104.129.204.80

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackproxy	appears to ipv6 to ipv4 redirect ssl with dns cache poisoning	2020-02-11 02:35:32

Comments on same subnet:

IP	Type	Details	Datetime
104.129.204.79	attackbots	20/1/11@23:57:20: FAIL: Alarm-Network address from=104.129.204.79 ...	2020-01-12 14:04:23

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.129.204.80
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61555
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.129.204.80.			IN	A

;; AUTHORITY SECTION:
.			448	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020021001 1800 900 604800 86400

;; Query time: 104 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 11 02:35:29 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 80.204.129.104.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 80.204.129.104.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
157.230.32.47	attackbotsspam	www.xn--netzfundstckderwoche-yec.de 157.230.32.47 \[11/Oct/2019:08:12:58 +0200\] "POST /wp-login.php HTTP/1.1" 200 5659 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" www.xn--netzfundstckderwoche-yec.de 157.230.32.47 \[11/Oct/2019:08:13:02 +0200\] "POST /xmlrpc.php HTTP/1.1" 200 4093 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-10-11 19:30:43
192.95.14.196	attack	B: Abusive content scan (301)	2019-10-11 19:51:25
197.43.183.189	attackbotsspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/197.43.183.189/ EG - 1H : (103) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : EG NAME ASN : ASN8452 IP : 197.43.183.189 CIDR : 197.43.128.0/18 PREFIX COUNT : 833 UNIQUE IP COUNT : 7610368 WYKRYTE ATAKI Z ASN8452 : 1H - 4 3H - 14 6H - 32 12H - 59 24H - 101 DateTime : 2019-10-11 05:46:19 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-10-11 19:30:28
123.207.233.79	attackbotsspam	Oct 11 11:21:22 marvibiene sshd[27993]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.233.79 user=root Oct 11 11:21:24 marvibiene sshd[27993]: Failed password for root from 123.207.233.79 port 32860 ssh2 Oct 11 11:37:59 marvibiene sshd[28111]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.233.79 user=root Oct 11 11:38:01 marvibiene sshd[28111]: Failed password for root from 123.207.233.79 port 33824 ssh2 ...	2019-10-11 20:01:57
117.185.62.146	attackspam	Oct 11 13:48:17 legacy sshd[1191]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.185.62.146 Oct 11 13:48:19 legacy sshd[1191]: Failed password for invalid user Password1@3$ from 117.185.62.146 port 57477 ssh2 Oct 11 13:52:57 legacy sshd[1352]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.185.62.146 ...	2019-10-11 19:59:48
104.200.110.184	attack	Oct 11 12:07:57 ovpn sshd\[30965\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.200.110.184 user=root Oct 11 12:07:59 ovpn sshd\[30965\]: Failed password for root from 104.200.110.184 port 35332 ssh2 Oct 11 12:17:25 ovpn sshd\[558\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.200.110.184 user=root Oct 11 12:17:27 ovpn sshd\[558\]: Failed password for root from 104.200.110.184 port 59276 ssh2 Oct 11 12:21:23 ovpn sshd\[14007\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.200.110.184 user=root	2019-10-11 19:46:35
85.105.109.156	attackbots	Automatic report - Port Scan Attack	2019-10-11 19:49:27
46.229.173.66	attackspam	Automatic report - Banned IP Access	2019-10-11 19:36:11
118.24.38.12	attackbotsspam	failed root login	2019-10-11 19:52:06
125.231.114.41	attackbotsspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/125.231.114.41/ TW - 1H : (311) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : TW NAME ASN : ASN3462 IP : 125.231.114.41 CIDR : 125.231.0.0/16 PREFIX COUNT : 390 UNIQUE IP COUNT : 12267520 WYKRYTE ATAKI Z ASN3462 : 1H - 17 3H - 37 6H - 75 12H - 149 24H - 302 DateTime : 2019-10-11 05:46:19 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-10-11 19:31:14
73.189.112.132	attack	Oct 11 13:22:41 cp sshd[4166]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=73.189.112.132	2019-10-11 19:44:53
27.64.23.9	attackspam	Unauthorised access (Oct 11) SRC=27.64.23.9 LEN=52 TTL=47 ID=25260 DF TCP DPT=445 WINDOW=8192 SYN	2019-10-11 20:04:16
211.141.209.131	attackspam	Oct 11 13:59:18 xeon cyrus/imap[36004]: badlogin: [211.141.209.131] plain [SASL(-13): authentication failure: Password verification failed]	2019-10-11 20:05:22
193.32.160.142	attackspam	recursive dns scanning	2019-10-11 20:13:12
114.95.229.171	attackbots	" "	2019-10-11 19:39:24

Recently Reported IPs

5.202.181.162	3.133.96.234	123.113.180.25	216.117.55.197
132.255.216.123	125.59.160.140	202.143.113.163	216.117.55.0
121.151.214.102	200.46.172.54	183.200.10.132	178.69.128.30
213.183.62.133	19.159.11.108	176.9.190.40	187.200.138.8
178.157.251.180	36.68.32.229	10.253.231.21	212.92.111.165