129.213.130.145

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: Oracle Public Cloud

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Oct 13 06:37:28 h2065291 sshd[22129]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.130.145 user=r.r Oct 13 06:37:31 h2065291 sshd[22129]: Failed password for r.r from 129.213.130.145 port 53976 ssh2 Oct 13 06:37:31 h2065291 sshd[22129]: Received disconnect from 129.213.130.145: 11: Bye Bye [preauth] Oct 13 06:50:11 h2065291 sshd[22199]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.130.145 user=r.r Oct 13 06:50:13 h2065291 sshd[22199]: Failed password for r.r from 129.213.130.145 port 45046 ssh2 Oct 13 06:50:13 h2065291 sshd[22199]: Received disconnect from 129.213.130.145: 11: Bye Bye [preauth] Oct 13 06:53:51 h2065291 sshd[22217]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.130.145 user=r.r Oct 13 06:53:53 h2065291 sshd[22217]: Failed password for r.r from 129.213.130.145 port 35428 ssh2 Oct 13 06:53:53 h2065291 ss........ -------------------------------	2019-10-14 01:51:43

Type

Details

Datetime

attackbotsspam

Oct 13 06:37:28 h2065291 sshd[22129]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.130.145  user=r.r
Oct 13 06:37:31 h2065291 sshd[22129]: Failed password for r.r from 129.213.130.145 port 53976 ssh2
Oct 13 06:37:31 h2065291 sshd[22129]: Received disconnect from 129.213.130.145: 11: Bye Bye [preauth]
Oct 13 06:50:11 h2065291 sshd[22199]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.130.145  user=r.r
Oct 13 06:50:13 h2065291 sshd[22199]: Failed password for r.r from 129.213.130.145 port 45046 ssh2
Oct 13 06:50:13 h2065291 sshd[22199]: Received disconnect from 129.213.130.145: 11: Bye Bye [preauth]
Oct 13 06:53:51 h2065291 sshd[22217]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.130.145  user=r.r
Oct 13 06:53:53 h2065291 sshd[22217]: Failed password for r.r from 129.213.130.145 port 35428 ssh2
Oct 13 06:53:53 h2065291 ss........
-------------------------------

2019-10-14 01:51:43

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 129.213.130.145
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 19951
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;129.213.130.145.		IN	A

;; AUTHORITY SECTION:
.			503	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019101300 1800 900 604800 86400

;; Query time: 187 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Oct 14 01:51:40 CST 2019
;; MSG SIZE  rcvd: 119

