104.129.200.69

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: Zscaler Inc.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-11 23:50:59,525 INFO [amun_request_handler] PortScan Detected on Port: 445 (104.129.200.69)	2019-07-12 16:09:05

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.129.200.69
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22900
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.129.200.69.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071200 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Jul 12 16:08:57 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 69.200.129.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 69.200.129.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
164.132.53.185	attack	Automatic report - Banned IP Access	2019-10-11 03:00:40
138.197.36.189	attackspambots	Oct 8 02:17:46 proxmox sshd[32484]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.36.189 user=r.r Oct 8 02:17:48 proxmox sshd[32484]: Failed password for r.r from 138.197.36.189 port 52910 ssh2 Oct 8 02:17:48 proxmox sshd[32484]: Received disconnect from 138.197.36.189 port 52910:11: Bye Bye [preauth] Oct 8 02:17:48 proxmox sshd[32484]: Disconnected from 138.197.36.189 port 52910 [preauth] Oct 8 02:31:20 proxmox sshd[5185]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.36.189 user=r.r ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=138.197.36.189	2019-10-11 02:54:35
125.74.47.230	attackspam	Oct 3 20:41:14 mail sshd[28523]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.74.47.230 user=r.r Oct 3 20:41:16 mail sshd[28523]: Failed password for r.r from 125.74.47.230 port 47606 ssh2 Oct 3 20:41:16 mail sshd[28523]: Received disconnect from 125.74.47.230: 11: Bye Bye [preauth] Oct 3 21:04:53 mail sshd[28939]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.74.47.230 user=r.r Oct 3 21:04:55 mail sshd[28939]: Failed password for r.r from 125.74.47.230 port 43676 ssh2 Oct 3 21:04:55 mail sshd[28939]: Received disconnect from 125.74.47.230: 11: Bye Bye [preauth] Oct 3 21:10:34 mail sshd[29144]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.74.47.230 user=r.r Oct 3 21:10:37 mail sshd[29144]: Failed password for r.r from 125.74.47.230 port 52846 ssh2 Oct 3 21:10:37 mail sshd[29144]: Received disconnect from 125.74.47.230: 1........ -------------------------------	2019-10-11 02:23:31
36.89.247.26	attack	2019-10-10T18:43:15.128062abusebot-6.cloudsearch.cf sshd\[14860\]: Invalid user 123 from 36.89.247.26 port 49750	2019-10-11 02:58:29
138.68.226.175	attackbotsspam	Oct 10 08:35:10 tdfoods sshd\[18344\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.226.175 user=root Oct 10 08:35:12 tdfoods sshd\[18344\]: Failed password for root from 138.68.226.175 port 54952 ssh2 Oct 10 08:39:24 tdfoods sshd\[18764\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.226.175 user=root Oct 10 08:39:26 tdfoods sshd\[18764\]: Failed password for root from 138.68.226.175 port 38888 ssh2 Oct 10 08:43:38 tdfoods sshd\[19096\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.226.175 user=root	2019-10-11 02:51:07
129.213.76.243	attackbots	Invalid user Porn2017 from 129.213.76.243 port 49776	2019-10-11 02:40:31
191.33.222.141	attackspam	Oct 10 11:34:10 riskplan-s sshd[25654]: reveeclipse mapping checking getaddrinfo for 191.33.222.141.dynamic.adsl.gvt.net.br [191.33.222.141] failed - POSSIBLE BREAK-IN ATTEMPT! Oct 10 11:34:10 riskplan-s sshd[25654]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.33.222.141 user=r.r Oct 10 11:34:12 riskplan-s sshd[25654]: Failed password for r.r from 191.33.222.141 port 54436 ssh2 Oct 10 11:34:13 riskplan-s sshd[25654]: Received disconnect from 191.33.222.141: 11: Bye Bye [preauth] Oct 10 11:39:05 riskplan-s sshd[25706]: reveeclipse mapping checking getaddrinfo for 191.33.222.141.dynamic.adsl.gvt.net.br [191.33.222.141] failed - POSSIBLE BREAK-IN ATTEMPT! Oct 10 11:39:05 riskplan-s sshd[25706]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.33.222.141 user=r.r Oct 10 11:39:06 riskplan-s sshd[25706]: Failed password for r.r from 191.33.222.141 port 37250 ssh2 Oct 10 11:39:07 riskp........ -------------------------------	2019-10-11 02:35:34
