104.206.128.34

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: AAA Enterprises

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	TCP (SYN) 104.206.128.34:62942 -> port 3389, len 44	2020-10-06 04:52:48
attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-10-05 20:55:21
attackbotsspam	Found on Alienvault / proto=6 . srcport=64630 . dstport=5900 . (3726)	2020-10-05 12:44:44
attackspam	TCP (SYN) 104.206.128.34:60656 -> port 3389, len 44	2020-09-27 02:46:48
attackbotsspam	TCP port : 3389	2020-09-26 18:43:16
attackbotsspam	TCP (SYN) 104.206.128.34:56046 -> port 23, len 44	2020-09-20 22:43:16
attack	TCP (SYN) 104.206.128.34:56046 -> port 23, len 44	2020-09-20 14:34:25
attackspambots	TCP (SYN) 104.206.128.34:56046 -> port 23, len 44	2020-09-20 06:33:39
attackspam	Icarus honeypot on github	2020-09-16 02:38:13
attack	Telnet/23 MH Probe, Scan, BF, Hack -	2020-09-15 18:35:07
attackbots	Port Scan ...	2020-09-07 04:20:27
attack	TCP (SYN) 104.206.128.34:63301 -> port 3389, len 44	2020-09-06 19:55:36
attackbots	161/udp 21/tcp 5060/tcp... [2020-07-11/09-01]36pkt,11pt.(tcp),1pt.(udp)	2020-09-02 22:30:09
attackspambots	161/udp 21/tcp 5060/tcp... [2020-07-11/09-01]36pkt,11pt.(tcp),1pt.(udp)	2020-09-02 14:18:54
attackbots	161/udp 21/tcp 5060/tcp... [2020-07-11/09-01]36pkt,11pt.(tcp),1pt.(udp)	2020-09-02 07:19:47
attackspam	Telnet/23 MH Probe, Scan, BF, Hack -	2020-08-01 20:26:28
attack	Jun 23 19:46:43 debian-2gb-nbg1-2 kernel: \[15193073.080916\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=104.206.128.34 DST=195.201.40.59 LEN=44 TOS=0x00 PREC=0x00 TTL=239 ID=54321 PROTO=TCP SPT=52425 DPT=37563 WINDOW=65535 RES=0x00 SYN URGP=0	2020-06-24 01:51:59
attackspam	Jun 19 23:29:20 debian-2gb-nbg1-2 kernel: \[14860848.007281\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=104.206.128.34 DST=195.201.40.59 LEN=44 TOS=0x00 PREC=0x00 TTL=239 ID=54321 PROTO=TCP SPT=53776 DPT=59409 WINDOW=65535 RES=0x00 SYN URGP=0	2020-06-20 06:20:23
attackspambots	GPL SNMP public access udp - port: 161 proto: UDP cat: Attempted Information Leak	2020-05-12 08:27:31
attackbots	Port Scan: Events[1] countPorts[1]: 23 ..	2020-04-18 05:41:00
attack	TCP 3389 (RDP)	2020-03-19 21:18:19
attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-19 23:18:33
attackbotsspam	8444/tcp 9595/tcp 161/udp... [2019-11-28/2020-01-23]40pkt,11pt.(tcp),1pt.(udp)	2020-01-24 00:45:53
attack	unauthorized connection attempt	2020-01-09 18:29:01
attackbots	Unauthorised access (Dec 27) SRC=104.206.128.34 LEN=44 TTL=237 ID=26934 TCP DPT=1433 WINDOW=1024 SYN	2019-12-28 04:58:40
attackspambots	52311/tcp 81/tcp 3389/tcp... [2019-10-10/12-10]59pkt,13pt.(tcp),1pt.(udp)	2019-12-11 05:23:31
attackbotsspam	Scanning random ports - tries to find possible vulnerable services	2019-12-10 04:59:31
attack	Port scan	2019-11-16 02:05:02
attackbotsspam	08/11/2019-15:12:11.595622 104.206.128.34 Protocol: 17 GPL SNMP public access udp	2019-08-12 05:55:37
attackbots	88/tcp 3389/tcp 1433/tcp... [2019-06-13/07-15]19pkt,11pt.(tcp)	2019-07-16 06:51:30

Comments on same subnet:

IP	Type	Details	Datetime
104.206.128.6	attackspambots	Automatic report - Banned IP Access	2020-10-09 02:32:26
104.206.128.6	attackbots	bruteforce, ssh, scan port	2020-10-08 18:31:18
104.206.128.74	attackspambots	UDP 104.206.128.74:57326 -> port 161, len 71	2020-10-06 04:12:44
104.206.128.2	attackspambots	TCP (SYN) 104.206.128.2:60162 -> port 1433, len 44	2020-10-06 04:10:28
104.206.128.42	attackbots	TCP (SYN) 104.206.128.42:50739 -> port 23, len 44	2020-10-06 02:55:43
104.206.128.66	attackbotsspam	TCP (SYN) 104.206.128.66:63773 -> port 3306, len 44	2020-10-06 00:59:51
104.206.128.74	attackspambots	TCP (SYN) 104.206.128.74:55896 -> port 3389, len 44	2020-10-05 20:11:31
104.206.128.2	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2020-10-05 20:09:04
104.206.128.42	attackbots	Icarus honeypot on github	2020-10-05 18:46:02
104.206.128.74	attackbots	TCP (SYN) 104.206.128.74:55896 -> port 3389, len 44	2020-10-05 12:03:44
104.206.128.2	attackspambots	Found on Binary Defense / proto=6 . srcport=52605 . dstport=21 FTP . (3566)	2020-10-05 12:01:30
104.206.128.6	attackbots	Telnet/23 MH Probe, Scan, BF, Hack -	2020-10-03 04:43:15
104.206.128.6	attack	Telnet/23 MH Probe, Scan, BF, Hack -	2020-10-03 00:05:15
104.206.128.6	attackbotsspam	Telnet/23 MH Probe, Scan, BF, Hack -	2020-10-02 20:36:03
104.206.128.6	attackspam	Telnet/23 MH Probe, Scan, BF, Hack -	2020-10-02 17:08:30

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.206.128.34
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44700
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.206.128.34.			IN	A

;; AUTHORITY SECTION:
.			3096	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071501 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Jul 16 06:51:25 CST 2019
;; MSG SIZE  rcvd: 118

Host info

34.128.206.104.in-addr.arpa domain name pointer 34-128.206.104.serverhubrdns.in-addr.arpa.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
34.128.206.104.in-addr.arpa	name = 34-128.206.104.serverhubrdns.in-addr.arpa.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
89.91.236.60	attackbots	Unauthorized connection attempt detected from IP address 89.91.236.60 to port 80 [J]	2020-01-31 03:35:26
192.176.54.225	attack	Unauthorized connection attempt detected from IP address 192.176.54.225 to port 5555 [J]	2020-01-31 03:26:31
187.111.216.155	attackbots	Unauthorized connection attempt detected from IP address 187.111.216.155 to port 8080 [J]	2020-01-31 03:28:22
169.255.125.186	attackspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/169.255.125.186/ NG - 1H : (1) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : NG NAME ASN : ASN36920 IP : 169.255.125.186 CIDR : 169.255.125.0/24 PREFIX COUNT : 31 UNIQUE IP COUNT : 7936 ATTACKS DETECTED ASN36920 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 DateTime : 2020-01-30 15:42:17 INFO : Server 403 - Looking for resource vulnerabilities Detected and Blocked by ADMIN - data recovery	2020-01-31 03:30:36
73.189.45.28	attack	Unauthorized connection attempt detected from IP address 73.189.45.28 to port 23 [J]	2020-01-31 03:37:45
181.191.103.231	attackspam	Unauthorized connection attempt detected from IP address 181.191.103.231 to port 23 [J]	2020-01-31 03:55:56
104.248.151.241	attack	Unauthorized connection attempt detected from IP address 104.248.151.241 to port 2220 [J]	2020-01-31 03:45:56
78.29.80.234	attack	Unauthorized connection attempt detected from IP address 78.29.80.234 to port 23 [J]	2020-01-31 03:36:39
156.198.132.102	attackspambots	Unauthorized connection attempt detected from IP address 156.198.132.102 to port 23 [J]	2020-01-31 03:31:42
83.97.24.10	attack	Jan 30 20:27:19 OPSO sshd\[17384\]: Invalid user omja from 83.97.24.10 port 37038 Jan 30 20:27:19 OPSO sshd\[17384\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=83.97.24.10 Jan 30 20:27:22 OPSO sshd\[17384\]: Failed password for invalid user omja from 83.97.24.10 port 37038 ssh2 Jan 30 20:30:29 OPSO sshd\[18066\]: Invalid user aadhaya from 83.97.24.10 port 37892 Jan 30 20:30:29 OPSO sshd\[18066\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=83.97.24.10	2020-01-31 03:36:09
138.0.227.72	attack	Unauthorized connection attempt detected from IP address 138.0.227.72 to port 8080 [J]	2020-01-31 03:59:20
92.124.130.165	attackspambots	Unauthorized connection attempt detected from IP address 92.124.130.165 to port 8080 [J]	2020-01-31 03:47:13
124.156.240.58	attack	Unauthorized connection attempt detected from IP address 124.156.240.58 to port 280 [J]	2020-01-31 04:00:08
207.180.211.152	attack	5x Failed Password	2020-01-31 03:41:03
212.118.51.106	attackbotsspam	Unauthorized connection attempt detected from IP address 212.118.51.106 to port 80 [J]	2020-01-31 03:51:38

Recently Reported IPs

182.254.229.58	37.124.209.35	185.175.93.21	151.63.35.196
124.83.106.243	187.49.247.117	146.189.242.200	137.222.50.31
13.55.171.163	175.157.171.96	41.115.104.27	92.97.102.115
59.170.187.241	1.173.179.27	40.87.136.157	183.77.220.114
82.167.209.49	66.60.246.29	112.51.12.211	182.115.85.90