104.206.128.18

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): AAA Enterprises

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	ET CINS Active Threat Intelligence Poor Reputation IP group 88 - port: 5060 proto: tcp cat: Misc Attackbytes: 60	2020-09-20 03:33:54
attackbots	TCP (SYN) 104.206.128.18:60605 -> port 3389, len 44	2020-09-19 19:36:48
attackbotsspam	2020-09-04 01:10:02 Reject access to port(s):3389 1 times a day	2020-09-05 20:32:59
attack	TCP (SYN) 104.206.128.18:60180 -> port 5432, len 44	2020-09-05 04:58:47
attackbotsspam	2020-08-05 01:23:02 Reject access to port(s):3389 1 times a day	2020-08-06 18:38:24
attack	2506/tcp 2558/tcp 2554/tcp... [2020-02-29/04-30]67pkt,21pt.(tcp),1pt.(udp)	2020-05-01 06:00:17
attackspam	Unauthorized connection attempt detected from IP address 104.206.128.18 to port 5900	2020-04-17 23:42:52
attackbots	scan r	2020-04-14 04:57:07
attack	Unauthorized connection attempt detected from IP address 104.206.128.18 to port 81	2020-03-17 19:17:46
attack	1583425550 - 03/05/2020 17:25:50 Host: 104.206.128.18/104.206.128.18 Port: 23 TCP Blocked	2020-03-06 01:01:04
attackbotsspam	Unauthorised access (Feb 22) SRC=104.206.128.18 LEN=44 TTL=237 ID=48757 TCP DPT=21 WINDOW=1024 SYN Unauthorised access (Feb 20) SRC=104.206.128.18 LEN=44 TTL=237 ID=52233 TCP DPT=23 WINDOW=1024 SYN	2020-02-23 01:21:10
attack	Unauthorized connection attempt detected from IP address 104.206.128.18 to port 5900 [J]	2020-01-30 01:11:21
attackspambots	Unauthorized connection attempt detected from IP address 104.206.128.18 to port 81 [J]	2020-01-24 05:36:11
attack	Unauthorized connection attempt detected from IP address 104.206.128.18 to port 81 [J]	2020-01-21 20:02:16
attackspam	Honeypot attack, port: 81, PTR: 18-128.206.104.serverhubrdns.in-addr.arpa.	2020-01-21 07:37:16
attackbots	3389BruteforceFW22	2020-01-02 07:06:57
attackspam	firewall-block, port(s): 3306/tcp	2019-12-28 05:16:17
attack	52311/tcp 8444/tcp 10443/tcp... [2019-10-09/12-09]54pkt,11pt.(tcp),1pt.(udp)	2019-12-10 05:37:58
attackspam	Honeypot hit.	2019-11-16 02:18:39
attackspam	Honeypot hit.	2019-08-20 07:11:56
attack	3306/tcp 161/udp 8444/tcp... [2019-07-03/08-18]43pkt,11pt.(tcp),1pt.(udp)	2019-08-19 18:22:51
attackspam	Honeypot attack, port: 23, PTR: 18-128.206.104.serverhubrdns.in-addr.arpa.	2019-08-14 16:18:37
attackbotsspam	Automatic report - Port Scan Attack	2019-08-12 04:39:43
attack	Honeypot attack, port: 23, PTR: 18-128.206.104.serverhubrdns.in-addr.arpa.	2019-08-01 11:05:28
attackbotsspam	Automatic report - Port Scan Attack	2019-07-30 06:57:33
attackspam	Automatic report - Port Scan Attack	2019-07-18 01:51:21
attackspam	1433/tcp 5900/tcp 5060/tcp... [2019-06-12/07-12]16pkt,10pt.(tcp)	2019-07-14 08:17:39
attackspambots	scan z	2019-07-13 09:26:54
attackspambots	firewall-block, port(s): 5432/tcp	2019-07-04 05:08:39

相同子网IP讨论:

