34.159.38.20 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 34.159.38.20 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 5/100

Host and Network Information

• View other sources: Spamhaus VirusTotal

• Country: Germany
• Network:
• Noticed: 1 times
• Protocols Attacked: SSH
• Passive DNS Results: inventory.savvy.security prod-fra.europe-west3.graphql-gateway.savvy.security etcdkeeper.unbiasedsecurity.xyz prod-fra.europe-west3.peek.prod.savvy.security prod-fra.europe-west3.telemetry.prod.savvy.security prod-fra.europe-west3.spion.prod.savvy.security prod-fra.europe-west3.welcome.savvy.security prod-fra.europe-west3.addin.savvy.security addin.savvy.security appsniffer.savvy.security spion.savvy.security logger.savvy.security peek.savvy.security prod-fra.europe-west3.logger.savvy.security prod-fra.europe-west3.spion.savvy.security rewriter.savvy.security prod-fra.europe-west3.peek.savvy.security prod-fra.europe-west3.rewriter.savvy.security prod-fra.europe-west3.spion.unbiasedsecurity.xyz prod-fra.europe-west3.logger.unbiasedsecurity.xyz reportphishing.savvy.security babbler.unbiasedsecurity.xyz prod-fra.europe-west3.babbler.unbiasedsecurity.xyz mip.savvy.security clients.savvy.security reports.unbiasedsecurity.xyz prod-fra.europe-west3.jwk.savvy.security ms365.savvy.security sendgrid-webhook.savvy.security savvytraining.org graphql-gateway.savvy.security prod-fra.europe-west3.proxy.savvy.security welcome.savvy.security api.savvy.security telemetry.savvy.security prod-fra.europe-west3.telemetry.savvy.security untold.savvy.security recaptcha.savvy.security app.savvy.security appsniffer.unbiasedsecurity.xyz dlp.unbiasedsecurity.xyz recaptcha.unbiasedsecurity.xyz prod-fra.europe-west3.proxy.unbiasedsecurity.xyz welcome.unbiasedsecurity.xyz api.unbiasedsecurity.xyz prod.docusign.website prod.g0gle.info prod.micr0s0ft.pro prod.gogle.company prod.google-attention.com c.prod.unbiasedsecurity.xyz prod.signup-google.info simulation.prod.unbiasedsecurity.xyz prod.account-microsoft.co prod.dropsfiles.com prod.zoom-meet.online prod.auth-login.org prod.365microsoft.org prod.simusrv.com prod.docusignio.com prod.micr0s0ft.info prod.docusign.center prod.signup-google.com prod.unbiased-training.com prod.z00m.info prod.savvy-sim.com prod.z00m.site prod.365microsoftpro.com prod.dropbx.info prod.auth-login.info prod.drop-files.com prod.personal-google.com prod.micris0ft.com prod.login-auth.site prod.protectvc.com prod.dropbx.pro prod.g0gle.org prod.login-auth.co prod.documsign.org prod.365microsoft.net prod.signup-google.org prod.docu-sign.site prod.protectsvc.info prod.z00m.live prod.officialmicrosoft365.com prod.gogle.global clients.prod.unbiasedsecurity.xyz api.prod.unbiasedsecurity.xyz welcome.prod.unbiasedsecurity.xyz untold.prod.unbiasedsecurity.xyz logger.prod.unbiasedsecurity.xyz spion.prod.unbiasedsecurity.xyz mip.unbiasedsecurity.xyz untold.unbiasedsecurity.xyz spion.unbiasedsecurity.xyz simusrv.com dropsfiles.com protectvc.com drop-files.com protectsvc.info dropbx.pro dropbx.info savvy-sim.com ms365.unbiasedsecurity.xyz google-attention.com g0gle.info auth-login.org auth-login.info docusign.website gogle.global signup-google.info docusign.center docu-sign.site gogle.company signup-google.org 365microsoft.org zoom-meet.online unbiased-training.com z00m.info documsign.org account-microsoft.co g0gle.org micr0s0ft.info 365microsoft.net 365microsoftpro.com personal-google.com docusignio.com signup-google.com micris0ft.com z00m.live micr0s0ft.pro officialmicrosoft365.com login-auth.site login-auth.co z00m.site sendgrid-webhook.unbiasedsecurity.xyz logger.unbiasedsecurity.xyz sendgrid-webhook.prod.unbiasedsecurity.xyz c.unbiasedsecurity.xyz simulation.unbiasedsecurity.xyz home.prod.unbiasedsecurity.xyz graphql-gateway.unbiasedsecurity.xyz home.unbiasedsecurity.xyz app.unbiasedsecurity.xyz graphql-gateway.prod.unbiasedsecurity.xyz pgadmin.unbiasedsecurity.xyz authn.unbiasedsecurity.xyz clients.unbiasedsecurity.xyz proxy.unbiasedsecurity.xyz vault.unbiasedsecurity.xyz argocd.unbiasedsecurity.xyz

Open Ports Detected

80

Map

Whois Information

• NetRange: 34.128.0.0 - 34.191.255.255
• CIDR: 34.128.0.0/10
• NetName: GOOGL-2
• NetHandle: NET-34-128-0-0-1
• Parent: NET34 (NET-34-0-0-0-0)
• NetType: Direct Allocation
• OriginAS:
• Organization: Google LLC (GOOGL-2)
• RegDate: 2021-01-08
• Updated: 2021-01-08
• Ref: https://rdap.arin.net/registry/ip/34.128.0.0
• OrgName: Google LLC
• OrgId: GOOGL-2
• Address: 1600 Amphitheatre Parkway
• City: Mountain View
• StateProv: CA
• PostalCode: 94043
• Country: US
• RegDate: 2006-09-29
• Updated: 2019-11-01
• Comment: *** The IP addresses under this Org-ID are in use by Google Cloud customers ***
• Comment:
• Comment: Direct all copyright and legal complaints to
• Comment: https://support.google.com/legal/go/report
• Comment:
• Comment: Direct all spam and abuse complaints to
• Comment: https://support.google.com/code/go/gce_abuse_report
• Comment:
• Comment: For fastest response, use the relevant forms above.
• Comment:
• Comment: Complaints can also be sent to the GC Abuse desk
• Comment: (google-cloud-compliance@google.com)
• Comment: but may have longer turnaround times.
• Comment:
• Comment: Complaints sent to any other POC will be ignored.
• Ref: https://rdap.arin.net/registry/entity/GOOGL-2
• OrgNOCHandle: GCABU-ARIN
• OrgNOCName: GC Abuse
• OrgNOCPhone: +1-650-253-0000
• OrgNOCEmail: google-cloud-compliance@google.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/GCABU-ARIN
• OrgAbuseHandle: GCABU-ARIN
• OrgAbuseName: GC Abuse
• OrgAbusePhone: +1-650-253-0000
• OrgAbuseEmail: google-cloud-compliance@google.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/GCABU-ARIN
• OrgTechHandle: ZG39-ARIN
• OrgTechName: Google LLC
• OrgTechPhone: +1-650-253-0000
• OrgTechEmail: arin-contact@google.com
• OrgTechRef: https://rdap.arin.net/registry/entity/ZG39-ARIN

Links to attack logs

****** ****** ******