City: unknown
Region: unknown
Country: United States of America
Internet Service Provider: QuadraNet Enterprises LLC
Hostname: unknown
Organization: unknown
Usage Type: Data Center/Web Hosting/Transit
| Type | Details | Datetime |
|---|---|---|
| attack | Feb 25 19:59:26 WHD8 postfix/smtpd\[27531\]: warning: unknown\[104.129.2.67\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Feb 25 19:59:33 WHD8 postfix/smtpd\[27538\]: warning: unknown\[104.129.2.67\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Feb 25 19:59:49 WHD8 postfix/smtpd\[27375\]: warning: unknown\[104.129.2.67\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ... |
2020-05-06 04:44:17 |
| IP | Type | Details | Datetime |
|---|---|---|---|
| 104.129.29.92 | attack | Unauthorized IMAP connection attempt |
2020-08-08 15:59:58 |
| 104.129.25.27 | attackbotsspam | Brute forcing email accounts |
2020-07-27 00:50:00 |
| 104.129.2.174 | attack | Jun 24 03:39:10 mail postfix/postscreen[10005]: DNSBL rank 4 for [104.129.2.174]:37414 ... |
2020-07-14 13:51:10 |
| 104.129.2.174 | attack | 3 failed Login Attempts - (Email Service) |
2020-06-21 21:23:32 |
| 104.129.2.80 | attack | $f2bV_matches |
2020-05-16 18:36:57 |
| 104.129.2.168 | attackbotsspam | Brute forcing email accounts |
2020-03-03 09:12:47 |
| 104.129.204.80 | attackproxy | appears to ipv6 to ipv4 redirect ssl with dns cache poisoning |
2020-02-11 02:35:32 |
| 104.129.204.79 | attackbots | 20/1/11@23:57:20: FAIL: Alarm-Network address from=104.129.204.79 ... |
2020-01-12 14:04:23 |
| 104.129.29.26 | attackspambots | fire |
2019-11-17 02:35:58 |
| 104.129.200.69 | attack | @LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-11 23:50:59,525 INFO [amun_request_handler] PortScan Detected on Port: 445 (104.129.200.69) |
2019-07-12 16:09:05 |
| 104.129.202.132 | attack | NAME : ZSCALER-QLA1 CIDR : 104.129.198.0/24 DDoS attack USA - California - block certain countries :) IP: 104.129.202.132 Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery https://help-dysk.pl |
2019-07-01 05:47:39 |
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.129.2.67
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 59482
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.129.2.67. IN A
;; AUTHORITY SECTION:
. 582 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2020050501 1800 900 604800 86400
;; Query time: 91 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed May 06 04:44:13 CST 2020
;; MSG SIZE rcvd: 116
67.2.129.104.in-addr.arpa domain name pointer 104.129.2.67.static.quadranet.com.
Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
67.2.129.104.in-addr.arpa name = 104.129.2.67.static.quadranet.com.
Authoritative answers can be found from:
| IP | Type | Details | Datetime |
|---|---|---|---|
| 190.1.203.180 | attackbotsspam | 2019-09-05 22:19:00,908 fail2ban.actions [814]: NOTICE [sshd] Ban 190.1.203.180 2019-09-06 01:24:26,377 fail2ban.actions [814]: NOTICE [sshd] Ban 190.1.203.180 2019-09-06 04:31:47,851 fail2ban.actions [814]: NOTICE [sshd] Ban 190.1.203.180 ... |
2019-09-22 23:22:19 |
| 195.209.45.124 | attackspambots | [portscan] Port scan |
2019-09-22 23:39:04 |
| 159.203.182.127 | attackspam | Sep 22 16:46:32 MainVPS sshd[15644]: Invalid user docker from 159.203.182.127 port 50866 Sep 22 16:46:32 MainVPS sshd[15644]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.182.127 Sep 22 16:46:32 MainVPS sshd[15644]: Invalid user docker from 159.203.182.127 port 50866 Sep 22 16:46:34 MainVPS sshd[15644]: Failed password for invalid user docker from 159.203.182.127 port 50866 ssh2 Sep 22 16:50:44 MainVPS sshd[16028]: Invalid user info from 159.203.182.127 port 42974 ... |
2019-09-22 23:24:22 |
| 73.222.89.43 | attackbotsspam | Sep 22 15:58:04 core sshd[1104]: Invalid user 123456 from 73.222.89.43 port 58193 Sep 22 15:58:06 core sshd[1104]: Failed password for invalid user 123456 from 73.222.89.43 port 58193 ssh2 ... |
