129.213.145.100

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: Oracle Public Cloud

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	php WP PHPmyadamin ABUSE blocked for 12h	2020-05-15 20:03:28
attack		2020-05-08 07:59:10
attackspam	Apr 20 17:02:38 XXX sshd[27950]: Invalid user node2 from 129.213.145.100 port 15624	2020-04-21 03:18:29
attackbots	[Sun Nov 24 09:34:58.722050 2019] [access_compat:error] [pid 12267:tid 140690629580544] [client 129.213.145.100:53654] AH01797: client denied by server configuration: /var/www/html/scripts [Sun Nov 24 09:34:58.959001 2019] [access_compat:error] [pid 12267:tid 140690612795136] [client 129.213.145.100:54026] AH01797: client denied by server configuration: /var/www/html/MyAdmin [Sun Nov 24 09:34:59.230935 2019] [access_compat:error] [pid 12267:tid 140690596009728] [client 129.213.145.100:54462] AH01797: client denied by server configuration: /var/www/html/mysql [Sun Nov 24 09:34:59.475104 2019] [access_compat:error] [pid 12268:tid 140690134640384] [client 129.213.145.100:54884] AH01797: client denied by server configuration: /var/www/html/phpmyadmin [Sun Nov 24 09:34:59.762867 2019] [access_compat:error] [pid 12267:tid 140690101102336] [client 129.213.145.100:55332] AH01797: client denied by server configuration: /var/www/html/pma ...	2019-11-24 16:08:42

Comments on same subnet:

IP	Type	Details	Datetime
129.213.145.118	attack	Brute force SSH attack	2020-02-09 07:08:33
129.213.145.118	attackbotsspam	2020-02-05T06:55:39.928308suse-nuc sshd[12278]: Invalid user zach from 129.213.145.118 port 43932 ...	2020-02-06 01:27:17
129.213.145.118	attackspambots	Feb 5 07:04:29 legacy sshd[21645]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.145.118 Feb 5 07:04:31 legacy sshd[21645]: Failed password for invalid user 9@177cz from 129.213.145.118 port 34338 ssh2 Feb 5 07:07:19 legacy sshd[21805]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.145.118 ...	2020-02-05 14:59:39
129.213.145.118	attackspambots	Feb 4 12:03:00 mars sshd[3266]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.145.118 Feb 4 12:03:02 mars sshd[3266]: Failed password for invalid user hydra from 129.213.145.118 port 49408 ssh2 ...	2020-02-04 21:28:00
129.213.145.85	attackbots	Mar 15 05:07:11 yesfletchmain sshd\[15235\]: User root from 129.213.145.85 not allowed because not listed in AllowUsers Mar 15 05:07:11 yesfletchmain sshd\[15235\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.145.85 user=root Mar 15 05:07:13 yesfletchmain sshd\[15235\]: Failed password for invalid user root from 129.213.145.85 port 45815 ssh2 Mar 15 05:12:16 yesfletchmain sshd\[15411\]: Invalid user marcel from 129.213.145.85 port 22336 Mar 15 05:12:16 yesfletchmain sshd\[15411\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.145.85 ...	2019-12-24 01:05:49
129.213.145.85	attackbotsspam	Brute force SMTP login attempted. ...	2019-08-10 08:53:25
129.213.145.85	attackspam	Feb 28 08:04:50 motanud sshd\[12743\]: Invalid user guest from 129.213.145.85 port 25387 Feb 28 08:04:50 motanud sshd\[12743\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.145.85 Feb 28 08:04:52 motanud sshd\[12743\]: Failed password for invalid user guest from 129.213.145.85 port 25387 ssh2	2019-08-04 09:07:08
129.213.145.85	attackspambots	Jul 21 00:20:16 giegler sshd[29439]: Invalid user tuser from 129.213.145.85 port 22587	2019-07-21 06:32:13
129.213.145.85	attack	Invalid user ryan from 129.213.145.85 port 24948	2019-06-29 06:43:32
129.213.145.85	attack	Jun 28 11:03:18 SilenceServices sshd[1125]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.145.85 Jun 28 11:03:19 SilenceServices sshd[1125]: Failed password for invalid user I2b2metadata from 129.213.145.85 port 62521 ssh2 Jun 28 11:09:04 SilenceServices sshd[4703]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.145.85	2019-06-28 17:55:34

