129.205.138.162

Basic Info

City: unknown

Region: unknown

Country: South Africa

Internet Service Provider: Macrolan (Pty) Ltd

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	(imapd) Failed IMAP login from 129.205.138.162 (ZA/South Africa/129-205-138-162.dynamic.macrolan.co.za): 1 in the last 3600 secs	2019-10-27 18:00:09

Comments on same subnet:

IP	Type	Details	Datetime
129.205.138.174	attackspam	Apr 25 05:52:25 web01.agentur-b-2.de postfix/smtpd[923636]: NOQUEUE: reject: RCPT from unknown[129.205.138.174]: 554 5.7.1 Service unavailable; Client host [129.205.138.174] blocked using zen.spamhaus.org; https://www.spamhaus.org/sbl/query/SBLCSS / https://www.spamhaus.org/query/ip/129.205.138.174; from= to=<2c.thomssen@rhythm-and-arts.de> proto=ESMTP helo= Apr 25 05:52:25 web01.agentur-b-2.de postfix/smtpd[923636]: NOQUEUE: reject: RCPT from unknown[129.205.138.174]: 554 5.7.1 Service unavailable; Client host [129.205.138.174] blocked using zen.spamhaus.org; https://www.spamhaus.org/sbl/query/SBLCSS / https://www.spamhaus.org/query/ip/129.205.138.174; from= to=<3c.thomssen@rhythm-and-arts.de> proto=ESMTP helo= Apr 25 05:52:25 web01.agentur-b-2.de postfix/smtpd[923636]: NOQUEUE: reject: RCPT from unknown[129.205.138.174]: 554 5.7.1 Service unavailable; Client host [129.205.138.174] blocked using zen.spamhaus.org;	2020-04-25 14:02:13
129.205.138.174	attack	proto=tcp . spt=38026 . dpt=25 . (Found on Dark List de Nov 19) (647)	2019-11-20 06:53:22
129.205.138.174	attackspam	Registration form abuse	2019-11-18 05:30:01
129.205.138.174	attack	postfix (unknown user, SPF fail or relay access denied)	2019-10-16 05:51:48

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 129.205.138.162
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52810
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;129.205.138.162.		IN	A

;; AUTHORITY SECTION:
.			551	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102700 1800 900 604800 86400

;; Query time: 49 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Oct 27 18:00:02 CST 2019
;; MSG SIZE  rcvd: 119

