104.129.198.149

Basic Info

City: Los Angeles

Region: California

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
104.129.198.89	attackspambots	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-18 19:22:17,824 INFO [amun_request_handler] PortScan Detected on Port: 445 (104.129.198.89)	2019-07-19 12:33:39
104.129.198.145	attackbotsspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-07 22:04:33,813 INFO [amun_request_handler] PortScan Detected on Port: 445 (104.129.198.145)	2019-07-08 14:46:46
104.129.198.250	attack	Unauthorized connection attempt from IP address 104.129.198.250 on Port 445(SMB)	2019-07-08 11:36:26

Type

Details

Datetime

104.129.198.89

attackspambots

@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-18 19:22:17,824 INFO [amun_request_handler] PortScan Detected on Port: 445 (104.129.198.89)

2019-07-19 12:33:39

104.129.198.145

attackbotsspam

@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-07 22:04:33,813 INFO [amun_request_handler] PortScan Detected on Port: 445 (104.129.198.145)

2019-07-08 14:46:46

104.129.198.250

attack

Unauthorized connection attempt from IP address 104.129.198.250 on Port 445(SMB)

2019-07-08 11:36:26

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.129.198.149
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 64520
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.129.198.149.		IN	A

;; AUTHORITY SECTION:
.			555	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022041201 1800 900 604800 86400

;; Query time: 18 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Apr 13 10:28:04 CST 2022
;; MSG SIZE  rcvd: 108

Host info

Host 149.198.129.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 149.198.129.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
5.249.145.73	attackspam	Aug 28 06:01:48 dedicated sshd[19653]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.145.73 user=www-data Aug 28 06:01:49 dedicated sshd[19653]: Failed password for www-data from 5.249.145.73 port 56506 ssh2	2019-08-28 12:10:30
153.36.11.243	attackspambots	Unauthorised access (Aug 27) SRC=153.36.11.243 LEN=40 TTL=49 ID=35513 TCP DPT=8080 WINDOW=64386 SYN Unauthorised access (Aug 26) SRC=153.36.11.243 LEN=40 TTL=49 ID=28567 TCP DPT=8080 WINDOW=11684 SYN Unauthorised access (Aug 26) SRC=153.36.11.243 LEN=40 TTL=49 ID=37838 TCP DPT=8080 WINDOW=62869 SYN Unauthorised access (Aug 25) SRC=153.36.11.243 LEN=40 TTL=49 ID=28298 TCP DPT=8080 WINDOW=24532 SYN	2019-08-28 11:59:34
69.90.184.206	attack	445/tcp 445/tcp 445/tcp... [2019-06-27/08-27]10pkt,1pt.(tcp)	2019-08-28 12:13:26
203.195.177.202	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2019-08-28 12:17:47
115.160.142.106	attackspambots	445/tcp 445/tcp 445/tcp... [2019-07-01/08-27]12pkt,1pt.(tcp)	2019-08-28 12:11:30
222.76.241.253	attack	3389/tcp 3389/tcp [2019-08-17/27]2pkt	2019-08-28 12:17:23
185.237.80.246	attackspam	proto=tcp . spt=53030 . dpt=25 . (listed on Blocklist de Aug 27) (1219)	2019-08-28 11:59:16
187.113.144.211	attackspambots	port scan and connect, tcp 23 (telnet)	2019-08-28 11:58:43
94.23.119.85	attackspam	Aug 28 03:02:01 SilenceServices sshd[23080]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.23.119.85 Aug 28 03:02:04 SilenceServices sshd[23080]: Failed password for invalid user emely from 94.23.119.85 port 42170 ssh2 Aug 28 03:06:19 SilenceServices sshd[24662]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.23.119.85	2019-08-28 12:30:10
151.30.153.147	attack	" "	2019-08-28 12:11:49
85.96.121.126	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-08-28 11:53:56
118.163.113.85	attackbotsspam	445/tcp 445/tcp 445/tcp... [2019-07-01/08-27]16pkt,1pt.(tcp)	2019-08-28 12:08:01
52.73.169.169	attackbots	08/27/2019-23:15:50.586823 52.73.169.169 Protocol: 17 ET CINS Active Threat Intelligence Poor Reputation IP group 52	2019-08-28 11:59:51
125.227.220.138	attack	SMB Server BruteForce Attack	2019-08-28 12:22:39
128.127.6.149	attackbots	Aug 27 09:47:19 server770 postfix/smtpd[10574]: connect from host-128-127-6-149.hostnamealprovider.hostname[128.127.6.149] Aug 27 09:47:19 server770 postfix/smtpd[10574]: warning: host-128-127-6-149.hostnamealprovider.hostname[128.127.6.149]: SASL LOGIN authentication failed: authentication failure Aug 27 09:47:20 server770 postfix/smtpd[10574]: warning: host-128-127-6-149.hostnamealprovider.hostname[128.127.6.149]: SASL LOGIN authentication failed: authentication failure Aug 27 09:47:20 server770 postfix/smtpd[10574]: warning: host-128-127-6-149.hostnamealprovider.hostname[128.127.6.149]: SASL LOGIN authentication failed: authentication failure Aug 27 09:47:20 server770 postfix/smtpd[10574]: warning: host-128-127-6-149.hostnamealprovider.hostname[128.127.6.149]: SASL LOGIN authentication failed: authentication failure Aug 27 09:47:20 server770 postfix/smtpd[10574]: disconnect from host-128-127-6-149.hostnamealprovider.hostname[128.127.6.149] ........ ----------------------------------------------- https://	2019-08-28 12:15:37

Recently Reported IPs

104.129.198.124	104.129.205.12	104.129.206.132	104.129.206.209
104.129.3.169	104.130.103.81	104.130.13.104	104.130.144.153
104.130.150.227	104.130.158.114	104.130.169.231	104.130.2.30
104.130.210.199	104.130.210.221	104.130.222.214	104.130.226.86
104.130.26.101	104.130.81.161	104.130.91.4	104.131.10.226