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 129.213.145.100
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26577
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;129.213.145.100.		IN	A

;; AUTHORITY SECTION:
.			262	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019112400 1800 900 604800 86400

;; Query time: 840 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Nov 24 16:08:35 CST 2019
;; MSG SIZE  rcvd: 119

Host info

Host 100.145.213.129.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 100.145.213.129.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
2002:b9ea:db0b::b9ea:db0b	attackspam	Aug 12 05:21:08 web01.agentur-b-2.de postfix/smtpd[1171800]: warning: unknown[2002:b9ea:db0b::b9ea:db0b]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 12 05:21:08 web01.agentur-b-2.de postfix/smtpd[1171800]: lost connection after AUTH from unknown[2002:b9ea:db0b::b9ea:db0b] Aug 12 05:23:52 web01.agentur-b-2.de postfix/smtpd[1173882]: warning: unknown[2002:b9ea:db0b::b9ea:db0b]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 12 05:23:52 web01.agentur-b-2.de postfix/smtpd[1173882]: lost connection after AUTH from unknown[2002:b9ea:db0b::b9ea:db0b] Aug 12 05:26:45 web01.agentur-b-2.de postfix/smtpd[1173882]: warning: unknown[2002:b9ea:db0b::b9ea:db0b]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2020-08-12 15:00:50
2002:b9ea:d842::b9ea:d842	attackspambots	Aug 12 05:40:47 web01.agentur-b-2.de postfix/smtpd[1176310]: warning: unknown[2002:b9ea:d842::b9ea:d842]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 12 05:40:47 web01.agentur-b-2.de postfix/smtpd[1176310]: lost connection after AUTH from unknown[2002:b9ea:d842::b9ea:d842] Aug 12 05:44:43 web01.agentur-b-2.de postfix/smtpd[1171802]: warning: unknown[2002:b9ea:d842::b9ea:d842]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 12 05:44:43 web01.agentur-b-2.de postfix/smtpd[1171802]: lost connection after AUTH from unknown[2002:b9ea:d842::b9ea:d842] Aug 12 05:49:07 web01.agentur-b-2.de postfix/smtpd[1171802]: warning: unknown[2002:b9ea:d842::b9ea:d842]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 12 05:49:07 web01.agentur-b-2.de postfix/smtpd[1171802]: lost connection after AUTH from unknown[2002:b9ea:d842::b9ea:d842]	2020-08-12 15:01:10
89.248.167.141	attack	TCP (SYN) 89.248.167.141:8080 -> port 3233, len 44	2020-08-12 15:04:27
129.211.51.65	attackbotsspam	Aug 12 06:43:39 vmd36147 sshd[8811]: Failed password for root from 129.211.51.65 port 19017 ssh2 Aug 12 06:46:53 vmd36147 sshd[15815]: Failed password for root from 129.211.51.65 port 54587 ssh2 ...	2020-08-12 14:56:02
193.112.85.35	attack	Bruteforce detected by fail2ban	2020-08-12 15:22:43
222.186.180.142	attackbots	Aug 12 08:34:42 vps639187 sshd\[28139\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.142 user=root Aug 12 08:34:43 vps639187 sshd\[28139\]: Failed password for root from 222.186.180.142 port 12290 ssh2 Aug 12 08:34:45 vps639187 sshd\[28139\]: Failed password for root from 222.186.180.142 port 12290 ssh2 ...	2020-08-12 15:14:24
5.32.175.72	attack	5.32.175.72 - - [12/Aug/2020:05:02:47 +0100] "POST /wp-login.php HTTP/1.1" 200 2017 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 5.32.175.72 - - [12/Aug/2020:05:02:48 +0100] "POST /wp-login.php HTTP/1.1" 200 1969 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 5.32.175.72 - - [12/Aug/2020:05:02:48 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-12 14:52:38
49.233.12.222	attack	(sshd) Failed SSH login from 49.233.12.222 (CN/China/-): 5 in the last 3600 secs	2020-08-12 15:10:47
