129.205.135.172

Basic Info

City: unknown

Region: unknown

Country: None

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
129.205.135.171	attackspam	srvr1: (mod_security) mod_security (id:942100) triggered by 129.205.135.171 (ZA/-/129-205-135-171.dynamic.macrolan.co.za): 1 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/08/21 12:05:05 [error] 482759#0: 840539 [client 129.205.135.171] ModSecurity: Access denied with code 406 (phase 2). [file "/etc/modsecurity.d/REQUEST-942-APPLICATION-ATTACK-SQLI.conf"] [line "45"] [id "942100"] [rev ""] [msg ""] [redacted] [severity "0"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-sqli"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/152/248/66"] [tag "PCI/6.5.2"] [redacted] [uri "/forum/viewthread.php"] [unique_id "159801150536.056070"] [ref ""], client: 129.205.135.171, [redacted] request: "GET /forum/viewthread.php?thread_id=1122%29%29%29+OR+++%28%28%284032%3D0 HTTP/1.1" [redacted]	2020-08-21 23:19:46

Type

Details

Datetime

129.205.135.171

attackspam

srvr1: (mod_security) mod_security (id:942100) triggered by 129.205.135.171 (ZA/-/129-205-135-171.dynamic.macrolan.co.za): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/08/21 12:05:05 [error] 482759#0: *840539 [client 129.205.135.171] ModSecurity: Access denied with code 406 (phase 2).  [file "/etc/modsecurity.d/REQUEST-942-APPLICATION-ATTACK-SQLI.conf"] [line "45"] [id "942100"] [rev ""] [msg ""] [redacted] [severity "0"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-sqli"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/152/248/66"] [tag "PCI/6.5.2"] [redacted] [uri "/forum/viewthread.php"] [unique_id "159801150536.056070"] [ref ""], client: 129.205.135.171, [redacted] request: "GET /forum/viewthread.php?thread_id=1122%29%29%29+OR+++%28%28%284032%3D0 HTTP/1.1" [redacted]

2020-08-21 23:19:46

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 129.205.135.172
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44796
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;129.205.135.172.		IN	A

;; AUTHORITY SECTION:
.			108	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022030802 1800 900 604800 86400

;; Query time: 57 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Mar 09 04:45:53 CST 2022
;; MSG SIZE  rcvd: 108

Host info

b'172.135.205.129.in-addr.arpa domain name pointer 129-205-135-172.dynamic.macrolan.co.za.
'

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
172.135.205.129.in-addr.arpa	name = 129-205-135-172.dynamic.macrolan.co.za.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
200.122.224.200	attackbotsspam	Unauthorised access (Nov 16) SRC=200.122.224.200 LEN=48 TTL=107 ID=2814 DF TCP DPT=445 WINDOW=8192 SYN Unauthorised access (Nov 16) SRC=200.122.224.200 LEN=48 TTL=107 ID=14394 DF TCP DPT=445 WINDOW=8192 SYN Unauthorised access (Nov 16) SRC=200.122.224.200 LEN=48 TTL=107 ID=19278 DF TCP DPT=445 WINDOW=8192 SYN Unauthorised access (Nov 15) SRC=200.122.224.200 LEN=52 TTL=107 ID=28119 DF TCP DPT=445 WINDOW=8192 SYN Unauthorised access (Nov 14) SRC=200.122.224.200 LEN=52 TTL=107 ID=31898 DF TCP DPT=445 WINDOW=8192 SYN	2019-11-17 02:45:07
14.186.219.154	attackspam	Brute force attempt	2019-11-17 02:14:15
193.31.195.14	attackspambots	11/16/2019-15:50:08.410381 193.31.195.14 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2019-11-17 02:28:38
109.248.203.131	attack	Automatic report - SSH Brute-Force Attack	2019-11-17 02:42:08
202.152.15.12	attackspambots	Nov 16 17:08:02 sauna sshd[37716]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.152.15.12 Nov 16 17:08:05 sauna sshd[37716]: Failed password for invalid user cnff8 from 202.152.15.12 port 51308 ssh2 ...	2019-11-17 02:40:13
80.82.77.245	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-11-17 02:33:25
54.173.144.67	attack	2019-11-16 15:49:42 H=ec2-54-173-144-67.compute-1.amazonaws.com (phylobago.mysecuritycamera.org) [54.173.144.67] sender verify fail for : Unrouteable address 2019-11-16 15:49:42 H=ec2-54-173-144-67.compute-1.amazonaws.com (phylobago.mysecuritycamera.org) [54.173.144.67] F= rejected RCPT : Sender verify failed ...	2019-11-17 02:46:34
49.235.226.55	attack	SSH invalid-user multiple login try	2019-11-17 02:49:47
106.12.202.192	attackbotsspam	2019-11-16T16:28:11.683142scmdmz1 sshd\[21341\]: Invalid user qwerty from 106.12.202.192 port 42896 2019-11-16T16:28:11.685797scmdmz1 sshd\[21341\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.202.192 2019-11-16T16:28:13.501545scmdmz1 sshd\[21341\]: Failed password for invalid user qwerty from 106.12.202.192 port 42896 ssh2 ...	2019-11-17 02:32:46
217.182.252.161	attackspambots	2019-11-16T18:38:14.058507abusebot-2.cloudsearch.cf sshd\[15565\]: Invalid user atantee from 217.182.252.161 port 49572	2019-11-17 02:49:19
87.103.120.250	attack	2019-11-16T15:39:17.319575stark.klein-stark.info sshd\[29420\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=250.120.103.87.rev.vodafone.pt user=root 2019-11-16T15:39:19.422681stark.klein-stark.info sshd\[29420\]: Failed password for root from 87.103.120.250 port 51596 ssh2 2019-11-16T15:49:32.577920stark.klein-stark.info sshd\[30034\]: Invalid user ykitamur from 87.103.120.250 port 36178 ...	2019-11-17 02:48:22
77.40.2.223	attackbotsspam	11/16/2019-18:47:49.594324 77.40.2.223 Protocol: 6 SURICATA SMTP tls rejected	2019-11-17 02:36:44
189.51.120.98	attackbotsspam	SSH invalid-user multiple login try	2019-11-17 02:34:08
46.38.144.32	attackbotsspam	Nov 16 19:40:22 vmanager6029 postfix/smtpd\[4743\]: warning: unknown\[46.38.144.32\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 16 19:41:33 vmanager6029 postfix/smtpd\[4743\]: warning: unknown\[46.38.144.32\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-11-17 02:42:37
104.197.185.83	attack	fire	2019-11-17 02:31:35

Recently Reported IPs

129.205.135.174	129.205.135.173	129.205.136.103	129.205.136.106
129.205.136.0	129.205.136.109	129.205.136.11	129.205.136.114
118.170.147.55	129.205.136.124	129.205.136.146	129.205.136.119
129.205.136.150	129.205.136.139	129.205.136.121	129.205.136.148
129.205.136.122	129.205.136.140	129.205.136.15	129.205.136.12