104.207.159.34

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.207.159.57	attackspambots	104.207.159.57 - - [03/Oct/2019:23:00:18 +0200] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.207.159.57 - - [03/Oct/2019:23:00:18 +0200] "POST /wp-login.php HTTP/1.1" 200 1632 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.207.159.57 - - [03/Oct/2019:23:00:18 +0200] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.207.159.57 - - [03/Oct/2019:23:00:19 +0200] "POST /wp-login.php HTTP/1.1" 200 1607 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.207.159.57 - - [03/Oct/2019:23:00:19 +0200] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.207.159.57 - - [03/Oct/2019:23:00:20 +0200] "POST /wp-login.php HTTP/1.1" 200 1608 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-10-04 05:33:55
104.207.159.104	attackspam	michaelklotzbier.de 104.207.159.104 \[09/Sep/2019:17:41:09 +0200\] "POST /wp-login.php HTTP/1.1" 200 5837 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" michaelklotzbier.de 104.207.159.104 \[09/Sep/2019:17:41:11 +0200\] "POST /wp-login.php HTTP/1.1" 200 5794 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-09-10 04:12:17
104.207.159.104	attackspambots	C1,WP GET /suche/wp-login.php	2019-07-31 09:21:27
104.207.159.104	attackspambots	104.207.159.104 - - [20/Jul/2019:04:20:00 +0200] "GET /wp-login.php HTTP/1.1" 200 1301 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.207.159.104 - - [20/Jul/2019:04:20:01 +0200] "POST /wp-login.php HTTP/1.1" 200 1704 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.207.159.104 - - [20/Jul/2019:04:20:01 +0200] "GET /wp-login.php HTTP/1.1" 200 1301 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.207.159.104 - - [20/Jul/2019:04:20:02 +0200] "POST /wp-login.php HTTP/1.1" 200 1710 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.207.159.104 - - [20/Jul/2019:04:20:02 +0200] "GET /wp-login.php HTTP/1.1" 200 1301 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.207.159.104 - - [20/Jul/2019:04:20:03 +0200] "POST /wp-login.php HTTP/1.1" 200 1710 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" .	2019-07-20 15:08:27
104.207.159.104	attack	Automatic report - Web App Attack	2019-07-04 16:27:21

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.207.159.34
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57953
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.207.159.34.			IN	A

;; AUTHORITY SECTION:
.			435	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022701 1800 900 604800 86400

;; Query time: 66 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 28 13:56:42 CST 2022
;; MSG SIZE  rcvd: 107