192.35.168.112	attackspam	"Found User-Agent associated with security scanner - Matched Data: zgrab found within REQUEST_HEADERS:User-Agent: mozilla/5.0 zgrab/0.x"	2020-08-12 15:23:16
213.87.44.152	attackbots	Aug 11 19:58:49 php1 sshd\[31322\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.87.44.152 user=root Aug 11 19:58:51 php1 sshd\[31322\]: Failed password for root from 213.87.44.152 port 35772 ssh2 Aug 11 20:02:56 php1 sshd\[31657\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.87.44.152 user=root Aug 11 20:02:58 php1 sshd\[31657\]: Failed password for root from 213.87.44.152 port 46306 ssh2 Aug 11 20:07:15 php1 sshd\[31996\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.87.44.152 user=root	2020-08-12 15:11:01
51.178.83.124	attack	Aug 12 07:07:23 localhost sshd[33442]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.ip-51-178-83.eu user=root Aug 12 07:07:25 localhost sshd[33442]: Failed password for root from 51.178.83.124 port 39042 ssh2 Aug 12 07:11:24 localhost sshd[33917]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.ip-51-178-83.eu user=root Aug 12 07:11:26 localhost sshd[33917]: Failed password for root from 51.178.83.124 port 49576 ssh2 Aug 12 07:15:20 localhost sshd[34317]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.ip-51-178-83.eu user=root Aug 12 07:15:22 localhost sshd[34317]: Failed password for root from 51.178.83.124 port 60108 ssh2 ...	2020-08-12 15:29:58
136.243.72.5	attack	Aug 12 09:03:34 relay postfix/smtpd\[23562\]: warning: mon.risse-it.de\[136.243.72.5\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 12 09:03:34 relay postfix/smtpd\[22019\]: warning: mon.risse-it.de\[136.243.72.5\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 12 09:03:34 relay postfix/smtpd\[23564\]: warning: mon.risse-it.de\[136.243.72.5\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 12 09:03:34 relay postfix/smtpd\[21990\]: warning: mon.risse-it.de\[136.243.72.5\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 12 09:03:34 relay postfix/smtpd\[22072\]: warning: mon.risse-it.de\[136.243.72.5\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 12 09:03:34 relay postfix/smtpd\[23561\]: warning: mon.risse-it.de\[136.243.72.5\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 12 09:03:34 relay postfix/smtpd\[23563\]: warning: mon.risse-it.de\[136.243.72.5\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-08-12 15:04:56
49.235.120.203	attackbotsspam	Failed password for root from 49.235.120.203 port 36282 ssh2	2020-08-12 15:33:19
218.92.0.248	attack	Aug 12 06:49:52 rush sshd[28262]: Failed password for root from 218.92.0.248 port 15927 ssh2 Aug 12 06:50:06 rush sshd[28262]: error: maximum authentication attempts exceeded for root from 218.92.0.248 port 15927 ssh2 [preauth] Aug 12 06:50:14 rush sshd[28268]: Failed password for root from 218.92.0.248 port 49009 ssh2 ...	2020-08-12 14:57:18
139.59.43.71	attack	139.59.43.71 - - [12/Aug/2020:07:46:30 +0200] "POST /xmlrpc.php HTTP/1.1" 403 15216 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.43.71 - - [12/Aug/2020:07:46:38 +0200] "POST /xmlrpc.php HTTP/1.1" 403 15192 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-12 15:08:28

Recently Reported IPs

171.7.61.62	254.200.246.0	104.154.140.39	185.36.222.146
210.244.214.186	91.122.191.82	196.218.36.126	65.33.33.167
233.94.2.142	155.252.162.101	233.216.136.0	87.251.252.22
189.1.247.179	40.42.211.212	44.22.38.225	243.88.83.79
81.171.116.2	170.185.92.34	97.119.146.209	5.46.115.229