104.129.18.137

Basic Info

City: Atlanta

Region: Georgia

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.129.186.182	attackbots	$f2bV_matches	2020-10-14 04:17:40
104.129.186.182	attackspam	Oct 13 08:37:07 shivevps sshd[19527]: Failed password for invalid user spider from 104.129.186.182 port 34230 ssh2 Oct 13 08:40:54 shivevps sshd[19878]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.129.186.182 user=root Oct 13 08:40:56 shivevps sshd[19878]: Failed password for root from 104.129.186.182 port 42496 ssh2 ...	2020-10-13 19:42:41
104.129.180.37	attack	104.129.180.37 - - \[23/Aug/2020:15:32:51 +0200\] "POST /wp-login.php HTTP/1.0" 200 6400 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 104.129.180.37 - - \[23/Aug/2020:15:32:59 +0200\] "POST /wp-login.php HTTP/1.0" 200 6412 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 104.129.180.37 - - \[23/Aug/2020:15:33:05 +0200\] "POST /wp-login.php HTTP/1.0" 200 6404 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-08-24 03:37:22
104.129.18.198	attackbots	Sent phishing email to user then stole credentials and used them to send more phishing emails as user from that IP. Probably will do it again.	2020-01-09 05:36:34

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.129.18.137
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 16960
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.129.18.137.			IN	A

;; AUTHORITY SECTION:
.			455	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022601 1800 900 604800 86400

;; Query time: 26 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 27 10:39:41 CST 2022
;; MSG SIZE  rcvd: 107

Host info

137.18.129.104.in-addr.arpa domain name pointer 104.129.18.137.static.quadranet.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
137.18.129.104.in-addr.arpa	name = 104.129.18.137.static.quadranet.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
61.160.251.98	attackbotsspam	Jul 30 21:23:48 ip-172-31-61-156 sshd[8952]: Invalid user maojunhong from 61.160.251.98 Jul 30 21:23:50 ip-172-31-61-156 sshd[8952]: Failed password for invalid user maojunhong from 61.160.251.98 port 42453 ssh2 Jul 30 21:23:48 ip-172-31-61-156 sshd[8952]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.160.251.98 Jul 30 21:23:48 ip-172-31-61-156 sshd[8952]: Invalid user maojunhong from 61.160.251.98 Jul 30 21:23:50 ip-172-31-61-156 sshd[8952]: Failed password for invalid user maojunhong from 61.160.251.98 port 42453 ssh2 ...	2020-07-31 06:59:34
117.94.39.124	attackbotsspam	port scan and connect, tcp 23 (telnet)	2020-07-31 07:04:40
200.178.169.250	attackspambots	2020-07-31T00:26:27.737258sd-86998 sshd[8541]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.178.169.250 user=root 2020-07-31T00:26:29.769239sd-86998 sshd[8541]: Failed password for root from 200.178.169.250 port 60271 ssh2 2020-07-31T00:28:46.201570sd-86998 sshd[8814]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.178.169.250 user=root 2020-07-31T00:28:48.649948sd-86998 sshd[8814]: Failed password for root from 200.178.169.250 port 46402 ssh2 2020-07-31T00:31:05.200936sd-86998 sshd[9177]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.178.169.250 user=root 2020-07-31T00:31:07.062479sd-86998 sshd[9177]: Failed password for root from 200.178.169.250 port 60765 ssh2 ...	2020-07-31 07:09:58
35.171.84.247	attack	port scan	2020-07-31 07:01:12
222.186.180.223	attackspambots	Jul 31 01:03:13 nextcloud sshd\[32700\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.223 user=root Jul 31 01:03:15 nextcloud sshd\[32700\]: Failed password for root from 222.186.180.223 port 29888 ssh2 Jul 31 01:03:31 nextcloud sshd\[699\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.223 user=root	2020-07-31 07:15:39
200.84.175.61	attackbots	1596140451 - 07/30/2020 22:20:51 Host: 200.84.175.61/200.84.175.61 Port: 445 TCP Blocked	2020-07-31 07:04:00
2001:818:e8cb:3a00:508d:6f7c:7b5d:c134	attackbotsspam	Wordpress attack	2020-07-31 07:13:44
95.216.0.32	attackspam	0,14-20/04 [bc00/m01] PostRequest-Spammer scoring: maputo01_x2b	2020-07-31 07:09:28
216.158.99.123	attack	firewall-block, port(s): 5555/tcp	2020-07-31 07:29:57
180.167.195.167	attackbots	2020-07-30T21:56:18.566920shield sshd\[31715\]: Invalid user mercube from 180.167.195.167 port 32204 2020-07-30T21:56:18.575829shield sshd\[31715\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.167.195.167 2020-07-30T21:56:20.262770shield sshd\[31715\]: Failed password for invalid user mercube from 180.167.195.167 port 32204 ssh2 2020-07-30T21:59:06.603259shield sshd\[32582\]: Invalid user mayank from 180.167.195.167 port 15493 2020-07-30T21:59:06.610195shield sshd\[32582\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.167.195.167	2020-07-31 07:22:50
80.82.65.74	attack	TCP (SYN) 80.82.65.74:42537 -> port 5050, len 44	2020-07-31 07:27:27
112.85.42.195	attack	2020-07-31T01:22:41.817289sd-86998 sshd[15670]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.195 user=root 2020-07-31T01:22:44.039911sd-86998 sshd[15670]: Failed password for root from 112.85.42.195 port 22554 ssh2 2020-07-31T01:22:45.651421sd-86998 sshd[15670]: Failed password for root from 112.85.42.195 port 22554 ssh2 2020-07-31T01:22:41.817289sd-86998 sshd[15670]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.195 user=root 2020-07-31T01:22:44.039911sd-86998 sshd[15670]: Failed password for root from 112.85.42.195 port 22554 ssh2 2020-07-31T01:22:45.651421sd-86998 sshd[15670]: Failed password for root from 112.85.42.195 port 22554 ssh2 2020-07-31T01:22:41.817289sd-86998 sshd[15670]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.195 user=root 2020-07-31T01:22:44.039911sd-86998 sshd[15670]: Failed password for root from 112.85. ...	2020-07-31 07:28:17
222.186.15.18	attackbots	Jul 31 01:17:48 OPSO sshd\[16491\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.18 user=root Jul 31 01:17:49 OPSO sshd\[16491\]: Failed password for root from 222.186.15.18 port 24939 ssh2 Jul 31 01:17:52 OPSO sshd\[16491\]: Failed password for root from 222.186.15.18 port 24939 ssh2 Jul 31 01:17:54 OPSO sshd\[16491\]: Failed password for root from 222.186.15.18 port 24939 ssh2 Jul 31 01:19:00 OPSO sshd\[16577\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.18 user=root	2020-07-31 07:33:24
51.75.122.213	attackbots	$f2bV_matches	2020-07-31 07:19:39
192.241.234.94	attackspam	Port scan: Attack repeated for 24 hours	2020-07-31 07:24:06

Recently Reported IPs

104.130.53.60	104.130.4.16	104.128.43.210	104.130.63.28
104.128.224.214	104.131.115.133	104.130.11.240	104.131.11.10
104.131.116.120	104.131.123.25	104.131.116.23	104.131.18.124
104.131.181.3	104.131.150.143	104.131.191.244	104.131.21.149
104.131.23.55	104.131.56.94	104.131.57.147	104.131.69.123