Host info

34.159.207.104.in-addr.arpa domain name pointer 104.207.159.34.vultr.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
34.159.207.104.in-addr.arpa	name = 104.207.159.34.vultr.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
129.211.124.29	attackspam	Mar 10 00:05:15 server sshd\[16363\]: Invalid user sdtdserver from 129.211.124.29 Mar 10 00:05:15 server sshd\[16363\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.124.29 Mar 10 00:05:17 server sshd\[16363\]: Failed password for invalid user sdtdserver from 129.211.124.29 port 53270 ssh2 Mar 10 00:12:52 server sshd\[17678\]: Invalid user mother from 129.211.124.29 Mar 10 00:12:52 server sshd\[17678\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.124.29 ...	2020-03-10 06:59:08
78.38.40.54	attack	firewall-block, port(s): 9530/tcp	2020-03-10 06:48:19
185.176.27.170	attack	Mar 10 00:10:40 debian-2gb-nbg1-2 kernel: \[6054589.907200\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=185.176.27.170 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=11123 PROTO=TCP SPT=58357 DPT=17779 WINDOW=1024 RES=0x00 SYN URGP=0	2020-03-10 07:11:53
154.8.167.48	attackbotsspam	Dec 10 07:13:08 woltan sshd[28290]: Failed password for invalid user web from 154.8.167.48 port 57154 ssh2	2020-03-10 07:01:00
123.207.2.120	attackbots	Mar 9 23:56:14 vmd48417 sshd[22996]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.2.120	2020-03-10 07:04:57
159.203.74.227	attackspam	Mar 9 22:07:06 marvibiene sshd[60642]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.74.227 user=root Mar 9 22:07:08 marvibiene sshd[60642]: Failed password for root from 159.203.74.227 port 40176 ssh2 Mar 9 22:13:42 marvibiene sshd[60757]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.74.227 user=root Mar 9 22:13:44 marvibiene sshd[60757]: Failed password for root from 159.203.74.227 port 45122 ssh2 ...	2020-03-10 06:56:52
101.10.7.22	attack	Unauthorized connection attempt from IP address 101.10.7.22 on Port 445(SMB)	2020-03-10 07:10:57
217.112.142.11	attackbots	Mar 9 22:18:16 mail.srvfarm.net postfix/smtpd[37999]: NOQUEUE: reject: RCPT from unknown[217.112.142.11]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Mar 9 22:21:15 mail.srvfarm.net postfix/smtpd[51090]: NOQUEUE: reject: RCPT from unknown[217.112.142.11]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Mar 9 22:21:15 mail.srvfarm.net postfix/smtpd[49471]: NOQUEUE: reject: RCPT from unknown[217.112.142.11]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Mar 9 22:21:17 mail.srvfarm.net postfix/smtpd[36207]: NOQUEUE: reject: RCPT from unknown[217.112.142.11]: 450 4.1.8 : Sender	2020-03-10 07:04:07
5.53.125.176	attack	Mar 9 21:12:44 l03 sshd[18087]: Invalid user ubuntu from 5.53.125.176 port 60848 ...	2020-03-10 07:13:23
61.196.173.124	attackspam	03/09/2020-19:01:48.799441 61.196.173.124 Protocol: 6 ET SCAN Potential SSH Scan	2020-03-10 07:03:39
198.136.63.8	attackspambots	Jun 17 22:48:08 ms-srv sshd[14102]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.136.63.8 Jun 17 22:48:09 ms-srv sshd[14102]: Failed password for invalid user ftpuser from 198.136.63.8 port 39152 ssh2	2020-03-10 07:09:37
111.40.50.116	attack	Dec 23 14:35:31 woltan sshd[11475]: Failed password for root from 111.40.50.116 port 50660 ssh2	2020-03-10 07:14:37
198.12.152.199	attackspambots	Feb 18 01:59:00 ms-srv sshd[24180]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.12.152.199 Feb 18 01:59:02 ms-srv sshd[24180]: Failed password for invalid user user from 198.12.152.199 port 58560 ssh2	2020-03-10 07:09:55
198.211.100.72	attackspam	Aug 12 19:38:45 ms-srv sshd[1037]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.211.100.72 Aug 12 19:38:47 ms-srv sshd[1037]: Failed password for invalid user fly from 198.211.100.72 port 42370 ssh2	2020-03-10 06:51:48
198.211.114.102	attack	Mar 9 12:35:35 hanapaa sshd\[1217\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.211.114.102 user=root Mar 9 12:35:37 hanapaa sshd\[1217\]: Failed password for root from 198.211.114.102 port 58122 ssh2 Mar 9 12:39:08 hanapaa sshd\[1535\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.211.114.102 user=root Mar 9 12:39:10 hanapaa sshd\[1535\]: Failed password for root from 198.211.114.102 port 41638 ssh2 Mar 9 12:42:42 hanapaa sshd\[2003\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.211.114.102 user=root	2020-03-10 06:45:09

Recently Reported IPs

104.207.159.178	104.207.168.4	104.207.159.253	104.207.209.158
104.207.209.151	105.155.0.0	105.155.142.197	104.21.12.52
105.155.249.104	105.155.28.190	105.155.50.94	209.36.115.231
105.155.97.123	104.21.40.74	105.156.187.78	105.156.77.124
104.21.59.157	104.21.60.237	218.144.36.19	105.213.101.228