106.13.140.52	attackbots	Oct 10 20:32:10 vps691689 sshd[773]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.140.52 Oct 10 20:32:12 vps691689 sshd[773]: Failed password for invalid user Sound123 from 106.13.140.52 port 34074 ssh2 ...	2019-10-11 02:41:20
34.219.173.229	attackbotsspam	Go-http-client/2.0	2019-10-11 02:31:19
51.77.148.87	attack	Oct 10 07:05:28 hanapaa sshd\[1219\]: Invalid user Webster@123 from 51.77.148.87 Oct 10 07:05:28 hanapaa sshd\[1219\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=87.ip-51-77-148.eu Oct 10 07:05:30 hanapaa sshd\[1219\]: Failed password for invalid user Webster@123 from 51.77.148.87 port 46922 ssh2 Oct 10 07:09:51 hanapaa sshd\[1705\]: Invalid user Virginie1@3 from 51.77.148.87 Oct 10 07:09:51 hanapaa sshd\[1705\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=87.ip-51-77-148.eu	2019-10-11 02:29:38
192.227.252.23	attack	2019-10-10T18:14:45.557855abusebot-7.cloudsearch.cf sshd\[32128\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.227.252.23 user=root	2019-10-11 02:35:18
103.45.154.214	attackspam	$f2bV_matches_ltvn	2019-10-11 02:48:37
148.70.139.15	attackspambots	Oct 10 18:52:53 localhost sshd\[6342\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.139.15 user=root Oct 10 18:52:54 localhost sshd\[6342\]: Failed password for root from 148.70.139.15 port 36874 ssh2 Oct 10 18:58:38 localhost sshd\[6858\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.139.15 user=root	2019-10-11 02:40:53
188.32.173.169	attackbots	Oct 10 13:42:59 rb06 sshd[21591]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=broadband-188-32-173-169.ip.moscow.rt.ru user=r.r Oct 10 13:43:01 rb06 sshd[21591]: Failed password for r.r from 188.32.173.169 port 60770 ssh2 Oct 10 13:43:03 rb06 sshd[21591]: Failed password for r.r from 188.32.173.169 port 60770 ssh2 Oct 10 13:43:05 rb06 sshd[21591]: Failed password for r.r from 188.32.173.169 port 60770 ssh2 Oct 10 13:43:05 rb06 sshd[21591]: Disconnecting: Too many authentication failures for r.r from 188.32.173.169 port 60770 ssh2 [preauth] Oct 10 13:43:05 rb06 sshd[21591]: PAM 2 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=broadband-188-32-173-169.ip.moscow.rt.ru user=r.r Oct 10 13:43:09 rb06 sshd[21910]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=broadband-188-32-173-169.ip.moscow.rt.ru user=r.r Oct 10 13:43:11 rb06 sshd[21910]: Failed password for r......... -------------------------------	2019-10-11 02:47:31
201.229.156.107	attackspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/201.229.156.107/ DO - 1H : (2) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : DO NAME ASN : ASN6400 IP : 201.229.156.107 CIDR : 201.229.128.0/18 PREFIX COUNT : 140 UNIQUE IP COUNT : 832000 WYKRYTE ATAKI Z ASN6400 : 1H - 1 3H - 1 6H - 2 12H - 2 24H - 2 DateTime : 2019-10-10 13:49:01 INFO : Port MAX SCAN Scan Detected and Blocked by ADMIN - data recovery	2019-10-11 03:02:30

Recently Reported IPs

181.42.149.44	128.70.205.56	144.140.136.147	181.176.35.26
41.162.110.212	95.173.156.5	179.108.240.178	103.133.108.21
182.61.18.17	114.210.226.222	189.175.80.159	81.248.73.17
198.112.165.199	91.194.163.228	228.198.37.173	180.249.111.77
171.244.139.15	194.214.192.28	52.26.198.220	102.23.150.218