2019-09-22 23:31:07 |
| 218.249.154.130 | attack | Sep 22 17:06:21 h2177944 sshd\[25930\]: Invalid user admin from 218.249.154.130 port 15008 Sep 22 17:06:21 h2177944 sshd\[25930\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.249.154.130 Sep 22 17:06:24 h2177944 sshd\[25930\]: Failed password for invalid user admin from 218.249.154.130 port 15008 ssh2 Sep 22 17:09:56 h2177944 sshd\[26028\]: Invalid user system from 218.249.154.130 port 40198 ... |
2019-09-22 23:23:20 |
| 186.31.37.203 | attack | 2019-08-27 19:11:37,335 fail2ban.actions [804]: NOTICE [sshd] Ban 186.31.37.203 2019-08-27 22:17:30,661 fail2ban.actions [804]: NOTICE [sshd] Ban 186.31.37.203 2019-08-28 01:25:25,139 fail2ban.actions [804]: NOTICE [sshd] Ban 186.31.37.203 ... |
2019-09-22 23:48:35 |
| 220.140.14.196 | attack | DATE:2019-09-22 14:44:20, IP:220.140.14.196, PORT:telnet - Telnet brute force auth on a honeypot server (epe-dc) |
2019-09-22 23:59:00 |
| 180.76.242.171 | attackbots | Sep 22 17:31:35 vps691689 sshd[16287]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.242.171 Sep 22 17:31:38 vps691689 sshd[16287]: Failed password for invalid user ionyszaa from 180.76.242.171 port 55478 ssh2 ... |
2019-09-23 00:06:27 |
| 115.66.243.233 | attackspam | BURG,WP GET /wp-login.php |
2019-09-22 23:57:33 |
| 212.64.44.246 | attackspam | Sep 22 13:39:15 yesfletchmain sshd\[22010\]: Invalid user \(OL\> from 212.64.44.246 port 43910 Sep 22 13:39:15 yesfletchmain sshd\[22010\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.44.246 Sep 22 13:39:17 yesfletchmain sshd\[22010\]: Failed password for invalid user \(OL\> from 212.64.44.246 port 43910 ssh2 Sep 22 13:44:33 yesfletchmain sshd\[22360\]: Invalid user bobc from 212.64.44.246 port 56494 Sep 22 13:44:33 yesfletchmain sshd\[22360\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.44.246 ... |
2019-09-22 23:47:39 |
| 79.160.153.182 | attackspambots | 2019-09-20 13:49:21,658 fail2ban.actions \[946\]: NOTICE \[sshd\] Ban 79.160.153.182 2019-09-20 14:20:22,443 fail2ban.actions \[946\]: NOTICE \[sshd\] Ban 79.160.153.182 2019-09-20 15:03:43,182 fail2ban.actions \[946\]: NOTICE \[sshd\] Ban 79.160.153.182 2019-09-20 15:41:40,691 fail2ban.actions \[946\]: NOTICE \[sshd\] Ban 79.160.153.182 2019-09-20 16:19:43,368 fail2ban.actions \[946\]: NOTICE \[sshd\] Ban 79.160.153.182 ... |
2019-09-22 23:22:49 |
| 178.214.255.191 | attack | Sep 22 15:11:01 web8 sshd\[21003\]: Invalid user ronjones from 178.214.255.191 Sep 22 15:11:01 web8 sshd\[21003\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.214.255.191 Sep 22 15:11:03 web8 sshd\[21003\]: Failed password for invalid user ronjones from 178.214.255.191 port 33036 ssh2 Sep 22 15:15:49 web8 sshd\[23341\]: Invalid user comunicazioni from 178.214.255.191 Sep 22 15:15:49 web8 sshd\[23341\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.214.255.191 |
2019-09-22 23:21:01 |
| 123.206.45.16 | attackspambots | Sep 22 15:22:21 monocul sshd[13646]: Invalid user passwdroot from 123.206.45.16 port 56982 ... |
2019-09-22 23:41:41 |
| 222.186.30.59 | attackspambots | Sep 22 05:52:20 aiointranet sshd\[22347\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.59 user=root Sep 22 05:52:21 aiointranet sshd\[22347\]: Failed password for root from 222.186.30.59 port 30398 ssh2 Sep 22 05:53:26 aiointranet sshd\[22433\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.59 user=root Sep 22 05:53:28 aiointranet sshd\[22433\]: Failed password for root from 222.186.30.59 port 41405 ssh2 Sep 22 05:54:32 aiointranet sshd\[22517\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.59 user=root |
2019-09-22 23:55:40 |
| 3.130.179.51 | attackbots | Multiple failed RDP login attempts |
2019-09-22 23:34:08 |