IP	类型	评论内容	时间
104.206.128.6	attackspambots	Automatic report - Banned IP Access	2020-10-09 02:32:26
104.206.128.6	attackbots	bruteforce, ssh, scan port	2020-10-08 18:31:18
104.206.128.34	attackbots	TCP (SYN) 104.206.128.34:62942 -> port 3389, len 44	2020-10-06 04:52:48
104.206.128.74	attackspambots	UDP 104.206.128.74:57326 -> port 161, len 71	2020-10-06 04:12:44
104.206.128.2	attackspambots	TCP (SYN) 104.206.128.2:60162 -> port 1433, len 44	2020-10-06 04:10:28
104.206.128.42	attackbots	TCP (SYN) 104.206.128.42:50739 -> port 23, len 44	2020-10-06 02:55:43
104.206.128.66	attackbotsspam	TCP (SYN) 104.206.128.66:63773 -> port 3306, len 44	2020-10-06 00:59:51
104.206.128.34	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-10-05 20:55:21
104.206.128.74	attackspambots	TCP (SYN) 104.206.128.74:55896 -> port 3389, len 44	2020-10-05 20:11:31
104.206.128.2	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2020-10-05 20:09:04
104.206.128.42	attackbots	Icarus honeypot on github	2020-10-05 18:46:02
104.206.128.34	attackbotsspam	Found on Alienvault / proto=6 . srcport=64630 . dstport=5900 . (3726)	2020-10-05 12:44:44
104.206.128.74	attackbots	TCP (SYN) 104.206.128.74:55896 -> port 3389, len 44	2020-10-05 12:03:44
104.206.128.2	attackspambots	Found on Binary Defense / proto=6 . srcport=52605 . dstport=21 FTP . (3566)	2020-10-05 12:01:30
104.206.128.6	attackbots	Telnet/23 MH Probe, Scan, BF, Hack -	2020-10-03 04:43:15

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.206.128.18
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56554
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.206.128.18.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019061101 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Jun 12 04:35:08 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

