422 Direction outgoing Severity Message backdoor: Bladabindi.Botnet, Other Source Interface Role undefined _pcap_id 38856 Destination Interface Role undefined Event Type signature Protocol Number 6 roll 64412 Log event original timestamp 1566691792 Log ID 16384 Sub Type ips	2019-08-26 12:45:45
112.78.164.222	attackbotsspam	Honeypot attack, port: 445, PTR: PTR record not found	2019-08-26 12:26:36
92.222.92.114	attack	Aug 25 18:30:15 tdfoods sshd\[14414\]: Invalid user test from 92.222.92.114 Aug 25 18:30:15 tdfoods sshd\[14414\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.ip-92-222-92.eu Aug 25 18:30:16 tdfoods sshd\[14414\]: Failed password for invalid user test from 92.222.92.114 port 49204 ssh2 Aug 25 18:34:28 tdfoods sshd\[14808\]: Invalid user linuxacademy from 92.222.92.114 Aug 25 18:34:28 tdfoods sshd\[14808\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.ip-92-222-92.eu	2019-08-26 12:49:03
116.255.149.226	attack	Aug 25 18:49:16 php1 sshd\[10220\]: Invalid user factorio from 116.255.149.226 Aug 25 18:49:16 php1 sshd\[10220\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.255.149.226 Aug 25 18:49:18 php1 sshd\[10220\]: Failed password for invalid user factorio from 116.255.149.226 port 48076 ssh2 Aug 25 18:54:49 php1 sshd\[10747\]: Invalid user mandy from 116.255.149.226 Aug 25 18:54:49 php1 sshd\[10747\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.255.149.226	2019-08-26 13:03:35
115.220.10.24	attack	Aug 26 02:27:13 shadeyouvpn sshd[21183]: Invalid user npi from 115.220.10.24 Aug 26 02:27:13 shadeyouvpn sshd[21183]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.220.10.24 Aug 26 02:27:15 shadeyouvpn sshd[21183]: Failed password for invalid user npi from 115.220.10.24 port 33356 ssh2 Aug 26 02:27:15 shadeyouvpn sshd[21183]: Received disconnect from 115.220.10.24: 11: Bye Bye [preauth] Aug 26 02:33:01 shadeyouvpn sshd[24780]: Invalid user ansible from 115.220.10.24 Aug 26 02:33:01 shadeyouvpn sshd[24780]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.220.10.24 Aug 26 02:33:03 shadeyouvpn sshd[24780]: Failed password for invalid user ansible from 115.220.10.24 port 53948 ssh2 Aug 26 02:33:04 shadeyouvpn sshd[24780]: Received disconnect from 115.220.10.24: 11: Bye Bye [preauth] Aug 26 02:37:54 shadeyouvpn sshd[27529]: Invalid user yh from 115.220.10.24 Aug 26 02:37:54 shadeyouvp........ -------------------------------	2019-08-26 12:59:12
106.39.87.236	attackbotsspam	Aug 25 18:21:09 sachi sshd\[22804\]: Invalid user paul from 106.39.87.236 Aug 25 18:21:09 sachi sshd\[22804\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.39.87.236 Aug 25 18:21:11 sachi sshd\[22804\]: Failed password for invalid user paul from 106.39.87.236 port 57264 ssh2 Aug 25 18:24:41 sachi sshd\[23113\]: Invalid user ultra from 106.39.87.236 Aug 25 18:24:41 sachi sshd\[23113\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.39.87.236	2019-08-26 12:35:42
52.164.211.22	attack	Aug 25 23:24:55 vtv3 sshd\[10056\]: Invalid user vlado from 52.164.211.22 port 50802 Aug 25 23:24:55 vtv3 sshd\[10056\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.164.211.22 Aug 25 23:24:56 vtv3 sshd\[10056\]: Failed password for invalid user vlado from 52.164.211.22 port 50802 ssh2 Aug 25 23:31:14 vtv3 sshd\[13509\]: Invalid user craven from 52.164.211.22 port 41984 Aug 25 23:31:14 vtv3 sshd\[13509\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.164.211.22 Aug 25 23:43:19 vtv3 sshd\[19417\]: Invalid user thunder from 52.164.211.22 port 52448 Aug 25 23:43:19 vtv3 sshd\[19417\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.164.211.22 Aug 25 23:43:21 vtv3 sshd\[19417\]: Failed password for invalid user thunder from 52.164.211.22 port 52448 ssh2 Aug 25 23:49:25 vtv3 sshd\[22367\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser=	2019-08-26 13:04:24

Recently Reported IPs

172.104.21.39	172.104.208.124	172.104.209.15	172.104.21.63
172.104.210.100	172.104.210.130	172.104.210.164	172.104.211.12
172.104.210.249	172.104.213.127	172.104.211.87	172.104.214.37
172.104.215.68	71.191.203.0	172.104.213.248	172.104.215.134
172.104.218.226	172.104.22.87	172.104.218.167	172.104.22.184