Host info

Host 145.130.213.129.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 145.130.213.129.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
162.247.73.192	attack	SSH Brute Force, server-1 sshd[24663]: Failed password for invalid user john from 162.247.73.192 port 48890 ssh2	2019-08-20 13:54:56
205.204.71.247	attackspam	Aug 20 06:47:16 lnxded63 sshd[32438]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=205.204.71.247 Aug 20 06:47:16 lnxded63 sshd[32438]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=205.204.71.247	2019-08-20 12:52:03
115.178.24.77	attack	Aug 20 07:20:11 vps647732 sshd[32350]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.178.24.77 Aug 20 07:20:13 vps647732 sshd[32350]: Failed password for invalid user clinton from 115.178.24.77 port 58656 ssh2 ...	2019-08-20 13:26:07
114.34.109.184	attack	Aug 20 04:39:03 unicornsoft sshd\[18398\]: Invalid user cacti from 114.34.109.184 Aug 20 04:39:03 unicornsoft sshd\[18398\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.34.109.184 Aug 20 04:39:05 unicornsoft sshd\[18398\]: Failed password for invalid user cacti from 114.34.109.184 port 34706 ssh2	2019-08-20 13:03:17
178.33.236.23	attack	Aug 19 18:52:29 kapalua sshd\[10616\]: Invalid user ftpserver from 178.33.236.23 Aug 19 18:52:29 kapalua sshd\[10616\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns328667.ip-178-33-236.eu Aug 19 18:52:32 kapalua sshd\[10616\]: Failed password for invalid user ftpserver from 178.33.236.23 port 34870 ssh2 Aug 19 18:56:20 kapalua sshd\[10971\]: Invalid user dasusr from 178.33.236.23 Aug 19 18:56:20 kapalua sshd\[10971\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns328667.ip-178-33-236.eu	2019-08-20 13:11:55
81.22.45.242	attack	Aug 20 06:27:38 lumpi kernel: INPUT:DROP:SPAMHAUS_EDROP:IN=eth0 OUT= MAC=52:54:a2:01:a5:04:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.242 DST=172.31.1.100 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=49364 PROTO=TCP SPT=58518 DPT=13388 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-08-20 12:47:14
49.234.13.249	attack	Automatic report - Banned IP Access	2019-08-20 13:14:55
209.141.62.190	attack	Triggered by Fail2Ban at Vostok web server	2019-08-20 13:48:54
119.123.102.223	attack	Aug 20 06:01:20 SilenceServices sshd[23022]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.123.102.223 Aug 20 06:01:22 SilenceServices sshd[23022]: Failed password for invalid user rh from 119.123.102.223 port 36748 ssh2 Aug 20 06:10:36 SilenceServices sshd[30900]: Failed password for www-data from 119.123.102.223 port 52038 ssh2	2019-08-20 13:13:20
163.172.192.210	attackbotsspam	\[2019-08-20 00:28:13\] SECURITY\[2326\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-08-20T00:28:13.812-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="1100011972592277524",SessionID="0x7ff4d09702e8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/163.172.192.210/54519",ACLName="no_extension_match" \[2019-08-20 00:32:01\] SECURITY\[2326\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-08-20T00:32:01.202-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="2100011972592277524",SessionID="0x7ff4d07952f8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/163.172.192.210/57552",ACLName="no_extension_match" \[2019-08-20 00:36:05\] SECURITY\[2326\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-08-20T00:36:05.017-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="3100011972592277524",SessionID="0x7ff4d0348688",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/163.172.192.210/6247	2019-08-20 12:52:47
40.73.108.181	attack	Aug 19 18:07:09 lcprod sshd\[23231\]: Invalid user stan from 40.73.108.181 Aug 19 18:07:09 lcprod sshd\[23231\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.73.108.181 Aug 19 18:07:12 lcprod sshd\[23231\]: Failed password for invalid user stan from 40.73.108.181 port 38978 ssh2 Aug 19 18:10:22 lcprod sshd\[23628\]: Invalid user leslie from 40.73.108.181 Aug 19 18:10:22 lcprod sshd\[23628\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.73.108.181	2019-08-20 13:26:43
186.18.234.206	attack	Aug 19 18:56:09 auw2 sshd\[14143\]: Invalid user sandra from 186.18.234.206 Aug 19 18:56:09 auw2 sshd\[14143\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.18.234.206 Aug 19 18:56:11 auw2 sshd\[14143\]: Failed password for invalid user sandra from 186.18.234.206 port 46692 ssh2 Aug 19 19:01:54 auw2 sshd\[14662\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.18.234.206 user=root Aug 19 19:01:55 auw2 sshd\[14662\]: Failed password for root from 186.18.234.206 port 41504 ssh2	2019-08-20 13:02:46
185.244.25.75	attack	Splunk® : port scan detected: Aug 20 01:09:26 testbed kernel: Firewall: TCP_IN Blocked IN=eth0 OUT= MAC=82:c6:52:d1:6e:53:c0:42:d0:39:2c:30:08:00 SRC=185.244.25.75 DST=104.248.11.191 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=54321 PROTO=TCP SPT=43493 DPT=8088 WINDOW=65535 RES=0x00 SYN URGP=0	2019-08-20 13:19:26
111.68.46.68	attackspambots	Aug 20 11:00:53 itv-usvr-01 sshd[14938]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.68.46.68 user=root Aug 20 11:00:55 itv-usvr-01 sshd[14938]: Failed password for root from 111.68.46.68 port 53849 ssh2 Aug 20 11:10:42 itv-usvr-01 sshd[15459]: Invalid user hl from 111.68.46.68 Aug 20 11:10:42 itv-usvr-01 sshd[15459]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.68.46.68 Aug 20 11:10:42 itv-usvr-01 sshd[15459]: Invalid user hl from 111.68.46.68 Aug 20 11:10:45 itv-usvr-01 sshd[15459]: Failed password for invalid user hl from 111.68.46.68 port 39274 ssh2	2019-08-20 13:05:09
195.154.27.239	attackspambots	Aug 20 08:25:53 server sshd\[3127\]: Invalid user ftb from 195.154.27.239 port 42453 Aug 20 08:25:53 server sshd\[3127\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.154.27.239 Aug 20 08:25:54 server sshd\[3127\]: Failed password for invalid user ftb from 195.154.27.239 port 42453 ssh2 Aug 20 08:30:02 server sshd\[19973\]: User root from 195.154.27.239 not allowed because listed in DenyUsers Aug 20 08:30:02 server sshd\[19973\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.154.27.239 user=root	2019-08-20 13:41:18

Recently Reported IPs

56.252.67.184	194.61.24.69	14.211.28.55	196.252.79.18
172.240.82.144	179.154.45.220	175.11.133.8	62.88.29.37
109.9.191.58	31.85.34.27	189.242.190.201	74.190.109.242
42.101.30.31	157.122.45.40	165.199.166.228	129.128.200.184
99.110.55.10	182.44.230.99	120.41.78.126	100.179.224.243