18.128.206.104.in-addr.arpa domain name pointer 18-128.206.104.serverhubrdns.in-addr.arpa.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
18.128.206.104.in-addr.arpa	name = 18-128.206.104.serverhubrdns.in-addr.arpa.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
220.170.194.125	attackbots	Trying to log into mailserver (postfix/smtp) using multiple names and passwords	2019-09-05 21:04:35
206.189.232.29	attack	2019-09-05T15:31:38.233780enmeeting.mahidol.ac.th sshd\[19332\]: Invalid user www-data from 206.189.232.29 port 56858 2019-09-05T15:31:38.248315enmeeting.mahidol.ac.th sshd\[19332\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.232.29 2019-09-05T15:31:39.465349enmeeting.mahidol.ac.th sshd\[19332\]: Failed password for invalid user www-data from 206.189.232.29 port 56858 ssh2 ...	2019-09-05 20:33:55
91.185.9.198	attack	Unauthorized connection attempt from IP address 91.185.9.198 on Port 445(SMB)	2019-09-05 20:31:58
202.78.197.198	attackbotsspam	2019-09-05T12:20:45.749679abusebot-7.cloudsearch.cf sshd\[9015\]: Invalid user steamcmd from 202.78.197.198 port 60280	2019-09-05 20:44:04
187.237.164.210	attackbots	Unauthorized connection attempt from IP address 187.237.164.210 on Port 445(SMB)	2019-09-05 20:43:47
118.70.146.206	attackspambots	Unauthorized connection attempt from IP address 118.70.146.206 on Port 445(SMB)	2019-09-05 21:08:34
36.77.94.43	attackbots	Unauthorized connection attempt from IP address 36.77.94.43 on Port 445(SMB)	2019-09-05 21:05:42
104.198.44.72	attack	CloudCIX Reconnaissance Scan Detected, PTR: 72.44.198.104.bc.googleusercontent.com.	2019-09-05 20:34:17
120.52.9.102	attackspambots	Sep 5 13:57:36 microserver sshd[20126]: Invalid user xavier from 120.52.9.102 port 24718 Sep 5 13:57:36 microserver sshd[20126]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.52.9.102 Sep 5 13:57:38 microserver sshd[20126]: Failed password for invalid user xavier from 120.52.9.102 port 24718 ssh2 Sep 5 14:01:52 microserver sshd[20809]: Invalid user bdos from 120.52.9.102 port 16460 Sep 5 14:01:52 microserver sshd[20809]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.52.9.102 Sep 5 14:14:38 microserver sshd[22302]: Invalid user raja from 120.52.9.102 port 42409 Sep 5 14:14:38 microserver sshd[22302]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.52.9.102 Sep 5 14:14:41 microserver sshd[22302]: Failed password for invalid user raja from 120.52.9.102 port 42409 ssh2 Sep 5 14:19:04 microserver sshd[22941]: Invalid user opentsp from 120.52.9.102 port 48547 Sep 5 14:19:	2019-09-05 20:44:43
80.53.7.213	attackspam	Sep 5 13:55:08 srv206 sshd[13491]: Invalid user abc123456 from 80.53.7.213 ...	2019-09-05 20:51:31
123.200.22.30	attackspambots	Unauthorised access (Sep 5) SRC=123.200.22.30 LEN=52 TTL=107 ID=6802 DF TCP DPT=1433 WINDOW=8192 SYN	2019-09-05 21:21:04
117.50.67.214	attackbots	Sep 5 13:38:53 microserver sshd[17478]: Invalid user its from 117.50.67.214 port 35192 Sep 5 13:38:53 microserver sshd[17478]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.67.214 Sep 5 13:38:55 microserver sshd[17478]: Failed password for invalid user its from 117.50.67.214 port 35192 ssh2 Sep 5 13:42:24 microserver sshd[18079]: Invalid user nextcloud from 117.50.67.214 port 34494 Sep 5 13:42:24 microserver sshd[18079]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.67.214 Sep 5 13:56:17 microserver sshd[20057]: Invalid user 27 from 117.50.67.214 port 59926 Sep 5 13:56:17 microserver sshd[20057]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.67.214 Sep 5 13:56:19 microserver sshd[20057]: Failed password for invalid user 27 from 117.50.67.214 port 59926 ssh2 Sep 5 13:59:39 microserver sshd[20231]: Invalid user rustserver from 117.50.67.214 port 59226 Sep 5	2019-09-05 20:23:17
111.93.58.18	attackbotsspam	Sep 5 01:20:55 lcdev sshd\[19746\]: Invalid user abcde12345 from 111.93.58.18 Sep 5 01:20:55 lcdev sshd\[19746\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.93.58.18 Sep 5 01:20:58 lcdev sshd\[19746\]: Failed password for invalid user abcde12345 from 111.93.58.18 port 46328 ssh2 Sep 5 01:26:02 lcdev sshd\[20202\]: Invalid user password from 111.93.58.18 Sep 5 01:26:02 lcdev sshd\[20202\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.93.58.18	2019-09-05 20:50:47
36.72.212.35	attackspam	Unauthorized connection attempt from IP address 36.72.212.35 on Port 445(SMB)	2019-09-05 20:29:11
104.238.110.180	attack	(sshd) Failed SSH login from 104.238.110.180 (US/United States/ip-104-238-110-180.ip.secureserver.net): 5 in the last 3600 secs	2019-09-05 20:45:50

最近上报的IP列表

188.227.164.182	180.76.15.144	170.247.0.30	84.113.129.49
40.77.167.81	157.55.39.160	196.53.224.187	50.28.78.252
200.122.254.43	78.68.121.208	88.86.190.121	27.255.77.245
66.147.244.232	198.71.241.42	193.143.77.46	134.209.153.100
113.249.9.19	98.11.217.108	209.17.96.106	46.243.220.21