Host info

162.138.205.129.in-addr.arpa domain name pointer 129-205-138-162.dynamic.macrolan.co.za.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
162.138.205.129.in-addr.arpa	name = 129-205-138-162.dynamic.macrolan.co.za.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
218.75.132.59	attackspambots	Oct 18 13:24:12 ws22vmsma01 sshd[92745]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.75.132.59 Oct 18 13:24:14 ws22vmsma01 sshd[92745]: Failed password for invalid user anil from 218.75.132.59 port 53517 ssh2 ...	2019-10-19 02:02:21
49.88.112.112	attackspambots	Failed password for root from 49.88.112.112 port 24713 ssh2 Failed password for root from 49.88.112.112 port 24713 ssh2 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.112 user=root Failed password for root from 49.88.112.112 port 18026 ssh2 Failed password for root from 49.88.112.112 port 18026 ssh2	2019-10-19 02:03:42
65.124.94.138	attackbots	Oct 18 18:53:31 MK-Soft-VM7 sshd[21720]: Failed password for root from 65.124.94.138 port 43076 ssh2 ...	2019-10-19 01:56:53
195.154.189.69	attackbotsspam	\[2019-10-18 12:20:42\] NOTICE\[1887\] chan_sip.c: Registration from '\' failed for '195.154.189.69:59766' - Wrong password \[2019-10-18 12:20:42\] SECURITY\[1898\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-10-18T12:20:42.618-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="2015",SessionID="0x7fc3ac04bd78",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/195.154.189.69/59766",Challenge="52619c2f",ReceivedChallenge="52619c2f",ReceivedHash="d2001ea65f0ffe3cdd279ff89268303d" \[2019-10-18 12:25:08\] NOTICE\[1887\] chan_sip.c: Registration from '\' failed for '195.154.189.69:65387' - Wrong password \[2019-10-18 12:25:08\] SECURITY\[1898\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-10-18T12:25:08.448-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="2016",SessionID="0x7fc3ac4de928",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/195.15	2019-10-19 01:34:18
93.99.51.81	attackspambots	Unauthorized connection attempt from IP address 93.99.51.81 on Port 25(SMTP)	2019-10-19 01:31:51
162.210.177.2	attackbots	Telnet Server BruteForce Attack	2019-10-19 01:31:38
84.254.28.47	attackspam	Oct 13 15:42:10 heissa sshd\[15678\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=84.254.28.47 user=root Oct 13 15:42:12 heissa sshd\[15678\]: Failed password for root from 84.254.28.47 port 43544 ssh2 Oct 13 15:46:58 heissa sshd\[16399\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=84.254.28.47 user=root Oct 13 15:47:01 heissa sshd\[16399\]: Failed password for root from 84.254.28.47 port 35055 ssh2 Oct 13 15:51:55 heissa sshd\[17116\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=84.254.28.47 user=root	2019-10-19 01:42:25
54.39.75.1	attackbots	Oct 18 19:45:27 vps647732 sshd[24985]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.75.1 Oct 18 19:45:29 vps647732 sshd[24985]: Failed password for invalid user ikan from 54.39.75.1 port 52360 ssh2 ...	2019-10-19 01:49:21
139.170.149.161	attackspam	2019-09-27 12:27:12,064 fail2ban.actions [818]: NOTICE [sshd] Ban 139.170.149.161 2019-09-27 15:33:05,044 fail2ban.actions [818]: NOTICE [sshd] Ban 139.170.149.161 2019-09-27 18:42:03,300 fail2ban.actions [818]: NOTICE [sshd] Ban 139.170.149.161 ...	2019-10-19 01:32:56
189.125.2.234	attackbots	Oct 18 15:47:48 vps691689 sshd[5509]: Failed password for root from 189.125.2.234 port 49325 ssh2 Oct 18 15:52:10 vps691689 sshd[5575]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.125.2.234 ...	2019-10-19 01:29:19
167.99.12.56	attack	Oct 15 21:18:57 finn sshd[27362]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.12.56 user=r.r Oct 15 21:18:59 finn sshd[27362]: Failed password for r.r from 167.99.12.56 port 57320 ssh2 Oct 15 21:18:59 finn sshd[27362]: Received disconnect from 167.99.12.56 port 57320:11: Bye Bye [preauth] Oct 15 21:18:59 finn sshd[27362]: Disconnected from 167.99.12.56 port 57320 [preauth] Oct 15 21:39:43 finn sshd[31344]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.12.56 user=r.r Oct 15 21:39:45 finn sshd[31344]: Failed password for r.r from 167.99.12.56 port 50394 ssh2 Oct 15 21:39:45 finn sshd[31344]: Received disconnect from 167.99.12.56 port 50394:11: Bye Bye [preauth] Oct 15 21:39:45 finn sshd[31344]: Disconnected from 167.99.12.56 port 50394 [preauth] Oct 15 21:43:19 finn sshd[32277]: Invalid user raimax from 167.99.12.56 port 35072 Oct 15 21:43:19 finn sshd[32277]: pam_unix(ss........ -------------------------------	2019-10-19 01:36:50
104.210.222.38	attackbots	$f2bV_matches	2019-10-19 01:45:17
54.37.205.162	attackspambots	SSH bruteforce	2019-10-19 01:44:40
129.213.184.65	attackspambots	Oct 18 16:38:11 ncomp sshd[25252]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.184.65 user=root Oct 18 16:38:13 ncomp sshd[25252]: Failed password for root from 129.213.184.65 port 42930 ssh2 Oct 18 16:57:01 ncomp sshd[25548]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.184.65 user=root Oct 18 16:57:03 ncomp sshd[25548]: Failed password for root from 129.213.184.65 port 45499 ssh2	2019-10-19 02:04:34
74.67.58.119	attackbots	Oct 18 15:21:24 server sshd\[21024\]: Invalid user pi from 74.67.58.119 Oct 18 15:21:24 server sshd\[21025\]: Invalid user pi from 74.67.58.119 Oct 18 15:21:24 server sshd\[21024\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=cpe-74-67-58-119.nycap.res.rr.com Oct 18 15:21:24 server sshd\[21025\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=cpe-74-67-58-119.nycap.res.rr.com Oct 18 15:21:26 server sshd\[21024\]: Failed password for invalid user pi from 74.67.58.119 port 46168 ssh2 ...	2019-10-19 01:31:09

Recently Reported IPs

206.214.93.178	104.140.209.224	103.48.180.117	180.248.17.230
202.79.172.149	190.20.156.201	5.74.187.165	178.164.242.181
91.92.185.158	83.27.36.137	158.122.126.215	77.222.60.203
180.220.225.96	111.191.170.192	151.75.111.157	80.158.32.174
46.176.12.226	185.76.34.87	78.25.89.80	139.59.93.112