104.206.128.18

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): AAA Enterprises

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	ET CINS Active Threat Intelligence Poor Reputation IP group 88 - port: 5060 proto: tcp cat: Misc Attackbytes: 60	2020-09-20 03:33:54
attackbots	TCP (SYN) 104.206.128.18:60605 -> port 3389, len 44	2020-09-19 19:36:48
attackbotsspam	2020-09-04 01:10:02 Reject access to port(s):3389 1 times a day	2020-09-05 20:32:59
attack	TCP (SYN) 104.206.128.18:60180 -> port 5432, len 44	2020-09-05 04:58:47
attackbotsspam	2020-08-05 01:23:02 Reject access to port(s):3389 1 times a day	2020-08-06 18:38:24
attack	2506/tcp 2558/tcp 2554/tcp... [2020-02-29/04-30]67pkt,21pt.(tcp),1pt.(udp)	2020-05-01 06:00:17
attackspam	Unauthorized connection attempt detected from IP address 104.206.128.18 to port 5900	2020-04-17 23:42:52
attackbots	scan r	2020-04-14 04:57:07
attack	Unauthorized connection attempt detected from IP address 104.206.128.18 to port 81	2020-03-17 19:17:46
attack	1583425550 - 03/05/2020 17:25:50 Host: 104.206.128.18/104.206.128.18 Port: 23 TCP Blocked	2020-03-06 01:01:04
attackbotsspam	Unauthorised access (Feb 22) SRC=104.206.128.18 LEN=44 TTL=237 ID=48757 TCP DPT=21 WINDOW=1024 SYN Unauthorised access (Feb 20) SRC=104.206.128.18 LEN=44 TTL=237 ID=52233 TCP DPT=23 WINDOW=1024 SYN	2020-02-23 01:21:10
attack	Unauthorized connection attempt detected from IP address 104.206.128.18 to port 5900 [J]	2020-01-30 01:11:21
attackspambots	Unauthorized connection attempt detected from IP address 104.206.128.18 to port 81 [J]	2020-01-24 05:36:11
attack	Unauthorized connection attempt detected from IP address 104.206.128.18 to port 81 [J]	2020-01-21 20:02:16
attackspam	Honeypot attack, port: 81, PTR: 18-128.206.104.serverhubrdns.in-addr.arpa.	2020-01-21 07:37:16
attackbots	3389BruteforceFW22	2020-01-02 07:06:57
attackspam	firewall-block, port(s): 3306/tcp	2019-12-28 05:16:17
attack	52311/tcp 8444/tcp 10443/tcp... [2019-10-09/12-09]54pkt,11pt.(tcp),1pt.(udp)	2019-12-10 05:37:58
attackspam	Honeypot hit.	2019-11-16 02:18:39
attackspam	Honeypot hit.	2019-08-20 07:11:56
attack	3306/tcp 161/udp 8444/tcp... [2019-07-03/08-18]43pkt,11pt.(tcp),1pt.(udp)	2019-08-19 18:22:51
attackspam	Honeypot attack, port: 23, PTR: 18-128.206.104.serverhubrdns.in-addr.arpa.	2019-08-14 16:18:37
attackbotsspam	Automatic report - Port Scan Attack	2019-08-12 04:39:43
attack	Honeypot attack, port: 23, PTR: 18-128.206.104.serverhubrdns.in-addr.arpa.	2019-08-01 11:05:28
attackbotsspam	Automatic report - Port Scan Attack	2019-07-30 06:57:33
attackspam	Automatic report - Port Scan Attack	2019-07-18 01:51:21
attackspam	1433/tcp 5900/tcp 5060/tcp... [2019-06-12/07-12]16pkt,10pt.(tcp)	2019-07-14 08:17:39
attackspambots	scan z	2019-07-13 09:26:54
attackspambots	firewall-block, port(s): 5432/tcp	2019-07-04 05:08:39

相同子网IP讨论:

IP	类型	评论内容	时间
104.206.128.6	attackspambots	Automatic report - Banned IP Access	2020-10-09 02:32:26
104.206.128.6	attackbots	bruteforce, ssh, scan port	2020-10-08 18:31:18
104.206.128.34	attackbots	TCP (SYN) 104.206.128.34:62942 -> port 3389, len 44	2020-10-06 04:52:48
104.206.128.74	attackspambots	UDP 104.206.128.74:57326 -> port 161, len 71	2020-10-06 04:12:44
104.206.128.2	attackspambots	TCP (SYN) 104.206.128.2:60162 -> port 1433, len 44	2020-10-06 04:10:28
104.206.128.42	attackbots	TCP (SYN) 104.206.128.42:50739 -> port 23, len 44	2020-10-06 02:55:43
104.206.128.66	attackbotsspam	TCP (SYN) 104.206.128.66:63773 -> port 3306, len 44	2020-10-06 00:59:51
104.206.128.34	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-10-05 20:55:21
104.206.128.74	attackspambots	TCP (SYN) 104.206.128.74:55896 -> port 3389, len 44	2020-10-05 20:11:31
104.206.128.2	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2020-10-05 20:09:04
104.206.128.42	attackbots	Icarus honeypot on github	2020-10-05 18:46:02
104.206.128.34	attackbotsspam	Found on Alienvault / proto=6 . srcport=64630 . dstport=5900 . (3726)	2020-10-05 12:44:44
104.206.128.74	attackbots	TCP (SYN) 104.206.128.74:55896 -> port 3389, len 44	2020-10-05 12:03:44
104.206.128.2	attackspambots	Found on Binary Defense / proto=6 . srcport=52605 . dstport=21 FTP . (3566)	2020-10-05 12:01:30
104.206.128.6	attackbots	Telnet/23 MH Probe, Scan, BF, Hack -	2020-10-03 04:43:15

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.206.128.18
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56554
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.206.128.18.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019061101 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Jun 12 04:35:08 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

18.128.206.104.in-addr.arpa domain name pointer 18-128.206.104.serverhubrdns.in-addr.arpa.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
18.128.206.104.in-addr.arpa	name = 18-128.206.104.serverhubrdns.in-addr.arpa.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
91.67.193.83	attack	23/tcp [2019-10-30]1pkt	2019-10-30 16:57:43
106.13.49.233	attackspam	$f2bV_matches_ltvn	2019-10-30 16:33:06
178.33.236.23	attackbotsspam	Invalid user albertha from 178.33.236.23 port 54510	2019-10-30 17:03:25
66.249.69.70	attackspam	Automatic report - Banned IP Access	2019-10-30 16:53:02
121.172.162.62	attackspambots	Oct 29 08:12:04 cumulus sshd[25741]: Invalid user admin from 121.172.162.62 port 48084 Oct 29 08:12:04 cumulus sshd[25741]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.172.162.62 Oct 29 08:12:06 cumulus sshd[25741]: Failed password for invalid user admin from 121.172.162.62 port 48084 ssh2 Oct 29 08:12:07 cumulus sshd[25741]: Received disconnect from 121.172.162.62 port 48084:11: Bye Bye [preauth] Oct 29 08:12:07 cumulus sshd[25741]: Disconnected from 121.172.162.62 port 48084 [preauth] Oct 29 08:32:58 cumulus sshd[26423]: Invalid user maya from 121.172.162.62 port 59292 Oct 29 08:32:58 cumulus sshd[26423]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.172.162.62 Oct 29 08:33:01 cumulus sshd[26423]: Failed password for invalid user maya from 121.172.162.62 port 59292 ssh2 Oct 29 08:33:01 cumulus sshd[26423]: Received disconnect from 121.172.162.62 port 59292:11: Bye Bye [preaut........ -------------------------------	2019-10-30 16:32:49
192.42.116.18	attackspam	Oct 30 04:50:14 rotator sshd\[16125\]: Invalid user ismp from 192.42.116.18Oct 30 04:50:16 rotator sshd\[16125\]: Failed password for invalid user ismp from 192.42.116.18 port 59700 ssh2Oct 30 04:50:19 rotator sshd\[16543\]: Invalid user ispconfig from 192.42.116.18Oct 30 04:50:21 rotator sshd\[16543\]: Failed password for invalid user ispconfig from 192.42.116.18 port 56348 ssh2Oct 30 04:50:25 rotator sshd\[16586\]: Invalid user itadmin from 192.42.116.18Oct 30 04:50:27 rotator sshd\[16586\]: Failed password for invalid user itadmin from 192.42.116.18 port 52242 ssh2 ...	2019-10-30 16:44:37
63.200.214.72	attackspam	85/tcp [2019-10-30]1pkt	2019-10-30 17:06:37
222.135.99.131	attack	23/tcp [2019-10-30]1pkt	2019-10-30 16:45:31
218.76.252.143	attackspambots	10/29/2019-23:50:16.681603 218.76.252.143 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2019-10-30 16:55:43
74.82.47.19	attackbots	firewall-block, port(s): 10001/udp	2019-10-30 17:06:02
222.186.173.142	attackbots	pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.142 user=root Failed password for root from 222.186.173.142 port 27520 ssh2 Failed password for root from 222.186.173.142 port 27520 ssh2 Failed password for root from 222.186.173.142 port 27520 ssh2 Failed password for root from 222.186.173.142 port 27520 ssh2	2019-10-30 16:37:46
209.17.96.66	attackspambots	From CCTV User Interface Log ...::ffff:209.17.96.66 - - [30/Oct/2019:04:38:58 +0000] "-" 400 179 ...	2019-10-30 17:02:28
139.59.22.169	attackspambots	Oct 30 06:29:54 server sshd\[6268\]: Invalid user elsie from 139.59.22.169 Oct 30 06:29:54 server sshd\[6268\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.22.169 Oct 30 06:29:56 server sshd\[6268\]: Failed password for invalid user elsie from 139.59.22.169 port 35508 ssh2 Oct 30 06:50:35 server sshd\[11519\]: Invalid user ubuntu from 139.59.22.169 Oct 30 06:50:35 server sshd\[11519\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.22.169 ...	2019-10-30 16:38:39
177.107.134.82	attack	Sending SPAM email	2019-10-30 17:06:59
36.72.141.6	attack	445/tcp [2019-10-30]1pkt	2019-10-30 16:56:09

最近上报的IP列表

188.227.164.182	180.76.15.144	170.247.0.30	84.113.129.49
40.77.167.81	157.55.39.160	196.53.224.187	50.28.78.252
200.122.254.43	78.68.121.208	88.86.190.121	27.255.77.245
66.147.244.232	198.71.241.42	193.143.77.46	134.209.153.100
113.249.9.19	98.11.217.108	209.17.96.106	46.243.220.21